bigfoot510 | 24.04.2014 17:03 | Hallo Schrauber,
Download und anschließendes Update hat geklappt.:Boogie:
Anbei alle Logfiles: Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlauf Datum: 20.04.2014
Suchlauf-Zeit: 20:49:55
Logdatei: mbam.txt
Administrator: Ja
Version: 2.00.1.1004
Malware Datenbank: v2014.04.20.06
Rootkit Datenbank: v2014.03.27.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Chameleon: Deaktiviert
Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Pio´s
Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 291750
Verstrichene Zeit: 12 Min, 31 Sek
Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Tiefer Rootkit-Suchlauf: Aktiviert
Shuriken: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registrierungsschlüssel: 1
PUP.Optional.Softonic.A, HKU\S-1-5-21-3710108645-1296968449-2315236604-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, In Quarantäne, [4cb4996718e8946c04cc1c512cd6728e],
Registrierungswerte: 0
(No malicious items detected)
Registrierungsdaten: 0
(No malicious items detected)
Ordner: 0
(No malicious items detected)
Dateien: 1
Trojan.Winlock, C:\Users\Pio´s\AppData\Local\temp\Low\0275.dll, In Quarantäne, [37c9bd4302fe40c0c301aec0758cf10f],
Physische Sektoren: 0
(No malicious items detected)
(end) Code:
# AdwCleaner v3.202 - Bericht erstellt am 24/04/2014 um 17:49:57
# Aktualisiert 23/04/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Pio´s - DESKTOP
# Gestartet von : C:\Users\Pio´s\Desktop\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\SNT
Ordner Gelöscht : C:\Program Files (x86)\SNT
Ordner Gelöscht : C:\Users\Pio´s\AppData\Local\torch
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_windows-virtual-pc_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_windows-virtual-pc_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}]
Schlüssel Gelöscht : HKCU\Software\RegisteredApplicationsEx
Schlüssel Gelöscht : HKCU\Software\Softonic
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.16521
-\\ Mozilla Firefox v28.0 (de)
[ Datei : C:\Users\Pio´s\AppData\Roaming\Mozilla\Firefox\Profiles\7rs3uyyj.default\prefs.js ]
*************************
AdwCleaner[R0].txt - [2567 octets] - [24/04/2014 17:43:49]
AdwCleaner[S0].txt - [2360 octets] - [24/04/2014 17:49:57]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2420 octets] ########## Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Pioïs on 24.04.2014 at 17:58:17,14
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{066E59C5-6799-4CC1-BDE2-0A18AA510E5A}
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Users\Pioïs\AppData\Roaming\getrighttogo"
~~~ FireFox
Emptied folder: C:\Users\Pioïs\AppData\Roaming\mozilla\firefox\profiles\7rs3uyyj.default\minidumps [2 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 24.04.2014 at 18:03:57,01
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-04-2014
Ran by Pio´s (administrator) on DESKTOP on 24-04-2014 18:06:42
Running from C:\Users\Pio´s\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.05\AsSysCtrlService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Logitech Inc.) C:\Program Files\Logitech\SetPoint\LBTWiz.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPoint\SetPoint.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
() C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
(Adobe Systems Incorporated) C:\Windows\system32\Macromed\Flash\FlashUtil64_11_8_800_175_ActiveX.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => C:\Windows\KHALMNPR.EXE [130576 2009-06-17] (Logitech, Inc.)
HKLM\...\Run: [Bluetooth Connection Assistant] => LBTWIZ.EXE -silent
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2369536 2010-03-15] (VIA)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-04-27] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [avast] => C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-08-30] (AVAST Software)
HKLM-x32\...\Run: [20131121] => C:\Program Files\AVAST Software\Avast\setup\emupdate\c33c4b06-120d-42a8-ab04-b124c3040ff6.exe [180184 2013-11-26] (AVAST Software)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-3710108645-1296968449-2315236604-1000\...\Policies\Explorer: [NoInternetOpenWith] 1
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk
ShortcutTarget: Logitech SetPoint.lnk -> C:\Program Files\Logitech\SetPoint\SetPoint.exe (Logitech, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.t-online.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x929D5E7D9A10CC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
SearchScopes: HKCU - DefaultScope {9CB43B23-72F6-4B35-A9D3-2DEABF0751E0} URL = hxxp://www.google.de/search?q={searchTerms}
SearchScopes: HKCU - {9CB43B23-72F6-4B35-A9D3-2DEABF0751E0} URL = hxxp://www.google.de/search?q={searchTerms}
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: No Name - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: No Name - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: No Name - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - No File
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: No Name - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Pio´s\AppData\Roaming\Mozilla\Firefox\Profiles\7rs3uyyj.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Pio´s\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Pio´s\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: FireFTP - C:\Users\Pio´s\AppData\Roaming\Mozilla\Firefox\Profiles\7rs3uyyj.default\Extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}.xpi [2014-04-12]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-04-06]
Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (Saving Flash) - C:\Users\Pio´s\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla [2014-03-29]
CHR Extension: (YoutubeAdblocker) - C:\Users\Pio´s\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhoaiggjfpgpelilijlmacgfnjmmmpie [2014-03-29]
CHR Extension: (ssafEwebb) - C:\Users\Pio´s\AppData\Local\Google\Chrome\User Data\Default\Extensions\fikeolklbofceelabdkijmlejcedimeh [2014-03-29]
CHR Extension: (SNT) - C:\Users\Pio´s\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmdhhjlmcajdglbehejclpkhchdgdijg [2014-03-29]
==================== Services (Whitelisted) =================
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.05\AsSysCtrlService.exe [109056 2010-06-24] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software)
S4 GJService; C:\Program Files (x86)\SlySoft\Game Jackal v4\Server.exe [3130440 2011-04-30] ()
S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2003-04-18] ()
S4 Lavasoft Ad-Aware Service; C:\Program Files (x86)\Lavasoft\Ad-Aware\AAWService.exe [2151640 2011-06-28] (Lavasoft Limited)
==================== Drivers (Whitelisted) ====================
R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [139352 2013-07-31] (SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [139352 2013-07-31] (SlySoft, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-04-22] ()
R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-08-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-08-30] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-08-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-08-30] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-30] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-30] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-08-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [204880 2013-08-30] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2011-07-03] ()
S3 GigasetGenericUSB_x64; C:\Windows\System32\DRIVERS\GigasetGenericUSB_x64.sys [54272 2009-02-20] (Siemens Home and Office Communication Devices GmbH & Co. KG)
S3 Lavasoft Kernexplorer; C:\Program Files (x86)\Lavasoft\Ad-Aware\KernExplorer64.sys [17152 2011-07-06] ()
R0 Lbd; C:\Windows\System32\DRIVERS\Lbd.sys [69376 2011-04-29] (Lavasoft AB)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2011-07-03] ()
R3 Maplom; C:\Windows\System32\Drivers\Maplom.sys [33864 2011-04-30] (SlySoft Inc.)
R3 MaplomL; C:\Windows\System32\Drivers\MaplomL.sys [58440 2011-04-30] (SlySoft Inc.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
S3 RTLE8023x64; C:\Windows\System32\DRIVERS\Rtenic64.sys [280344 2010-07-06] (Realtek Semiconductor Corporation )
S3 SndTAudio; C:\Windows\System32\drivers\SndTAudio.sys [33336 2010-04-28] (Windows (R) Codename Longhorn DDK provider)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [868848 2011-05-23] ()
U3 aye2r7hl; C:\Windows\System32\Drivers\aye2r7hl.sys [0 ] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S1 ggqmposi; \??\C:\Windows\system32\drivers\ggqmposi.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-24 18:06 - 2014-04-24 18:06 - 00012978 _____ () C:\Users\Pio´s\Desktop\FRST.txt
2014-04-24 18:05 - 2014-04-24 18:05 - 02061824 _____ (Farbar) C:\Users\Pio´s\Desktop\FRST64.exe
2014-04-24 18:03 - 2014-04-24 18:03 - 00000983 _____ () C:\Users\Pio´s\Desktop\JRT.txt
2014-04-24 17:57 - 2014-04-24 17:57 - 01016261 _____ (Thisisu) C:\Users\Pio´s\Desktop\JRT.exe
2014-04-24 17:53 - 2014-04-24 17:53 - 00002516 _____ () C:\Users\Pio´s\Desktop\AdwCleaner[S0].txt
2014-04-24 17:40 - 2014-04-24 17:49 - 00000000 ____D () C:\AdwCleaner
2014-04-24 17:40 - 2014-04-24 17:40 - 01365865 _____ () C:\Users\Pio´s\Desktop\adwcleaner.exe
2014-04-20 20:56 - 2014-04-20 20:56 - 00001452 _____ () C:\Users\Pio´s\Desktop\mbam.txt
2014-04-20 20:51 - 2014-04-20 20:51 - 00000340 _____ () C:\Windows\PFRO.log
2014-04-20 20:36 - 2014-04-20 20:55 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-20 20:35 - 2014-04-20 20:35 - 00001113 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-20 20:35 - 2014-04-20 20:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-04-20 20:35 - 2014-04-20 20:35 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-20 20:35 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-20 20:35 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-20 20:35 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-20 20:34 - 2014-04-20 20:35 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Pio´s\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-18 20:58 - 2014-04-24 18:06 - 00000000 ____D () C:\FRST
2014-04-12 10:49 - 2014-04-12 10:49 - 00001790 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-04-12 10:49 - 2014-04-12 10:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-04-12 10:49 - 2014-04-12 10:49 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-04-12 10:49 - 2014-04-12 10:49 - 00000000 ____D () C:\Program Files\iTunes
2014-04-12 10:49 - 2014-04-12 10:49 - 00000000 ____D () C:\Program Files\iPod
2014-04-12 10:49 - 2014-04-12 10:49 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-04-12 10:49 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2014-04-12 10:48 - 2014-04-12 10:48 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-04-12 10:48 - 2014-04-12 10:48 - 00000000 ____D () C:\Program Files\Bonjour
2014-04-12 10:48 - 2014-04-12 10:48 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-04-12 10:35 - 2014-04-24 17:53 - 00021201 _____ () C:\Windows\setupact.log
2014-04-12 10:35 - 2014-04-12 10:35 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-10 18:44 - 2014-03-31 03:16 - 23134208 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-10 18:44 - 2014-03-31 03:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-10 18:44 - 2014-03-31 02:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-10 18:44 - 2014-03-31 01:57 - 17073152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-10 18:44 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-10 18:44 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-10 18:44 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-10 18:44 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-10 18:44 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-10 18:44 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-10 18:44 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-10 18:44 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-10 18:44 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-10 18:44 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-10 18:44 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-10 18:44 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-10 18:44 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-10 18:43 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-10 18:43 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-10 18:43 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-10 18:43 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-04 15:32 - 2014-04-04 15:32 - 00001170 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-04-04 15:32 - 2014-04-04 15:32 - 00001158 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-04 15:32 - 2014-04-04 15:32 - 00000000 ____D () C:\Users\Pio´s\AppData\Roaming\Mozilla
2014-04-04 15:32 - 2014-04-04 15:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-04 14:37 - 2014-04-04 14:37 - 00000000 _____ () C:\autoexec.bat
2014-04-04 14:36 - 2014-04-04 15:09 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-04-04 14:36 - 2014-04-04 14:36 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-03-29 17:39 - 2014-03-29 17:53 - 42323206 _____ () C:\Users\Pio´s\Downloads\fr44rfhzhzfuzh47848748r4.zip
2014-03-29 17:01 - 2014-03-29 17:01 - 00000000 ____D () C:\Users\Pio´s\AppData\Local\calibre-cache
2014-03-29 16:59 - 2014-04-20 22:45 - 00000000 ____D () C:\Users\Pio´s\AppData\Roaming\calibre
2014-03-29 11:49 - 2014-03-29 11:49 - 00000000 ____D () C:\ProgramData\Puresafe
2014-03-29 11:47 - 2014-04-03 19:32 - 00000000 ____D () C:\ProgramData\safeweBB
2014-03-29 11:47 - 2014-03-29 11:49 - 00000000 ____D () C:\ProgramData\InstallMate
2014-03-29 11:47 - 2014-03-29 11:49 - 00000000 ____D () C:\ProgramData\9661d1c809b53485
2014-03-29 11:47 - 2014-03-29 11:47 - 00000000 ____D () C:\Users\Pio´s\AppData\Local\Comodo
2014-03-29 11:47 - 2014-03-29 11:47 - 00000000 ____D () C:\Users\Gast\AppData\Local\Torch
2014-03-29 11:47 - 2014-03-29 11:47 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-03-29 11:47 - 2014-03-29 11:47 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-03-29 11:47 - 2014-03-29 11:47 - 00000000 ____D () C:\Users\Gast
2014-03-29 11:47 - 2014-03-29 11:47 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-03-29 11:47 - 2014-03-29 11:47 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-03-29 11:47 - 2014-03-29 11:47 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-03-29 11:47 - 2014-03-29 11:47 - 00000000 ____D () C:\Users\Administrator
2014-03-29 11:47 - 2014-03-29 11:47 - 00000000 ____D () C:\Program Files (x86)\safeweBB
2014-03-29 11:28 - 2014-03-29 11:28 - 00000937 _____ () C:\Users\Public\Desktop\calibre 64bit - E-book management.lnk
2014-03-29 11:28 - 2014-03-29 11:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
2014-03-29 11:28 - 2014-03-29 11:28 - 00000000 ____D () C:\Program Files\Calibre2
==================== One Month Modified Files and Folders =======
2014-04-24 18:06 - 2014-04-24 18:06 - 00012978 _____ () C:\Users\Pio´s\Desktop\FRST.txt
2014-04-24 18:06 - 2014-04-18 20:58 - 00000000 ____D () C:\FRST
2014-04-24 18:05 - 2014-04-24 18:05 - 02061824 _____ (Farbar) C:\Users\Pio´s\Desktop\FRST64.exe
2014-04-24 18:03 - 2014-04-24 18:03 - 00000983 _____ () C:\Users\Pio´s\Desktop\JRT.txt
2014-04-24 18:00 - 2009-07-14 06:45 - 00028720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-24 18:00 - 2009-07-14 06:45 - 00028720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-24 17:58 - 2013-10-02 11:50 - 00000000 ____D () C:\Windows\ERUNT
2014-04-24 17:57 - 2014-04-24 17:57 - 01016261 _____ (Thisisu) C:\Users\Pio´s\Desktop\JRT.exe
2014-04-24 17:56 - 2012-04-06 15:19 - 01143919 _____ () C:\Windows\WindowsUpdate.log
2014-04-24 17:53 - 2014-04-24 17:53 - 00002516 _____ () C:\Users\Pio´s\Desktop\AdwCleaner[S0].txt
2014-04-24 17:53 - 2014-04-12 10:35 - 00021201 _____ () C:\Windows\setupact.log
2014-04-24 17:51 - 2011-07-07 10:13 - 00299836 _____ () C:\aaw7boot.log
2014-04-24 17:49 - 2014-04-24 17:40 - 00000000 ____D () C:\AdwCleaner
2014-04-24 17:40 - 2014-04-24 17:40 - 01365865 _____ () C:\Users\Pio´s\Desktop\adwcleaner.exe
2014-04-21 23:25 - 2011-05-23 17:13 - 00000000 ____D () C:\Users\Pio´s\Documents\Outlook-Dateien
2014-04-21 23:17 - 2014-01-09 12:17 - 00000000 ____D () C:\DVD Rips
2014-04-21 23:02 - 2012-10-01 11:58 - 00000083 ___SH () C:\ProgramData\.zreglib
2014-04-20 22:45 - 2014-03-29 16:59 - 00000000 ____D () C:\Users\Pio´s\AppData\Roaming\calibre
2014-04-20 20:56 - 2014-04-20 20:56 - 00001452 _____ () C:\Users\Pio´s\Desktop\mbam.txt
2014-04-20 20:55 - 2014-04-20 20:36 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-20 20:51 - 2014-04-20 20:51 - 00000340 _____ () C:\Windows\PFRO.log
2014-04-20 20:35 - 2014-04-20 20:35 - 00001113 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-20 20:35 - 2014-04-20 20:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-04-20 20:35 - 2014-04-20 20:35 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-20 20:35 - 2014-04-20 20:34 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Pio´s\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-20 20:35 - 2013-09-28 09:39 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-20 10:45 - 2011-05-10 17:38 - 00000000 ___RD () C:\Users\Pio´s\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-13 22:43 - 2010-11-21 08:50 - 00701326 _____ () C:\Windows\system32\perfh007.dat
2014-04-13 22:43 - 2010-11-21 08:50 - 00150226 _____ () C:\Windows\system32\perfc007.dat
2014-04-13 22:43 - 2009-07-14 07:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-12 10:49 - 2014-04-12 10:49 - 00001790 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-04-12 10:49 - 2014-04-12 10:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-04-12 10:49 - 2014-04-12 10:49 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-04-12 10:49 - 2014-04-12 10:49 - 00000000 ____D () C:\Program Files\iTunes
2014-04-12 10:49 - 2014-04-12 10:49 - 00000000 ____D () C:\Program Files\iPod
2014-04-12 10:49 - 2014-04-12 10:49 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-04-12 10:48 - 2014-04-12 10:48 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-04-12 10:48 - 2014-04-12 10:48 - 00000000 ____D () C:\Program Files\Bonjour
2014-04-12 10:48 - 2014-04-12 10:48 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-04-12 10:47 - 2012-10-06 17:32 - 00000000 ____D () C:\ProgramData\Apple
2014-04-12 10:35 - 2014-04-12 10:35 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-12 10:32 - 2012-04-05 19:00 - 00000000 ____D () C:\Windows\Minidump
2014-04-12 10:32 - 2011-07-11 22:14 - 00000000 ____D () C:\Users\Pio´s\AppData\Roaming\Winamp
2014-04-12 10:32 - 2011-07-06 21:58 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-04-12 10:32 - 2011-04-13 22:38 - 00000000 ____D () C:\Windows\Panther
2014-04-04 15:32 - 2014-04-04 15:32 - 00001170 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-04-04 15:32 - 2014-04-04 15:32 - 00001158 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-04 15:32 - 2014-04-04 15:32 - 00000000 ____D () C:\Users\Pio´s\AppData\Roaming\Mozilla
2014-04-04 15:32 - 2014-04-04 15:32 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-04 15:32 - 2013-11-07 22:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-04 15:09 - 2014-04-04 14:36 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-04-04 14:37 - 2014-04-04 14:37 - 00000000 _____ () C:\autoexec.bat
2014-04-04 14:36 - 2014-04-04 14:36 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-04-04 13:57 - 2011-10-30 19:05 - 00000000 ____D () C:\Users\Pio´s\Documents\Bedienungsanleitungen
2014-04-04 13:57 - 2011-07-01 17:58 - 00000000 ____D () C:\Users\Pio´s\Documents\Michi
2014-04-03 19:32 - 2014-03-29 11:47 - 00000000 ____D () C:\ProgramData\safeweBB
2014-04-03 09:51 - 2014-04-20 20:35 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-20 20:35 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-20 20:35 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-31 09:35 - 2010-11-21 05:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-03-31 03:16 - 2014-04-10 18:44 - 23134208 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-31 03:13 - 2014-04-10 18:44 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-31 02:13 - 2014-04-10 18:44 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-31 01:57 - 2014-04-10 18:44 - 17073152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-29 17:53 - 2014-03-29 17:39 - 42323206 _____ () C:\Users\Pio´s\Downloads\fr44rfhzhzfuzh47848748r4.zip
2014-03-29 17:01 - 2014-03-29 17:01 - 00000000 ____D () C:\Users\Pio´s\AppData\Local\calibre-cache
2014-03-29 11:49 - 2014-03-29 11:49 - 00000000 ____D () C:\ProgramData\Puresafe
2014-03-29 11:49 - 2014-03-29 11:47 - 00000000 ____D () C:\ProgramData\InstallMate
2014-03-29 11:49 - 2014-03-29 11:47 - 00000000 ____D () C:\ProgramData\9661d1c809b53485
2014-03-29 11:47 - 2014-03-29 11:47 - 00000000 ____D () C:\Users\Pio´s\AppData\Local\Comodo
2014-03-29 11:47 - 2014-03-29 11:47 - 00000000 ____D () C:\Users\Gast\AppData\Local\Torch
2014-03-29 11:47 - 2014-03-29 11:47 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-03-29 11:47 - 2014-03-29 11:47 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-03-29 11:47 - 2014-03-29 11:47 - 00000000 ____D () C:\Users\Gast
2014-03-29 11:47 - 2014-03-29 11:47 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-03-29 11:47 - 2014-03-29 11:47 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-03-29 11:47 - 2014-03-29 11:47 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-03-29 11:47 - 2014-03-29 11:47 - 00000000 ____D () C:\Users\Administrator
2014-03-29 11:47 - 2014-03-29 11:47 - 00000000 ____D () C:\Program Files (x86)\safeweBB
2014-03-29 11:47 - 2011-09-30 17:59 - 00000000 ____D () C:\Users\Pio´s\AppData\Local\Google
2014-03-29 11:28 - 2014-03-29 11:28 - 00000937 _____ () C:\Users\Public\Desktop\calibre 64bit - E-book management.lnk
2014-03-29 11:28 - 2014-03-29 11:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management
2014-03-29 11:28 - 2014-03-29 11:28 - 00000000 ____D () C:\Program Files\Calibre2
Some content of TEMP:
====================
C:\Users\Pio´s\AppData\Local\temp\Quarantine.exe
C:\Users\Pio´s\AppData\Local\temp\SHSetup.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2011-04-13 21:40
==================== End Of Log ============================ --- --- ---
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-04-2014
Ran by Pio´s at 2014-04-24 18:07:08
Running from C:\Users\Pio´s\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: avast! Antivirus (Disabled - Up to date) {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AS: avast! Antivirus (Disabled - Up to date) {904CF271-6431-DA47-5FCE-A87D98DFB681}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
Ad-Aware (HKLM-x32\...\{F027C8E3-6DBD-492A-9959-7B36B1DE0D65}) (Version: 9.0.1 - Lavasoft Limited)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.8.800.175 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.8.800.168 - Adobe Systems Incorporated)
Adobe Photoshop CS5.1 (HKLM-x32\...\{9158FF30-78D7-40EF-B83E-451AC5334640}) (Version: 12.1 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.05) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.05 - Adobe Systems Incorporated)
Anno 1701 (HKLM-x32\...\{A2433A63-5F5D-40E5-B529-9123C2B3E734}) (Version: 1.04 - Sunflowers)
Ant Renamer (HKLM-x32\...\Ant Renamer 2_is1) (Version: 2.10.0 - Ant Software)
AnyDVD (HKLM-x32\...\AnyDVD) (Version: 7.3.3.0 - SlySoft)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS VGA Driver (x32 Version: 3.0.0.1 - Ihr Firmenname) Hidden
ATI AVIVO64 Codecs (Version: 11.6.0.50930 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (HKLM\...\{BCE26847-79A9-56FF-908E-C02FAA7705B3}) (Version: 3.0.795.0 - ATI Technologies, Inc.)
Avanquest update (HKLM-x32\...\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}) (Version: 1.31 - Avanquest Software)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 8.0.1497.0 - AVAST Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
calibre 64bit (HKLM\...\{4C296BF8-1A08-4C8D-A4B3-16FB6AECEF20}) (Version: 1.30.0 - Kovid Goyal)
Canon iP4700 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4700_series) (Version: - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0930.2237.38732 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0930.2237.38732 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0930.2237.38732 - ATI) Hidden
CCC Help German (x32 Version: 2010.0930.2236.38732 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0930.2237.38732 - Ihr Firmenname) Hidden
ccc-utility64 (Version: 2010.0930.2237.38732 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.17 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.4.1.3099 - CDBurnerXP)
CDDRV_Installer (Version: 4.60 - Logitech) Hidden
CDex - Open Source Digital Audio CD Extractor (HKLM-x32\...\CDex) (Version: 1.70.4.2009 - Georgy Berdyshev)
CD-LabelPrint (HKLM-x32\...\MediaNavigation.CDLabelPrint) (Version: - )
CloneDVD2 (HKLM-x32\...\CloneDVD2) (Version: 2.9.3.0 - Elaborate Bytes)
Company of Heroes - FAKEMSI (x32 Version: 2.0.0.0 - THQ Inc.) Hidden
Company of Heroes (HKLM-x32\...\Company of Heroes) (Version: 2.602.0 - THQ Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
EIZO ScreenSlicer (HKLM-x32\...\{292A177D-723F-4537-9985-BC8BFCD8B63D}) (Version: 1.0.2.2 - EIZO NANAO CORPORATION)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 14.4.20130909 - Landesfinanzdirektion Thüringen)
EPU (HKLM-x32\...\{9C2AC00C-0C06-4B7E-97A4-A833808D54D6}) (Version: 1.02.20 - )
erLT (x32 Version: 1.20.0137 - Logitech, Inc.) Hidden
Game Jackal v4.1.1.4 (64 bit) (HKLM\...\Game Jackal v4_is1) (Version: - SlySoft Inc.)
Gigaset QuickSync (HKLM\...\{3e116348-5bec-4119-b3a0-30f2e0614eb3}) (Version: 7.0.0839.2 - Gigaset Communications GmbH)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
KhalInstallWrapper (Version: 2.00.0000 - Logitech) Hidden
Knoll Light Factory EZ Studio 15 (HKLM-x32\...\Knoll Light Factory EZ Studio 15) (Version: - )
Logitech SetPoint (HKLM-x32\...\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}) (Version: 4.80 - Logitech)
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Medal of Honor (TM) (HKLM-x32\...\{415030B8-3E8B-462A-8C03-41D95AA3AB3B}) (Version: 1.0.0.0 - Electronic Arts)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.1.10111.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Motorola Driver Installation 3.4.0 (HKLM\...\{8164DB37-0ED4-4DDA-9644-E0B7A42205CB}) (Version: 3.4.0 - Motorola Inc.)
Motorola Phone Tools (HKLM-x32\...\{BAD8CA9C-77C0-4663-B00B-A8D3B13C341B}) (Version: 5.0.7a 4/01/2008 - Avanquest Software)
Motorola Phone Tools (x32 Version: 4.30 - BVRP Software) Hidden
Motorola Phone Tools (x32 Version: 5.00 - BVRP Software) Hidden
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Napster (HKLM-x32\...\{BBBCAE4B-B416-4182-A6F2-438180894A81}) (Version: 4.6.4.0 - Napster)
Napster Burn Engine (x32 Version: 3.5.0000 - Ihr Firmenname) Hidden
NirSoft Mail PassView (HKLM-x32\...\NirSoft Mail PassView) (Version: - )
NVIDIA PhysX (HKLM-x32\...\{1C4551A6-4743-4093-91E4-1477CD655043}) (Version: 9.09.0203 - NVIDIA Corporation)
PC Probe II (HKLM-x32\...\{F7338FA3-DAB5-49B2-900D-0AFB5760C166}) (Version: 1.04.87 - ASUSTeK Computer Inc.)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.2.1 - Frank Heindörfer, Philip Chinery)
Pinnacle Studio 15 (HKLM-x32\...\{1362E602-9625-42D3-B57F-CDA9D26F9DA8}) (Version: 15.0.0.7593 - Pinnacle Systems)
Pinnacle Studio 15 Ultimate Plugins (HKLM-x32\...\{EB5DF19E-75D5-4FF1-AE23-2A9A2E0F2BDD}) (Version: 15.0.0.7593 - Pinnacle Systems)
Pinnacle Studio Bonus Content (HKLM-x32\...\{FC030CB5-46A6-4229-AD6E-0AC869F509C8}) (Version: 15.0.0.51 - Pinnacle Systems)
Pinnacle Video Treiber (HKLM\...\{6DE721A5-5E89-4D74-994C-652BB3C0672E}) (Version: 12.1.0.030 - Pinnacle Systems)
Platform (x32 Version: 1.34 - VIA Technologies, Inc.) Hidden
PlayFLV (HKLM-x32\...\FLVCodec) (Version: - )
PokerStars.net (HKLM-x32\...\PokerStars.net) (Version: - PokerStars.net)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.21.531.2010 - Realtek)
Recuva (HKLM\...\Recuva) (Version: 1.40 - Piriform)
Red Giant ToonIt Studio 15 (HKLM-x32\...\Red Giant ToonIt Studio 15) (Version: - )
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.4.0 - Renesas Electronics Corporation) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
TagScanner 5.1.600 (HKLM-x32\...\TagScanner_is1) (Version: - Sergey Serkov)
TmNationsForever (HKLM-x32\...\TmNationsForever_is1) (Version: - Nadeo)
TurboV EVO (HKLM-x32\...\{491D92A9-69CA-4EB4-81D3-0106F9337957}) (Version: 1.02.32 - )
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
VLC media player 1.1.10 (HKLM-x32\...\VLC media player) (Version: 1.1.10 - VideoLAN)
Warcraft III (HKLM-x32\...\Warcraft III) (Version: - )
Winamp (HKLM-x32\...\Winamp) (Version: 5.62 - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinRAR 4.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)
==================== Restore Points =========================
29-03-2014 09:28:04 Installed calibre 64bit
02-04-2014 11:55:03 Windows Update
04-04-2014 12:36:18 Installed SpyHunter
04-04-2014 13:09:16 Removed SpyHunter
10-04-2014 16:43:04 Windows Update
10-04-2014 17:18:57 Windows Update
12-04-2014 08:22:56 Removed Apple Mobile Device Support
12-04-2014 08:24:10 Removed iTunes
12-04-2014 08:26:07 Removed Apple Application Support
12-04-2014 08:27:41 Removed Bonjour
12-04-2014 08:48:25 Installed iTunes
15-04-2014 14:23:41 Windows Update
20-04-2014 18:23:01 Windows Update
24-04-2014 15:39:40 Windows Update
==================== Hosts content: ==========================
2013-09-15 14:30 - 2013-09-15 14:32 - 00000027 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {046405D1-6044-4D59-8E54-C43C4C2C25B6} - System32\Tasks\Microsoft\Microsoft Antimalware\MP Scheduled Scan => c:\Program Files\Microsoft Security Essentials\MpCmdRun.exe
Task: {14F3981D-B123-4167-9A90-3F9EBACB8A3D} - System32\Tasks\ASUS\TurboVHelp => C:\Program Files (x86)\ASUS\TurboV EVO\TurboVHELP.exe [2010-07-07] (ASUSTeK Computer Inc.)
Task: {3CA4CCB2-7AA4-45DB-9138-F0C4E907FB96} - System32\Tasks\Microsoft\Microsoft Antimalware\MpIdleTask => c:\Program Files\Microsoft Security Essentials\MpCmdRun.exe
Task: {C739AE21-2BF4-4837-8E84-9A7AD9FA9B69} - System32\Tasks\ASUS\ASUS RegRun Loader => C:\Program Files (x86)\ASUS\AASP\1.01.02\AsLoader.exe [2009-12-28] (ASUSTeK Computer Inc.)
Task: {F58C041D-F733-4239-92B5-39DE4108FA35} - System32\Tasks\ASUS\RunDAOD => C:\Windows\DAODx.exe [2009-03-30] ()
Task: C:\Windows\Tasks\Ad-Aware Update (Weekly).job => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AdobeAAMUpdater-1.0-Desktop-Pio´s.job => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
Task: C:\Windows\Tasks\avast! Emergency Update.job => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: C:\Windows\Tasks\elbyExecuteWithUAC.job => C:\Program Files (x86)\SlySoft\AnyDVD\ExecuteWithUAC.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cef90b50a80df5.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2011-07-24 11:16 - 2005-03-12 01:07 - 00087040 _____ () C:\Windows\System32\pdfcmnnt.dll
2011-05-10 18:03 - 2010-06-24 08:19 - 00109056 ____R () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.05\AsSysCtrlService.exe
2011-05-21 18:30 - 2009-07-20 12:35 - 00018960 _____ () C:\Program Files\Logitech\SetPoint\khalwrapper.dll
2011-05-10 18:00 - 2009-05-07 10:51 - 00071680 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2011-05-10 18:00 - 2009-05-07 10:53 - 00379392 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2011-05-10 18:00 - 2008-01-18 08:50 - 00098816 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\VMicApi.dll
2011-05-10 18:00 - 2010-03-02 09:31 - 64105984 ____R () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Skin.dll
2011-05-21 18:31 - 2009-07-20 04:00 - 00077824 _____ () C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
2010-01-30 02:40 - 2010-01-30 02:40 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2011-05-23 16:40 - 2011-03-02 12:40 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
2014-04-24 17:37 - 2014-04-24 09:53 - 02292224 _____ () C:\Program Files\AVAST Software\Avast\defs\14042400\algo.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Lavasoft Ad-Aware Service => ""="Service"
==================== Disabled items from MSCONFIG ==============
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: AxInstSV => 3
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: GJService => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: Lavasoft Ad-Aware Service => 2
MSCONFIG\Services: SwitchBoard => 3
MSCONFIG\Services: WinDefend => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^EIZO ScreenSlicer.lnk => C:\Windows\pss\EIZO ScreenSlicer.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5.5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AlcoholAutomount => "C:\Program Files (x86)\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BCSSync => "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: Google Update => "C:\Users\Pio´s\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: KiesAirMessage => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: MSSE => "c:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey
MSCONFIG\startupreg: NapsterShell => C:\Program Files (x86)\Napster\napster.exe /systray
MSCONFIG\startupreg: Six Engine => "C:\Program Files (x86)\ASUS\EPU\EPU.exe" -b
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: TurboV EVO => "C:\Program Files (x86)\ASUS\TurboV EVO\TurboV_EVO.exe" -b
MSCONFIG\startupreg: WinampAgent => "C:\Program Files (x86)\Winamp\winampa.exe"
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2013-09-15 14:29:36.308
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-09-15 14:29:36.199
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2012-03-12 20:56:13.309
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Logitech\SetPoint\lgscroll.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-03-12 20:56:13.289
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Logitech\SetPoint\lgscroll.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-03-12 20:56:13.269
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Logitech\SetPoint\lgscroll.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-03-12 20:56:13.249
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Logitech\SetPoint\lgscroll.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-03-12 20:56:13.219
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Logitech\SetPoint\lgscroll.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-03-12 20:56:13.189
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Logitech\SetPoint\lgscroll.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-03-12 20:56:13.159
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Logitech\SetPoint\lgscroll.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-03-12 20:54:27.189
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Logitech\SetPoint\lgscroll.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 21%
Total physical RAM: 8190.16 MB
Available physical RAM: 6454.59 MB
Total Pagefile: 16378.51 MB
Available Pagefile: 14451.53 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:470.76 GB) (Free:34.56 GB) NTFS
Drive d: (Programme und Spiele) (Fixed) (Total:460.66 GB) (Free:83.77 GB) NTFS
Drive e: (Musik) (Fixed) (Total:202.86 GB) (Free:49.8 GB) NTFS
Drive f: (Bilder) (Fixed) (Total:488.28 GB) (Free:16.49 GB) NTFS
Drive g: (Filme) (Fixed) (Total:976.56 GB) (Free:14.15 GB) NTFS
Drive z: (Sicherung) (Fixed) (Total:195.31 GB) (Free:139.37 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 8D1FE230)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=471 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=461 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 8D1FE237)
Partition 1: (Not Active) - (Size=203 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=488 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=977 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=195 GB) - (Type=OF Extended)
==================== End Of Log ============================ |