Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   TR/Crypt.XPACK.Gen - wie entfernt man ihn richtig? (https://www.trojaner-board.de/147954-tr-crypt-xpack-gen-entfernt-man-ihn-richtig.html)

Nazretin 14.01.2014 19:43
TR/Crypt.XPACK.Gen - wie entfernt man ihn richtig?
 
Hallo Leute,

da ich leider zu spät eine Art Sicherheitsbewusstsein im Umgang mit meinem Laptop entwickelt habe und gestern eine drastische Auslastung des CPU's und Datenträgers (teilweise gegen 100% bei geringer Aktivität) wahrnahm, habe ich mir das Antivirenprogramm Avira heruntergeladen und einen kompletten Scan durchgeführt.

Als Ergebnis präsentierte man mir folgende Funde:

Exportierte Ereignisse:

14.01.2014 19:19 [System-Scanner] Malware gefunden
Die Datei 'C:\Program Files (x86)\MotioninJoy\ds3\SetDS3forPCSX2.exe'
enthielt einen Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen' [trojan].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '1ea75480.qua'
verschoben!

14.01.2014 19:19 [System-Scanner] Malware gefunden
Die Datei 'C:\Users\Chris Frank\AppData\Local\Temp\ICReinstall_Xpadder5-3.exe'
enthielt einen Virus oder unerwünschtes Programm 'ADWARE/InstallCore.Gen7'
[adware].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '4c96f1b6.qua'
verschoben!

14.01.2014 19:19 [System-Scanner] Malware gefunden
Die Datei 'C:\Users\Chris
Frank\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13\414056cd-55888330'
enthielt einen Virus oder unerwünschtes Programm 'EXP/CVE-2013-2423.J'
[exploit].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '542fde03.qua'
verschoben!

14.01.2014 19:19 [System-Scanner] Malware gefunden
Die Datei
'C:\$Recycle.Bin\S-1-5-21-1308701179-663055310-3103906990-1002\$R03JH0T.exe'
enthielt einen Virus oder unerwünschtes Programm 'ADWARE/InstallCore.Gen7'
[adware].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '3d583651.qua'
verschoben!

14.01.2014 19:19 [System-Scanner] Malware gefunden
Die Datei
'C:\$Recycle.Bin\S-1-5-21-1308701179-663055310-3103906990-1002\$R7V37NK.7z'
enthielt einen Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen' [trojan].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '78d51b6f.qua'
verschoben!


Ich habe vorerst den Quarantäneordner zu Hilfe gezogen. Da ich den ein oder anderen Thread zu "TR/Crypt.XPACK.Gen" überflogen habe, bin ich mir nicht sicher, ob ich diesen mit "Ausgewähltes Objekt aus der Quarantäne entfernen" löschen kann oder, ob ich diesen im abgesicherten Modus entfernen kann - öfters war der Prozess der Problemermittlung und -behebung viel länger als erwartet.

Deshalb frage ich nun Euch nach einer geeigneten Lösung dieses Problems. Andererseits könnte es auch noch Malware geben, welche Avira nicht erkannt hat - alleine wage ich mich jedenfalls nicht an die Analyse, da ich keinerlei Ahnung in diesem Bereich habe und lasse mich lieber von Experten anleiten, die diese Sprache sprechen :-) !

Mit besten Grüßen,

Nazretin

schrauber 14.01.2014 21:46
hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


Nazretin 15.01.2014 11:52
Die Addtition.txt:

Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-01-2014
Ran by Chris Frank at 2014-01-15 11:44:09
Running from C:\Users\Chris Frank\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Adobe AIR (x32 Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 2.5.1.17730 - Adobe Systems Inc.) Hidden
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.94 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.05) - Deutsch (x32 Version: 11.0.05 - Adobe Systems Incorporated)
Amnesia: The Dark Descent (x32 Version:  - Frictional Games)
AnimatorDV Simple+ (x32 Version:  - wróblewski multimedia)
Anno 1404 (x32 Version: 1.00.0000 - Ubisoft) Hidden
ANNO 1404 (x32 Version: 1.02.0000 - Ubisoft)
Apple Application Support (x32 Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
Arc (x32 Version: 1.0.0.5510 - Perfect World Entertainment)
Arma 3 Alpha (x32 Version:  - Bohemia Interactive)
Arx Fatalis Version 1.21 (x32 Version: 1.21 - Arkane Studios)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (x32 Version: 2.1.0.7 - Atheros Communications Inc.)
Audacity 2.0.5 (x32 Version: 2.0.5 - Audacity Team)
Avira Free Antivirus (x32 Version: 14.0.2.286 - Avira)
Balabolka (x32 Version: 2.7.0.546 - Ilya Morozov)
Benutzerhandbuch (x32 Version: 1.0.0.9 - Lenovo) Hidden
Bing HRS Toolbar (x32 Version: 3.15.0 - Microsoft Corporation)
Blockscape Phase 1 (beta) (x32 Version:  - ioneo AB)
Bonjour (Version: 3.0.0.10 - Apple Inc.)
CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
Cepstral Matthias 5.2.0 (Version: 5.2.0 - Cepstral LLC)
Corel Painter 12 - IPM (Version: 12.3 - Corel Corporation) Hidden
Corel Painter 12 (Version: 12.2.0.703 - Corel Corporation)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (x32 Version: 4.48.1.0347 - Disc Soft Ltd)
Dark Souls Prepare to Die Edition (x32 Version: 1.0.0000.130 - NAMCO BANDAI Games Europe S.A.S.)
Dark Souls Prepare to Die Edition (x32 Version: 1.0.0000.130 - NAMCO BANDAI Games Europe S.A.S.) Hidden
DayZ (x32 Version:  - Bohemia Interactive)
Dead Space (x32 Version:  - EA Redwood Shores)
Die Sims™ 3 (x32 Version: 1.55.4 - Electronic Arts)
DjVu Browser Plug-in 3.5 (x32 Version:  - )
DjVu Solo 3.1 (x32 Version:  - )
DjVuLibre DjView  3.5.25.4+4.9.2 (x32 Version: 3.5.25.4+4.9.2 - DjVuZone)
Dolby Home Theater v4 (x32 Version: 7.2.8000.16 - Dolby Laboratories Inc)
Dropbox (HKCU Version: 2.4.10 - Dropbox, Inc.)
Energy Management (x32 Version: 8.0.2.4 - Lenovo)
Energy Management (x32 Version: 8.0.2.4 - Lenovo) Hidden
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
EuroKingCasino (x32 Version:  - )
Europa Barbarorum 1.1 (x32 Version:  - Europa Barbarorum)
Europa Universalis IV (x32 Version:  - Paradox Interactive)
EVE Online (nur entfernen) (x32 Version:  - CCP Games Ltd.)
Far Cry 3 (x32 Version: 1.00 - Ubisoft)
FileZilla Client 3.7.3 (x32 Version: 3.7.3 - Tim Kosse)
FinePrint (Version: 8.00 - FinePrint Software, LLC)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Foxit Reader (x32 Version: 6.0.6.722 - Foxit Corporation)
Free Alarm Clock 2.7.0 (x32 Version: 2.7 - Comfort Software Group)
Free Download Manager 3.9.2 (x32 Version:  - FreeDownloadManager.ORG)
Free YouTube Download version 3.2.2.426 (x32 Version: 3.2.2.426 - DVDVideoSoft Ltd.)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Google Chrome (x32 Version: 31.0.1650.63 - Google Inc.)
Google Earth (x32 Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Guild Wars 2 (x32 Version:  - NCsoft Corporation, Ltd.)
HP Officejet 4620 series - Grundlegende Software für das Gerät (Version: 28.0.1315.0 - Hewlett-Packard Co.)
IconHandler 64 bit (Version: 2.0 - Corel Corporation) Hidden
Intel AppUp(SM) center (x32 Version: 3.6.1.33057.10 - Intel)
Intel PROSet Wireless (Version:  - ) Hidden
Intel(R) Control Center (x32 Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Management Engine Components (x32 Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (x32 Version: 10.18.10.3316 - Intel Corporation)
Intel(R) Rapid Storage Technology (x32 Version: 11.5.4.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (x32 Version: 2.0.0.37149 - Intel Corporation)
Intel(R) WiDi (Version: 3.5.34.0 - Intel Corporation)
Intel® PROSet/Wireless WiFi-Software (Version: 15.05.2000.1462 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
Intelligent Touchpad (x32 Version: 2.00.0012.0723 - Lenovo)
IrfanView (remove only) (x32 Version: 4.36 - Irfan Skiljan)
Java 7 Update 21 (64-bit) (Version: 7.0.210 - Oracle)
Java 7 Update 21 (x32 Version: 7.0.210 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
JDownloader 0.9 (x32 Version: 0.9 - AppWork GmbH)
JMicron Flash Media Controller Driver (x32 Version: 1.0.71.1 - JMicron Technology Corp.)
Just Cause 2 (x32 Version:  - Avalanche)
L&H TTS3000 Deutsch (x32 Version:  - )
Landwirtschafts Simulator 2013 Demo (x32 Version: 1.0 - GIANTS Software)
League of Legends (x32 Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Left 4 Dead 2 (x32 Version:  - Valve)
Lenovo Bluetooth with Enhanced Data Rate Software (Version: 12.0.0.2200 - Broadcom Corporation)
Lenovo OneKey Recovery (Version: 8.0.0.0828 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (x32 Version: 8.0.0.0828 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.4331.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.4331.52 - CyberLink Corp.) Hidden
Lenovo YouCam (x32 Version: 4.1.3127 - CyberLink Corp.)
Lenovo YouCam (x32 Version: 4.1.3127 - CyberLink Corp.) Hidden
Linguatec Voice Reader Studio (x32 Version: 1.00.0000 - Linguatec GmbH) Hidden
Logitech Webcam-Software (x32 Version: 2.80 - Logitech Inc.)
LWS Facebook (x32 Version: 13.50.854.0 - Logitech) Hidden
LWS Gallery (x32 Version: 13.51.827.0 - Logitech) Hidden
LWS Help_main (x32 Version: 13.51.828.0 - Logitech) Hidden
LWS Launcher (x32 Version: 13.51.828.0 - Logitech) Hidden
LWS Motion Detection (x32 Version: 13.51.815.0 - Logitech) Hidden
LWS Pictures And Video (x32 Version: 13.51.815.0 - Logitech) Hidden
LWS Twitter (x32 Version: 13.30.1346.0 - Logitech) Hidden
LWS Webcam Software (x32 Version: 13.51.815.0 - Logitech) Hidden
LWS WLM Plugin (x32 Version: 1.30.1201.0 - Logitech) Hidden
LWS YouTube Plugin (x32 Version: 13.31.1038.0 - Logitech) Hidden
Medieval II Total War (x32 Version: 1.03.000 - SEGA)
Medieval II Total War : Kingdoms : Americas (x32 Version: 1.03.000 - SEGA)
Metro 2033 (x32 Version:  - THQ)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (x32 Version: 4.0.20823.0 - Microsoft Corporation)
MonkeyJam 3_050529 (x32 Version:  - GiantScreamingRobotMonkeys)
MorphVOX Pro (x32 Version: 4.3.13 - Screaming Bee)
MotioninJoy Gamepad tool 0.7.1001 (Version: 0.7.1001 - www.motioninjoy.com)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
NehrimUninstaller (x32 Version: 1.0.0 - SureAI)
Neverwinter (x32 Version:  - Cryptic Studios)
Nexus Mod Manager (Version: 0.44.16 - Black Tree Gaming)
NVIDIA GeForce Experience 1.8.1 (Version: 1.8.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 332.21 (Version: 332.21 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.142.992 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.0725 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.0725 (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA ShadowPlay 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 332.21 (Version: 332.21 - NVIDIA Corporation) Hidden
NVIDIA Update 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.19 (Version: 1.2.19 - NVIDIA Corporation)
Onekey Theater (x32 Version: 3.0.0.9 - Lenovo)
OpenOffice.org 3.4.1 (x32 Version: 3.41.9593 - Apache Software Foundation)
Origin (x32 Version: 9.2.1.4399 - Electronic Arts, Inc.)
Painter 12 - Content (Version: 12.3 - Corel Corporation) Hidden
Painter 12 - Core (Version: 12.3 - Corel Corporation) Hidden
Painter 12 - Corex64 (Version: 12.2 - Corel Corporation) Hidden
Painter 12 - DE (Version: 12.3 - Corel Corporation) Hidden
Painter 12 - EN (Version: 12.3 - Corel Corporation) Hidden
Painter 12 - FR (Version: 12.3 - Corel Corporation) Hidden
Painter 12 - IT (Version: 12.3 - Corel Corporation) Hidden
Painter 12 - Setup Files (Version: 12.3 - Corel Corporation) Hidden
Pando Media Booster (x32 Version: 2.6.0.7 - Pando Networks Inc.)
Path of Exile (x32 Version: 1.0.2.30111 - Grinding Gear Games)
PDF24 Creator 6.0.0 (x32 Version:  - PDF24.org)
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Pinnacle Game Profiler (x32 Version: 7.1.1 - PowerUp Software)
PlanetSide 2 (HKCU Version: 1.0.3.183 - Sony Online Entertainment)
Power2Go (x32 Version: 5.6.0.9109 - CyberLink Corp.)
PunkBuster Services (x32 Version: 0.986 - Even Balance, Inc.)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6680 - Realtek Semiconductor Corp.)
Rome: Total War (x32 Version:  - The Creative Assembly)
Rosetta Stone (x32 Version: 3.4.5 - Rosetta Stone)
Rosetta Stone Ltd Services (x32 Version: 3.2.21 - Rosetta Stone Ltd.)
Rosetta Stone TOTALe (x32 Version: 4.1.1 - Rosetta Stone, Ltd)
Rosetta Stone TOTALe (x32 Version: 4.1.1 - Rosetta Stone, Ltd) Hidden
Rosetta Stone TOTALe (x32 Version: 4.5.5.0 - Rosetta Stone, Ltd)
Rosetta Stone Version 3 (x32 Version: 3.4.5.0 - Rosetta Stone Ltd.)
Shared C Run-time for x64 (Version: 10.0.0 - McAfee)
SHIELD Streaming (Version: 1.6.85 - NVIDIA Corporation) Hidden
SlimDrivers (x32 Version: 2.2.28413 - SlimWare Utilities, Inc.)
Spotify (HKCU Version: 0.9.6.81.gd359a796 - Spotify AB)
State of Decay (x32 Version:  - Undead Labs)
STDU Converter version 2.0.148.0 (x32 Version: 2.0.148.0 - STDUtility)
Steam (x32 Version: 1.0.0.0 - Valve Corporation)
Stormblade Launcher 1.1 (x32 Version:  - Stormblade.org)
Surgeon Simulator 2013 (x32 Version:  - )
Synaptics Pointing Device Driver (Version: 16.2.10.13 - Synaptics Incorporated)
System Requirements Lab Detection (x32 Version: 1.0.5.0 - Husdawg, LLC)
Terraria (x32 Version:  - Re-Logic)
The Elder Scrolls Online Beta (x32 Version: 0.3.4 - )
The Elder Scrolls V Skyrim Dragonborn (c) Bethesda Softworks version 1 (x32 Version: 1 - )
Thief - Deadly Shadows (x32 Version: 1.0 - )
Third Age - Total War 3.0 (Part 1of2) (HKCU Version:  - )
Third Age - Total War 3.0 (Part 2of2) (HKCU Version:  - )
Torchlight II (x32 Version:  - Runic Games)
Total War: ROME II (x32 Version:  - Creative Assembly)
Universal Extractor 1.6.1 (x32 Version: 1.6.1 - Jared Breland)
Uplay (x32 Version: 2.1 - Ubisoft)
UserGuide (x32 Version: 1.0.0.9 - Lenovo)
WinDjView 2.0.2 (Version: 2.0.2 - Andrew Zhezherun)
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (x32 Version: 1.0.0.8 - Microsoft Corp)
Windows-Treiberpaket - Lenovo (ACPIVPC) System  (06/15/2012 8.1.0.1) (Version: 06/15/2012 8.1.0.1 - Lenovo)
Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid  (06/19/2012 10.13.29.733) (Version: 06/19/2012 10.13.29.733 - Lenovo)
WinPcap 4.1.2 (x32 Version: 4.1.0.2001 - CACE Technologies)
WinRAR 4.20 (64-Bit) (Version: 4.20.0 - win.rar GmbH)
WinZip 18.0 (Version: 18.0.10661 - WinZip Computing, S.L. )
Wolfenstein - Enemy Territory (x32 Version: 2.60b - ACTIVISION)
World of Warcraft (x32 Version:  - Blizzard Entertainment)

==================== Restore Points  =========================

14-01-2014 17:31:29 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0D8F3C8D-21BC-4CA9-AE4F-6AD5B3945B90} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [2012-07-27] (CyberLink)
Task: {12D9A110-163C-4016-B913-9DF644696933} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-03] (Google Inc.)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {287502B2-9CC8-467C-903A-48059614F8A2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-06-03] (Google Inc.)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {37AD4EC7-B7A4-411F-989B-5583C743B4AC} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2013-12-17] (Microsoft Corporation)
Task: {39744A31-6F8A-4FCD-95AE-E96A83ADF1A9} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-1308701179-663055310-3103906990-1002
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7EC7FDFB-1C17-42C6-9BAD-F2C6369B7C75} - System32\Tasks\0 => Iexplore.exe  <==== ATTENTION
Task: {8171EBD2-3C8F-435D-9545-FF07B8BEC3F3} - System32\Tasks\4803 => Wscript.exe C:\Users\CHRISF~1\AppData\Local\Temp\launchie.vbs //B <==== ATTENTION
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {C260C33A-14B5-4A32-9D16-1FD670A868F5} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {C9716276-5707-48CF-B07E-29D8D995E8CD} - System32\Tasks\SlimDrivers Startup => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe [2013-03-29] (SlimWare Utilities, Inc.)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D1D78029-4ED1-4BF3-8D0F-2AF9320B2463} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\SlimDrivers Startup.job => C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Loaded Modules (whitelisted) =============

2010-01-02 15:42 - 2010-01-02 15:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2013-10-03 22:42 - 2013-10-03 22:42 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-11-13 04:21 - 2012-08-10 00:07 - 00337920 _____ () C:\Program Files\WindowsApps\McAfeeInc.06.McAfeeSecurityAdvisorforLenovo_1.0.0.3_x64__bq6yxensn79aw\McMetroShim.dll
2013-09-13 19:51 - 2013-09-13 19:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-09-13 19:51 - 2013-09-13 19:51 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-08-23 20:01 - 2013-08-23 20:01 - 25100288 _____ () C:\Users\Chris Frank\AppData\Roaming\Dropbox\bin\libcef.dll
2014-01-11 14:43 - 2013-12-19 21:33 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2013-10-21 10:42 - 2013-10-21 10:42 - 00016384 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PSIClient\ac9051224fb9ea93a8050e1a9727f31d\PSIClient.ni.dll
2012-11-13 04:01 - 2012-06-25 10:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-01-14 04:29 - 2013-12-09 11:37 - 00394808 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2012-08-10 16:51 - 2012-08-10 16:51 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2012-08-10 16:50 - 2012-08-10 16:50 - 00170496 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxslt.dll
2013-03-08 17:24 - 2013-12-21 12:48 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\WINDOWS\SysWOW64\zlib.dll:DocumentSummaryInformation
AlternateDataStreams: C:\WINDOWS\SysWOW64\zlib.dll:SummaryInformation
AlternateDataStreams: C:\WINDOWS\SysWOW64\zlib.dll:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Chris Frank\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Chris Frank\SkyDrive.old:ms-properties

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: USB-IF xHCI USB Host Controller
Description: USB-IF xHCI USB Host Controller
Class Guid: {8a2edc79-c759-46f2-88af-9d4efe3b5eee}
Manufacturer: Intel Corporation
Service: XHCIPort
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: =========================

Could not start eventlog service, could not read events.

Der angeforderte Dienst wurde bereits gestartet.

Sie erhalten weitere Hilfe, wenn Sie NET HELPMSG 2182 eingeben.


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-01-2014
Ran by Chris Frank (administrator) on LEISTERBECKER on 15-01-2014 11:43:11
Running from C:\Users\Chris Frank\Downloads
Windows 8.1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official downoad link fo FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Cepstral, LLC) C:\Program Files\Cepstral\bin\CepstralLicSrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Rosetta Stone Ltd.) C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(SlimWare Utilities, Inc.) C:\Program Files (x86)\SlimDrivers\SlimDrivers.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Dropbox, Inc.) C:\Users\Chris Frank\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft) C:\Program Files (x86)\Lenovo\Intelligent Touchpad\IntelligentTouchpad.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\swriter.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12921488 2012-09-14] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-09-14] (Realtek Semiconductor)
HKLM\...\Run: [SynLenovoGestureMgr] - C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe [665400 2012-08-27] (Synaptics)
HKLM\...\Run: [OnekeyStudio] - C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-08-10] (Lenovo)
HKLM\...\Run: [Energy Management] - C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17080376 2012-11-13] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] - C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [191544 2012-11-13] (Lenovo(beijing) Limited)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-27] (Synaptics Incorporated)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-11-08] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\WINDOWS\system32\nvspcap64.dll [1100248 2013-12-10] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [277504 2012-08-16] (Intel Corporation)
HKLM-x32\...\Run: [Dolby Home Theater v4] - C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [508656 2012-07-25] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [YouCam Mirage] - C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2012-07-27] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] - C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [167024 2012-07-27] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GShortCut] - C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-18] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [IntellingentTouchpad] - C:\Program Files (x86)\Lenovo\Intelligent Touchpad\IntelligentTouchpad.exe [673336 2012-07-23] (Microsoft)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LWS] - C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-12] (Logitech Inc.)
HKLM-x32\...\Run: [PDFPrint] - C:\Program Files (x86)\PDF24\pdf24.exe [185896 2013-10-28] (Geek Software GmbH)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-09] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1815464 2014-01-07] (Valve Corporation)
HKCU\...\Run: [Spotify] - C:\Users\Chris Frank\AppData\Roaming\Spotify\Spotify.exe [5951488 2014-01-10] (Spotify Ltd)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\Chris Frank\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1168896 2014-01-10] (Spotify Ltd)
HKCU\...\Run: [Vidalia] - C:\Program Files (x86)\Vidalia Bridge Bundle\Vidalia\vidalia.exe [6239727 2013-02-06] ()
HKCU\...\Run: [HP Officejet 4620 series (NET)] - C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKCU\...\Run: [FreeAC] - C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe [1328976 2012-04-25] (Comfort Software Group)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKCU\...\Run: [spool] - "C:\Users\Chris Frank\AppData\Roaming\spool\nircmd.exe" exec hide "C:\Users\Chris Frank\AppData\Roaming\spool\start.bat"
MountPoints2: {7b6375f6-5131-11e3-bf10-20689d9d3c5c} - "F:\pushinst.exe"
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll [168616 2013-12-19] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll [141336 2013-12-19] (NVIDIA Corporation)
Startup: C:\Users\Chris Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Chris Frank\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Chris Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Chris Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet 4620 series (Netzwerk).lnk

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.zonealarm.com/?src=hp&tbid=Solo&Lan=&gu=4afff64066744d709f40c05c2e2a381d&tu=11Ih000BB1B0001&sku=&tstsId=&ver=&
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
URLSearchHook: HKLM-x32 - (No Name) - {e44a1809-4d10-4ab8-b343-3326b64c7cdd} - No File
URLSearchHook: HKCU - (No Name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No File
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {1731B3A0-86E8-42CA-B196-EE99BBD15FA9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
SearchScopes: HKCU - DefaultScope {4EC7B45B-8837-46EC-B881-1819A7E5AE3A} URL = hxxp://search.zonealarm.com/search?src=sp&tbid=Solo&Lan=&q={searchTerms}&gu=4afff64066744d709f40c05c2e2a381d&tu=11Ih000BB1B0001&sku=&tstsId=&ver=&&r=875
SearchScopes: HKCU - {4EC7B45B-8837-46EC-B881-1819A7E5AE3A} URL = hxxp://search.zonealarm.com/search?src=sp&tbid=Solo&Lan=&q={searchTerms}&gu=4afff64066744d709f40c05c2e2a381d&tu=11Ih000BB1B0001&sku=&tstsId=&ver=&&r=875
SearchScopes: HKCU - {AD8D2FC2-45A5-4A66-A1FB-3BEA7FD56EEC} URL = hxxp://www.bing.com/search?q={searchTerms}&r=984
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: IEToolbar.BHO - {1d970ed5-3eda-438d-bffd-715931e2775b} - C:\WINDOWS\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Microsoft.Search.HRSToolBar.InitToolbarBHO - {1d970ed5-3eda-438d-bffd-715931e2775d} - C:\WINDOWS\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: ArcPluginIEBHO Class - {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} - C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\ArcPluginIE.dll (Perfect World Entertainment Inc)
BHO-x32: No Name - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} -  No File
BHO-x32: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll (FreeDownloadManager.ORG)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: No Name - {e44a1809-4d10-4ab8-b343-3326b64c7cdd} -  No File
Toolbar: HKLM-x32 - MoneyMillionaire Toolbar - {d28c7e56-2cc6-415c-8727-d71334085926} - C:\WINDOWS\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Bing HRS Toolbar - {c9a6357b-25cc-4bcf-96c1-78736985d414} - C:\WINDOWS\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {E44A1809-4D10-4AB8-B343-3326B64C7CDD} -  No File
Tcpip\Parameters: [DhcpNameServer] 8.8.4.4 8.8.8.8

FireFox:
========
FF ProfilePath: C:\Users\Chris Frank\AppData\Roaming\Mozilla\Firefox\Profiles\ddxkoo31.default
FF user.js: detected! => C:\Users\Chris Frank\AppData\Roaming\Mozilla\Firefox\Profiles\ddxkoo31.default\user.js
FF NetworkProxy: "ftp_port", 8118
FF NetworkProxy: "http_port", 8118
FF NetworkProxy: "no_proxies_on", ""
FF NetworkProxy: "socks_port", 9050
FF NetworkProxy: "ssl_port", 8118
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 - C:\WINDOWS\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @MoneyMillionaire/npdf - C:\ProgramData\Rabatt-Finder\FFExtension20130508234455\plugins\npdf.dll ( )
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin - C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\npArcPluginFF.dll (Perfect World Entertainment Inc)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Chris Frank\AppData\Roaming\Mozilla\Firefox\Profiles\ddxkoo31.default\searchplugins\iminent.xml
FF SearchPlugin: C:\Users\Chris Frank\AppData\Roaming\Mozilla\Firefox\Profiles\ddxkoo31.default\searchplugins\zonealarm.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: ProxTube - Unblock YouTube - C:\Users\Chris Frank\AppData\Roaming\Mozilla\Firefox\Profiles\ddxkoo31.default\Extensions\ich@maltegoetz.de [2013-12-11]
FF Extension: TinEye Reverse Image Search - C:\Users\Chris Frank\AppData\Roaming\Mozilla\Firefox\Profiles\ddxkoo31.default\Extensions\tineye@ideeinc.com.xpi [2013-06-24]
FF Extension: Adblock Plus - C:\Users\Chris Frank\AppData\Roaming\Mozilla\Firefox\Profiles\ddxkoo31.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-06-13]
FF HKLM-x32\...\Firefox\Extensions: [discountfinder@moneymillionaire.com] - C:\ProgramData\Rabatt-Finder\FFExtension20130508234455
FF Extension: MoneyMillionaire extension - C:\ProgramData\Rabatt-Finder\FFExtension20130508234455 [2013-05-08]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome:
=======
CHR HomePage: hxxp://start.iminent.com/?appId=CFFC9617-81A3-4F52-BFF9-D8C9385CE69C
CHR RestoreOnStartup: "hxxp://search.zonealarm.com/?src=hp&tbid=Solo&Lan=&gu=4afff64066744d709f40c05c2e2a381d&tu=11Ih000BB1B0001&sku=&tstsId=&ver=&"
CHR DefaultSearchProvider: Search By ZoneAlarm
CHR DefaultSearchURL: hxxp://search.zonealarm.com/search?src=sp&tbid=Solo&Lan=&q={searchTerms}&gu=4afff64066744d709f40c05c2e2a381d&tu=11Ih000BB1B0001&sku=&tstsId=&ver=&
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.62\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.62\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.62\pdf.dll No File
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U21) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (ArcPlugin) - C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\npArcPluginFF.dll (Perfect World Entertainment Inc)
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (MoneyMillionaire plugin) - C:\ProgramData\Rabatt-Finder\FFExtension20130508234455\plugins\npdf.dll ( )
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Chris Frank\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
CHR Plugin: (Java Deployment Toolkit 7.0.210.11) - C:\WINDOWS\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Extension: (Iminent) - C:\Users\Chris Frank\AppData\Local\Google\Chrome\User Data\default\extensions\igdhbblpcellaljokkpfhcjlagemhgjl\7.43.4.1_0 [2013-11-24]
CHR Extension: (Chrome In-App Payments service) - C:\Users\Chris Frank\AppData\Local\Google\Chrome\User Data\default\extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.10_0 [2013-08-29]
CHR HKLM-x32\...\Chrome\Extension: [nbmafkdmkkckhggblphicnnhlgljnoje] - C:\Program Files (x86)\TornTV.com\torn2_10.crx [2013-08-29]

==================== Services (Whitelisted) =================

U2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-09] (Avira Operations GmbH & Co. KG)
U2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-12-09] (Avira Operations GmbH & Co. KG)
U4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1011768 2013-12-09] (Avira Operations GmbH & Co. KG)
U3 ArcService; C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcService.exe [88424 2013-08-10] (Perfect World Entertainment Inc)
U2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-09-04] (Broadcom Corporation.)
U4 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [957304 2012-09-06] (Broadcom Corporation.)
U2 Cepstral License Server; C:\Program Files\Cepstral\bin\CepstralLicSrv.exe [121856 2009-09-29] (Cepstral, LLC)
U2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
U3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-07-18] ()
U2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
U2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-10] (NVIDIA Corporation)
U2 PinnacleUpdateSvc; C:\Program Files (x86)\PowerUp Software\Pinnacle Game Profiler\pinnacle_updater.exe [430080 2011-05-09] (PowerUp Software, LLC)
U2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [336824 2010-11-30] (arvato digital services llc)
U3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2013-11-03] (Microsoft Corporation)
U2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [546304 2013-11-03] (Microsoft Corporation)
U3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
U3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
U2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2699568 2012-07-18] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

U0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
U2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2013-05-14] ()
U2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-09] (Avira Operations GmbH & Co. KG)
U1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131576 2013-12-09] (Avira Operations GmbH & Co. KG)
U1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-12-09] (Avira Operations GmbH & Co. KG)
U2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [84720 2013-12-09] (Avira Operations GmbH & Co. KG)
U3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-09-04] (Broadcom Corporation.)
U3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
U3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)
U1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2013-11-21] (Disc Soft Ltd)
U3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
U3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
U0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
U0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation)
U2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-05-14] ()
U0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
U3 NdisImPlatformMp; C:\Windows\system32\DRIVERS\NdisImPlatform.sys [124928 2013-08-22] (Microsoft Corporation)
U3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
U3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
U3 netvscvfpp; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
U3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3344352 2013-07-08] (Intel Corporation)
U2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
U3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
U3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
U3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)
U3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-27] (Synaptics Incorporated)
U0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation)
U3 SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [16152 2014-01-14] ()
U3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
U3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [975104 2012-08-24] (Vimicro Corporation)
U3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
U3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
U3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188384 2012-08-09] (Windows (R) Win 7 DDK provider)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-15 11:43 - 2014-01-15 11:43 - 00027258 _____ C:\Users\Chris Frank\Downloads\FRST.txt
2014-01-15 11:42 - 2014-01-15 11:42 - 00000000 ____D C:\FRST
2014-01-15 11:39 - 2014-01-15 11:39 - 02076160 _____ (Farbar) C:\Users\Chris Frank\Downloads\FRST64.exe
2014-01-15 02:04 - 2014-01-15 03:09 - 00008108 _____ C:\Users\Chris Frank\Desktop\Anfangspin.odt
2014-01-14 19:42 - 2014-01-14 19:42 - 00003832 _____ C:\Users\Chris Frank\Desktop\Ereignisse.txt
2014-01-14 04:30 - 2014-01-14 04:30 - 00000000 ____D C:\Users\Chris Frank\AppData\Roaming\Avira
2014-01-14 04:29 - 2014-01-14 04:29 - 00002093 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2014-01-14 04:29 - 2014-01-14 04:29 - 00000000 ____D C:\ProgramData\Avira
2014-01-14 04:29 - 2014-01-14 04:29 - 00000000 ____D C:\Program Files (x86)\Avira
2014-01-14 04:29 - 2013-12-09 11:37 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2014-01-14 04:29 - 2013-12-09 11:37 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2014-01-14 04:29 - 2013-12-09 11:37 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2014-01-14 04:29 - 2013-12-09 11:37 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2014-01-14 04:26 - 2014-01-14 04:28 - 129598176 _____ C:\Users\Chris Frank\Downloads\avira_free_antivirus_de.exe
2014-01-14 04:19 - 2014-01-14 04:20 - 00000000 ____D C:\WINDOWS\SysWOW64\NV
2014-01-14 04:19 - 2014-01-14 04:20 - 00000000 ____D C:\WINDOWS\system32\NV
2014-01-13 21:38 - 2014-01-13 21:38 - 07080248 _____ C:\Users\Chris Frank\Downloads\MyPhoneExplorer_Setup_1.8.5.exe
2014-01-13 21:14 - 2014-01-13 21:14 - 06951714 _____ C:\Users\Chris Frank\Downloads\com.android.vending-4.5.10(1).apk
2014-01-13 21:12 - 2014-01-13 21:12 - 06951714 _____ C:\Users\Chris Frank\Downloads\com.android.vending-4.5.10.apk
2014-01-13 20:51 - 2014-01-13 20:51 - 00466851 _____ C:\Users\Chris Frank\Downloads\com.lindaandny.lindamanager.apk
2014-01-13 20:01 - 2014-01-13 20:01 - 00000000 ____D C:\Users\Chris Frank\Downloads\midtown_crazy_race
2014-01-13 19:58 - 2014-01-13 19:58 - 63991026 _____ C:\Users\Chris Frank\Downloads\midtown_crazy_race.zip
2014-01-13 16:52 - 2014-01-13 20:01 - 00011461 _____ C:\Users\Chris Frank\Desktop\OpenDocument Text (neu).odt
2014-01-11 18:46 - 2014-01-11 18:46 - 00000000 ____D C:\Users\Chris Frank\Documents\Elder Scrolls Online
2014-01-11 14:46 - 2014-01-11 14:46 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2014-01-11 14:43 - 2013-12-19 21:33 - 30372640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2014-01-11 14:43 - 2013-12-19 21:33 - 25257248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2014-01-11 14:43 - 2013-12-19 21:33 - 22960416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2014-01-11 14:43 - 2013-12-19 21:33 - 18310112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2014-01-11 14:43 - 2013-12-19 21:33 - 18222008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2014-01-11 14:43 - 2013-12-19 21:33 - 17560352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2014-01-11 14:43 - 2013-12-19 21:33 - 15877216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2014-01-11 14:43 - 2013-12-19 21:33 - 15230352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2014-01-11 14:43 - 2013-12-19 21:33 - 12645664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2014-01-11 14:43 - 2013-12-19 21:33 - 11605752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2014-01-11 14:43 - 2013-12-19 21:33 - 11554264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2014-01-11 14:43 - 2013-12-19 21:33 - 09700224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2014-01-11 14:43 - 2013-12-19 21:33 - 09657464 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2014-01-11 14:43 - 2013-12-19 21:33 - 03132704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2014-01-11 14:43 - 2013-12-19 21:33 - 03125024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvenc.dll
2014-01-11 14:43 - 2013-12-19 21:33 - 02947872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2014-01-11 14:43 - 2013-12-19 21:33 - 02747680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvenc.dll
2014-01-11 14:43 - 2013-12-19 21:33 - 01884448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6433221.dll
2014-01-11 14:43 - 2013-12-19 21:33 - 01511712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6433221.dll
2014-01-11 14:43 - 2013-12-19 21:33 - 00882464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2014-01-11 14:43 - 2013-12-19 21:33 - 00879392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2014-01-11 14:43 - 2013-12-19 21:33 - 00852768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2014-01-11 14:43 - 2013-12-19 21:33 - 00847648 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2014-01-11 14:43 - 2013-12-19 21:33 - 00479520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2014-01-11 14:43 - 2013-12-19 21:33 - 00405280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2014-01-11 14:43 - 2013-12-19 21:33 - 00357152 _____ C:\WINDOWS\system32\NvIFROpenGL.dll
2014-01-11 14:43 - 2013-12-19 21:33 - 00317472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2014-01-11 14:43 - 2013-12-19 21:33 - 00314656 _____ C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2014-01-11 14:43 - 2013-12-19 21:33 - 00266984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2014-01-11 14:43 - 2013-12-19 21:33 - 00032544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
2014-01-11 14:35 - 2014-01-11 14:45 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2014-01-11 14:34 - 2013-12-05 09:42 - 00039200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2014-01-11 14:34 - 2013-12-05 09:42 - 00032544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2014-01-11 14:23 - 2014-01-12 16:47 - 00000000 ____D C:\Users\Chris Frank\AppData\Roaming\Awesomium
2014-01-08 15:38 - 2014-01-08 15:38 - 00000000 ____D C:\ProgramData\Elder Scrolls Online
2014-01-08 03:15 - 2014-01-08 03:21 - 00000000 ____D C:\Program Files (x86)\Zenimax Online
2014-01-08 03:15 - 2014-01-08 03:15 - 00001426 _____ C:\Users\Chris Frank\Desktop\The Elder Scrolls Online Beta.lnk
2014-01-08 03:13 - 2014-01-08 03:14 - 55903624 _____ (                                                            ) C:\Users\Chris Frank\Downloads\Install_ESO_Beta.exe
2014-01-06 15:02 - 2014-01-07 00:05 - 00000000 ____D C:\Users\Chris Frank\Documents\DayZ
2014-01-06 15:02 - 2014-01-06 15:05 - 00000000 ____D C:\Users\Chris Frank\AppData\Local\DayZ
2014-01-06 13:54 - 2014-01-06 13:54 - 00000222 _____ C:\Users\Chris Frank\Desktop\DayZ.url
2013-12-29 20:26 - 2013-12-29 20:26 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Apple Computer
2013-12-25 17:44 - 2013-12-25 17:44 - 00003192 _____ C:\WINDOWS\System32\Tasks\{87EE33CF-DC7D-4794-B273-6D1B81F48F0D}
2013-12-25 15:36 - 2013-12-25 15:36 - 00000222 _____ C:\Users\Chris Frank\Desktop\State of Decay.url
2013-12-22 17:39 - 2013-12-30 17:32 - 00000000 ____D C:\Users\Chris Frank\AppData\Roaming\Blockscape
2013-12-22 17:37 - 2013-12-22 17:37 - 00001054 _____ C:\Users\Public\Desktop\Blockscape.lnk
2013-12-22 17:37 - 2013-12-22 17:37 - 00000000 ____D C:\Program Files (x86)\Blockscape
2013-12-22 14:54 - 2013-12-22 14:54 - 00675988 _____ C:\Users\Chris Frank\Downloads\Minecraft.exe
2013-12-21 01:53 - 2013-12-21 01:53 - 00000000 ____D C:\Program Files (x86)\Microsoft XNA
2013-12-21 01:50 - 2013-12-21 01:50 - 00000222 _____ C:\Users\Chris Frank\Desktop\Terraria.url
2013-12-18 00:16 - 2013-12-18 00:16 - 00003264 _____ C:\WINDOWS\System32\Tasks\{C4673D8E-8F18-4F3A-B805-4B98D744B8DC}

==================== One Month Modified Files and Folders =======

2014-01-15 11:43 - 2014-01-15 11:43 - 00027258 _____ C:\Users\Chris Frank\Downloads\FRST.txt
2014-01-15 11:42 - 2014-01-15 11:42 - 00000000 ____D C:\FRST
2014-01-15 11:39 - 2014-01-15 11:39 - 02076160 _____ (Farbar) C:\Users\Chris Frank\Downloads\FRST64.exe
2014-01-15 11:29 - 2013-10-19 11:23 - 01752176 _____ C:\WINDOWS\WindowsUpdate.log
2014-01-15 11:16 - 2013-06-03 18:47 - 00001148 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-15 11:09 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\sru
2014-01-15 07:44 - 2013-05-13 15:50 - 00020327 _____ C:\WINDOWS\system32\lvcoinst.log
2014-01-15 03:18 - 2013-11-25 23:50 - 00000000 ____D C:\Users\Chris Frank\AppData\Local\PMB Files
2014-01-15 03:18 - 2013-11-25 23:50 - 00000000 ____D C:\ProgramData\PMB Files
2014-01-15 03:09 - 2014-01-15 02:04 - 00008108 _____ C:\Users\Chris Frank\Desktop\Anfangspin.odt
2014-01-14 19:42 - 2014-01-14 19:42 - 00003832 _____ C:\Users\Chris Frank\Desktop\Ereignisse.txt
2014-01-14 15:16 - 2013-03-06 21:48 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1308701179-663055310-3103906990-1002
2014-01-14 13:22 - 2013-10-18 20:40 - 00000000 ____D C:\Users\Chris Frank\AppData\Roaming\Dropbox
2014-01-14 04:30 - 2014-01-14 04:30 - 00000000 ____D C:\Users\Chris Frank\AppData\Roaming\Avira
2014-01-14 04:29 - 2014-01-14 04:29 - 00002093 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2014-01-14 04:29 - 2014-01-14 04:29 - 00000000 ____D C:\ProgramData\Avira
2014-01-14 04:29 - 2014-01-14 04:29 - 00000000 ____D C:\Program Files (x86)\Avira
2014-01-14 04:28 - 2014-01-14 04:26 - 129598176 _____ C:\Users\Chris Frank\Downloads\avira_free_antivirus_de.exe
2014-01-14 04:27 - 2013-09-30 05:14 - 02064598 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2014-01-14 04:27 - 2013-09-30 04:56 - 00878206 _____ C:\WINDOWS\system32\perfh007.dat
2014-01-14 04:27 - 2013-09-30 04:56 - 00201318 _____ C:\WINDOWS\system32\perfc007.dat
2014-01-14 04:25 - 2013-11-18 20:54 - 00000000 __RDO C:\Users\Chris Frank\SkyDrive
2014-01-14 04:25 - 2013-06-03 18:47 - 00001144 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-14 04:24 - 2013-05-06 16:09 - 00000450 _____ C:\WINDOWS\Tasks\SlimDrivers Startup.job
2014-01-14 04:23 - 2013-10-18 20:45 - 00000000 ___RD C:\Users\Chris Frank\Dropbox
2014-01-14 04:23 - 2013-05-06 16:09 - 00016152 _____ C:\WINDOWS\system32\Drivers\SWDUMon.sys
2014-01-14 04:21 - 2013-11-23 21:25 - 00119296 _____ C:\WINDOWS\SysWOW64\zlib.dll
2014-01-14 04:21 - 2013-10-19 11:30 - 00000000 ____D C:\Users\Chris Frank
2014-01-14 04:20 - 2014-01-14 04:19 - 00000000 ____D C:\WINDOWS\SysWOW64\NV
2014-01-14 04:20 - 2014-01-14 04:19 - 00000000 ____D C:\WINDOWS\system32\NV
2014-01-14 04:20 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2014-01-13 21:38 - 2014-01-13 21:38 - 07080248 _____ C:\Users\Chris Frank\Downloads\MyPhoneExplorer_Setup_1.8.5.exe
2014-01-13 21:14 - 2014-01-13 21:14 - 06951714 _____ C:\Users\Chris Frank\Downloads\com.android.vending-4.5.10(1).apk
2014-01-13 21:12 - 2014-01-13 21:12 - 06951714 _____ C:\Users\Chris Frank\Downloads\com.android.vending-4.5.10.apk
2014-01-13 20:51 - 2014-01-13 20:51 - 00466851 _____ C:\Users\Chris Frank\Downloads\com.lindaandny.lindamanager.apk
2014-01-13 20:01 - 2014-01-13 20:01 - 00000000 ____D C:\Users\Chris Frank\Downloads\midtown_crazy_race
2014-01-13 20:01 - 2014-01-13 16:52 - 00011461 _____ C:\Users\Chris Frank\Desktop\OpenDocument Text (neu).odt
2014-01-13 19:59 - 2013-08-22 15:46 - 00380941 _____ C:\WINDOWS\setupact.log
2014-01-13 19:58 - 2014-01-13 19:58 - 63991026 _____ C:\Users\Chris Frank\Downloads\midtown_crazy_race.zip
2014-01-13 17:31 - 2013-03-07 21:13 - 00000000 ____D C:\Program Files (x86)\Steam
2014-01-12 16:47 - 2014-01-11 14:23 - 00000000 ____D C:\Users\Chris Frank\AppData\Roaming\Awesomium
2014-01-11 18:46 - 2014-01-11 18:46 - 00000000 ____D C:\Users\Chris Frank\Documents\Elder Scrolls Online
2014-01-11 14:46 - 2014-01-11 14:46 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2014-01-11 14:46 - 2013-10-19 11:22 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2014-01-11 14:46 - 2013-04-01 21:40 - 00000000 ____D C:\ProgramData\NVIDIA
2014-01-11 14:45 - 2014-01-11 14:35 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2014-01-11 14:37 - 2013-11-19 21:09 - 00000000 ____D C:\Users\Chris Frank\AppData\Local\NVIDIA Corporation
2014-01-11 14:37 - 2013-10-19 11:22 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2014-01-11 14:37 - 2013-03-08 19:31 - 00000000 ____D C:\Users\Chris Frank\AppData\Local\NVIDIA
2014-01-11 14:35 - 2013-10-19 11:22 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2014-01-10 16:36 - 2013-03-23 02:32 - 00000000 ____D C:\Users\Chris Frank\AppData\Roaming\Spotify
2014-01-10 16:34 - 2013-03-23 02:32 - 00000000 ____D C:\Users\Chris Frank\AppData\Local\Spotify
2014-01-08 15:38 - 2014-01-08 15:38 - 00000000 ____D C:\ProgramData\Elder Scrolls Online
2014-01-08 03:21 - 2014-01-08 03:15 - 00000000 ____D C:\Program Files (x86)\Zenimax Online
2014-01-08 03:15 - 2014-01-08 03:15 - 00001426 _____ C:\Users\Chris Frank\Desktop\The Elder Scrolls Online Beta.lnk
2014-01-08 03:14 - 2014-01-08 03:13 - 55903624 _____ (                                                            ) C:\Users\Chris Frank\Downloads\Install_ESO_Beta.exe
2014-01-07 00:05 - 2014-01-06 15:02 - 00000000 ____D C:\Users\Chris Frank\Documents\DayZ
2014-01-06 15:05 - 2014-01-06 15:02 - 00000000 ____D C:\Users\Chris Frank\AppData\Local\DayZ
2014-01-06 13:54 - 2014-01-06 13:54 - 00000222 _____ C:\Users\Chris Frank\Desktop\DayZ.url
2014-01-02 22:46 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache
2014-01-02 20:43 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2014-01-02 20:43 - 2013-03-07 01:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-02 20:42 - 2013-08-22 16:36 - 00000000 ___RD C:\WINDOWS\ToastData
2014-01-02 20:42 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\WinStore
2014-01-02 20:42 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\MediaViewer
2014-01-02 20:42 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\FileManager
2014-01-02 20:42 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\Camera
2013-12-30 17:32 - 2013-12-22 17:39 - 00000000 ____D C:\Users\Chris Frank\AppData\Roaming\Blockscape
2013-12-29 20:26 - 2013-12-29 20:26 - 00000000 ____D C:\Users\Gast\AppData\Roaming\Apple Computer
2013-12-29 20:25 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2013-12-29 20:25 - 2013-05-19 20:24 - 00000000 ___RD C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-29 20:25 - 2013-05-19 20:24 - 00000000 ___RD C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-12-25 17:48 - 2013-03-07 19:58 - 00513044 _____ C:\WINDOWS\DirectX.log
2013-12-25 17:44 - 2013-12-25 17:44 - 00003192 _____ C:\WINDOWS\System32\Tasks\{87EE33CF-DC7D-4794-B273-6D1B81F48F0D}
2013-12-25 15:36 - 2013-12-25 15:36 - 00000222 _____ C:\Users\Chris Frank\Desktop\State of Decay.url
2013-12-23 12:18 - 2013-08-04 16:52 - 00000000 ____D C:\Users\Chris Frank\AppData\Roaming\.minecraft
2013-12-22 17:37 - 2013-12-22 17:37 - 00001054 _____ C:\Users\Public\Desktop\Blockscape.lnk
2013-12-22 17:37 - 2013-12-22 17:37 - 00000000 ____D C:\Program Files (x86)\Blockscape
2013-12-22 17:37 - 2013-03-08 19:45 - 00000000 ____D C:\Users\Chris Frank\AppData\Roaming\Free Download Manager
2013-12-22 14:54 - 2013-12-22 14:54 - 00675988 _____ C:\Users\Chris Frank\Downloads\Minecraft.exe
2013-12-22 14:52 - 2013-09-27 21:27 - 00000000 ____D C:\Users\Chris Frank\AppData\Roaming\.technic
2013-12-21 15:16 - 2013-10-18 20:45 - 00001102 _____ C:\Users\Chris Frank\Desktop\Dropbox.lnk
2013-12-21 15:16 - 2013-10-18 20:40 - 00000000 ____D C:\Users\Chris Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2013-12-21 15:16 - 2013-03-06 21:42 - 00000000 ___RD C:\Users\Chris Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-21 12:48 - 2013-03-08 17:24 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-21 01:53 - 2013-12-21 01:53 - 00000000 ____D C:\Program Files (x86)\Microsoft XNA
2013-12-21 01:53 - 2013-06-09 18:31 - 00000000 ____D C:\Users\Chris Frank\Documents\My Games
2013-12-21 01:50 - 2013-12-21 01:50 - 00000222 _____ C:\Users\Chris Frank\Desktop\Terraria.url
2013-12-19 21:33 - 2014-01-11 14:43 - 30372640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2013-12-19 21:33 - 2014-01-11 14:43 - 25257248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2013-12-19 21:33 - 2014-01-11 14:43 - 22960416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2013-12-19 21:33 - 2014-01-11 14:43 - 18310112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2013-12-19 21:33 - 2014-01-11 14:43 - 18222008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2013-12-19 21:33 - 2014-01-11 14:43 - 17560352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2013-12-19 21:33 - 2014-01-11 14:43 - 15877216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2013-12-19 21:33 - 2014-01-11 14:43 - 15230352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2013-12-19 21:33 - 2014-01-11 14:43 - 12645664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2013-12-19 21:33 - 2014-01-11 14:43 - 11605752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2013-12-19 21:33 - 2014-01-11 14:43 - 11554264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2013-12-19 21:33 - 2014-01-11 14:43 - 09700224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2013-12-19 21:33 - 2014-01-11 14:43 - 09657464 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2013-12-19 21:33 - 2014-01-11 14:43 - 03132704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2013-12-19 21:33 - 2014-01-11 14:43 - 03125024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvenc.dll
2013-12-19 21:33 - 2014-01-11 14:43 - 02947872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2013-12-19 21:33 - 2014-01-11 14:43 - 02747680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvenc.dll
2013-12-19 21:33 - 2014-01-11 14:43 - 01884448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6433221.dll
2013-12-19 21:33 - 2014-01-11 14:43 - 01511712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6433221.dll
2013-12-19 21:33 - 2014-01-11 14:43 - 00882464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2013-12-19 21:33 - 2014-01-11 14:43 - 00879392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2013-12-19 21:33 - 2014-01-11 14:43 - 00852768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2013-12-19 21:33 - 2014-01-11 14:43 - 00847648 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2013-12-19 21:33 - 2014-01-11 14:43 - 00479520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2013-12-19 21:33 - 2014-01-11 14:43 - 00405280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2013-12-19 21:33 - 2014-01-11 14:43 - 00357152 _____ C:\WINDOWS\system32\NvIFROpenGL.dll
2013-12-19 21:33 - 2014-01-11 14:43 - 00317472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2013-12-19 21:33 - 2014-01-11 14:43 - 00314656 _____ C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2013-12-19 21:33 - 2014-01-11 14:43 - 00266984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2013-12-19 21:33 - 2014-01-11 14:43 - 00032544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
2013-12-19 21:33 - 2013-09-05 01:37 - 01436528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2013-12-19 21:33 - 2013-09-05 01:37 - 01242400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2013-12-19 21:33 - 2013-09-05 01:36 - 00168616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2013-12-19 21:33 - 2013-09-05 01:36 - 00141336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2013-12-19 21:33 - 2013-09-05 01:36 - 00023754 _____ C:\WINDOWS\system32\nvinfo.pb
2013-12-19 21:33 - 2013-09-05 01:35 - 03071656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2013-12-19 21:33 - 2013-09-05 01:35 - 02698272 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2013-12-19 19:53 - 2013-10-19 11:24 - 06671648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2013-12-19 19:53 - 2013-10-19 11:24 - 03490080 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2013-12-19 19:53 - 2013-10-19 11:24 - 02559776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2013-12-19 19:53 - 2013-10-19 11:24 - 01065248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2013-12-19 19:53 - 2013-10-19 11:24 - 00922912 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2013-12-19 19:53 - 2013-10-19 11:24 - 00598304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\oemdspif.dll
2013-12-19 19:53 - 2013-10-19 11:24 - 00386336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2013-12-19 19:53 - 2013-10-19 11:24 - 00067072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2013-12-19 19:53 - 2013-10-19 11:24 - 00063776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2013-12-19 06:01 - 2013-10-19 11:24 - 03539040 _____ C:\WINDOWS\system32\nvcoproc.bin
2013-12-18 19:35 - 2013-11-14 20:09 - 00000000 ____D C:\Users\Chris Frank\Desktop\SEO
2013-12-18 00:16 - 2013-12-18 00:16 - 00003264 _____ C:\WINDOWS\System32\Tasks\{C4673D8E-8F18-4F3A-B805-4B98D744B8DC}
2013-12-17 16:23 - 2013-07-21 19:06 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-12-17 16:21 - 2013-03-07 18:04 - 90708896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

Some content of TEMP:
====================
C:\Users\Chris Frank\AppData\Local\Temp\avgnt.exe
C:\Users\Chris Frank\AppData\Local\Temp\BlockscapeSetup0.9.4740.39586.exe
C:\Users\Chris Frank\AppData\Local\Temp\IMsetup.exe
C:\Users\Chris Frank\AppData\Local\Temp\nircmd.exe
C:\Users\Chris Frank\AppData\Local\Temp\plus-hd-4-9.exe
C:\Users\Chris Frank\AppData\Local\Temp\SIntf16.dll
C:\Users\Chris Frank\AppData\Local\Temp\SIntf32.dll
C:\Users\Chris Frank\AppData\Local\Temp\SIntfNT.dll
C:\Users\Chris Frank\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Chris Frank\AppData\Local\Temp\vis-de.exe
C:\Users\Chris Frank\AppData\Local\Temp\wget.exe
C:\Users\Chris Frank\AppData\Local\Temp\zatbSetup_110_000_064.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-14 15:17

==================== End Of Log ============================
--- --- ---


Ich hoffe, alles hat funktioniert :-)

Und schon Mal vielen Dank für die Hilfsbereitschaft!

schrauber 16.01.2014 08:35
hi,

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Nazretin 18.01.2014 19:30
Hab eben versucht, Combofix zu starten, es sagt mir jedoch nur das Folgende: combofix is not meant to run in compatibility mode.

Anderweitig konnte ich auch nur die spärliche Information erhaschen, dass Combofix scheinbar nicht mit Windows 8.1 verträglich ist?!

schrauber 19.01.2014 10:36
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

Nazretin 19.01.2014 14:43
Das Posten der Logfiles würde die maximale Textlänge stark überschreiten, deshalb habe ich diese als Archiv an den Beitrag angehängt. Ich hoffe, dass es so in Ordnung ist, sonst werde ich jenes von Malewarebytes Anti-Maleware in zwei Teilen posten und um die Anderen ergänzen.

schrauber 20.01.2014 12:31
Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.


So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307





ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

Nazretin 30.01.2014 15:34
Hallo,

hab die Angelegenheit aufgrund privater Komplikationen und einer Portion Nachlässigkeit leider ein wenig schleifen lassen, das tut mir Leid. Der ESET-Scan hat einige Schadware erkannt, jedoch konnte ich bisher nur noch geringe Probleme feststellen, in etwa die hohe Datenträgerauslastung durch Avira Security Framework Service oder hohe Arbeitsspeicherbelastung durch Mozilla Firefox. Ab und zu hängt der Laptop ein bisschen. Hier die Log-files:

Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=990e78fe9f379745a4db9bbd6040760e
# engine=16850
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-01-29 06:44:00
# local_time=2014-01-29 07:44:00 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.2.9200 NT
# compatibility_mode=1799 16775165 100 94 0 4439202 59490 0
# compatibility_mode=5893 16776574 100 94 1391142 13854742 0 0
# scanned=1058723
# found=6
# cleaned=0
# scan_time=22179
sh=2C07EEB8E9FDCFE9A36AE38163EB3F2BE2833A85 ft=1 fh=31688d338c420f89 vn="probably unknown NewHeur_PE virus" ac=I fn="C:\$Recycle.Bin\S-1-5-21-1308701179-663055310-3103906990-1002\$RXNB8ZE.exe"
sh=9E111339CBA151DABE95DCB939954CD810752D47 ft=0 fh=0000000000000000 vn="a variant of Win32/Packed.VMProtect.AAH trojan" ac=I fn="C:\$Recycle.Bin\S-1-5-21-1308701179-663055310-3103906990-1002\$RWXU1WO\Th.Eld3r.Scr0lls.V.Skyr1m.Update.13.rar"
sh=927878D6F4E92D036E5B1EF32F47F861D8F3CEB4 ft=0 fh=0000000000000000 vn="a variant of Win32/Packed.VMProtect.AAH trojan" ac=I fn="C:\$Recycle.Bin\S-1-5-21-1308701179-663055310-3103906990-1002\$RWXU1WO\Th.Eld3r.Scr0lls.V.Skyr1m.Update.13\Th.Eld3r.Scr0lls.V.Skyr1m.Update.13\rld-tesvsu13.rar"
sh=38EB819B95824087D6C7B888A3EECDF91BE61BBB ft=1 fh=f998eb64c89b246b vn="a variant of Win32/Packed.VMProtect.AAN trojan" ac=I fn="C:\Program Files (x86)\NAMCO BANDAI Games\DarkSouls\xlive.dll"
sh=1701BD331400ECAC309FA5B793481CCE87FF93CC ft=1 fh=bc4ada3794bb9b2e vn="probably unknown NewHeur_PE virus" ac=I fn="C:\Stormblade\launcher.exe"
sh=16C8B78109D7950E3494FB3265325B9CAE5B87B6 ft=1 fh=2478213aaf05656c vn="probably unknown NewHeur_PE virus" ac=I fn="C:\Stormblade\updater.exe"
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=990e78fe9f379745a4db9bbd6040760e
# engine=16859
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-01-30 02:14:15
# local_time=2014-01-30 03:14:15 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.2.9200 NT
# compatibility_mode=1799 16775165 100 94 68518 4509417 61275 0
# compatibility_mode=5893 16776574 100 94 1457757 13924957 0 0
# scanned=1283508
# found=6
# cleaned=0
# scan_time=49727
sh=2C07EEB8E9FDCFE9A36AE38163EB3F2BE2833A85 ft=1 fh=31688d338c420f89 vn="probably unknown NewHeur_PE virus" ac=I fn="C:\$Recycle.Bin\S-1-5-21-1308701179-663055310-3103906990-1002\$RXNB8ZE.exe"
sh=9E111339CBA151DABE95DCB939954CD810752D47 ft=0 fh=0000000000000000 vn="a variant of Win32/Packed.VMProtect.AAH trojan" ac=I fn="C:\$Recycle.Bin\S-1-5-21-1308701179-663055310-3103906990-1002\$RWXU1WO\Th.Eld3r.Scr0lls.V.Skyr1m.Update.13.rar"
sh=927878D6F4E92D036E5B1EF32F47F861D8F3CEB4 ft=0 fh=0000000000000000 vn="a variant of Win32/Packed.VMProtect.AAH trojan" ac=I fn="C:\$Recycle.Bin\S-1-5-21-1308701179-663055310-3103906990-1002\$RWXU1WO\Th.Eld3r.Scr0lls.V.Skyr1m.Update.13\Th.Eld3r.Scr0lls.V.Skyr1m.Update.13\rld-tesvsu13.rar"
sh=38EB819B95824087D6C7B888A3EECDF91BE61BBB ft=1 fh=f998eb64c89b246b vn="a variant of Win32/Packed.VMProtect.AAN trojan" ac=I fn="C:\Program Files (x86)\NAMCO BANDAI Games\DarkSouls\xlive.dll"
sh=1701BD331400ECAC309FA5B793481CCE87FF93CC ft=1 fh=bc4ada3794bb9b2e vn="probably unknown NewHeur_PE virus" ac=I fn="C:\Stormblade\launcher.exe"
sh=16C8B78109D7950E3494FB3265325B9CAE5B87B6 ft=1 fh=2478213aaf05656c vn="probably unknown NewHeur_PE virus" ac=I fn="C:\Stormblade\updater.exe"

Code:
Results of screen317's Security Check version 0.99.79 
  x64 (UAC is enabled) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
Windows Defender 
Avira Desktop     
 Antivirus up to date!  (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
 Malwarebytes Anti-Malware Version 1.75.0.1300 
 Java 7 Update 21 
 Java version out of Date!
 Adobe Flash Player        11.8.800.94 
 Adobe Reader XI 
 Mozilla Firefox (26.0)
 Google Chrome 32.0.1700.102 
 Google Chrome 32.0.1700.76 
````````Process Check: objlist.exe by Laurent```````` 
 Avira Antivir avgnt.exe
 Avira Antivir avguard.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  %
````````````````````End of Log``````````````````````


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-01-2014 01
Ran by Chris Frank (administrator) on LEISTERBECKER on 30-01-2014 15:26:26
Running from C:\Users\Chris Frank\Downloads
Windows 8.1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Cepstral, LLC) C:\Program Files\Cepstral\bin\CepstralLicSrv.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Rosetta Stone Ltd.) C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.3\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Lenovo (Beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Dropbox, Inc.) C:\Users\Chris Frank\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft) C:\Program Files (x86)\Lenovo\Intelligent Touchpad\IntelligentTouchpad.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\swriter.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
(Microsoft Corporation) C:\Windows\System32\CredentialUIBroker.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.4.9600.16384_x64__8wekyb3d8bbwe\livecomm.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12921488 2012-09-14] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-09-14] (Realtek Semiconductor)
HKLM\...\Run: [SynLenovoGestureMgr] - C:\Program Files\Synaptics\SynTP\SynLenovoGestureMgr.exe [665400 2012-08-27] (Synaptics)
HKLM\...\Run: [OnekeyStudio] - C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-08-10] (Lenovo)
HKLM\...\Run: [Energy Management] - C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe [17080376 2012-11-13] (Lenovo (Beijing) Limited)
HKLM\...\Run: [EnergyUtility] - C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe [191544 2012-11-13] (Lenovo(beijing) Limited)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2916152 2012-08-27] (Synaptics Incorporated)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-11-08] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\WINDOWS\system32\nvspcap64.dll [1100248 2013-12-10] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [277504 2012-08-16] (Intel Corporation)
HKLM-x32\...\Run: [Dolby Home Theater v4] - C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [508656 2012-07-25] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [YouCam Mirage] - C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2012-07-27] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] - C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [167024 2012-07-27] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GShortCut] - C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-18] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [IntellingentTouchpad] - C:\Program Files (x86)\Lenovo\Intelligent Touchpad\IntelligentTouchpad.exe [673336 2012-07-23] (Microsoft)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LWS] - C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-12] (Logitech Inc.)
HKLM-x32\...\Run: [PDFPrint] - C:\Program Files (x86)\PDF24\pdf24.exe [185896 2013-10-28] (Geek Software GmbH)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-09] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3806544 2013-11-29] (LogMeIn Inc.)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1815464 2014-01-07] (Valve Corporation)
HKCU\...\Run: [Spotify] - C:\Users\Chris Frank\AppData\Roaming\Spotify\Spotify.exe [5951488 2014-01-10] (Spotify Ltd)
HKCU\...\Run: [Spotify Web Helper] - C:\Users\Chris Frank\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1168896 2014-01-10] (Spotify Ltd)
HKCU\...\Run: [Vidalia] - C:\Program Files (x86)\Vidalia Bridge Bundle\Vidalia\vidalia.exe [6239727 2013-02-06] ()
HKCU\...\Run: [HP Officejet 4620 series (NET)] - C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKCU\...\Run: [FreeAC] - C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe [1328976 2012-04-25] (Comfort Software Group)
HKCU\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKCU\...\Run: [spool] - "C:\Users\Chris Frank\AppData\Roaming\spool\nircmd.exe" exec hide "C:\Users\Chris Frank\AppData\Roaming\spool\start.bat"
MountPoints2: {7b6375f6-5131-11e3-bf10-20689d9d3c5c} - "F:\pushinst.exe"
MountPoints2: {c58725d2-810b-11e3-bf1f-20689d9d3c5c} - "C:\WINDOWS\system32\RunDLL32.EXE" Shell32.DLL,ShellExec_RunDLL G:\DVR/AutoRun.exe start.exe
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [168616 2013-12-19] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [141336 2013-12-19] (NVIDIA Corporation)
Startup: C:\Users\Chris Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Chris Frank\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Chris Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Chris Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet 4620 series (Netzwerk).lnk

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.zonealarm.com/?src=hp&tbid=Solo&Lan=&gu=4afff64066744d709f40c05c2e2a381d&tu=11Ih000BB1B0001&sku=&tstsId=&ver=&
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {1731B3A0-86E8-42CA-B196-EE99BBD15FA9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
SearchScopes: HKCU - {4EC7B45B-8837-46EC-B881-1819A7E5AE3A} URL = hxxp://search.zonealarm.com/search?src=sp&tbid=Solo&Lan=&q={searchTerms}&gu=4afff64066744d709f40c05c2e2a381d&tu=11Ih000BB1B0001&sku=&tstsId=&ver=&&r=875
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Microsoft.Search.HRSToolBar.InitToolbarBHO - {1d970ed5-3eda-438d-bffd-715931e2775d} - C:\WINDOWS\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: ArcPluginIEBHO Class - {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} - C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\ArcPluginIE.dll (Perfect World Entertainment Inc)
BHO-x32: Free Download Manager - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files (x86)\Free Download Manager\iefdm2.dll (FreeDownloadManager.ORG)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Bing HRS Toolbar - {c9a6357b-25cc-4bcf-96c1-78736985d414} - C:\WINDOWS\SysWOW64\mscoree.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 8.8.4.4 8.8.8.8

FireFox:
========
FF ProfilePath: C:\Users\Chris Frank\AppData\Roaming\Mozilla\Firefox\Profiles\ddxkoo31.default
FF NetworkProxy: "ftp_port", 8118
FF NetworkProxy: "http_port", 8118
FF NetworkProxy: "no_proxies_on", ""
FF NetworkProxy: "socks_port", 9050
FF NetworkProxy: "ssl_port", 8118
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_8_800_94.dll ()
FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 - C:\WINDOWS\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @MoneyMillionaire/npdf - C:\ProgramData\Rabatt-Finder\FFExtension20130508234455\plugins\npdf.dll No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin - C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\npArcPluginFF.dll (Perfect World Entertainment Inc)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: ProxTube - Unblock YouTube - C:\Users\Chris Frank\AppData\Roaming\Mozilla\Firefox\Profiles\ddxkoo31.default\Extensions\ich@maltegoetz.de [2013-12-11]
FF Extension: TinEye Reverse Image Search - C:\Users\Chris Frank\AppData\Roaming\Mozilla\Firefox\Profiles\ddxkoo31.default\Extensions\tineye@ideeinc.com.xpi [2013-06-24]
FF Extension: Adblock Plus - C:\Users\Chris Frank\AppData\Roaming\Mozilla\Firefox\Profiles\ddxkoo31.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-06-13]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://search.zonealarm.com/?src=hp&tbid=Solo&Lan=&gu=4afff64066744d709f40c05c2e2a381d&tu=11Ih000BB1B0001&sku=&tstsId=&ver=&"
CHR DefaultSearchProvider: Search By ZoneAlarm
CHR DefaultSearchURL: hxxp://search.zonealarm.com/search?src=sp&tbid=Solo&Lan=&q={searchTerms}&gu=4afff64066744d709f40c05c2e2a381d&tu=11Ih000BB1B0001&sku=&tstsId=&ver=&
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.62\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.62\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.62\pdf.dll No File
CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel® Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U21) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (ArcPlugin) - C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\npArcPluginFF.dll (Perfect World Entertainment Inc)
CHR Plugin: (Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (MoneyMillionaire plugin) - C:\ProgramData\Rabatt-Finder\FFExtension20130508234455\plugins\npdf.dll No File
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Chris Frank\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
CHR Plugin: (Java Deployment Toolkit 7.0.210.11) - C:\WINDOWS\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Extension: (Chrome In-App Payments service) - C:\Users\Chris Frank\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-29]

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-12-09] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1011768 2013-12-09] (Avira Operations GmbH & Co. KG)
S3 ArcService; C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcService.exe [88424 2013-08-10] (Perfect World Entertainment Inc)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-09-04] (Broadcom Corporation.)
S4 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [957304 2012-09-06] (Broadcom Corporation.)
R2 Cepstral License Server; C:\Program Files\Cepstral\bin\CepstralLicSrv.exe [121856 2009-09-29] (Cepstral, LLC)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377104 2013-10-11] (LogMeIn, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [272176 2012-07-18] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-10] (NVIDIA Corporation)
S2 PinnacleUpdateSvc; C:\Program Files (x86)\PowerUp Software\Pinnacle Game Profiler\pinnacle_updater.exe [430080 2011-05-09] (PowerUp Software, LLC)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [336824 2010-11-30] (arvato digital services llc)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2013-11-03] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [546304 2013-11-03] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2699568 2012-07-18] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2013-05-14] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131576 2013-12-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-12-09] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [84720 2013-12-09] (Avira Operations GmbH & Co. KG)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-09-04] (Broadcom Corporation.)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2013-11-21] (Disc Soft Ltd)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2013-11-29] (LogMeIn Inc.)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2013-05-14] ()
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
S3 NdisImPlatformMp; C:\Windows\system32\DRIVERS\NdisImPlatform.sys [124928 2013-08-22] (Microsoft Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 netvscvfpp; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
R3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3344352 2013-07-08] (Intel Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-27] (Synaptics Incorporated)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [975104 2012-08-24] (Vimicro Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
S3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [188384 2012-08-09] (Windows (R) Win 7 DDK provider)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-30 15:22 - 2014-01-30 15:22 - 00000929 _____ C:\Users\Chris Frank\Desktop\check.txt
2014-01-30 15:20 - 2014-01-30 15:21 - 00987425 _____ C:\Users\Chris Frank\Downloads\SecurityCheck(1).exe
2014-01-29 14:07 - 2014-01-29 14:27 - 00012921 _____ C:\Users\Chris Frank\Desktop\Lebenslauf.odt
2014-01-29 13:29 - 2014-01-29 13:29 - 02347384 _____ (ESET) C:\Users\Chris Frank\Downloads\esetsmartinstaller_enu.exe
2014-01-29 13:29 - 2014-01-29 13:29 - 00987425 _____ C:\Users\Chris Frank\Downloads\SecurityCheck.exe
2014-01-23 22:43 - 2014-01-23 22:43 - 00000222 _____ C:\Users\Chris Frank\Desktop\Anna - Extended Edition.url
2014-01-23 01:11 - 2014-01-23 01:11 - 00000700 _____ C:\Users\Public\Desktop\Panzar.lnk
2014-01-23 01:10 - 2014-01-23 01:10 - 16746832 _____ (Panzar                                                      ) C:\Users\Chris Frank\Downloads\Panzar.exe
2014-01-22 19:13 - 2014-01-22 19:13 - 00184076 _____ C:\Users\Chris Frank\Downloads\Soundstream15.dmg
2014-01-21 12:32 - 2014-01-21 12:32 - 00000000 ____D C:\Users\Chris Frank\Desktop\Tor Browser
2014-01-21 12:31 - 2014-01-21 12:31 - 24185920 _____ C:\Users\Chris Frank\Downloads\torbrowser-install-3.5_de.exe
2014-01-21 00:53 - 2014-01-23 22:41 - 00000000 ____D C:\Users\Chris Frank\AppData\Local\LogMeIn Hamachi
2014-01-21 00:53 - 2014-01-21 00:53 - 00000000 ____D C:\Users\Chris Frank\AppData\Local\LogMeIn
2014-01-21 00:53 - 2014-01-21 00:53 - 00000000 ____D C:\ProgramData\LogMeIn
2014-01-21 00:50 - 2014-01-21 00:50 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2014-01-21 00:47 - 2014-01-21 00:48 - 06373376 _____ C:\Users\Chris Frank\Downloads\hamachi09.msi
2014-01-20 23:39 - 2014-01-20 23:40 - 00000222 _____ C:\Users\Chris Frank\Desktop\Cry of Fear.url
2014-01-20 20:41 - 2014-01-30 01:26 - 00000000 ____D C:\Users\Chris Frank\AppData\Roaming\Skype
2014-01-20 20:40 - 2014-01-20 20:41 - 00000000 ____D C:\ProgramData\Skype
2014-01-20 20:40 - 2014-01-20 20:40 - 00002715 _____ C:\Users\Public\Desktop\Skype.lnk
2014-01-20 20:40 - 2014-01-20 20:40 - 00000000 ___RD C:\Program Files (x86)\Skype
2014-01-20 20:39 - 2014-01-20 20:39 - 35098272 _____ (Skype Technologies S.A.) C:\Users\Chris Frank\Downloads\SkypeSetupFull-6.11.59.exe
2014-01-19 14:40 - 2014-01-19 14:40 - 00018546 _____ C:\Users\Chris Frank\Desktop\Logfiles.rar
2014-01-19 14:26 - 2014-01-30 15:26 - 00000000 ____D C:\Users\Chris Frank\Downloads\FRST-OlderVersion
2014-01-19 14:21 - 2014-01-19 14:21 - 00000000 ____D C:\WINDOWS\ERUNT
2014-01-19 13:27 - 2014-01-19 14:14 - 00000000 ____D C:\AdwCleaner
2014-01-19 13:14 - 2014-01-19 13:14 - 00001132 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-01-19 13:14 - 2014-01-19 13:14 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-19 13:14 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-01-19 13:12 - 2014-01-19 13:12 - 01037068 _____ (Thisisu) C:\Users\Chris Frank\Downloads\JRT.exe
2014-01-19 13:11 - 2014-01-19 13:12 - 01236282 _____ C:\Users\Chris Frank\Downloads\adwcleaner.exe
2014-01-19 13:11 - 2014-01-19 13:11 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Chris Frank\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-18 23:35 - 2014-01-18 23:35 - 00000000 ____D C:\Users\Chris Frank\AppData\Roaming\Guild Wars 2
2014-01-18 23:20 - 2014-01-18 23:22 - 00000000 ____D C:\Users\Chris Frank\Documents\Arma 3
2014-01-18 23:20 - 2014-01-18 23:20 - 00000000 ____D C:\Users\Chris Frank\AppData\Local\Arma 3
2014-01-18 17:41 - 2014-01-18 17:41 - 05167985 _____ (Swearware) C:\Users\Chris Frank\Downloads\ComboFix.exe
2014-01-15 17:47 - 2014-01-15 17:47 - 00003192 _____ C:\WINDOWS\System32\Tasks\{21B1BFB8-B058-46D8-9474-0B1E9A7FD73C}
2014-01-15 16:15 - 2013-12-09 01:15 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-01-15 16:15 - 2013-11-27 16:36 - 03395920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2014-01-15 16:15 - 2013-11-27 12:41 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSCollect.exe
2014-01-15 16:15 - 2013-11-27 11:34 - 00138240 _____ C:\WINDOWS\system32\OEMLicense.dll
2014-01-15 16:15 - 2013-11-27 10:54 - 00103936 _____ C:\WINDOWS\SysWOW64\OEMLicense.dll
2014-01-15 16:15 - 2013-11-27 09:48 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-15 16:15 - 2013-11-27 09:45 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-01-15 16:15 - 2013-11-27 09:40 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-01-15 16:15 - 2013-11-27 09:38 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-01-15 16:15 - 2013-11-27 09:17 - 00695808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-01-15 16:15 - 2013-11-27 09:12 - 00848384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-01-15 11:44 - 2014-01-15 11:44 - 00023911 _____ C:\Users\Chris Frank\Downloads\Addition.txt
2014-01-15 11:43 - 2014-01-30 15:26 - 00026349 _____ C:\Users\Chris Frank\Downloads\FRST.txt
2014-01-15 11:42 - 2014-01-30 15:26 - 00000000 ____D C:\FRST
2014-01-15 11:39 - 2014-01-30 15:26 - 02079744 _____ (Farbar) C:\Users\Chris Frank\Downloads\FRST64.exe
2014-01-15 02:04 - 2014-01-15 03:09 - 00008108 _____ C:\Users\Chris Frank\Desktop\Anfangspin.odt
2014-01-14 19:42 - 2014-01-14 19:42 - 00003832 _____ C:\Users\Chris Frank\Desktop\Ereignisse.txt
2014-01-14 04:30 - 2014-01-14 04:30 - 00000000 ____D C:\Users\Chris Frank\AppData\Roaming\Avira
2014-01-14 04:29 - 2014-01-14 04:29 - 00002093 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2014-01-14 04:29 - 2014-01-14 04:29 - 00000000 ____D C:\ProgramData\Avira
2014-01-14 04:29 - 2014-01-14 04:29 - 00000000 ____D C:\Program Files (x86)\Avira
2014-01-14 04:29 - 2013-12-09 11:37 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2014-01-14 04:29 - 2013-12-09 11:37 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2014-01-14 04:29 - 2013-12-09 11:37 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2014-01-14 04:29 - 2013-12-09 11:37 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2014-01-14 04:26 - 2014-01-14 04:28 - 129598176 _____ C:\Users\Chris Frank\Downloads\avira_free_antivirus_de.exe
2014-01-14 04:19 - 2014-01-14 04:20 - 00000000 ____D C:\WINDOWS\SysWOW64\NV
2014-01-14 04:19 - 2014-01-14 04:20 - 00000000 ____D C:\WINDOWS\system32\NV
2014-01-13 21:38 - 2014-01-13 21:38 - 07080248 _____ C:\Users\Chris Frank\Downloads\MyPhoneExplorer_Setup_1.8.5.exe
2014-01-13 21:14 - 2014-01-13 21:14 - 06951714 _____ C:\Users\Chris Frank\Downloads\com.android.vending-4.5.10(1).apk
2014-01-13 21:12 - 2014-01-13 21:12 - 06951714 _____ C:\Users\Chris Frank\Downloads\com.android.vending-4.5.10.apk
2014-01-13 20:51 - 2014-01-13 20:51 - 00466851 _____ C:\Users\Chris Frank\Downloads\com.lindaandny.lindamanager.apk
2014-01-13 20:01 - 2014-01-13 20:01 - 00000000 ____D C:\Users\Chris Frank\Downloads\midtown_crazy_race
2014-01-13 19:58 - 2014-01-13 19:58 - 63991026 _____ C:\Users\Chris Frank\Downloads\midtown_crazy_race.zip
2014-01-13 16:52 - 2014-01-13 20:01 - 00011461 _____ C:\Users\Chris Frank\Desktop\OpenDocument Text (neu).odt
2014-01-11 18:46 - 2014-01-11 18:46 - 00000000 ____D C:\Users\Chris Frank\Documents\Elder Scrolls Online
2014-01-11 14:46 - 2014-01-11 14:46 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2014-01-11 14:43 - 2013-12-19 21:33 - 30372640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2014-01-11 14:43 - 2013-12-19 21:33 - 25257248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2014-01-11 14:43 - 2013-12-19 21:33 - 22960416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2014-01-11 14:43 - 2013-12-19 21:33 - 18310112 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2014-01-11 14:43 - 2013-12-19 21:33 - 18222008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2014-01-11 14:43 - 2013-12-19 21:33 - 17560352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2014-01-11 14:43 - 2013-12-19 21:33 - 15877216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2014-01-11 14:43 - 2013-12-19 21:33 - 15230352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2014-01-11 14:43 - 2013-12-19 21:33 - 12645664 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2014-01-11 14:43 - 2013-12-19 21:33 - 11605752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2014-01-11 14:43 - 2013-12-19 21:33 - 11554264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2014-01-11 14:43 - 2013-12-19 21:33 - 09700224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2014-01-11 14:43 - 2013-12-19 21:33 - 09657464 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2014-01-11 14:43 - 2013-12-19 21:33 - 03132704 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2014-01-11 14:43 - 2013-12-19 21:33 - 03125024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvenc.dll
2014-01-11 14:43 - 2013-12-19 21:33 - 02947872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2014-01-11 14:43 - 2013-12-19 21:33 - 02747680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvenc.dll
2014-01-11 14:43 - 2013-12-19 21:33 - 01884448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6433221.dll
2014-01-11 14:43 - 2013-12-19 21:33 - 01511712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6433221.dll
2014-01-11 14:43 - 2013-12-19 21:33 - 00882464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2014-01-11 14:43 - 2013-12-19 21:33 - 00879392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2014-01-11 14:43 - 2013-12-19 21:33 - 00852768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2014-01-11 14:43 - 2013-12-19 21:33 - 00847648 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2014-01-11 14:43 - 2013-12-19 21:33 - 00479520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2014-01-11 14:43 - 2013-12-19 21:33 - 00405280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2014-01-11 14:43 - 2013-12-19 21:33 - 00357152 _____ C:\WINDOWS\system32\NvIFROpenGL.dll
2014-01-11 14:43 - 2013-12-19 21:33 - 00317472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2014-01-11 14:43 - 2013-12-19 21:33 - 00314656 _____ C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2014-01-11 14:43 - 2013-12-19 21:33 - 00266984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2014-01-11 14:43 - 2013-12-19 21:33 - 00032544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvpciflt.sys
2014-01-11 14:34 - 2013-12-05 09:42 - 00039200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2014-01-11 14:34 - 2013-12-05 09:42 - 00032544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2014-01-11 14:23 - 2014-01-23 19:52 - 00000000 ____D C:\Users\Chris Frank\AppData\Roaming\Awesomium
2014-01-08 15:38 - 2014-01-08 15:38 - 00000000 ____D C:\ProgramData\Elder Scrolls Online
2014-01-08 03:15 - 2014-01-08 03:21 - 00000000 ____D C:\Program Files (x86)\Zenimax Online
2014-01-08 03:15 - 2014-01-08 03:15 - 00001426 _____ C:\Users\Chris Frank\Desktop\The Elder Scrolls Online Beta.lnk
2014-01-08 03:13 - 2014-01-08 03:14 - 55903624 _____ (                                                            ) C:\Users\Chris Frank\Downloads\Install_ESO_Beta.exe
2014-01-06 15:02 - 2014-01-07 00:05 - 00000000 ____D C:\Users\Chris Frank\Documents\DayZ
2014-01-06 15:02 - 2014-01-06 15:05 - 00000000 ____D C:\Users\Chris Frank\AppData\Local\DayZ
2014-01-06 13:54 - 2014-01-06 13:54 - 00000222 _____ C:\Users\Chris Frank\Desktop\DayZ.url

==================== One Month Modified Files and Folders =======

2014-01-30 15:27 - 2014-01-15 11:43 - 00026349 _____ C:\Users\Chris Frank\Downloads\FRST.txt
2014-01-30 15:26 - 2014-01-19 14:26 - 00000000 ____D C:\Users\Chris Frank\Downloads\FRST-OlderVersion
2014-01-30 15:26 - 2014-01-15 11:42 - 00000000 ____D C:\FRST
2014-01-30 15:26 - 2014-01-15 11:39 - 02079744 _____ (Farbar) C:\Users\Chris Frank\Downloads\FRST64.exe
2014-01-30 15:26 - 2013-08-22 14:36 - 00000000 __RHD C:\Users\Default
2014-01-30 15:22 - 2014-01-30 15:22 - 00000929 _____ C:\Users\Chris Frank\Desktop\check.txt
2014-01-30 15:21 - 2014-01-30 15:20 - 00987425 _____ C:\Users\Chris Frank\Downloads\SecurityCheck(1).exe
2014-01-30 15:16 - 2013-06-03 18:47 - 00001148 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-30 15:00 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\sru
2014-01-30 14:10 - 2013-10-19 11:23 - 02001240 _____ C:\WINDOWS\WindowsUpdate.log
2014-01-30 13:09 - 2013-10-18 20:40 - 00000000 ____D C:\Users\Chris Frank\AppData\Roaming\Dropbox
2014-01-30 04:25 - 2013-03-06 21:48 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1308701179-663055310-3103906990-1002
2014-01-30 04:19 - 2013-06-03 18:47 - 00001144 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-30 01:26 - 2014-01-20 20:41 - 00000000 ____D C:\Users\Chris Frank\AppData\Roaming\Skype
2014-01-30 01:22 - 2013-11-25 23:50 - 00000000 ____D C:\Users\Chris Frank\AppData\Local\PMB Files
2014-01-30 01:22 - 2013-11-25 23:50 - 00000000 ____D C:\ProgramData\PMB Files
2014-01-29 14:27 - 2014-01-29 14:07 - 00012921 _____ C:\Users\Chris Frank\Desktop\Lebenslauf.odt
2014-01-29 13:29 - 2014-01-29 13:29 - 02347384 _____ (ESET) C:\Users\Chris Frank\Downloads\esetsmartinstaller_enu.exe
2014-01-29 13:29 - 2014-01-29 13:29 - 00987425 _____ C:\Users\Chris Frank\Downloads\SecurityCheck.exe
2014-01-28 21:50 - 2013-03-07 21:13 - 00000000 ____D C:\Program Files (x86)\Steam
2014-01-23 22:43 - 2014-01-23 22:43 - 00000222 _____ C:\Users\Chris Frank\Desktop\Anna - Extended Edition.url
2014-01-23 22:41 - 2014-01-21 00:53 - 00000000 ____D C:\Users\Chris Frank\AppData\Local\LogMeIn Hamachi
2014-01-23 22:38 - 2013-10-18 20:45 - 00000000 ___RD C:\Users\Chris Frank\Dropbox
2014-01-23 22:37 - 2013-11-18 20:54 - 00000000 __RDO C:\Users\Chris Frank\SkyDrive
2014-01-23 22:37 - 2013-05-06 16:09 - 00000450 _____ C:\WINDOWS\Tasks\SlimDrivers Startup.job
2014-01-23 22:35 - 2013-11-23 21:25 - 00119296 _____ C:\WINDOWS\SysWOW64\zlib.dll
2014-01-23 22:35 - 2013-10-19 11:30 - 00000000 ____D C:\Users\Chris Frank
2014-01-23 22:35 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2014-01-23 19:52 - 2014-01-11 14:23 - 00000000 ____D C:\Users\Chris Frank\AppData\Roaming\Awesomium
2014-01-23 03:55 - 2013-03-07 19:58 - 00530671 _____ C:\WINDOWS\DirectX.log
2014-01-23 01:11 - 2014-01-23 01:11 - 00000700 _____ C:\Users\Public\Desktop\Panzar.lnk
2014-01-23 01:11 - 2013-04-01 14:42 - 00000000 ____D C:\Games
2014-01-23 01:10 - 2014-01-23 01:10 - 16746832 _____ (Panzar                                                      ) C:\Users\Chris Frank\Downloads\Panzar.exe
2014-01-22 19:21 - 2013-05-13 15:50 - 00030664 _____ C:\WINDOWS\system32\lvcoinst.log
2014-01-22 19:13 - 2014-01-22 19:13 - 00184076 _____ C:\Users\Chris Frank\Downloads\Soundstream15.dmg
2014-01-21 12:32 - 2014-01-21 12:32 - 00000000 ____D C:\Users\Chris Frank\Desktop\Tor Browser
2014-01-21 12:31 - 2014-01-21 12:31 - 24185920 _____ C:\Users\Chris Frank\Downloads\torbrowser-install-3.5_de.exe
2014-01-21 12:13 - 2013-09-30 05:14 - 02064598 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2014-01-21 12:13 - 2013-09-30 04:56 - 00878206 _____ C:\WINDOWS\system32\perfh007.dat
2014-01-21 12:13 - 2013-09-30 04:56 - 00201318 _____ C:\WINDOWS\system32\perfc007.dat
2014-01-21 00:53 - 2014-01-21 00:53 - 00000000 ____D C:\Users\Chris Frank\AppData\Local\LogMeIn
2014-01-21 00:53 - 2014-01-21 00:53 - 00000000 ____D C:\ProgramData\LogMeIn
2014-01-21 00:50 - 2014-01-21 00:50 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2014-01-21 00:48 - 2014-01-21 00:47 - 06373376 _____ C:\Users\Chris Frank\Downloads\hamachi09.msi
2014-01-20 23:40 - 2014-01-20 23:39 - 00000222 _____ C:\Users\Chris Frank\Desktop\Cry of Fear.url
2014-01-20 20:41 - 2014-01-20 20:40 - 00000000 ____D C:\ProgramData\Skype
2014-01-20 20:40 - 2014-01-20 20:40 - 00002715 _____ C:\Users\Public\Desktop\Skype.lnk
2014-01-20 20:40 - 2014-01-20 20:40 - 00000000 ___RD C:\Program Files (x86)\Skype
2014-01-20 20:39 - 2014-01-20 20:39 - 35098272 _____ (Skype Technologies S.A.) C:\Users\Chris Frank\Downloads\SkypeSetupFull-6.11.59.exe
2014-01-20 16:20 - 2013-08-22 15:46 - 00381736 _____ C:\WINDOWS\setupact.log
2014-01-19 14:40 - 2014-01-19 14:40 - 00018546 _____ C:\Users\Chris Frank\Desktop\Logfiles.rar
2014-01-19 14:21 - 2014-01-19 14:21 - 00000000 ____D C:\WINDOWS\ERUNT
2014-01-19 14:15 - 2013-09-29 20:04 - 00373696 _____ C:\WINDOWS\PFRO.log
2014-01-19 14:15 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2014-01-19 14:14 - 2014-01-19 13:27 - 00000000 ____D C:\AdwCleaner
2014-01-19 13:14 - 2014-01-19 13:14 - 00001132 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-01-19 13:14 - 2014-01-19 13:14 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-19 13:12 - 2014-01-19 13:12 - 01037068 _____ (Thisisu) C:\Users\Chris Frank\Downloads\JRT.exe
2014-01-19 13:12 - 2014-01-19 13:11 - 01236282 _____ C:\Users\Chris Frank\Downloads\adwcleaner.exe
2014-01-19 13:11 - 2014-01-19 13:11 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Chris Frank\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-18 23:35 - 2014-01-18 23:35 - 00000000 ____D C:\Users\Chris Frank\AppData\Roaming\Guild Wars 2
2014-01-18 23:35 - 2013-05-13 22:44 - 00000000 ____D C:\Users\Chris Frank\Documents\Guild Wars 2
2014-01-18 23:22 - 2014-01-18 23:20 - 00000000 ____D C:\Users\Chris Frank\Documents\Arma 3
2014-01-18 23:20 - 2014-01-18 23:20 - 00000000 ____D C:\Users\Chris Frank\AppData\Local\Arma 3
2014-01-18 23:20 - 2013-05-11 19:15 - 00000000 ____D C:\ProgramData\Bohemia Interactive
2014-01-18 17:41 - 2014-01-18 17:41 - 05167985 _____ (Swearware) C:\Users\Chris Frank\Downloads\ComboFix.exe
2014-01-18 14:39 - 2013-07-21 19:06 - 00000000 ____D C:\WINDOWS\system32\MRT
2014-01-18 14:37 - 2013-03-07 18:04 - 86054176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-01-16 18:01 - 2013-10-18 20:45 - 00001102 _____ C:\Users\Chris Frank\Desktop\Dropbox.lnk
2014-01-16 18:01 - 2013-10-18 20:40 - 00000000 ____D C:\Users\Chris Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-01-16 18:01 - 2013-03-06 21:42 - 00000000 ___RD C:\Users\Chris Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-16 17:54 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\WinStore
2014-01-15 17:47 - 2014-01-15 17:47 - 00003192 _____ C:\WINDOWS\System32\Tasks\{21B1BFB8-B058-46D8-9474-0B1E9A7FD73C}
2014-01-15 11:44 - 2014-01-15 11:44 - 00023911 _____ C:\Users\Chris Frank\Downloads\Addition.txt
2014-01-15 03:09 - 2014-01-15 02:04 - 00008108 _____ C:\Users\Chris Frank\Desktop\Anfangspin.odt
2014-01-14 19:42 - 2014-01-14 19:42 - 00003832 _____ C:\Users\Chris Frank\Desktop\Ereignisse.txt
2014-01-14 04:30 - 2014-01-14 04:30 - 00000000 ____D C:\Users\Chris Frank\AppData\Roaming\Avira
2014-01-14 04:29 - 2014-01-14 04:29 - 00002093 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2014-01-14 04:29 - 2014-01-14 04:29 - 00000000 ____D C:\ProgramData\Avira
2014-01-14 04:29 - 2014-01-14 04:29 - 00000000 ____D C:\Program Files (x86)\Avira
2014-01-14 04:28 - 2014-01-14 04:26 - 129598176 _____ C:\Users\Chris Frank\Downloads\avira_free_antivirus_de.exe
2014-01-14 04:20 - 2014-01-14 04:19 - 00000000 ____D C:\WINDOWS\SysWOW64\NV
2014-01-14 04:20 - 2014-01-14 04:19 - 00000000 ____D C:\WINDOWS\system32\NV
2014-01-13 21:38 - 2014-01-13 21:38 - 07080248 _____ C:\Users\Chris Frank\Downloads\MyPhoneExplorer_Setup_1.8.5.exe
2014-01-13 21:14 - 2014-01-13 21:14 - 06951714 _____ C:\Users\Chris Frank\Downloads\com.android.vending-4.5.10(1).apk
2014-01-13 21:12 - 2014-01-13 21:12 - 06951714 _____ C:\Users\Chris Frank\Downloads\com.android.vending-4.5.10.apk
2014-01-13 20:51 - 2014-01-13 20:51 - 00466851 _____ C:\Users\Chris Frank\Downloads\com.lindaandny.lindamanager.apk
2014-01-13 20:01 - 2014-01-13 20:01 - 00000000 ____D C:\Users\Chris Frank\Downloads\midtown_crazy_race
2014-01-13 20:01 - 2014-01-13 16:52 - 00011461 _____ C:\Users\Chris Frank\Desktop\OpenDocument Text (neu).odt
2014-01-13 19:58 - 2014-01-13 19:58 - 63991026 _____ C:\Users\Chris Frank\Downloads\midtown_crazy_race.zip
2014-01-11 18:46 - 2014-01-11 18:46 - 00000000 ____D C:\Users\Chris Frank\Documents\Elder Scrolls Online
2014-01-11 14:46 - 2014-01-11 14:46 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2014-01-11 14:46 - 2013-10-19 11:22 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2014-01-11 14:46 - 2013-04-01 21:40 - 00000000 ____D C:\ProgramData\NVIDIA
2014-01-11 14:37 - 2013-11-19 21:09 - 00000000 ____D C:\Users\Chris Frank\AppData\Local\NVIDIA Corporation
2014-01-11 14:37 - 2013-10-19 11:22 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2014-01-11 14:37 - 2013-03-08 19:31 - 00000000 ____D C:\Users\Chris Frank\AppData\Local\NVIDIA
2014-01-11 14:35 - 2013-10-19 11:22 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2014-01-10 16:36 - 2013-03-23 02:32 - 00000000 ____D C:\Users\Chris Frank\AppData\Roaming\Spotify
2014-01-10 16:34 - 2013-03-23 02:32 - 00000000 ____D C:\Users\Chris Frank\AppData\Local\Spotify
2014-01-08 15:38 - 2014-01-08 15:38 - 00000000 ____D C:\ProgramData\Elder Scrolls Online
2014-01-08 03:21 - 2014-01-08 03:15 - 00000000 ____D C:\Program Files (x86)\Zenimax Online
2014-01-08 03:15 - 2014-01-08 03:15 - 00001426 _____ C:\Users\Chris Frank\Desktop\The Elder Scrolls Online Beta.lnk
2014-01-08 03:14 - 2014-01-08 03:13 - 55903624 _____ (                                                            ) C:\Users\Chris Frank\Downloads\Install_ESO_Beta.exe
2014-01-07 00:05 - 2014-01-06 15:02 - 00000000 ____D C:\Users\Chris Frank\Documents\DayZ
2014-01-06 23:31 - 2013-11-18 20:53 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-01-06 23:31 - 2013-11-18 20:53 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-06 15:05 - 2014-01-06 15:02 - 00000000 ____D C:\Users\Chris Frank\AppData\Local\DayZ
2014-01-06 13:54 - 2014-01-06 13:54 - 00000222 _____ C:\Users\Chris Frank\Desktop\DayZ.url
2014-01-02 22:46 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache
2014-01-02 20:43 - 2013-03-07 01:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-02 20:42 - 2013-08-22 16:36 - 00000000 ___RD C:\WINDOWS\ToastData
2014-01-02 20:42 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\MediaViewer
2014-01-02 20:42 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\FileManager
2014-01-02 20:42 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\Camera

Some content of TEMP:
====================
C:\Users\Chris Frank\AppData\Local\Temp\avgnt.exe
C:\Users\Chris Frank\AppData\Local\Temp\BlockscapeSetup0.9.4740.39586.exe
C:\Users\Chris Frank\AppData\Local\Temp\nircmd.exe
C:\Users\Chris Frank\AppData\Local\Temp\Quarantine.exe
C:\Users\Chris Frank\AppData\Local\Temp\SIntf16.dll
C:\Users\Chris Frank\AppData\Local\Temp\SIntf32.dll
C:\Users\Chris Frank\AppData\Local\Temp\SIntfNT.dll
C:\Users\Chris Frank\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Chris Frank\AppData\Local\Temp\vis-de.exe
C:\Users\Chris Frank\AppData\Local\Temp\wget.exe
C:\Users\Chris Frank\AppData\Local\Temp\zatbSetup_110_000_064.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-28 13:38

==================== End Of Log ============================
--- --- ---


Mit besten Grüßen,

Nazretin

schrauber 31.01.2014 09:08
Java updaten.

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
C:\$Recycle.Bin

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.




Fertig :)

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun :)

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.


Alle Zeitangaben in WEZ +1. Es ist jetzt 08:55 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131