Fehlermeldung beim Hochfahren PC

pclaie1234 · 14.10.2013, 19:22

Hallo,
bekomme beim Hochfahren meines PC unter WIN7 folgende Meldung (bin absoluter Laie und verstehe nicht viel davon):
"Fehlermeldung: RunDLL Problem beim starten von C:\ Program Files (x86) \ Home Tab \ TBUpdater.dll Das angegebene Modul wurde nicht gefunden"
Was heisst das?
Danke

schrauber · 14.10.2013, 19:36

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

pclaie1234 · 14.10.2013, 20:29

Kurze Frage: ist das ein Virus?
1. Frst
FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013
Ran by Christian (administrator) on IDEA-PC on 14-10-2013 21:04:13
Running from C:\Users\Christian\Downloads
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\PROGRA~2\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(AMD) C:\WINDOWS\system32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AMD) C:\WINDOWS\system32\atieclxx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
() C:\Windows\jmesoft\Service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\WINDOWS\system32\mfevtps.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\21.0.1.3\NAV.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.5.0.67\NST.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
(Symantec Corporation) C:\Program Files (x86)\Norton AntiVirus\Engine\21.0.1.3\NAV.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.5.0.67\NST.exe
(Abelssoft) C:\Program Files (x86)\CheckDrive\CheckDriveBackgroundGuard.exe
(WiseCleaner.com) C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe
() C:\Program Files (x86)\MAGIX\PC_Check_Tuning_Free_2011\MxTray.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Lenovo) C:\Windows\jmesoft\hotkey.exe
(McAfee, Inc.) C:\Program Files\mcafee.com\agent\mcagent.exe
() C:\Windows\jmesoft\JME_LOAD.exe
(CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13513288 2013-03-29] (Realtek Semiconductor)
HKCU\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-22] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [jmekey] - C:\WINDOWS\jmesoft\hotkey.exe [118784 2011-06-08] (Lenovo)
HKLM-x32\...\Run: [jmesoft] - C:\Windows\jmesoft\ServiceLoader.exe [28672 2011-03-15] ()
HKLM-x32\...\Run: [mcui_exe] - C:\Program Files\McAfee.com\Agent\mcagent.exe [1534504 2013-01-14] (McAfee, Inc.)
HKLM-x32\...\Run: [CLMLServer] - C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe [103720 2009-12-04] (CyberLink)
HKLM-x32\...\Run: [UpdateP2GoShortCut] - C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-06] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-08-30] (AVAST Software)
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2014\avgui.exe [4908592 2013-09-15] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [3830224 2013-05-16] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [Nikon Message Center 2] - C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [571392 2011-10-30] (Nikon Corporation)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
Startup: C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:newtab
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:newtab
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {EE761429-238D-45CB-A848-27454E46728A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
SearchScopes: HKLM-x32 - URL hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=4.4&ts=1380949380413&tguid=66920-6787-1380949380413-B55EF7C333C7B8C5C6707C006885F0A8&q={searchTerms}
SearchScopes: HKLM-x32 - SuggestionsURL_JSON hxxp://api.widdit.com/suggestions/?format=ffplugin&ua=ie&src=addon&si=66920&gid=1&dbCode=1&command={searchTerms}
SearchScopes: HKLM-x32 - TopResultURLFallback hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=4.4&ts=1380949380413&tguid=66920-6787-1380949380413-B55EF7C333C7B8C5C6707C006885F0A8&q={searchTerms}
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=4.4&ts=1380949380413&tguid=66920-6787-1380949380413-B55EF7C333C7B8C5C6707C006885F0A8&q={searchTerms}
SearchScopes: HKLM-x32 - {EE761429-238D-45CB-A848-27454E46728A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS
SearchScopes: HKCU - DefaultScope {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=horus
SearchScopes: HKCU - {12A6B336-6796-4E19-B718-A6248D6071E3} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYDE&apn_uid=50AD429B-C819-4E41-9EC0-08FA5C819F8A&apn_sauid=3FD37D85-8DA4-4CAA-A5E5-D176AE7124C6
SearchScopes: HKCU - {521AA566-1E2A-4412-A98D-629A798364DD} URL = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=ef72aa14-64a1-437c-a47d-6e1914628024&pid=dcu&mode=bounce&k=0
SearchScopes: HKCU - {58E86FE6-D1EC-4A15-B027-57275B7F1C6C} URL = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=ef72aa14-64a1-437c-a47d-6e1914628024&pid=dcu&mode=bounce&k=0
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=4.4&ts=1380949380413&tguid=66920-6787-1380949380413-B55EF7C333C7B8C5C6707C006885F0A8&q={searchTerms}
SearchScopes: HKCU - {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=horus
SearchScopes: HKCU - {B4715361-03A5-48BB-9368-0081F1690C87} URL = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=ef72aa14-64a1-437c-a47d-6e1914628024&pid=dcu&mode=bounce&k=0
SearchScopes: HKCU - {D3AF98E2-BDFF-4AE2-8A25-F7986809A042} URL = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=ef72aa14-64a1-437c-a47d-6e1914628024&pid=dcu&mode=bounce&k=0
SearchScopes: HKCU - {EE761429-238D-45CB-A848-27454E46728A} URL = 
SearchScopes: HKCU - {F72C50E8-1D11-4A53-9EC4-04B56B8AB34F} URL = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=ef72aa14-64a1-437c-a47d-6e1914628024&pid=dcu&mode=bounce&k=0
SearchScopes: HKCU - {F9FA512B-334B-42DA-8DA1-C0ACEA6D9DE5} URL = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=ef72aa14-64a1-437c-a47d-6e1914628024&pid=dcu&mode=bounce&k=0
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Browser Guard - {02a0d829-4393-46fc-a37e-126263035883} - C:\Program Files (x86)\Browser Guard\browserguard.dll (Browser Guard)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton AntiVirus\Engine\21.0.1.3\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Norton Identity Protection - {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.5.0.67\coIEPlg.dll (Symantec Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll (Yahoo! Inc)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.5.0.67\coIEPlg.dll (Symantec Corporation)
DPF: HKLM-x32 {4FF78044-96B4-4312-A5B7-FDA3CB328095} 
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\mcafee\msc\McSnIePl64.dll (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\msc\McSnIePl.dll (McAfee, Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\sk3qbysf.default
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 - c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @exent.com/npExentControl,version=7.1.0.1 - C:\Program Files (x86)\FreeRide Games\npExentControl.dll (Exent Technologies Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\WINDOWS\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 - c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Extension: No Name - C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\sk3qbysf.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_21.0.1.3\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NAV_21.0.1.3\IPSFF
FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.5.0.67\coFFPlgn\
FF Extension: Norton Identity Safe Toolbar - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.5.0.67\coFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK

Chrome: 
=======
CHR Extension: (Google Docs) - C:\Users\CHRIST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\CHRIST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (HomeTab) - C:\Users\CHRIST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\bddpogknpjlgfpbboediomaiiaecfajn\4.4_0
CHR Extension: (YouTube) - C:\Users\CHRIST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\CHRIST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Browser Guard) - C:\Users\CHRIST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfepagcelbegkpkcjgfeecmlnmkedjin\0.1_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\CHRIST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Norton Identity Protection) - C:\Users\CHRIST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nppllibpnmahfaklnpggkibhkapjkeob\2014.5.0.67_0
CHR Extension: (Gmail) - C:\Users\CHRIST~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [bddpogknpjlgfpbboediomaiiaecfajn] - C:\Program Files (x86)\HomeTab\chrome\HomeTab.crx
CHR HKLM-x32\...\Chrome\Extension: [kfepagcelbegkpkcjgfeecmlnmkedjin] - C:\Program Files (x86)\Browser Guard\browserguard.crx
CHR HKLM-x32\...\Chrome\Extension: [nppllibpnmahfaklnpggkibhkapjkeob] - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.5.0.67\Exts\Chrome.crx
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software)
R2 avgfws; C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [1358944 2013-09-25] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3538480 2013-10-03] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [301152 2013-09-22] (AVG Technologies CZ, s.r.o.)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2451456 2012-07-13] (Realsil Microelectronics Inc.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-17] (Intel Corporation)
R2 JME Keyboard; C:\Windows\jmesoft\Service.exe [32768 2011-03-15] ()
S2 MAGIX StartUp Analyze Service; C:\Program Files (x86)\MAGIX\PC_Check_Tuning_Free_2011\MXSAS.exe [186368 2010-11-04] (MAGIX AG)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McAWFwk; c:\PROGRA~1\mcafee\msc\mcawfwk.exe [332080 2012-01-26] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 mcmscsvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McNASvc; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [383608 2012-11-16] (McAfee, Inc.)
R2 McOobeSv; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\mcafee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [241456 2013-02-19] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [218760 2013-02-19] (McAfee, Inc.)
R2 mfevtp; C:\WINDOWS\system32\mfevtps.exe [182752 2013-02-19] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [201304 2012-08-31] (McAfee, Inc.)
R2 NAV; C:\Program Files (x86)\Norton AntiVirus\Engine\21.0.1.3\NAV.exe [262288 2013-08-31] (Symantec Corporation)
R2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.5.0.67\NST.exe [129424 2013-08-15] (Symantec Corporation)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
S2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
S2 SystemStoreService; C:\Program Files (x86)\SoftwareUpdater\SystemStore.exe [296448 2013-10-05] ()
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2402080 2013-01-31] (TuneUp Software)
R2 vToolbarUpdater15.4.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe [1616048 2013-07-30] (AVG Secure Search)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
S2 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [580232 2013-04-25] (WiseCleaner.com)

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-08-30] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [80816 2013-08-30] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-08-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-08-30] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-30] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-30] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-05-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [204880 2013-08-30] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [91648 2012-08-21] (Advanced Micro Devices)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [148792 2013-09-25] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\system32\DRIVERS\avgfwd6a.sys [57144 2013-09-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [241464 2013-09-02] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [192824 2013-09-02] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [212280 2013-09-02] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [294712 2013-09-02] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123704 2013-08-20] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31544 2013-09-08] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [252728 2013-07-30] (AVG Technologies CZ, s.r.o.)
R1 BHDrvx64; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.0.1.3\Definitions\BASHDefs\20130924.001\BHDrvx64.sys [1525848 2013-09-24] (Symantec Corporation)
R1 BHDrvx64; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.0.1.3\Definitions\BASHDefs\20130924.001\BHDrvx64.sys [1525848 2013-09-24] (Symantec Corporation)
R1 ccSet_NAV; C:\Windows\system32\drivers\NAVx64\1500010.003\ccSetx64.sys [150104 2013-07-30] (Symantec Corporation)
R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE05000.043\ccSetx64.sys [150104 2013-07-30] (Symantec Corporation)
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [70112 2013-02-19] (McAfee, Inc.)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-10-11] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-10-11] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [140376 2013-10-11] (Symantec Corporation)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [196440 2012-04-20] (McAfee, Inc.)
R1 IDSVia64; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.0.1.3\Definitions\IPSDefs\20131011.001\IDSvia64.sys [520280 2013-10-11] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.0.1.3\Definitions\IPSDefs\20131011.001\IDSvia64.sys [520280 2013-10-11] (Symantec Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 mfeapfk; C:\Windows\System32\drivers\mfeapfk.sys [179280 2013-02-19] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [309840 2013-02-19] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [69168 2013-02-19] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [515968 2013-02-19] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [771536 2013-02-19] (McAfee, Inc.)
S3 mferkdet; C:\Windows\System32\drivers\mferkdet.sys [106552 2013-02-19] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [340216 2013-02-19] (McAfee, Inc.)
R3 NAVENG; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.0.1.3\Definitions\VirusDefs\20131014.002\ENG64.SYS [126040 2013-10-11] (Symantec Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.0.1.3\Definitions\VirusDefs\20131014.002\ENG64.SYS [126040 2013-10-11] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.0.1.3\Definitions\VirusDefs\20131014.002\EX64.SYS [2099288 2013-10-11] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton AntiVirus\NortonData\21.0.1.3\Definitions\VirusDefs\20131014.002\EX64.SYS [2099288 2013-10-11] (Symantec Corporation)
R3 SRTSP; C:\Windows\system32\drivers\NAVx64\1500010.003\SRTSP64.SYS [854616 2013-07-31] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NAVx64\1500010.003\SRTSPX64.SYS [36952 2013-07-31] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NAVx64\1500010.003\SYMDS64.SYS [493656 2013-08-01] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NAVx64\1500010.003\SYMEFA64.SYS [1147480 2013-08-05] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NAVx64\1500010.003\SymELAM.sys [23568 2013-08-01] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-10-11] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NAVx64\1500010.003\Ironx64.SYS [264280 2013-07-31] (Symantec Corporation)
R1 SymNetS; C:\Windows\system32\drivers\NAVx64\1500010.003\SYMNETS.SYS [590424 2013-07-31] (Symantec Corporation)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-11-16] (TuneUp Software)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
R2 X5XSEx_Pr148; C:\Program Files (x86)\FreeRide Games\X5XSEx_Pr148.Sys [56136 2012-08-02] (Exent Technologies Ltd.)
R2 X5XSEx_Pr148; C:\Program Files (x86)\FreeRide Games\X5XSEx_Pr148.Sys [56136 2012-08-02] (Exent Technologies Ltd.)
R3 cpuz132; \??\C:\Users\CHRIST~1\AppData\Local\Temp\cpuz132\cpuz132_x64.sys [x]
U3 mfeavfk01; No ImagePath
U2 wuaserv; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-14 21:04 - 2013-10-14 21:04 - 00000000 ____D C:\FRST
2013-10-14 21:02 - 2013-10-14 21:02 - 01954124 _____ (Farbar) C:\Users\Christian\Downloads\FRST64.exe
2013-10-14 21:00 - 2013-10-14 21:00 - 00753504 _____ C:\Users\Christian\Downloads\ZipExtractorSetup(1).exe
2013-10-14 21:00 - 2013-10-14 21:00 - 00001118 _____ C:\Users\Christian\Desktop\Continue Zip Extractor Installation.lnk
2013-10-14 20:59 - 2013-10-14 20:59 - 01087213 _____ (Farbar) C:\Users\Christian\Downloads\FRST.exe
2013-10-14 20:59 - 2013-10-14 20:59 - 00753504 _____ C:\Users\Christian\Downloads\ZipExtractorSetup.exe
2013-10-13 11:34 - 2013-10-13 15:29 - 00000000 ____D C:\Users\Christian\Desktop\Bilder
2013-10-13 00:27 - 2013-08-10 07:21 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2013-10-13 00:27 - 2013-08-10 07:21 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncInfo.dll
2013-10-13 00:27 - 2013-08-10 05:58 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2013-10-13 00:27 - 2013-08-03 08:40 - 01374208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdc.dll
2013-10-13 00:27 - 2013-08-03 08:40 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wvc.dll
2013-10-13 00:27 - 2013-08-03 08:40 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmon.ocx
2013-10-13 00:27 - 2013-08-03 07:14 - 00399360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sysmon.ocx
2013-10-13 00:27 - 2013-08-03 07:13 - 01245696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdc.dll
2013-10-13 00:27 - 2013-08-03 07:13 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wvc.dll
2013-10-13 00:27 - 2013-08-02 08:28 - 19758080 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2013-10-13 00:27 - 2013-08-02 08:28 - 10116608 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2013-10-13 00:27 - 2013-08-02 08:28 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2013-10-13 00:27 - 2013-08-02 08:26 - 02304512 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2013-10-13 00:27 - 2013-08-02 07:08 - 17561088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2013-10-13 00:27 - 2013-08-02 07:08 - 08858112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2013-10-13 00:27 - 2013-08-02 07:08 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll
2013-10-13 00:27 - 2013-08-02 07:06 - 02035712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2013-10-13 00:27 - 2013-08-01 12:41 - 02233688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2013-10-13 00:27 - 2013-07-31 01:30 - 00386923 _____ C:\WINDOWS\system32\ApnDatabase.xml
2013-10-13 00:27 - 2013-07-25 01:10 - 00158208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2013-10-13 00:27 - 2013-07-25 01:06 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2013-10-13 00:27 - 2013-04-10 01:17 - 01125888 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2013-10-13 00:27 - 2013-04-10 00:29 - 00893952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2013-10-12 18:56 - 2013-10-14 20:57 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-10-12 18:56 - 2013-10-12 18:56 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2013-10-12 18:56 - 2013-10-12 18:56 - 00000000 ____D C:\Users\Christian\AppData\Local\Macromedia
2013-10-12 18:55 - 2013-10-12 18:55 - 17813896 _____ (Adobe Systems Incorporated) C:\Users\Christian\Downloads\install_flash_player_11_plugin.exe
2013-10-12 18:51 - 2013-10-12 18:51 - 00000000 ____D C:\Users\Christian\AppData\Local\Adobe
2013-10-12 18:31 - 2013-10-12 18:31 - 00281640 _____ (Mozilla) C:\Users\Christian\Downloads\Firefox Setup Stub 24.0(2).exe
2013-10-12 00:47 - 2013-10-12 00:47 - 00281896 _____ (Mozilla) C:\Users\Christian\Downloads\Firefox Setup Stub 24.0(1).exe
2013-10-12 00:45 - 2013-10-12 00:45 - 00281896 _____ (Mozilla) C:\Users\Christian\Downloads\Firefox Setup Stub 24.0.exe
2013-10-12 00:19 - 2013-10-12 00:21 - 00000000 ____D C:\Users\Christian\AppData\Local\Mozilla
2013-10-12 00:19 - 2013-10-12 00:19 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Mozilla
2013-10-12 00:18 - 2013-10-13 19:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-12 00:18 - 2013-10-12 18:34 - 00001158 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-10-12 00:18 - 2013-10-12 00:18 - 00000000 ____D C:\ProgramData\Mozilla
2013-10-11 23:19 - 2013-10-11 23:19 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton AntiVirus
2013-10-11 23:17 - 2013-10-14 19:56 - 00000000 ____D C:\WINDOWS\system32\Drivers\NAVx64
2013-10-11 23:17 - 2013-10-11 23:18 - 00000000 ____D C:\Program Files (x86)\Norton Identity Safe
2013-10-11 23:17 - 2013-10-11 23:17 - 00177752 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
2013-10-11 23:17 - 2013-10-11 23:17 - 00008222 _____ C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT
2013-10-11 23:17 - 2013-10-11 23:17 - 00003216 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration
2013-10-11 23:17 - 2013-10-11 23:17 - 00002471 _____ C:\Users\Public\Desktop\Norton AntiVirus.lnk
2013-10-11 23:17 - 2013-10-11 23:17 - 00000000 ____D C:\WINDOWS\system32\Drivers\NSTx64
2013-10-11 23:17 - 2013-10-11 23:17 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2013-10-11 23:17 - 2013-10-11 23:17 - 00000000 ____D C:\Program Files (x86)\Norton AntiVirus
2013-10-11 23:13 - 2013-10-11 23:15 - 200399456 _____ (Symantec Corporation) C:\Users\Christian\Downloads\NAV-TW-21-0-0-GE.exe
2013-10-10 22:39 - 2013-10-14 19:31 - 00034804 _____ C:\WINDOWS\PFRO.log
2013-10-10 20:06 - 2013-10-14 20:52 - 00702551 _____ C:\WINDOWS\WindowsUpdate.log
2013-10-10 20:06 - 2013-10-14 20:41 - 00000446 _____ C:\WINDOWS\Tasks\Wise Care 365.job
2013-10-10 20:06 - 2013-10-10 22:39 - 00000426 _____ C:\WINDOWS\Tasks\Wise Turbo Checker.job
2013-10-10 20:06 - 2013-10-10 20:06 - 00003228 _____ C:\WINDOWS\System32\Tasks\Wise Turbo Checker
2013-10-10 20:06 - 2013-10-10 20:06 - 00002860 _____ C:\WINDOWS\System32\Tasks\Wise Care 365
2013-10-10 20:04 - 2013-10-14 20:55 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Wise Care 365
2013-10-10 06:40 - 2013-10-10 06:41 - 00307728 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-10-10 06:19 - 2013-10-10 06:19 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2013-10-10 06:19 - 2013-10-10 06:19 - 00000000 ____D C:\Program Files\Realtek
2013-10-10 06:19 - 2013-03-29 21:42 - 03379272 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2013-10-10 06:19 - 2013-03-29 18:04 - 21170176 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2013-10-10 06:19 - 2013-03-29 17:52 - 00914992 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
2013-10-10 06:19 - 2013-03-29 17:10 - 00449481 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2013-10-10 06:19 - 2013-03-27 16:57 - 00135240 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2013-10-10 06:19 - 2013-03-26 17:06 - 02797128 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2013-10-10 06:19 - 2013-03-26 15:40 - 03693128 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkAPO64.dll
2013-10-10 06:19 - 2013-03-26 14:38 - 01659464 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2013-10-10 06:19 - 2013-03-25 17:32 - 03180264 _____ C:\WINDOWS\system32\Drivers\rtvienna.dat
2013-10-10 06:19 - 2013-03-20 13:17 - 09123608 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioVnA64.dll
2013-10-10 06:19 - 2013-03-20 13:16 - 02102040 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\WavesGUILib64.dll
2013-10-10 06:19 - 2013-03-20 13:16 - 01900312 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRealtek264.dll
2013-10-10 06:19 - 2013-03-20 13:16 - 00910104 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPOShell64.dll
2013-10-10 06:19 - 2013-03-15 19:34 - 04957976 _____ (A-volute) C:\WINDOWS\system32\RTKSMlfx.dll
2013-10-10 06:19 - 2013-03-15 19:33 - 00887640 _____ (A-Volute) C:\WINDOWS\system32\RTKSMSettingsIPC.dll
2013-10-10 06:19 - 2013-03-12 18:16 - 00613448 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2013-10-10 06:19 - 2013-03-08 12:51 - 00904752 _____ (Sony Corporation) C:\WINDOWS\system32\MISS_APO.dll
2013-10-10 06:19 - 2013-02-28 13:10 - 14021912 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRealtek64.dll
2013-10-10 06:19 - 2013-02-28 13:10 - 02032408 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioEQ64.dll
2013-10-10 06:19 - 2013-02-27 05:37 - 00823072 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\slcnt64.dll
2013-10-10 06:19 - 2013-02-27 05:37 - 00633632 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\sltech64.dll
2013-10-10 06:19 - 2013-02-27 05:37 - 00517408 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2013-10-10 06:19 - 2013-02-27 05:37 - 00213792 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
2013-10-10 06:19 - 2013-02-21 17:26 - 00858032 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tossaeapo64.dll
2013-10-10 06:19 - 2013-02-21 17:26 - 00148912 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\toseaeapo64.dll
2013-10-10 06:19 - 2013-02-21 17:25 - 00569256 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosasfapo64.dll
2013-10-10 06:19 - 2013-02-20 18:55 - 01284680 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2013-10-10 06:19 - 2013-02-19 18:52 - 00991816 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2013-10-10 06:19 - 2013-01-17 19:32 - 00719640 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO5064.dll
2013-10-10 06:19 - 2012-12-12 11:17 - 00395208 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO30.dll
2013-10-10 06:19 - 2012-09-10 20:06 - 00612728 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO4064.dll
2013-10-10 06:19 - 2012-08-31 19:18 - 07164176 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2013-10-10 06:19 - 2012-08-31 19:17 - 00434960 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2013-10-10 06:19 - 2012-08-31 19:17 - 00141584 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2013-10-10 06:19 - 2012-08-31 19:17 - 00124176 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2013-10-10 06:19 - 2012-08-31 19:17 - 00075024 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2013-10-10 06:19 - 2012-07-15 21:13 - 00394616 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVolumeSDAPO.dll
2013-10-10 06:19 - 2012-01-30 11:43 - 00836544 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo264.dll
2013-10-10 06:19 - 2012-01-10 10:20 - 00065944 _____ (TOSHIBA CORPORATION.) C:\WINDOWS\system32\tepeqapo64.dll
2013-10-10 06:19 - 2011-12-20 15:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2013-10-10 06:19 - 2011-11-22 16:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2013-10-10 06:19 - 2011-09-02 14:21 - 00221024 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll
2013-10-10 06:19 - 2011-09-02 14:21 - 00081248 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll
2013-10-10 06:19 - 2011-09-02 14:21 - 00078688 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll
2013-10-10 06:19 - 2011-08-23 17:00 - 00603984 _____ (Knowles Acoustics ) C:\WINDOWS\system32\KAAPORT64.dll
2013-10-10 06:19 - 2011-03-17 12:17 - 01361336 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosade.dll
2013-10-10 06:19 - 2011-03-07 17:11 - 00148416 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo.dll
2013-10-10 06:19 - 2010-11-08 07:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2013-10-10 06:19 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2013-10-10 06:19 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2013-10-10 06:19 - 2010-11-08 07:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2013-10-10 06:19 - 2010-11-08 07:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2013-10-10 06:19 - 2010-11-08 07:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2013-10-10 06:19 - 2010-11-03 18:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2013-10-10 06:19 - 2010-09-27 09:34 - 00318808 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO20.dll
2013-10-10 06:19 - 2010-07-22 16:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll
2013-10-10 06:19 - 2009-11-24 09:55 - 00518896 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2013-10-10 06:19 - 2009-11-24 09:55 - 00211184 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2013-10-10 06:19 - 2009-11-24 09:55 - 00198896 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2013-10-10 06:19 - 2009-11-24 09:55 - 00155888 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2013-10-10 06:18 - 2013-03-26 17:04 - 02734624 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll
2013-10-10 06:18 - 2013-03-23 03:43 - 00208072 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll
2013-10-10 06:18 - 2012-10-02 14:41 - 00501192 _____ (DTS) C:\WINDOWS\system32\DTSU2PLFX64.dll
2013-10-10 06:18 - 2012-10-02 14:41 - 00487368 _____ (DTS) C:\WINDOWS\system32\DTSU2PGFX64.dll
2013-10-10 06:18 - 2012-10-02 14:41 - 00415688 _____ (DTS) C:\WINDOWS\system32\DTSU2PREC64.dll
2013-10-10 06:18 - 2012-06-20 17:26 - 00110592 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2013-10-10 06:18 - 2012-03-08 11:47 - 00108640 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll
2013-10-10 06:18 - 2011-05-31 09:42 - 01756264 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2013-10-10 06:18 - 2011-05-31 09:42 - 01568360 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2013-10-10 06:18 - 2011-05-31 09:42 - 01486952 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
2013-10-10 06:18 - 2011-05-31 09:42 - 00728680 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2013-10-10 06:18 - 2011-05-31 09:42 - 00712296 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2013-10-10 06:18 - 2011-05-31 09:42 - 00693352 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2013-10-10 06:18 - 2011-05-31 09:42 - 00491112 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2013-10-10 06:18 - 2011-05-31 09:42 - 00432744 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
2013-10-10 06:18 - 2011-05-31 09:42 - 00428648 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2013-10-10 06:18 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
2013-10-10 06:18 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
2013-10-10 06:18 - 2011-05-31 09:42 - 00241768 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
2013-10-08 22:06 - 2013-10-08 22:06 - 00000000 ____D C:\Users\Christian\AppData\Roaming\AVG2014
2013-10-08 22:05 - 2013-10-08 22:05 - 00000895 _____ C:\Users\Public\Desktop\AVG 2014.lnk
2013-10-08 22:01 - 2013-10-08 22:06 - 00000000 ____D C:\ProgramData\AVG2014
2013-10-08 20:01 - 2013-09-23 01:28 - 01767936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2013-10-08 20:01 - 2013-09-23 01:28 - 01141248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2013-10-08 20:01 - 2013-09-23 01:27 - 13761024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2013-10-08 20:01 - 2013-09-23 01:27 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2013-10-08 20:01 - 2013-09-23 00:55 - 02241024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2013-10-08 20:01 - 2013-09-23 00:55 - 01365504 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2013-10-08 20:01 - 2013-09-23 00:55 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2013-10-08 20:01 - 2013-09-23 00:54 - 19252224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-10-08 20:01 - 2013-09-23 00:54 - 15404544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-10-08 20:01 - 2013-09-23 00:54 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2013-10-08 20:01 - 2013-09-23 00:54 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2013-10-08 20:01 - 2013-07-06 02:15 - 00652288 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2013-10-08 20:01 - 2013-07-04 04:13 - 00541696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2013-10-08 20:01 - 2013-05-16 00:37 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2013-10-08 20:01 - 2013-05-16 00:35 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2013-10-08 20:01 - 2013-05-14 15:14 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2013-10-08 20:01 - 2013-05-14 11:23 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2013-10-08 20:01 - 2013-04-29 00:28 - 00915968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2013-10-08 20:01 - 2013-02-21 12:29 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2013-10-08 20:01 - 2013-02-21 12:29 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2013-10-08 20:01 - 2013-02-21 12:29 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2013-10-08 20:01 - 2013-02-21 12:29 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2013-10-08 20:01 - 2013-02-21 12:14 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2013-10-08 20:01 - 2013-02-21 12:14 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2013-10-08 20:01 - 2013-02-19 11:53 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2013-10-08 20:01 - 2012-11-08 06:20 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2013-10-08 20:01 - 2012-11-08 06:20 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2013-10-08 20:00 - 2013-09-23 01:27 - 14335488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2013-10-08 20:00 - 2013-09-23 01:27 - 02876928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2013-10-08 20:00 - 2013-09-23 01:27 - 02048512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2013-10-08 20:00 - 2013-09-23 01:27 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2013-10-08 20:00 - 2013-09-23 00:54 - 03959296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2013-10-08 20:00 - 2013-09-23 00:54 - 02647552 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2013-10-08 20:00 - 2013-08-23 07:11 - 04040192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2013-10-08 20:00 - 2013-07-20 00:13 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2013-10-08 20:00 - 2013-07-20 00:13 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2013-10-08 20:00 - 2013-07-06 00:02 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbcir.sys
2013-10-08 20:00 - 2013-07-06 00:01 - 00210560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys
2013-10-08 20:00 - 2013-07-02 03:41 - 00447320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2013-10-08 20:00 - 2013-07-02 03:41 - 00337752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2013-10-08 20:00 - 2013-07-02 03:41 - 00213336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UCX01000.SYS
2013-10-08 20:00 - 2013-07-02 00:14 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbprint.sys
2013-10-08 20:00 - 2013-07-01 03:42 - 00623448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2013-10-08 20:00 - 2013-07-01 03:42 - 00498008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2013-10-08 20:00 - 2013-07-01 03:42 - 00079192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2013-10-08 20:00 - 2013-07-01 03:42 - 00021848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2013-10-08 20:00 - 2013-06-29 05:08 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2013-10-08 20:00 - 2013-06-29 05:07 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2013-10-08 20:00 - 2013-06-29 05:07 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys
2013-10-08 20:00 - 2013-06-29 05:06 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2013-10-08 20:00 - 2013-06-22 07:45 - 00785624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys
2013-10-08 20:00 - 2013-06-22 07:45 - 00054488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdfLdr.sys
2013-10-08 20:00 - 2013-05-27 01:17 - 00035328 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2013-10-08 20:00 - 2013-05-27 00:59 - 00046080 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2013-10-08 20:00 - 2013-05-25 05:15 - 00362496 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2013-10-08 20:00 - 2013-05-25 04:32 - 00300032 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2013-10-08 19:58 - 2013-10-10 22:23 - 00000000 ____D C:\Users\Christian\AppData\Local\Avg2014
2013-10-05 07:36 - 2013-10-05 07:37 - 81595409 _____ C:\Users\Christian\Downloads\64bit_Vista_Win7_Win8_R271.zip
2013-10-05 07:05 - 2013-10-05 07:05 - 00003678 _____ C:\WINDOWS\System32\Tasks\Freemium1ClickMaint
2013-10-05 07:05 - 2013-10-05 07:05 - 00000000 ____D C:\Users\Christian\AppData\Local\Freemium
2013-10-05 07:03 - 2013-10-14 19:36 - 00004178 _____ C:\WINDOWS\System32\Tasks\Software Updater Ui
2013-10-05 07:03 - 2013-10-12 00:09 - 00000000 ____D C:\Users\Christian\AppData\Roaming\HomeTab
2013-10-05 07:03 - 2013-10-12 00:06 - 00000000 ____D C:\Users\Christian\AppData\Roaming\SimplyTech
2013-10-05 07:03 - 2013-10-11 23:57 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Windows Net Data
2013-10-05 07:03 - 2013-10-05 07:03 - 00000000 ____D C:\WINDOWS\System32\Tasks\ProtectedSearch
2013-10-05 07:03 - 2013-10-05 07:03 - 00000000 ____D C:\WINDOWS\System32\Tasks\Browser Updater
2013-10-05 07:03 - 2013-08-13 08:38 - 00032328 _____ C:\WINDOWS\Launcher.exe
2013-10-05 07:02 - 2013-10-14 19:36 - 00004208 _____ C:\WINDOWS\System32\Tasks\Software Updater
2013-10-05 07:02 - 2013-10-05 07:03 - 00000000 ____D C:\Program Files (x86)\SoftwareUpdater
2013-10-05 07:02 - 2013-10-05 07:02 - 00002563 _____ C:\Users\Public\Desktop\Free System Utilities.lnk
2013-10-05 07:02 - 2013-10-05 07:02 - 00000000 ____D C:\ProgramData\Package Cache
2013-10-05 07:02 - 2013-10-05 07:02 - 00000000 ____D C:\ProgramData\FreeSystemUtilities
2013-10-05 07:02 - 2013-10-05 07:02 - 00000000 ____D C:\Program Files (x86)\Covus Freemium
2013-10-05 07:02 - 2013-10-05 07:02 - 00000000 ____D C:\Program Files (x86)\Browser Guard
2013-10-05 07:01 - 2013-10-05 07:01 - 00444408 _____ C:\Users\Christian\Downloads\free-system-utilities-DE.exe
2013-10-05 07:01 - 2013-10-05 07:01 - 00444408 _____ C:\Users\Christian\Downloads\free-system-utilities-DE (1).exe
2013-10-05 07:01 - 2013-10-05 07:01 - 00000000 ____D C:\Users\Christian\AppData\Local\DownloadGuide
2013-09-30 20:34 - 2013-09-30 20:34 - 17785666 _____ C:\Users\Christian\Downloads\DSCN2048[1].MOV
2013-09-29 13:32 - 2013-09-29 13:32 - 08489856 _____ C:\Users\Christian\Downloads\DSCN2047.MOV
2013-09-29 13:25 - 2013-09-18 01:44 - 08489856 ____N C:\Users\Christian\Desktop\DSCN2047.MOV
2013-09-28 09:50 - 2013-09-28 09:50 - 02158760 _____ (WiseCleaner.com                                             ) C:\Users\Christian\Downloads\WRCFree_7.85.exe
2013-09-25 21:07 - 2013-09-25 21:07 - 00148792 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgdiska.sys

==================== One Month Modified Files and Folders =======

2013-10-14 21:04 - 2013-10-14 21:04 - 00000000 ____D C:\FRST
2013-10-14 21:02 - 2013-10-14 21:02 - 01954124 _____ (Farbar) C:\Users\Christian\Downloads\FRST64.exe
2013-10-14 21:02 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\system32\sru
2013-10-14 21:00 - 2013-10-14 21:00 - 00753504 _____ C:\Users\Christian\Downloads\ZipExtractorSetup(1).exe
2013-10-14 21:00 - 2013-10-14 21:00 - 00001118 _____ C:\Users\Christian\Desktop\Continue Zip Extractor Installation.lnk
2013-10-14 20:59 - 2013-10-14 20:59 - 01087213 _____ (Farbar) C:\Users\Christian\Downloads\FRST.exe
2013-10-14 20:59 - 2013-10-14 20:59 - 00753504 _____ C:\Users\Christian\Downloads\ZipExtractorSetup.exe
2013-10-14 20:57 - 2013-10-12 18:56 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-10-14 20:55 - 2013-10-10 20:04 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Wise Care 365
2013-10-14 20:52 - 2013-10-10 20:06 - 00702551 _____ C:\WINDOWS\WindowsUpdate.log
2013-10-14 20:51 - 2013-02-17 03:51 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-408194697-961748500-2297062718-1001
2013-10-14 20:41 - 2013-10-10 20:06 - 00000446 _____ C:\WINDOWS\Tasks\Wise Care 365.job
2013-10-14 20:41 - 2013-08-16 16:29 - 00000916 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-14 20:41 - 2013-07-27 22:30 - 00000360 _____ C:\WINDOWS\Tasks\spmonitor.job
2013-10-14 20:41 - 2013-06-06 20:35 - 00000464 _____ C:\WINDOWS\Tasks\PCCT - MAGIX AG.job
2013-10-14 20:41 - 2013-04-21 18:37 - 00000312 _____ C:\WINDOWS\Tasks\CheckDriveBackgroundGuard.job
2013-10-14 20:40 - 2012-07-26 09:22 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-10-14 20:14 - 2013-06-22 00:18 - 00000000 ____D C:\ProgramData\MFAData
2013-10-14 19:56 - 2013-10-11 23:17 - 00000000 ____D C:\WINDOWS\system32\Drivers\NAVx64
2013-10-14 19:39 - 2013-08-16 16:29 - 00000920 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-14 19:37 - 2012-07-26 07:26 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM
2013-10-14 19:36 - 2013-10-05 07:03 - 00004178 _____ C:\WINDOWS\System32\Tasks\Software Updater Ui
2013-10-14 19:36 - 2013-10-05 07:02 - 00004208 _____ C:\WINDOWS\System32\Tasks\Software Updater
2013-10-14 19:31 - 2013-10-10 22:39 - 00034804 _____ C:\WINDOWS\PFRO.log
2013-10-14 19:21 - 2012-11-14 17:17 - 00001758 _____ C:\Users\Public\Desktop\McAfee Internet Security.lnk
2013-10-13 20:01 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\rescache
2013-10-13 19:56 - 2012-11-14 17:09 - 00000000 ____D C:\WINDOWS\jmesoft
2013-10-13 19:32 - 2013-02-17 03:45 - 00000000 ___RD C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-13 19:32 - 2013-02-17 03:45 - 00000000 ___RD C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-10-13 19:29 - 2013-10-12 00:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-13 19:29 - 2013-03-10 13:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-13 19:28 - 2012-07-26 07:26 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2013-10-13 19:25 - 2012-07-26 10:12 - 00000000 ___RD C:\WINDOWS\ToastData
2013-10-13 15:29 - 2013-10-13 11:34 - 00000000 ____D C:\Users\Christian\Desktop\Bilder
2013-10-13 15:07 - 2013-03-09 17:27 - 00004182 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2013-10-13 13:13 - 2012-07-26 10:12 - 00000000 ____D C:\WINDOWS\AUInstallAgent
2013-10-13 11:27 - 2013-09-07 14:38 - 00007680 _____ C:\Users\Christian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-10-12 18:56 - 2013-10-12 18:56 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2013-10-12 18:56 - 2013-10-12 18:56 - 00000000 ____D C:\Users\Christian\AppData\Local\Macromedia
2013-10-12 18:55 - 2013-10-12 18:55 - 17813896 _____ (Adobe Systems Incorporated) C:\Users\Christian\Downloads\install_flash_player_11_plugin.exe
2013-10-12 18:51 - 2013-10-12 18:51 - 00000000 ____D C:\Users\Christian\AppData\Local\Adobe
2013-10-12 18:34 - 2013-10-12 00:18 - 00001158 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-10-12 18:31 - 2013-10-12 18:31 - 00281640 _____ (Mozilla) C:\Users\Christian\Downloads\Firefox Setup Stub 24.0(2).exe
2013-10-12 00:47 - 2013-10-12 00:47 - 00281896 _____ (Mozilla) C:\Users\Christian\Downloads\Firefox Setup Stub 24.0(1).exe
2013-10-12 00:45 - 2013-10-12 00:45 - 00281896 _____ (Mozilla) C:\Users\Christian\Downloads\Firefox Setup Stub 24.0.exe
2013-10-12 00:21 - 2013-10-12 00:19 - 00000000 ____D C:\Users\Christian\AppData\Local\Mozilla
2013-10-12 00:19 - 2013-10-12 00:19 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Mozilla
2013-10-12 00:18 - 2013-10-12 00:18 - 00000000 ____D C:\ProgramData\Mozilla
2013-10-12 00:09 - 2013-10-05 07:03 - 00000000 ____D C:\Users\Christian\AppData\Roaming\HomeTab
2013-10-12 00:06 - 2013-10-05 07:03 - 00000000 ____D C:\Users\Christian\AppData\Roaming\SimplyTech
2013-10-12 00:06 - 2013-04-20 19:15 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Systweak
2013-10-11 23:58 - 2013-02-23 10:02 - 00000000 ____D C:\Program Files (x86)\Google
2013-10-11 23:57 - 2013-10-05 07:03 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Windows Net Data
2013-10-11 23:19 - 2013-10-11 23:19 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton AntiVirus
2013-10-11 23:18 - 2013-10-11 23:17 - 00000000 ____D C:\Program Files (x86)\Norton Identity Safe
2013-10-11 23:17 - 2013-10-11 23:17 - 00177752 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
2013-10-11 23:17 - 2013-10-11 23:17 - 00008222 _____ C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT
2013-10-11 23:17 - 2013-10-11 23:17 - 00003216 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration
2013-10-11 23:17 - 2013-10-11 23:17 - 00002471 _____ C:\Users\Public\Desktop\Norton AntiVirus.lnk
2013-10-11 23:17 - 2013-10-11 23:17 - 00000000 ____D C:\WINDOWS\system32\Drivers\NSTx64
2013-10-11 23:17 - 2013-10-11 23:17 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2013-10-11 23:17 - 2013-10-11 23:17 - 00000000 ____D C:\Program Files (x86)\Norton AntiVirus
2013-10-11 23:17 - 2013-06-27 19:52 - 00000000 ____D C:\ProgramData\Norton
2013-10-11 23:17 - 2012-07-26 10:12 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2013-10-11 23:15 - 2013-10-11 23:13 - 200399456 _____ (Symantec Corporation) C:\Users\Christian\Downloads\NAV-TW-21-0-0-GE.exe
2013-10-10 22:39 - 2013-10-10 20:06 - 00000426 _____ C:\WINDOWS\Tasks\Wise Turbo Checker.job
2013-10-10 22:23 - 2013-10-08 19:58 - 00000000 ____D C:\Users\Christian\AppData\Local\Avg2014
2013-10-10 20:06 - 2013-10-10 20:06 - 00003228 _____ C:\WINDOWS\System32\Tasks\Wise Turbo Checker
2013-10-10 20:06 - 2013-10-10 20:06 - 00002860 _____ C:\WINDOWS\System32\Tasks\Wise Care 365
2013-10-10 20:05 - 2013-07-26 22:15 - 00000000 ____D C:\Users\Christian\AppData\Local\CrashDumps
2013-10-10 20:05 - 2012-08-01 18:50 - 00000000 ____D C:\WINDOWS\Panther
2013-10-10 19:34 - 2013-08-16 16:29 - 00003892 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-10 19:34 - 2013-08-16 16:29 - 00003656 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-10 19:12 - 2013-07-08 18:35 - 00001060 _____ C:\WINDOWS\SysWOW64\userawacs.cfg
2013-10-10 19:12 - 2013-07-08 18:34 - 00000170 _____ C:\WINDOWS\SysWOW64\usergui.cfg
2013-10-10 19:11 - 2013-06-22 00:20 - 00000000 ___HD C:\$AVG
2013-10-10 06:41 - 2013-10-10 06:40 - 00307728 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-10-10 06:19 - 2013-10-10 06:19 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2013-10-10 06:19 - 2013-10-10 06:19 - 00000000 ____D C:\Program Files\Realtek
2013-10-10 06:18 - 2012-11-14 17:08 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-10-10 06:15 - 2013-06-22 00:20 - 00000000 ____D C:\Program Files (x86)\AVG
2013-10-08 22:06 - 2013-10-08 22:06 - 00000000 ____D C:\Users\Christian\AppData\Roaming\AVG2014
2013-10-08 22:06 - 2013-10-08 22:01 - 00000000 ____D C:\ProgramData\AVG2014
2013-10-08 22:06 - 2013-06-22 00:20 - 00000000 ____D C:\ProgramData\AVG2013
2013-10-08 22:05 - 2013-10-08 22:05 - 00000895 _____ C:\Users\Public\Desktop\AVG 2014.lnk
2013-10-08 21:10 - 2013-07-25 21:54 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-10-08 21:08 - 2013-02-22 21:58 - 80541720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-10-05 13:12 - 2013-02-23 10:02 - 00000000 ____D C:\Users\Christian\AppData\Local\Google
2013-10-05 07:38 - 2012-11-14 17:08 - 00000000 ____D C:\Program Files (x86)\Realtek
2013-10-05 07:37 - 2013-10-05 07:36 - 81595409 _____ C:\Users\Christian\Downloads\64bit_Vista_Win7_Win8_R271.zip
2013-10-05 07:14 - 2013-03-10 21:31 - 00000000 ____D C:\WINDOWS\Minidump
2013-10-05 07:05 - 2013-10-05 07:05 - 00003678 _____ C:\WINDOWS\System32\Tasks\Freemium1ClickMaint
2013-10-05 07:05 - 2013-10-05 07:05 - 00000000 ____D C:\Users\Christian\AppData\Local\Freemium
2013-10-05 07:03 - 2013-10-05 07:03 - 00000000 ____D C:\WINDOWS\System32\Tasks\ProtectedSearch
2013-10-05 07:03 - 2013-10-05 07:03 - 00000000 ____D C:\WINDOWS\System32\Tasks\Browser Updater
2013-10-05 07:03 - 2013-10-05 07:02 - 00000000 ____D C:\Program Files (x86)\SoftwareUpdater
2013-10-05 07:02 - 2013-10-05 07:02 - 00002563 _____ C:\Users\Public\Desktop\Free System Utilities.lnk
2013-10-05 07:02 - 2013-10-05 07:02 - 00000000 ____D C:\ProgramData\Package Cache
2013-10-05 07:02 - 2013-10-05 07:02 - 00000000 ____D C:\ProgramData\FreeSystemUtilities
2013-10-05 07:02 - 2013-10-05 07:02 - 00000000 ____D C:\Program Files (x86)\Covus Freemium
2013-10-05 07:02 - 2013-10-05 07:02 - 00000000 ____D C:\Program Files (x86)\Browser Guard
2013-10-05 07:01 - 2013-10-05 07:01 - 00444408 _____ C:\Users\Christian\Downloads\free-system-utilities-DE.exe
2013-10-05 07:01 - 2013-10-05 07:01 - 00444408 _____ C:\Users\Christian\Downloads\free-system-utilities-DE (1).exe
2013-10-05 07:01 - 2013-10-05 07:01 - 00000000 ____D C:\Users\Christian\AppData\Local\DownloadGuide
2013-10-02 03:38 - 2013-06-16 21:43 - 00694232 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2013-10-02 03:38 - 2013-06-16 21:43 - 00078296 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-30 20:34 - 2013-09-30 20:34 - 17785666 _____ C:\Users\Christian\Downloads\DSCN2048[1].MOV
2013-09-29 13:32 - 2013-09-29 13:32 - 08489856 _____ C:\Users\Christian\Downloads\DSCN2047.MOV
2013-09-28 09:51 - 2013-07-19 23:24 - 00001238 _____ C:\Users\Public\Desktop\Wise Registry Cleaner.lnk
2013-09-28 09:50 - 2013-09-28 09:50 - 02158760 _____ (WiseCleaner.com                                             ) C:\Users\Christian\Downloads\WRCFree_7.85.exe
2013-09-26 09:44 - 2012-09-04 10:39 - 00057144 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgfwd6a.sys
2013-09-25 21:07 - 2013-09-25 21:07 - 00148792 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgdiska.sys
2013-09-23 01:28 - 2013-10-08 20:01 - 01767936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2013-09-23 01:28 - 2013-10-08 20:01 - 01141248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2013-09-23 01:27 - 2013-10-08 20:01 - 13761024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2013-09-23 01:27 - 2013-10-08 20:01 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2013-09-23 01:27 - 2013-10-08 20:00 - 14335488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2013-09-23 01:27 - 2013-10-08 20:00 - 02876928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2013-09-23 01:27 - 2013-10-08 20:00 - 02048512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2013-09-23 01:27 - 2013-10-08 20:00 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2013-09-23 00:55 - 2013-10-08 20:01 - 02241024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2013-09-23 00:55 - 2013-10-08 20:01 - 01365504 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2013-09-23 00:55 - 2013-10-08 20:01 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2013-09-23 00:54 - 2013-10-08 20:01 - 19252224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2013-09-23 00:54 - 2013-10-08 20:01 - 15404544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2013-09-23 00:54 - 2013-10-08 20:01 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2013-09-23 00:54 - 2013-10-08 20:01 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2013-09-23 00:54 - 2013-10-08 20:00 - 03959296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2013-09-23 00:54 - 2013-10-08 20:00 - 02647552 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2013-09-18 01:44 - 2013-09-29 13:25 - 08489856 ____N C:\Users\Christian\Desktop\DSCN2047.MOV

Files to move or delete:
====================
C:\ProgramData\PKP_DLeo.DAT
C:\ProgramData\PKP_DLes.DAT
C:\ProgramData\PKP_DLet.DAT
C:\ProgramData\PKP_DLev.DAT
C:\Users\Public\AlexaNSISPlugin.11456.dll


Some content of TEMP:
====================
C:\Users\Christian\AppData\Local\Temp\fp_pl_pfs_installer-1.exe
C:\Users\Christian\AppData\Local\Temp\fp_pl_pfs_installer-2.exe
C:\Users\Christian\AppData\Local\Temp\fp_pl_pfs_installer-3.exe
C:\Users\Christian\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\Christian\AppData\Local\Temp\ICReinstall_ZipExtractorSetup.exe
C:\Users\Christian\AppData\Local\Temp\install_flashplayer11x32_mssd_aaa_aih.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-09 06:49

==================== End Of Log ============================

--- --- ---

2. Addition:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-10-2013
Ran by Christian at 2013-10-14 21:06:21
Running from C:\Users\Christian\Downloads
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: McAfee Anti-Virus und Anti-Spyware (Disabled - Up to date) {ADA629C7-7F48-5689-624A-3B76997E0892}
AV: AVG Internet Security 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: avast! Antivirus (Enabled - Up to date) {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton AntiVirus (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: McAfee Anti-Virus und Anti-Spyware (Disabled - Out of date) {16C7C823-5972-5907-58FA-0004E2F9422F}
AS: avast! Antivirus (Enabled - Up to date) {904CF271-6431-DA47-5FCE-A87D98DFB681}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: AVG Internet Security 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
AS: Norton AntiVirus (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: McAfee Firewall (Enabled) {959DA8E2-3527-57D1-4915-924367AD4FE9}
FW: AVG Internet Security 2014 (Enabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}

==================== Installed Programs ======================

Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
AMD Accelerated Video Transcoding (Version: 12.5.100.20821)
AMD APP SDK Runtime (Version: 10.0.938.2)
AMD Catalyst Install Manager (Version: 8.0.881.0)
Apple Application Support (x32 Version: 2.3.4)
Apple Software Update (x32 Version: 2.1.3.127)
avast! Free Antivirus (x32 Version: 8.0.1497.0)
AVG 2014 (Version: 14.0.3614)
AVG 2014 (Version: 14.0.4158)
AVG 2014 (Version: 2014.0.4158)
AVS Media Player 4.2.1.103 (x32 Version: 4.2.1.103)
AVS Video Converter 8 (x32 Version: 8.4.1.540)
Browser Guard (x32)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center (x32 Version: 2012.0821.2159.37544)
Catalyst Control Center InstallProxy (x32 Version: 2012.0821.2159.37544)
Catalyst Control Center Localization All (x32 Version: 2012.0821.2159.37544)
Catalyst Control Center Profiles Desktop (x32 Version: 2012.0821.2159.37544)
CCC Help Chinese Standard (x32 Version: 2012.0821.2158.37544)
CCC Help Chinese Traditional (x32 Version: 2012.0821.2158.37544)
CCC Help Czech (x32 Version: 2012.0821.2158.37544)
CCC Help Danish (x32 Version: 2012.0821.2158.37544)
CCC Help Dutch (x32 Version: 2012.0821.2158.37544)
CCC Help English (x32 Version: 2012.0821.2158.37544)
CCC Help Finnish (x32 Version: 2012.0821.2158.37544)
CCC Help French (x32 Version: 2012.0821.2158.37544)
CCC Help German (x32 Version: 2012.0821.2158.37544)
CCC Help Greek (x32 Version: 2012.0821.2158.37544)
CCC Help Hungarian (x32 Version: 2012.0821.2158.37544)
CCC Help Italian (x32 Version: 2012.0821.2158.37544)
CCC Help Japanese (x32 Version: 2012.0821.2158.37544)
CCC Help Korean (x32 Version: 2012.0821.2158.37544)
CCC Help Norwegian (x32 Version: 2012.0821.2158.37544)
CCC Help Polish (x32 Version: 2012.0821.2158.37544)
CCC Help Portuguese (x32 Version: 2012.0821.2158.37544)
CCC Help Russian (x32 Version: 2012.0821.2158.37544)
CCC Help Spanish (x32 Version: 2012.0821.2158.37544)
CCC Help Swedish (x32 Version: 2012.0821.2158.37544)
CCC Help Thai (x32 Version: 2012.0821.2158.37544)
CCC Help Turkish (x32 Version: 2012.0821.2158.37544)
ccc-utility64 (Version: 2012.0821.2159.37544)
CheckDrive (x32 Version: 4.4)
Driver & Application Installation (x32 Version: 6.12.0815)
Fotostory 3 für Windows (x32 Version: 3.0.1115.15)
Free System Utilities (x32 Version: 1.1.0.0)
Free SystemUtilities (x32 Version: 1.1.0.0)
FreeRide Games (x32 Version: 07.05.80.00)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0)
Google Toolbar for Internet Explorer (x32 Version: 7.5.4601.54)
Google Update Helper (x32 Version: 1.3.21.165)
Image Converter (x32 Version: 1.0.0)
Image Editor Packages (HKCU)
Intel AppUp(SM) center (x32 Version: 3.6.1.33057.10)
Intel(R) Management Engine Components (x32 Version: 8.1.0.1252)
Intel® Trusted Connect Service Client (Version: 1.24.388.1)
IrfanView (remove only) (x32 Version: 4.36)
Java 7 Update 25 (64-bit) (Version: 7.0.250)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.9.5)
Lenovo Blacksilk USB Keyboard Driver (x32 Version: V1.4.11.0608)
Lenovo Photos (x32)
Lenovo Power2Go (x32 Version: 6.0.6418)
Lenovo PowerDVD10 (x32 Version: 10.0.4126.52)
Lenovo Rescue System (Version: 4.0.0.0822)
Lenovo Rescue System (x32 Version: 4.0.0.0822)
MAGIX PC Check & Tuning Free 2011 (x32 Version: 6.0.403.1050)
MAGIX Screenshare (x32 Version: 4.3.6.1987)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
McAfee Internet Security (x32 Version: 11.6.477)
Microsoft Office (x32 Version: 14.0.6120.5004)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Mozilla Firefox 24.0 (x86 en-US) (x32 Version: 24.0)
Mozilla Maintenance Service (x32 Version: 24.0)
Nikon Message Center 2 (x32 Version: 2.1.0)
Nikon Movie Editor (x32 Version: 2.7.0)
Norton AntiVirus (x32 Version: 21.0.1.3)
Norton Identity Safe (x32 Version: 2014.5.0.67)
Open It! (x32 Version: 1.1.1)
OpenOffice.org 3.4.1 (x32 Version: 3.41.9593)
Picture Control Utility (x32 Version: 1.4.12)
Qtrax Player (HKCU)
QuickTime (x32 Version: 7.74.80.86)
Realtek Ethernet Controller Driver (x32 Version: 8.2.612.2012)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6873)
Realtek USB 2.0 Card Reader (x32 Version: 6.1.8400.39030)
Shared C Run-time for x64 (Version: 10.0.0)
Spybot - Search & Destroy (x32 Version: 2.1.19)
SugarSync Manager (x32 Version: 1.9.61.90905)
TuneUp Utilities 2013 (x32 Version: 13.0.3020.8)
TuneUp Utilities Language Pack (en-GB) (x32 Version: 13.0.3020.8)
ViewNX 2 (x32 Version: 2.7.6)
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)
Visual Studio 2012 x64 Redistributables (Version: 14.0.0.1)
Visual Studio 2012 x86 Redistributables (x32 Version: 14.0.0.1)
Windows Utils (x32)
Wise Care 365 version 2.66 (x32 Version: 2.66)
Wise Registry Cleaner 7.85 (x32 Version: 7.85)
Yahoo! Software Update (x32)
Yahoo! Toolbar (x32)
Zip Opener Packages (HKCU)
Zip Opener Packages 47 (HKCU)

==================== Restore Points =========================

24-09-2013 18:17:23 Windows Update
03-10-2013 07:04:35 Geplanter Prüfpunkt
05-10-2013 05:01:40 Free System Utilities
08-10-2013 19:03:40 Windows Update
13-10-2013 09:13:34 Windows Modules Installer

==================== Hosts content: ==========================

2012-07-26 07:26 - 2013-08-14 19:56 - 00447822 ____R C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 ²©²ÊÍ¨,²©²ÊÍø,½ð±¦²©188,²©²ÊÍ¨ÆÀ¼¶,°Ù¼ÒÀÖ,°ÂÃî°Ù¼ÒÀÖ
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 Welcome To 10Sek
127.0.0.1 1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 123haustiereundmehr.com
127.0.0.1 123moviedownload.com

There are 1000 more lines.

==================== Scheduled Tasks (whitelisted) =============

Task: {04B5ADB8-B8A3-4CA8-8772-AFB59EC38EA0} - System32\Tasks\EPUpdater => C:\Users\CHRIST~1\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe
Task: {06EF9AA3-7BE7-4300-B2EE-385C3D960004} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {10010060-2E95-46FC-B811-742F5C7F2B83} - System32\Tasks\CheckDriveBackgroundGuard => C:\Program Files (x86)\CheckDrive\CheckDriveBackgroundGuard.exe [2012-11-09] (Abelssoft)
Task: {13C93849-B3F1-4E1F-B916-5EF1C01363F2} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {28656982-D9B9-40E2-A4F9-8628DA1BFA92} - System32\Tasks\Wise Care 365 => C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe [2013-04-26] (WiseCleaner.com)
Task: {352CCBFF-BCB0-4718-9680-B434097E73E3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-16] (Google Inc.)
Task: {3BECAA2E-EEFF-46CD-8EF8-A1039FD0EDFA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {3D6870E6-E4CF-4B9C-84F6-3AD7418B6CCA} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-08-30] (AVAST Software)
Task: {441963F9-53CF-4E3E-AC26-95C2E82AAD28} - System32\Tasks\Norton AntiVirus\Norton Error Processor => C:\Program Files (x86)\Norton AntiVirus\Engine\21.0.1.3\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {44ED02F8-99B6-4309-8D3B-75931C9D80CD} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {4595C6A7-EBCA-462C-8EE2-4181F8640639} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe [2013-01-31] (TuneUp Software)
Task: {4616D314-EB70-4616-BE87-ABCFC314BE1E} - System32\Tasks\AdobeFlashPlayerUpdate 2 => C:\WINDOWS\SysWOW64\FlashPlayerUpdateService.exe
Task: {49D6F4A9-3B5D-4E00-90D4-8B0AFDAF8D79} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-16] (Google Inc.)
Task: {52FDDD49-7EF3-413A-81D9-0F694D070F10} - System32\Tasks\Freemium1ClickMaint => C:\Users\Christian\Downloads\1Click.exe
Task: {66D2D23D-029F-455B-9F2E-23980C639396} - System32\Tasks\Norton AntiVirus\Norton Error Analyzer => C:\Program Files (x86)\Norton AntiVirus\Engine\21.0.1.3\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {6A3E7B43-4F52-4C68-8DF6-0DF23266E0CD} - System32\Tasks\Norton Identity Safe\Norton Error Analyzer => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.5.0.67\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {718EC375-6260-41D2-9751-A26D12280A0D} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton AntiVirus\Engine\21.0.1.3\WSCStub.exe [2013-08-31] (Symantec Corporation)
Task: {80E27D1A-5F05-477E-A5B8-B832521BF60C} - System32\Tasks\DealPly => C:\Users\CHRIST~1\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.EXE
Task: {9268128A-542D-44C9-B1B7-5A696CC35282} - System32\Tasks\PCCT - MAGIX AG => C:\Program Files (x86)\MAGIX\PC_Check_Tuning_Free_2011\MxTray.exe [2010-11-08] ()
Task: {A0293B03-EFB8-4BB1-9A8E-789381227701} - System32\Tasks\QtraxPlayer => C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exe [2013-01-24] (Microsoft Corporation)
Task: {A65130B2-2256-462B-B41A-5D303240644D} - System32\Tasks\ProtectedSearch\Protected Search => C:\Program Files (x86)\HomeTab\ProtectedSearch.exe
Task: {A9067C80-06D4-43CB-8B10-AD47F3FB5EF3} - System32\Tasks\DealPlyUpdate => C:\Program
Task: {AD846A18-A330-4F67-A2A4-4FDB45747B11} - System32\Tasks\Software Updater Ui => C:\Program Files (x86)\SoftwareUpdater\SoftwareUpdater.Ui.exe [2013-10-05] ()
Task: {AD9A2952-CF51-4D28-8986-C82F66C2A544} - System32\Tasks\AdobeFlashPlayerUpdate => C:\WINDOWS\SysWOW64\FlashPlayerUpdateService.exe
Task: {BCEBF9E3-D931-48DB-8245-CD5504A82369} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\WINDOWS\System32\lpksetup.exe [2012-09-20] (Microsoft Corporation)
Task: {C5D048C3-594E-4A16-A788-AD3CB8DE2E24} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe
Task: {D4CFE8A6-1FB8-456C-BAAB-28090093610D} - System32\Tasks\Browser Updater\Browser Updater => Rundll32.exe "C:\Program Files (x86)\HomeTab\TBUpdater.dll",TBCheckForUpdate
Task: {D7214452-8E4F-4EEB-BA65-0C6E9A810060} - System32\Tasks\Advanced System Protector_startup => C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe
Task: {D746E155-A8E8-4167-A9D2-E4063E4CB29D} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-03-12] (Oracle Corporation)
Task: {DE421C52-C213-4956-9D82-DEEA8FFE922D} - System32\Tasks\Norton Identity Safe\Norton Error Processor => C:\Program Files (x86)\Norton Identity Safe\Engine\2014.5.0.67\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {DE9E6C5A-2294-44C7-B7D8-DDE39A0CE0D0} - System32\Tasks\spmonitor => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\spmonitor.exe
Task: {E115F6C7-42F1-4BB7-B423-FF8CD0E2B5A3} - System32\Tasks\BrowserProtect => Sc.exe start BrowserProtect
Task: {E2DC8B90-3CC5-4104-8822-EFB06AEC2C1B} - System32\Tasks\Software Updater => C:\Program Files (x86)\SoftwareUpdater\SoftwareUpdater.Bootstrapper.exe [2013-09-30] ()
Task: {EF0C70A7-BE2A-4F0F-9845-F9F23C78FBDD} - System32\Tasks\OFFICE2010ACT => C:\ProgramData\Microsoft\Windows\OFFICEICON.vbs [2012-03-08] ()
Task: {F289E8D3-3065-4BD4-B7BA-D9F30BACB300} - System32\Tasks\Wise Turbo Checker => C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe [2013-05-23] (WiseCleaner.COM)
Task: {F2E47815-B05E-47B9-99F8-5A79BA987AFB} - System32\Tasks\RegClean Pro => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe
Task: {F3FB3558-F814-4CD0-A7DE-F60CAF789131} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-12] (Adobe Systems Incorporated)
Task: {FC3BB574-E86B-4EFA-820E-FC4C7D1CB21E} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CheckDriveBackgroundGuard.job => C:\Program Files (x86)\CheckDrive\CheckDriveBackgroundGuard.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\PCCT - MAGIX AG.job => C:\Program Files (x86)\MAGIX\PC_Check_Tuning_Free_2011\MxTray.exe
Task: C:\WINDOWS\Tasks\spmonitor.job => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\spmonitor.exe
Task: C:\WINDOWS\Tasks\Wise Care 365.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe
Task: C:\WINDOWS\Tasks\Wise Turbo Checker.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe

==================== Loaded Modules (whitelisted) =============

2013-04-21 18:37 - 2012-11-09 11:10 - 00013776 _____ () C:\Program Files (x86)\CheckDrive\AbMessages.dll
2013-04-21 18:37 - 2012-11-09 11:10 - 00585680 _____ () C:\Program Files (x86)\CheckDrive\AbScheduler.dll
2012-08-21 22:57 - 2012-08-21 22:57 - 00369664 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2013-10-14 19:33 - 2013-10-14 19:33 - 02105856 _____ () C:\Program Files\AVAST Software\Avast\defs\13101400\algo.dll
2010-11-04 12:21 - 2010-11-04 12:21 - 00635904 _____ () C:\Program Files (x86)\MAGIX\PC_Check_Tuning_Free_2011\MFL_u_VC9.dll
2007-09-05 16:42 - 2007-09-05 16:42 - 00638976 _____ () C:\Program Files (x86)\MAGIX\PC_Check_Tuning_Free_2011\PlayRIpl.dll
2012-08-10 17:51 - 2012-08-10 17:51 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2012-11-14 17:09 - 2011-05-17 14:27 - 00028672 _____ () C:\Windows\jmesoft\hidhook.dll
2009-12-04 17:59 - 2009-12-04 17:59 - 00619816 _____ () C:\Program Files (x86)\Lenovo\Power2Go\CLMediaLibrary.dll
2009-12-04 18:04 - 2009-12-04 18:04 - 00013096 _____ () C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvcPS.dll
2013-06-23 00:03 - 2013-05-16 10:55 - 00113496 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2013-06-23 00:03 - 2013-05-16 10:55 - 00161112 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2013-06-23 00:03 - 2013-05-16 10:55 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2013-06-23 00:03 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2013-06-23 00:03 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2012-11-14 17:09 - 2012-06-25 04:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-10-12 18:34 - 2013-09-11 04:26 - 03279768 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:CB0AACC9

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Driver"

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (10/13/2013 07:32:43 PM) (Source: ESENT) (User: )
Description: taskhostex (5592) WebCacheLocal: Versuch, Datei "C:\Users\Christian\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" für den Lese-/Schreibzugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.

Error: (10/13/2013 11:41:42 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: idea-PC)
Description: Bei der Aktivierung der App „microsoft.windowsphotos_8wekyb3d8bbwe!Microsoft.WindowsLive.ModernPhotos“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (10/13/2013 11:41:41 AM) (Source: Application Hang) (User: )
Description: Programm wwahost.exe, Version 6.2.9200.16420 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 530

Startzeit: 01cec7f857c3b792

Endzeit: 4294967295

Anwendungspfad: C:\WINDOWS\system32\wwahost.exe

Berichts-ID: a07d1589-33eb-11e3-beb8-eca86b32daff

Vollständiger Name des fehlerhaften Pakets: microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Microsoft.WindowsLive.ModernPhotos

Error: (10/13/2013 11:41:23 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: idea-PC)
Description: Die App „microsoft.windowsphotos_8wekyb3d8bbwe!Microsoft.WindowsLive.ModernPhotos“ wurde nicht innerhalb der vorgesehenen Zeit gestartet.

Error: (10/13/2013 11:13:06 AM) (Source: System Restore) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\WINDOWS\system32\svchost.exe -k netsvcs; Beschreibung = Windows Update; Fehler = 0x81000101).

Error: (10/12/2013 00:15:06 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: idea-PC)
Description: Bei der Aktivierung der App „Microsoft.BingFinance_8wekyb3d8bbwe!AppexFinance“ ist folgender Fehler aufgetreten: -2144980991. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (10/12/2013 00:15:01 AM) (Source: Microsoft-Windows-Immersive-Shell) (User: idea-PC)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.People“ ist folgender Fehler aufgetreten: -2144980991. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (10/10/2013 06:18:52 AM) (Source: ESENT) (User: )
Description: taskhostex (5144) Versuch, Datei "C:\Users\Christian\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" für den Lesezugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien.

Error: (10/05/2013 07:02:02 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Symantec Network Security WFP Driver.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (10/05/2013 07:02:02 AM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Symantec Iron Driver.

System Error:
Das System kann die angegebene Datei nicht finden.
.

System errors:
=============
Error: (10/14/2013 08:42:19 PM) (Source: DCOM) (User: idea-PC)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}idea-PCChristianS-1-5-21-408194697-961748500-2297062718-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (10/14/2013 08:42:19 PM) (Source: DCOM) (User: idea-PC)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}idea-PCChristianS-1-5-21-408194697-961748500-2297062718-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (10/14/2013 08:42:19 PM) (Source: DCOM) (User: idea-PC)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}idea-PCChristianS-1-5-21-408194697-961748500-2297062718-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (10/14/2013 08:42:18 PM) (Source: DCOM) (User: idea-PC)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}idea-PCChristianS-1-5-21-408194697-961748500-2297062718-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (10/14/2013 08:42:18 PM) (Source: DCOM) (User: idea-PC)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}idea-PCChristianS-1-5-21-408194697-961748500-2297062718-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (10/14/2013 08:42:18 PM) (Source: DCOM) (User: idea-PC)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}idea-PCChristianS-1-5-21-408194697-961748500-2297062718-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (10/14/2013 08:42:18 PM) (Source: DCOM) (User: idea-PC)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}idea-PCChristianS-1-5-21-408194697-961748500-2297062718-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (10/14/2013 08:42:18 PM) (Source: DCOM) (User: idea-PC)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}idea-PCChristianS-1-5-21-408194697-961748500-2297062718-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (10/14/2013 08:42:17 PM) (Source: DCOM) (User: idea-PC)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}idea-PCChristianS-1-5-21-408194697-961748500-2297062718-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (10/14/2013 08:42:17 PM) (Source: DCOM) (User: idea-PC)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}idea-PCChristianS-1-5-21-408194697-961748500-2297062718-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Microsoft Office Sessions:
=========================
Error: (10/13/2013 07:32:43 PM) (Source: ESENT)(User: )
Description: taskhostex5592WebCacheLocal: C:\Users\Christian\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat-1032 (0xfffffbf8)32 (0x00000020)Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.

Error: (10/13/2013 11:41:42 AM) (Source: Microsoft-Windows-Immersive-Shell)(User: idea-PC)
Description: microsoft.windowsphotos_8wekyb3d8bbwe!Microsoft.WindowsLive.ModernPhotos-2144927142

Error: (10/13/2013 11:41:41 AM) (Source: Application Hang)(User: )
Description: wwahost.exe6.2.9200.1642053001cec7f857c3b7924294967295C:\WINDOWS\system32\wwahost.exea07d1589-33eb-11e3-beb8-eca86b32daffmicrosoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbweMicrosoft.WindowsLive.ModernPhotos

Error: (10/13/2013 11:41:23 AM) (Source: Microsoft-Windows-Immersive-Shell)(User: idea-PC)
Description: microsoft.windowsphotos_8wekyb3d8bbwe!Microsoft.WindowsLive.ModernPhotos

Error: (10/13/2013 11:13:06 AM) (Source: System Restore)(User: )
Description: C:\WINDOWS\system32\svchost.exe -k netsvcsWindows Update0x81000101

Error: (10/12/2013 00:15:06 AM) (Source: Microsoft-Windows-Immersive-Shell)(User: idea-PC)
Description: Microsoft.BingFinance_8wekyb3d8bbwe!AppexFinance-2144980991

Error: (10/12/2013 00:15:01 AM) (Source: Microsoft-Windows-Immersive-Shell)(User: idea-PC)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!Microsoft.WindowsLive.People-2144980991

Error: (10/10/2013 06:18:52 AM) (Source: ESENT)(User: )
Description: taskhostex5144C:\Users\Christian\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat-1032 (0xfffffbf8)32 (0x00000020)Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.

Error: (10/05/2013 07:02:02 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary Symantec Network Security WFP Driver.

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (10/05/2013 07:02:02 AM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary Symantec Iron Driver.

System Error:
Das System kann die angegebene Datei nicht finden.

==================== Memory info ===========================

Percentage of memory in use: 41%
Total physical RAM: 4056.11 MB
Available physical RAM: 2384.13 MB
Total Pagefile: 5208.11 MB
Available Pagefile: 2872.19 MB
Total Virtual: 8192 MB
Available Virtual: 8191.77 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:905.25 GB) (Free:840.22 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Untitled Disc) (CDROM) (Total:3.86 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 32660940)

Partition: GPT Partition Type
==================== End Of Log ============================

Danke

schrauber · 15.10.2013, 09:40

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

pclaie1234 · 23.10.2013, 18:26

Ja erstmal danke aber gebracht hat das alles ueberhaupt nix und ich verstehe sowieso nur Bahnhof. Ist das jetzt ein Virus, eine fehlende Datei oder sonstwas? Ich finds irgendwie frustrierend irgendwas runterzuladen oder zu installieren oder sonstwas wenn ich nicht mal weiss warum ich das tue oder was das sein soll. Ok Sie machen das Ganze unentgeltlich und als Hobby, honoriere ich aber die Meldung ist immer noch da, von dem was Sie sagen hab ich keinen blassen Schimmer, das klingt irgendwie so wiewenn Mr Spock mir sagt wir müssen den Wandelfeldschalter mit dem N-Beamer koppeln und eine x-dimensionale Üeberbrueckung herstellen und schon haben wir den N-Transponder repariert. Da leg ich lieber 100EUR hin und lass es reparieren bevor ich hier ausraste, den PC ausm Fenster schmeisse und hinterherspringe.

schrauber · 24.10.2013, 09:31

Das ist Adware, bzw Teil von Adware und wird mit obigen Tools entfernt.

24.10.2013, 09:31	#6
schrauber /// the machine /// TB-Ausbilder	Fehlermeldung beim Hochfahren PC Das ist Adware, bzw Teil von Adware und wird mit obigen Tools entfernt. __________________ --> Fehlermeldung beim Hochfahren PC

Fehlermeldung beim Hochfahren PC

Plagegeister aller Art und deren Bekämpfung: Fehlermeldung beim Hochfahren PC