Wie Adware.generic5.ACKC unschädlich machen?

Lin88 · 27.11.2013, 18:54

Habe Windows 7, seit gestern erscheinen im Browser Mozilla Werbebanner auf meiner eigenen Homepage, die ich niemals zugelassen habe. Bin deshalb stutzig geworden. Andere Surfer habe mir bestätigt, dass diese Banner bei ihnen nicht erscheinen. Also nur be mir. Nun recherchiere ich im Internet und stelle fest dass ich mir einen Troyaner eingefangen hahbe. Das hat heute auch der AVG Virenscanner gemelde. Er kann ihn aber nicht eliminieren nur blockieren. Wer kann mir sagen, was ich tun muss. Diese Biester sind wohl gefährlich. Bin leider kein PC-Freak. Lieben DANK. Lin

schrauber · 27.11.2013, 19:29

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Lin88 · 27.11.2013, 20:27

Code:

ATTFilter

Hi "Schrauber". Besten DANK für deine spontane HIlfe. Download First hat gut funktioniert. - Bin 64-Bit. Die Dateien habe ich hochgeladen. Falls du sie lieber im Thread aben möchtest, hier im Anschluss nochmal. Habe hoffentlich alles richtig gemacht. Tausend DANK. Gruss Lin
FRST Logfile:

	Code: 

 ATTFilter

  
	Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-11-2013 01
Ran by Belinda (administrator) on BELINDANEU on 27-11-2013 20:01:13
Running from C:\Users\Belinda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DQ6DYGTT
Windows 7 Home Premium (X64) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Smartbar) C:\Users\Belinda\AppData\Local\Smartbar\Application\QuickShare.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
() C:\Windows\System32\dmwu.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe
(AVG) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
() C:\Program Files\Video downloader\ExtensionUpdaterService.exe
(Audible, Inc.) C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
(CANON INC.) C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe
(SweetIM Technologies Ltd.) C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(AVG) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
() C:\Windows\SysWOW64\jmdp\stij.exe
() C:\Windows\System32\ljkb\stij.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Sony of America Corporation) C:\Program Files\Sony\VAIO Care\listener.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCsystray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_11_9_900_117_ActiveX.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Farbar) C:\Users\Belinda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DQ6DYGTT\FRST64[1].exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10775584 2010-05-31] (Realtek 

Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2040352 2010-05-31] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] - C:\Program Files\Apoint\Apoint.exe [212480 2010-05-31] (Alps Electric Co., Ltd.)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE [2184520 2009-07-27] (CANON INC.)
HKLM\...\Run: [CanonSolutionMenu] - C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.EXE [767312 2009-03-18] 

(CANON INC.)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [Browser Infrastructure Helper] - C:\Users\Belinda\AppData\Local\Smartbar\Application\QuickShare.exe [20248 

2013-09-14] (Smartbar)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-

04] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-02-09] 

(Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Norton Online Backup] - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 

2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] - C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [600928 2010-06-01] 

(Sony Corporation)
HKLM-x32\...\Run: [IJNetworkScanUtility] - C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe [136544 

2009-05-19] (CANON INC.)
HKLM-x32\...\Run: [NBAgent] - C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [1234216 2010-03-26] (Nero 

AG)
HKLM-x32\...\Run: [BCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft 

Corporation)
HKLM-x32\...\Run: [SHTtray.exe] - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe [99696 2010-06-20] 

(Sony Corporation)
HKLM-x32\...\Run: [facemoods] - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.8\facemoodssrv.exe [329432 2011-

04-14] (facemoods.com)
HKLM-x32\...\Run: [Sweetpacks Communicator] - C:\Program Files (x86)\SweetIM\Communicator

\SweetPacksUpdateManager.exe [231768 2012-08-15] (SweetIM Technologies Ltd.)
HKLM-x32\...\Run: [PDFPrint] - C:\Program Files (x86)\PDF24\pdf24.exe [163000 2012-12-12] (Geek Software GmbH)
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2014\avgui.exe [4956176 2013-11-07] (AVG Technologies CZ, 

s.r.o.)
AppInit_DLLs-x32: c:\progra~3\browse~1\261339~1.144\{c16c1~1\browse~1.dll  [ ] ()
Startup: C:\Users\Belinda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snap.do/?

publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=04c39668-fe6d-4c09-8cfe-11c8f7b3a985&searchtype=ds&q=

{searchTerms}&installDate=20/09/2013
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.snap.do/?

publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=04c39668-fe6d-4c09-8cfe-

11c8f7b3a985&searchtype=hp&installDate=20/09/2013
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snap.do/?

publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=04c39668-fe6d-4c09-8cfe-11c8f7b3a985&searchtype=ds&q=

{searchTerms}&installDate=20/09/2013
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.nation.com/?orig=HP
URLSearchHook: HKLM-x32 - (No Name) - {7e111a5c-3d11-4f56-9463-5310c3c69025} - No File
URLSearchHook: HKLM-x32 - (No Name) - {51a86bb3-6602-4c85-92a5-130ee4864f13} - No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snap.do/?

publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=04c39668-fe6d-4c09-8cfe-11c8f7b3a985&searchtype=ds&q=

{searchTerms}&installDate=20/09/2013
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snap.do/?

publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=04c39668-fe6d-4c09-8cfe-11c8f7b3a985&searchtype=ds&q=

{searchTerms}&installDate=20/09/2013
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snap.do/?

publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=04c39668-fe6d-4c09-8cfe-11c8f7b3a985&searchtype=ds&q=

{searchTerms}&installDate=20/09/2013
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snap.do/?

publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=04c39668-fe6d-4c09-8cfe-11c8f7b3a985&searchtype=ds&q=

{searchTerms}&installDate=20/09/2013
BHO: QuickShare WidgetEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\System32\mscoree.dll (Microsoft 

Corporation)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office

\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: V-bates - {77BEC163-D389-42c1-91A4-C758846296A5} - C:\Program Files\Video downloader\Extension64.dll ()
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office

\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin

\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Ginyas Browser Companion - {00cbb66b-1d3b-46d3-9577-323a336acb50} - C:\Program Files 

(x86)\GinyasBrowserCompanion\jsloader.dll ( )
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan

\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} -  No File
BHO-x32: QuickShare WidgetEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\\SysWOW64\mscoree.dll 

(Microsoft Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon

\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO-x32: CescrtHlpr Object - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files (x86)\facemoods.com

\facemoods\1.4.17.8\bh\facemoods.dll (facemoods.com BHO)
BHO-x32: BetterSurf - {6E3C6B04-08FE-43BC-8E50-F90285024DEA} - C:\Program Files (x86)\BetterSurf\ie\BetterSurf.dll No 

File
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft 

Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java

\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: V-bates - {77BEC163-D389-42c1-91A4-C758846296A5} - C:\Program Files\Video downloader\Extension32.dll ()
BHO-x32: Better-Surf - {8271B5D6-76D3-4ABF-AEB3-1721161C76BC} - C:\Program Files (x86)\Better-Surf\ie\BetterSrf.dll ()
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files 

(x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Ginyas Browser Companion Verifier - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Program Files 

(x86)\GinyasBrowserCompanion\updatebhoWin32.dll ( )
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft 

Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta

\1.8.16.16\bh\delta.dll (Delta-search.com)
BHO-x32: Nero Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com

\GenericAskToolbar.dll (Ask.com)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java

\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SweetPacks Browser Helper - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM

\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
BHO-x32: XBTBPos00 Class - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files (x86)\Nation Toolbar

\tbunsa4C00.tmp\tbcore3.dll ()
BHO-x32: Yontoo - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll (Yontoo 

LLC)
Toolbar: HKLM - QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\System32\mscoree.dll 

(Microsoft Corporation)
Toolbar: HKLM-x32 - Nero Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com

\GenericAskToolbar.dll (Ask.com)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files 

(x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM-x32 - facemoods Toolbar - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files 

(x86)\facemoods.com\facemoods\1.4.17.8\facemoodsTlbr.dll (facemoods.com)
Toolbar: HKLM-x32 - SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program 

Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.)
Toolbar: HKLM-x32 - Nation Toolbar - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - C:\Program Files (x86)\Nation Toolbar

\tbunsa4C00.tmp\tbcore3.dll ()
Toolbar: HKLM-x32 - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta

\1.8.16.16\deltaTlbr.dll (Delta-search.com)
Toolbar: HKLM-x32 - QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\\SysWOW64\mscoree.dll 

(Microsoft Corporation)
Toolbar: HKCU - No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} -  No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKCU - No Name - {7E111A5C-3D11-4F56-9463-5310C3C69025} -  No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
Toolbar: HKCU - No Name - {51A86BB3-6602-4C85-92A5-130EE4864F13} -  No File
Toolbar: HKCU - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} -  No File
Handler: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -  No File
Handler: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -  No File
Handler: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -  No File
Handler-x32: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\GinyasBrowserCompanion

\tdataprotocol.dll (Blabbers Communications Ltd)
Handler-x32: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\GinyasBrowserCompanion

\tdataprotocol.dll (Blabbers Communications Ltd)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger

\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger

\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\GinyasBrowserCompanion

\tdataprotocol.dll (Blabbers Communications Ltd)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype

\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Belinda\AppData\Roaming\Mozilla\Firefox\Profiles\hhh1pc9i.default-1381161998509
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF DefaultSearchEngine: Web Search
FF SelectedSearchEngine: Web Search
FF Homepage: hxxp://feed.snap.do/?publisher=QuickObrw&dpid=QuickObrw&co=DE&userid=04c39668-fe6d-4c09-8cfe-

11c8f7b3a985&searchtype=hp&installDate=20/09/2013
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft 

Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft 

Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files 

(x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\14.2.0\\npsitesafety.dll No File
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.40.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.40.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle 

Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, 

Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft 

Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft 

Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft 

Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery

\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update

\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update

\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=1.1.5 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Belinda\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll 

(Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Belinda\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @talk.google.com/O3DPlugin - C:\Users\Belinda\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Belinda\AppData\Local\Google\Update

\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Belinda\AppData\Local\Google\Update

\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Users\Belinda\AppData\Roaming\Mozilla\Firefox\Profiles\hhh1pc9i.default-1381161998509\searchplugins

\MyStart Search.xml
FF SearchPlugin: C:\Users\Belinda\AppData\Roaming\Mozilla\Firefox\Profiles\hhh1pc9i.default-1381161998509\searchplugins

\Web Search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Ginyas Browser Companion - C:\Users\Belinda\AppData\Roaming\Mozilla\Firefox\Profiles\hhh1pc9i.default-

1381161998509\Extensions\bbrs_002@blabbers.com
FF Extension: toolbar - C:\Users\Belinda\AppData\Roaming\Mozilla\Firefox\Profiles\hhh1pc9i.default-1381161998509\Extensions

\toolbar@web.de.xpi
FF HKLM\...\Firefox\Extensions: [{77BEC163-D389-42c1-91A4-C758846296A5}] - C:\Program Files\Video downloader\Firefox
FF Extension: V-bates - C:\Program Files\Video downloader\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{77BEC163-D389-42c1-91A4-C758846296A5}] - C:\Program Files\Video downloader

\Firefox
FF Extension: V-bates - C:\Program Files\Video downloader\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{F53C93F1-07D5-430c-86D4-C9531B27DFAF}] - C:\Program Files (x86)\AVG

\AVG2012\Firefox\DoNotTrack\
FF HKLM-x32\...\Firefox\Extensions: [xz123@ya456.com] - C:\Program Files (x86)\BetterSurf\ff
FF Extension: BetterSurf - C:\Program Files (x86)\BetterSurf\ff
FF HKLM-x32\...\Firefox\Extensions: [12x3q@3244516.com] - C:\Program Files (x86)\Better-Surf\ff
FF Extension: Better-Surf - C:\Program Files (x86)\Better-Surf\ff

==================== Services (Whitelisted) =================

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] 

(ArcSoft Inc.)
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2011-07

-22] (Adobe Systems)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3478544 2013-11-11] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-24] (AVG Technologies CZ, s.r.o.)
R2 IBUpdaterService; C:\Windows\system32\dmwu.exe [1754928 2013-10-15] ()
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2009-02-10] ()
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, 

Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec 

Corporation)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [259192 2011-01-29] (Sony Corporation)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2099000 2013-10-30] 

(AVG)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
R2 UxTuneUp; C:\Windows\System32\uxtuneup.dll [42808 2013-10-30] (AVG)
R2 V-bates Updater; C:\Program Files\Video downloader\ExtensionUpdaterService.exe [188760 2013-11-05] ()
R2 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [851824 2010-06-17] 

(Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1368624 2013-08-01] (Sony Corporation)

==================== Drivers (Whitelisted) ====================

R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [150808 2013-11-05] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [240920 2013-11-04] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [194872 2013-10-24] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [212280 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [294712 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123704 2013-10-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31544 2013-09-10] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [251192 2013-08-01] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [39768 2013-02-14] (AVG Technologies)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [14112 2013-09-18] (TuneUp 

Software)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-27 20:01 - 2013-11-27 20:01 - 00000000 ____D C:\FRST
2013-11-27 17:45 - 2013-11-27 17:45 - 00003704 _____ C:\Windows\System32\Tasks\Java Update Scheduler
2013-11-27 17:45 - 2013-11-27 17:45 - 00003694 _____ C:\Windows\System32\Tasks\Adobe-Online-Aktualisierungsprogramm
2013-11-27 17:32 - 2013-10-30 11:27 - 00042808 _____ (AVG) C:\Windows\system32\uxtuneup.dll
2013-11-27 17:32 - 2013-10-30 11:27 - 00035640 _____ (AVG) C:\Windows\SysWOW64\uxtuneup.dll
2013-11-27 17:30 - 2013-11-27 17:30 - 00002229 _____ C:\Users\Public\Desktop\AVG 1-Klick-Wartung.lnk
2013-11-27 17:30 - 2013-11-27 17:30 - 00002205 _____ C:\Users\Public\Desktop\AVG PC TuneUp 2014.lnk
2013-11-27 17:30 - 2013-11-27 17:30 - 00000000 ____D C:\Users\Belinda\AppData\Roaming\AVG
2013-11-27 17:30 - 2013-10-30 11:27 - 00040248 _____ (AVG) C:\Windows\system32\TURegOpt.exe
2013-11-27 17:30 - 2013-10-30 11:27 - 00029496 _____ (AVG) C:\Windows\system32\authuitu.dll
2013-11-27 17:30 - 2013-10-30 11:27 - 00025400 _____ (AVG) C:\Windows\SysWOW64\authuitu.dll
2013-11-27 17:29 - 2013-11-27 17:40 - 00000000 __SHD C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2013-11-27 17:29 - 2013-11-27 17:32 - 00000000 ____D C:\ProgramData\AVG
2013-11-27 17:28 - 2013-11-27 17:29 - 78388136 _____ (AVG) C:\Users\Belinda\Downloads

\avg_tuh_stf_all_2014_204_24c34.exe
2013-11-27 17:12 - 2013-11-27 17:12 - 00000000 ____D C:\Users\Belinda\AppData\Roaming\AVG2014
2013-11-27 17:08 - 2013-11-27 17:08 - 00000981 _____ C:\Users\Public\Desktop\AVG 2014.lnk
2013-11-27 17:08 - 2013-11-27 17:08 - 00000000 ____D C:\Users\Belinda\AppData\Roaming\TuneUp Software
2013-11-27 17:07 - 2013-11-27 17:30 - 00000000 ____D C:\Program Files (x86)\AVG
2013-11-27 17:07 - 2013-11-27 17:12 - 00000000 ____D C:\ProgramData\AVG2014
2013-11-27 17:07 - 2013-11-27 17:07 - 00000000 ___HD C:\$AVG
2013-11-27 17:03 - 2013-11-27 19:16 - 00000000 ____D C:\ProgramData\MFAData
2013-11-27 17:03 - 2013-11-27 17:56 - 00000000 ____D C:\Users\Belinda\AppData\Local\Avg2014
2013-11-27 17:03 - 2013-11-27 17:03 - 00000000 ____D C:\Users\Belinda\AppData\Local\MFAData
2013-11-27 16:55 - 2013-11-27 16:56 - 01565744 _____ C:\Users\Belinda\Downloads\AVG_Remover_en(1).exe
2013-11-27 16:55 - 2013-11-27 16:55 - 01565744 _____ C:\Users\Belinda\Downloads\AVG_Remover_en.exe
2013-11-25 18:55 - 2013-11-25 18:55 - 00000000 ____D C:\Program Files (x86)\Better-Surf
2013-11-18 10:57 - 2013-11-18 12:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-14 13:55 - 2013-11-14 13:55 - 00000000 ____D C:\Program Files (x86)\BetterSurf
2013-11-05 21:55 - 2013-11-05 21:55 - 00150808 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers

\avgdiska.sys
2013-11-04 21:52 - 2013-11-04 21:52 - 00240920 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers

\avgidsdrivera.sys
2013-10-31 23:00 - 2013-10-31 23:00 - 00212280 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers

\avgldx64.sys
2013-10-31 22:49 - 2013-10-31 22:49 - 00294712 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers

\avgloga.sys
2013-10-30 23:33 - 2013-10-30 23:33 - 00000000 ____D C:\Windows\SysWOW64\jmdp
2013-10-30 23:33 - 2013-10-30 23:33 - 00000000 ____D C:\Windows\system32\ljkb

==================== One Month Modified Files and Folders =======

2013-11-27 20:01 - 2013-11-27 20:01 - 00000000 ____D C:\FRST
2013-11-27 20:01 - 2009-07-14 05:45 - 00013872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327

-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-27 20:01 - 2009-07-14 05:45 - 00013872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327

-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-27 19:59 - 2010-07-28 12:36 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-27 19:54 - 2011-08-16 13:57 - 00001128 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1746731887-

2748631606-2255311703-1001UA.job
2013-11-27 19:53 - 2013-01-27 11:43 - 00001058 _____ C:\Windows\Tasks\GinyasBrowserCompanion FireFox Watcher.job
2013-11-27 19:53 - 2013-01-27 11:43 - 00001058 _____ C:\Windows\Tasks\GinyasBrowserCompanion Chrome Watcher.job
2013-11-27 19:53 - 2013-01-27 11:43 - 00000000 ____D C:\ProgramData\GinyasBrowserCompanion
2013-11-27 19:33 - 2013-04-25 20:38 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-27 19:33 - 2013-01-27 11:43 - 00001058 _____ C:\Windows\Tasks\GinyasBrowserCompanion Stats Report.job
2013-11-27 19:17 - 2011-01-18 13:07 - 01163052 _____ C:\Windows\WindowsUpdate.log
2013-11-27 19:16 - 2013-11-27 17:03 - 00000000 ____D C:\ProgramData\MFAData
2013-11-27 19:16 - 2011-01-18 14:14 - 00003946 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-

{60E0EC93-A1E9-4F79-830E-AAFEDE508D28}
2013-11-27 19:13 - 2013-01-27 11:43 - 00000942 _____ C:\Windows\Tasks\GinyasBrowserCompanion Update Checker.job
2013-11-27 19:12 - 2013-04-09 20:45 - 00000364 _____ C:\Windows\Tasks\AmiUpdXp.job
2013-11-27 19:12 - 2011-11-02 17:52 - 00076009 _____ C:\Windows\setupact.log
2013-11-27 19:12 - 2010-07-28 12:36 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-27 19:12 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-27 17:56 - 2013-11-27 17:03 - 00000000 ____D C:\Users\Belinda\AppData\Local\Avg2014
2013-11-27 17:51 - 2012-01-27 08:22 - 00103724 _____ C:\Windows\PFRO.log
2013-11-27 17:45 - 2013-11-27 17:45 - 00003704 _____ C:\Windows\System32\Tasks\Java Update Scheduler
2013-11-27 17:45 - 2013-11-27 17:45 - 00003694 _____ C:\Windows\System32\Tasks\Adobe-Online-Aktualisierungsprogramm
2013-11-27 17:40 - 2013-11-27 17:29 - 00000000 __SHD C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2013-11-27 17:40 - 2012-05-08 12:56 - 00000000 ____D C:\Users\Belinda\AppData\Local\Downloaded Installations
2013-11-27 17:40 - 2011-01-18 15:30 - 00000000 ____D C:\Users\Belinda\AppData\Local\Microsoft Help
2013-11-27 17:32 - 2013-11-27 17:29 - 00000000 ____D C:\ProgramData\AVG
2013-11-27 17:30 - 2013-11-27 17:30 - 00002229 _____ C:\Users\Public\Desktop\AVG 1-Klick-Wartung.lnk
2013-11-27 17:30 - 2013-11-27 17:30 - 00002205 _____ C:\Users\Public\Desktop\AVG PC TuneUp 2014.lnk
2013-11-27 17:30 - 2013-11-27 17:30 - 00000000 ____D C:\Users\Belinda\AppData\Roaming\AVG
2013-11-27 17:30 - 2013-11-27 17:07 - 00000000 ____D C:\Program Files (x86)\AVG
2013-11-27 17:29 - 2013-11-27 17:28 - 78388136 _____ (AVG) C:\Users\Belinda\Downloads

\avg_tuh_stf_all_2014_204_24c34.exe
2013-11-27 17:12 - 2013-11-27 17:12 - 00000000 ____D C:\Users\Belinda\AppData\Roaming\AVG2014
2013-11-27 17:12 - 2013-11-27 17:07 - 00000000 ____D C:\ProgramData\AVG2014
2013-11-27 17:08 - 2013-11-27 17:08 - 00000981 _____ C:\Users\Public\Desktop\AVG 2014.lnk
2013-11-27 17:08 - 2013-11-27 17:08 - 00000000 ____D C:\Users\Belinda\AppData\Roaming\TuneUp Software
2013-11-27 17:07 - 2013-11-27 17:07 - 00000000 ___HD C:\$AVG
2013-11-27 17:03 - 2013-11-27 17:03 - 00000000 ____D C:\Users\Belinda\AppData\Local\MFAData
2013-11-27 16:56 - 2013-11-27 16:55 - 01565744 _____ C:\Users\Belinda\Downloads\AVG_Remover_en(1).exe
2013-11-27 16:55 - 2013-11-27 16:55 - 01565744 _____ C:\Users\Belinda\Downloads\AVG_Remover_en.exe
2013-11-27 16:48 - 2011-01-18 15:00 - 00000000 ____D C:\Users\Belinda\AppData\Local\Google
2013-11-27 16:48 - 2010-07-28 12:36 - 00000000 ____D C:\Program Files (x86)\Google
2013-11-27 11:54 - 2011-08-16 13:57 - 00001076 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1746731887-

2748631606-2255311703-1001Core.job
2013-11-25 18:55 - 2013-11-25 18:55 - 00000000 ____D C:\Program Files (x86)\Better-Surf
2013-11-25 13:52 - 2012-05-08 14:17 - 00000000 ____D C:\Users\Belinda\IBH
2013-11-20 12:35 - 2011-01-18 17:21 - 00000000 ____D C:\Users\Belinda\Verwaltung
2013-11-19 11:21 - 2011-01-18 17:15 - 00267936 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-11-18 16:58 - 2012-06-14 21:04 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-18 12:51 - 2013-11-18 10:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-18 11:39 - 2013-04-21 07:30 - 00000000 ____D C:\Users\Belinda\bilder_2013
2013-11-15 21:37 - 2013-10-07 17:32 - 00001912 _____ C:\Windows\epplauncher.mif
2013-11-15 21:37 - 2013-10-07 17:32 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-11-15 21:37 - 2013-10-07 17:32 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2013-11-15 00:10 - 2011-03-08 18:00 - 00000600 _____ C:\Users\Belinda\winscp.RND
2013-11-14 20:30 - 2011-03-04 10:21 - 00000000 ____D C:\ProgramData\CanonIJ
2013-11-14 20:30 - 2011-01-18 15:58 - 00000000 ____D C:\ProgramData\CanonIJPLM
2013-11-14 13:55 - 2013-11-14 13:55 - 00000000 ____D C:\Program Files (x86)\BetterSurf
2013-11-13 19:22 - 2013-10-16 20:45 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-11-13 19:22 - 2011-10-14 18:22 - 00001929 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2013-11-13 14:17 - 2011-01-18 15:30 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-13 14:16 - 2013-07-21 02:02 - 00000000 ____D C:\Windows\system32\MRT
2013-11-13 14:13 - 2011-02-22 12:17 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-12 20:29 - 2013-04-09 20:45 - 00000000 ____D C:\Program Files\Video downloader
2013-11-11 11:14 - 2011-02-02 19:20 - 00000000 ____D C:\Users\Belinda\AppData\Roaming\Skype
2013-11-10 12:20 - 2011-02-22 15:43 - 00200134 _____ C:\test.xml
2013-11-09 15:55 - 2011-01-18 14:22 - 00000000 ____D C:\Users\Belinda\AppData\Roaming\Mozilla
2013-11-09 10:21 - 2009-07-14 06:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-11-05 21:55 - 2013-11-05 21:55 - 00150808 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers

\avgdiska.sys
2013-11-05 18:56 - 2010-07-28 22:11 - 00658400 _____ C:\Windows\system32\perfh007.dat
2013-11-05 18:56 - 2010-07-28 22:11 - 00131482 _____ C:\Windows\system32\perfc007.dat
2013-11-05 18:56 - 2009-07-14 06:13 - 01509118 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-04 21:52 - 2013-11-04 21:52 - 00240920 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers

\avgidsdrivera.sys
2013-10-31 23:00 - 2013-10-31 23:00 - 00212280 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers

\avgldx64.sys
2013-10-31 22:49 - 2013-10-31 22:49 - 00294712 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers

\avgloga.sys
2013-10-30 23:33 - 2013-10-30 23:33 - 00000000 ____D C:\Windows\SysWOW64\jmdp
2013-10-30 23:33 - 2013-10-30 23:33 - 00000000 ____D C:\Windows\system32\ljkb
2013-10-30 22:10 - 2013-09-13 10:16 - 00000000 ____D C:\Users\Belinda\Neuer Ordner
2013-10-30 22:10 - 2012-04-10 11:35 - 00000000 ____D C:\Users\Belinda\Platinum
2013-10-30 22:07 - 2011-01-18 17:22 - 00000000 ____D C:\Users\Belinda\belinda
2013-10-30 11:27 - 2013-11-27 17:32 - 00042808 _____ (AVG) C:\Windows\system32\uxtuneup.dll
2013-10-30 11:27 - 2013-11-27 17:32 - 00035640 _____ (AVG) C:\Windows\SysWOW64\uxtuneup.dll
2013-10-30 11:27 - 2013-11-27 17:30 - 00040248 _____ (AVG) C:\Windows\system32\TURegOpt.exe
2013-10-30 11:27 - 2013-11-27 17:30 - 00029496 _____ (AVG) C:\Windows\system32\authuitu.dll
2013-10-30 11:27 - 2013-11-27 17:30 - 00025400 _____ (AVG) C:\Windows\SysWOW64\authuitu.dll

Some content of TEMP:
====================
C:\Users\Belinda\AppData\Local\Temp\Better-Surf.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-11-20 10:53

==================== End Of Log ============================
         
 --- --- ---


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-11-2013 01
Ran by Belinda at 2013-11-27 20:02:42
Running from C:\Users\Belinda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DQ6DYGTT
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: AVG AntiVirus 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

7-Zip 9.20 (x32)
Adobe AIR (x32 Version: 1.5.3.9130)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
Adobe Photoshop 6.0 (x32 Version: 6.0)
Adobe Reader XI (11.0.05) - Deutsch (x32 Version: 11.0.05)
Adobe SVG Viewer (x32 Version: 1.0)
Alps Pointing-device for VAIO
ArcSoft Magic-i Visual Effects 2 (x32 Version: 2.0.1.115)
ArcSoft WebCam Companion 3 (x32 Version: 3.0.21.368)
Ask Toolbar (x32 Version: 1.6.6.0)
ATI Catalyst Install Manager (Version: 3.0.750.0)
Audacity 1.2.6 (x32)
Audible Download Manager (x32 Version: 6.6.0.13)
AVG 2014 (Version: 14.0.3629)
AVG 2014 (Version: 14.0.4259)
AVG 2014 (Version: 2014.0.4259)
AVG PC TuneUp 2014 (de-DE) (x32 Version: 14.0.1001.229)
AVG PC TuneUp 2014 (x32 Version: 14.0.1001.229)
AVM FRITZ!Box Dokumentation (x32)
AVM FRITZ!Box Druckeranschluss (x32)
Canon Easy-WebPrint EX (x32)
Canon IJ Network Scan Utility (x32)
Canon IJ Network Tool (x32)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (x32)
Canon iP4800 series Printer Driver
Canon MP Navigator EX 3.0 (x32)
Canon MP560 series Benutzerregistrierung (x32)
Canon MP560 series MP Drivers
Canon Utilities Easy-PhotoPrint EX (x32)
Canon Utilities My Printer (x32)
Canon Utilities Solution Menu (x32)
Catalyst Control Center Core Implementation (x32 Version: 2010.0209.16.306)
Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0209.16.306)
Catalyst Control Center Graphics Full New (x32 Version: 2010.0209.16.306)
Catalyst Control Center Graphics Light (x32 Version: 2010.0209.16.306)
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0209.16.306)
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0209.16.306)
Catalyst Control Center InstallProxy (x32 Version: 2010.0209.16.306)
Catalyst Control Center Localization All (x32 Version: 2010.0209.16.306)
CCC Help Chinese Standard (x32 Version: 2010.0209.0015.306)
CCC Help Chinese Traditional (x32 Version: 2010.0209.0015.306)
CCC Help Czech (x32 Version: 2010.0209.0015.306)
CCC Help Danish (x32 Version: 2010.0209.0015.306)
CCC Help Dutch (x32 Version: 2010.0209.0015.306)
CCC Help English (x32 Version: 2010.0209.0015.306)
CCC Help Finnish (x32 Version: 2010.0209.0015.306)
CCC Help French (x32 Version: 2010.0209.0015.306)
CCC Help German (x32 Version: 2010.0209.0015.306)
CCC Help Greek (x32 Version: 2010.0209.0015.306)
CCC Help Hungarian (x32 Version: 2010.0209.0015.306)
CCC Help Italian (x32 Version: 2010.0209.0015.306)
CCC Help Japanese (x32 Version: 2010.0209.0015.306)
CCC Help Korean (x32 Version: 2010.0209.0015.306)
CCC Help Norwegian (x32 Version: 2010.0209.0015.306)
CCC Help Polish (x32 Version: 2010.0209.0015.306)
CCC Help Portuguese (x32 Version: 2010.0209.0015.306)
CCC Help Russian (x32 Version: 2010.0209.0015.306)
CCC Help Spanish (x32 Version: 2010.0209.0015.306)
CCC Help Swedish (x32 Version: 2010.0209.0015.306)
CCC Help Thai (x32 Version: 2010.0209.0015.306)
CCC Help Turkish (x32 Version: 2010.0209.0015.306)
ccc-core-static (x32 Version: 2010.0209.16.306)
ccc-utility64 (Version: 2010.0209.16.306)
CCleaner (Version: 3.01)
CDBurnerXP (Version: 4.3.7.2423)
Cortesi Texte RF 7.0 (x32)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)
Delta Chrome Toolbar (x32)
Delta toolbar   (x32 Version: 1.8.16.16)
Dexpot (HKCU Version: 1.5.8)
DomaIQ (x32)
Evernote (x32 Version: 3.5.4.2224)
Facemoods Toolbar (x32)
GinyasBrowserCompanion (x32)
Google Drive (x32 Version: 1.12.5329.1887)
Google Earth (x32 Version: 7.1.1.1888)
Google Talk Plugin (x32 Version: 4.9.1.16010)
Google Update Helper (x32 Version: 1.3.21.165)
High-Definition Video Playback 10 (x32 Version: 7.0.11400.29.0)
HomeSite 4.5 (HKCU)
IB Updater Service (x32 Version: 4.0.8.8)
Intel(R) Control Center (x32 Version: 1.2.1.1007)
Intel(R) Management Engine Components (x32 Version: 6.0.0.1179)
Intel(R) Rapid Storage Technology (x32 Version: 9.6.0.1014)
Intel(R) Turbo Boost Technology Driver (x32 Version: 01.02.00.1002)
Internet Explorer Toolbar 4.6 by SweetPacks (x32 Version: 4.6.0004)
IrfanView (remove only) (x32 Version: 4.27)
Java 7 Update 40 (x32 Version: 7.0.400)
Java Auto Updater (x32 Version: 2.1.9.8)
Java(TM) 6 Update 20 (64-bit) (Version: 6.0.200)
Java(TM) 6 Update 23 (x32 Version: 6.0.230)
Junk Mail filter update (x32 Version: 14.0.8117.416)
McAfee Security Scan Plus (Version: 3.8.130.10)
Media Gallery (Version: 1.3.0)
Media Gallery (x32 Version: 1.3.0.06230)
MegaStar 8.12 (x32 Version: 8.12)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (x32 Version: 2.0.48.0)
Microsoft Office 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office 2010 Service Pack 1 (SP1) (x32)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000)
Microsoft Office Klick-und-Los 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Primary Interoperability Assemblies 2005 (x32 Version: 8.0.50727.42)
Microsoft Security Client (Version: 4.4.0304.0)
Microsoft Security Essentials (Version: 4.4.304.0)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Movie2KDownloader (x32 Version: 2.1 Build 26473)
Mozilla Firefox 25.0.1 (x86 de) (x32 Version: 25.0.1)
Mozilla Maintenance Service (x32 Version: 25.0.1)
Mozilla Thunderbird (3.1.7) (x32 Version: 3.1.7 (de))
MSVCRT (x32 Version: 14.0.1468.721)
MSXML 4.0 SP3 Parser (KB2721691) (x32 Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (KB973685) (x32 Version: 4.30.2107.0)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0)
Nation Toolbar (x32 Version: 1.0.17)
Nero 10 Menu TemplatePack Basic (x32 Version: 10.0.10600.6.0)
Nero 10 Movie ThemePack Basic (x32 Version: 10.0.10600.6.0)
Nero BackItUp 10 (x32 Version: 5.4.11600.19.100)
Nero BackItUp 10 Help (CHM) (x32 Version: 1.0.10700)
Nero Burning ROM 10 (x32 Version: 10.0.11100.10.100)
Nero BurningROM 10 Help (CHM) (x32 Version: 1.0.10700)
Nero BurnRights 10 (x32 Version: 4.0.11000.12.100)
Nero BurnRights 10 Help (CHM) (x32 Version: 1.0.10600)
Nero Control Center 10 (x32 Version: 10.0.12000.1.4)
Nero ControlCenter 10 Help (CHM) (x32 Version: 1.0.10700)
Nero Core Components 10 (x32 Version: 2.0.13700.0.1)
Nero CoverDesigner 10 (x32 Version: 5.0.10900.11.100)
Nero CoverDesigner 10 Help (CHM) (x32 Version: 1.0.10600)
Nero DiscSpeed 10 (x32 Version: 6.0.10800.7.100)
Nero DiscSpeed 10 Help (CHM) (x32 Version: 1.0.10600)
Nero Dolby Files 10 (x32 Version: 2.0.11000.0.10)
Nero Express 10 (x32 Version: 10.0.11000.10.100)
Nero Express 10 Help (CHM) (x32 Version: 1.0.10700)
Nero InfoTool 10 (x32 Version: 7.0.10800.8.100)
Nero InfoTool 10 Help (CHM) (x32 Version: 1.0.10600)
Nero MediaHub 10 (x32 Version: 1.0.13400.11.100)
Nero MediaHub 10 Help (CHM) (x32 Version: 1.0.10700)
Nero Multimedia Suite 10 (x32 Version: 10.0.13100)
Nero Recode 10 (x32 Version: 4.6.10900.4.100)
Nero Recode 10 Help (CHM) (x32 Version: 1.0.10600)
Nero RescueAgent 10 (x32 Version: 3.0.10900.9.100)
Nero RescueAgent 10 Help (CHM) (x32 Version: 1.0.10700)
Nero SoundTrax 10 (x32 Version: 4.6.10600.2.100)
Nero SoundTrax 10 Help (CHM) (x32 Version: 1.0.10600)
Nero StartSmart 10 (x32 Version: 10.0.11200.12.100)
Nero StartSmart 10 Help (CHM) (x32 Version: 1.0.10700)
Nero Update (x32 Version: 1.0.0017)
Nero Vision 10 (x32 Version: 7.0.11100.8.100)
Nero Vision 10 Help (CHM) (x32 Version: 1.0.10600)
Nero WaveEditor 10 (x32 Version: 5.6.10600.2.100)
Nero WaveEditor 10 Help (CHM) (x32 Version: 1.0.10600)
Norton Online Backup (x32 Version: 2.1.17869)
OpenOffice.org 3.4.1 (x32 Version: 3.41.9593)
PDF24 Creator 5.2.0 (x32)
PMB (x32 Version: 5.3.00.06040)
PMB VAIO Edition plug-in (Click to Disc) (Version: 3.3.00)
PMB VAIO Edition plug-in (Click to Disc) (x32 Version: 3.3.00)
PMB VAIO Edition plug-in (VAIO Movie Story) (Version: 2.3.00)
PMB VAIO Edition plug-in (VAIO Movie Story) (x32 Version: 2.3.00)
QuickShare (x32 Version: 1.146.60.12450)
Realtek HDMI Audio Driver for ATI (x32 Version: 6.0.1.6034)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6098)
Skype™ 5.10 (x32 Version: 5.10.116)
SmartSound Quicktracks for Premiere Elements 8.0 (x32 Version: 3.11.3090)
Software Version Updater (x32 Version: 1.1.3.7)
TeamViewer 6 (x32 Version: 6.0.9947)
TopStyle Lite (Version 1.5) (x32)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553065) (x32)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2566458) (x32)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (x32)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (x32)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32)
Update for Microsoft Word 2010 (KB2827323) 32-Bit Edition (x32)
Update Manager for SweetPacks 1.1 (x32 Version: 1.1.0008)
VAIO - Media Gallery (x32 Version: 1.3.0.06230)
VAIO - PMB VAIO Edition Guide (x32 Version: 1.3.00.06040)
VAIO - PMB VAIO Edition plug-in (Click to Disc) (x32 Version: 3.3.00.06180)
VAIO - PMB VAIO Edition plug-in (VAIO Image Optimizer) (x32 Version: 1.3.00.06110)
VAIO - PMB VAIO Edition plug-in (VAIO Movie Story) (x32 Version: 2.3.00.06180)
VAIO Care (x32 Version: 6.4.2.11150)
VAIO Control Center (x32 Version: 4.3.0.05310)
VAIO Data Restore Tool (x32 Version: 1.4.0.05240)
VAIO DVD Menu Data (x32 Version: 2.2.00.05120)
VAIO Gate (x32 Version: 2.2.0.06080)
VAIO Gate Default (x32 Version: 2.2.0.07020)
VAIO Hardware Diagnostics (x32 Version: 4.0.0.06230)
VAIO Media plus (Version: 2.1.0)
VAIO Media plus (x32 Version: 2.1.0.18210)
VAIO Media plus Opening Movie (x32 Version: 2.1.0.13220)
VAIO Movie Story Template Data (x32 Version: 2.3.00.06040)
VAIO Quick Web Access (x32 Version: 1.3.4.2)
VAIO Sample Contents (x32 Version: 1.3.0.06041)
VAIO screensaver (x32 Version: 1.0.0.0)
VAIO Smart Network (x32 Version: 3.3.0.06080)
VAIO Update (x32 Version: 6.3.0.08010)
VAIO-Handbuch (x32 Version: 1.1.0.05280)
VAIO-Support für Übertragungen (x32 Version: 1.2.0.06230)
V-bates 2.0.0.437 (Version: 2.0.0.437)
Visual Studio 2008 x64 Redistributables (x32 Version: 10.0.0.2)
Visual Studio 2012 x64 Redistributables (Version: 14.0.0.1)
Visual Studio 2012 x86 Redistributables (x32 Version: 14.0.0.1)
VLC media player 1.1.5 (x32 Version: 1.1.5)
VU5x64 (Version: 1.1.0)
VU5x86 (x32 Version: 1.0.0)
VU5x86 (x32 Version: 1.1.0)
WIDCOMM Bluetooth Software (Version: 6.3.0.5600)
Windows Live Anmelde-Assistent (x32 Version: 5.000.818.5)
Windows Live Call (x32 Version: 14.0.8117.0416)
Windows Live Communications Platform (x32 Version: 14.0.8117.416)
Windows Live Essentials (x32 Version: 14.0.8117.0416)
Windows Live Essentials (x32 Version: 14.0.8117.416)
Windows Live Fotogalerie (x32 Version: 14.0.8117.416)
Windows Live Mail (x32 Version: 14.0.8117.0416)
Windows Live Messenger (x32 Version: 14.0.8117.0416)
Windows Live Sync (x32 Version: 14.0.8117.416)
Windows Live Writer (x32 Version: 14.0.8117.0416)
Windows Live-Uploadtool (x32 Version: 14.0.8014.1029)
WinSCP 4.3.2 (x32 Version: 4.3.2)
Yontoo 1.10.03 (Version: 1.10.03)

==================== Restore Points  =========================

13-11-2013 13:12:10 Windows Update
15-11-2013 20:37:00 Windows Update
19-11-2013 16:03:12 Windows Update
23-11-2013 09:48:48 Windows Update
27-11-2013 15:18:44 Windows Update
27-11-2013 16:06:54 Installed AVG 2014
27-11-2013 16:07:17 Installed AVG 2014
27-11-2013 16:29:42 AVG PC TuneUp 2014 wird installiert

==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {05C380B0-6E35-4597-A326-8E3FA62C43D3} - System32\Tasks\SONY\SUS-BCF\Level4Month => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2010-05-31] (Sony Corporation)
Task: {05D5CCE1-96CE-407D-BD05-85BE0B3B977E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-10] (Adobe Systems Incorporated)
Task: {06978EDE-A59C-4557-AE97-1D225E56D5E8} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: {07DED8E6-E8F9-4951-986D-3AC400EB6982} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-07-28] (Google Inc.)
Task: {11DEB6CC-A0FF-4110-A68E-C1E042F89508} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2013-08-01] (Sony Corporation)
Task: {17956D3B-3F9F-4310-B487-EF2F732C0EA3} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {1946643D-705F-4524-9121-E0B80ED6BCC0} - System32\Tasks\GinyasBrowserCompanion Chrome Watcher => C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe [2013-01-16] (Blabbers Communications Ltd)
Task: {1CBE5C42-6787-4BD4-A34A-B79EE172F545} - System32\Tasks\SONY\VAIO Power Management\VPM Session Change => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation)
Task: {20F2B529-DC77-41CB-A573-C1830AEAB509} - System32\Tasks\SONY\VAIO Power Management\VPM Logon Start => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation)
Task: {253D6AE1-1D41-4F08-8D6A-C2DB0BE7E3A0} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {442034C4-AECA-43C7-83C3-60A593F155A4} - System32\Tasks\SONY\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2010-06-08] (Sony Corporation)
Task: {49C97614-4914-40A9-A936-A1420E4C53D3} - System32\Tasks\SONY\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2010-06-08] (Sony Corporation)
Task: {4B67B55F-C77F-4AFD-B791-1826F8C73834} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCOneClick.exe [2011-02-16] (Sony Corporation)
Task: {5280B2CC-C432-4C47-8529-B9588C0914E4} - System32\Tasks\GinyasBrowserCompanion Update Checker => C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe [2013-01-16] (Blabbers Communications Ltd)
Task: {5688D79C-F49A-48A1-8D87-C03A5D98D439} - System32\Tasks\SONY\VAIO Wallpaper Setting Tool\VAIO Wallpaper Setting Tool => C:\Program Files (x86)\Sony\VAIO Wallpaper Setting Tool\VWSet.exe
Task: {62F4ACDF-5B2A-445A-90FB-6C49C1334681} - System32\Tasks\Google Updater and Installer => C:\Users\Belinda\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-01] (Google Inc.)
Task: {6F051241-5987-4FA0-99F6-0AB861D029FF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-07-28] (Google Inc.)
Task: {6F39EABF-3E05-4015-A42A-3A7C7206CAD3} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1746731887-2748631606-2255311703-1001UA => C:\Users\Belinda\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-01] (Google Inc.)
Task: {8459938B-0FB6-4E20-B071-D0ACDE482B5B} - System32\Tasks\AmiUpdXp => C:\Users\Belinda\AppData\Local\SwvUpdater\Updater.exe [2013-07-24] (Amonetize ltd.)
Task: {A1AC7C21-5D16-45D8-ACAC-E36A9E9B3FB7} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1746731887-2748631606-2255311703-1001Core => C:\Users\Belinda\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-01] (Google Inc.)
Task: {AC7C5A65-6F2A-4E9F-A1CB-4AC360D4C730} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2013-08-01] (Sony Corporation)
Task: {B312716F-5383-4A72-A958-BFB03DD33E98} - System32\Tasks\SONY\VAIO Power Management\VPM Unlock => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation)
Task: {B586F55B-F54A-4284-9BAD-B677B7432AE4} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe [2010-02-04] ()
Task: {B6C96EEC-708A-4420-B16C-AF4911AC8E1C} - System32\Tasks\GinyasBrowserCompanion Stats Report => C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe [2013-01-16] (Blabbers Communications Ltd)
Task: {B7EA56A7-7E89-468D-AEDA-77484686EEE2} - System32\Tasks\GinyasBrowserCompanion FireFox Watcher => C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe [2013-01-16] (Blabbers Communications Ltd)
Task: {BFD77AB1-6CD6-41CF-9CA0-D8127E9E12A4} - System32\Tasks\SONY\SUS-BCF\Level4Daily => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2010-05-31] (Sony Corporation)
Task: {EEA7E227-8CB6-4431-99DB-CB1F82A6A82F} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCsystray.exe [2011-02-16] (Sony Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AmiUpdXp.job => C:\Users\Belinda\AppData\Local\SwvUpdater\Updater.exe
Task: C:\Windows\Tasks\GinyasBrowserCompanion Chrome Watcher.job => C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe
Task: C:\Windows\Tasks\GinyasBrowserCompanion FireFox Watcher.job => C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe
Task: C:\Windows\Tasks\GinyasBrowserCompanion Stats Report.job => C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe
Task: C:\Windows\Tasks\GinyasBrowserCompanion Update Checker.job => C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1746731887-2748631606-2255311703-1001Core.job => C:\Users\Belinda\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1746731887-2748631606-2255311703-1001UA.job => C:\Users\Belinda\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2013-10-15 10:05 - 2013-10-15 10:05 - 01315840 _____ () C:\Windows\System32\ljkb\lmrn.dll
2010-07-28 12:35 - 2010-07-28 12:35 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2013-09-14 20:51 - 2013-09-14 20:51 - 00033560 _____ () C:\Users\Belinda\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll
2013-09-14 20:51 - 2013-09-14 20:51 - 00055064 _____ () C:\Users\Belinda\AppData\Local\Smartbar\Application\Smartbar.Resources.AutomaticUpdates.dll
2013-09-14 20:51 - 2013-09-14 20:51 - 00149784 _____ () C:\Users\Belinda\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll
2013-09-14 20:51 - 2013-09-14 20:51 - 00111896 _____ () C:\Users\Belinda\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll
2013-09-14 20:51 - 2013-09-14 20:51 - 01808152 _____ () C:\Users\Belinda\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll
2013-09-14 20:51 - 2013-09-14 20:51 - 00055576 _____ () C:\Users\Belinda\AppData\Local\Smartbar\Application\Smartbar.Personalization.BusinessLogic.dll
2013-09-14 20:51 - 2013-09-14 20:51 - 00012568 _____ () C:\Users\Belinda\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.EventManager.dll
2013-09-14 20:51 - 2013-09-14 20:51 - 00048408 _____ () C:\Users\Belinda\AppData\Local\Smartbar\Application\Smartbar.Personalization.Settings.PublisherSettingsManager.dll
2013-09-14 20:51 - 2013-09-14 20:51 - 00725272 _____ () C:\Users\Belinda\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll
2013-09-14 20:51 - 2013-09-14 20:51 - 00081176 _____ () C:\Users\Belinda\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll
2013-09-14 20:51 - 2013-09-14 20:51 - 00013592 _____ () C:\Users\Belinda\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll
2013-09-14 20:51 - 2013-09-14 20:51 - 00016664 _____ () C:\Users\Belinda\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll
2013-09-14 20:51 - 2013-09-14 20:51 - 00029464 _____ () C:\Users\Belinda\AppData\Local\Smartbar\Application\Smartbar.Resources.Utilities.dll
2013-09-14 20:51 - 2013-09-14 20:51 - 00019736 _____ () C:\Users\Belinda\AppData\Local\Smartbar\Application\Smartbar.Resources.SideBySide.dll
2013-09-14 20:51 - 2013-09-14 20:51 - 00057112 _____ () C:\Users\Belinda\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll
2013-09-14 20:51 - 2013-09-14 20:51 - 00013592 _____ () C:\Users\Belinda\AppData\Local\Smartbar\Application\Smartbar.Resources.ProcessDownMonitor.dll
2013-09-14 20:51 - 2013-09-14 20:51 - 00014104 _____ () C:\Users\Belinda\AppData\Local\Smartbar\Application\Smartbar.GUI.Multimedia.Loader.dll
2013-09-14 20:51 - 2013-09-14 20:51 - 00051480 _____ () C:\Users\Belinda\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll
2013-09-14 20:51 - 2013-09-14 20:51 - 00047384 _____ () C:\Users\Belinda\AppData\Local\Smartbar\Application\MACTrackBarLib.dll
2013-09-14 20:50 - 2013-09-14 20:50 - 00025368 _____ () C:\Users\Belinda\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll
2013-09-14 20:51 - 2013-09-14 20:51 - 00024856 _____ () C:\Users\Belinda\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll
2013-09-14 20:51 - 2013-09-14 20:51 - 00245528 _____ () C:\Users\Belinda\AppData\Local\Smartbar\Application\Smartbar.Resources.NetSeer.dll
2010-06-12 09:27 - 2010-06-12 09:27 - 00135168 _____ () C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\Extension\MrsMpegParser.dll
2010-07-28 12:23 - 2010-05-31 18:18 - 00013824 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll
2010-07-28 12:23 - 2010-05-31 18:18 - 00013312 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSubPS.dll
2013-10-15 10:03 - 2013-10-15 10:03 - 01057792 _____ () C:\Windows\SysWOW64\jmdp\lmrn.dll
2012-08-10 16:51 - 2012-08-10 16:51 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2013-01-11 10:26 - 2013-01-11 10:26 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\d89f0252d910d617de1de783a812f840\IsdiInterop.ni.dll
2010-07-12 22:29 - 2010-03-04 04:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:373E1720

==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/27/2013 07:53:13 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: tbhcn.exe, Version: 1.0.0.5, Zeitstempel: 0x50f25761
Name des fehlerhaften Moduls: tbhcn.exe, Version: 1.0.0.5, Zeitstempel: 0x50f25761
Ausnahmecode: 0x40000015
Fehleroffset: 0x0007a2fd
ID des fehlerhaften Prozesses: 0x1f88
Startzeit der fehlerhaften Anwendung: 0xtbhcn.exe0
Pfad der fehlerhaften Anwendung: tbhcn.exe1
Pfad des fehlerhaften Moduls: tbhcn.exe2
Berichtskennung: tbhcn.exe3

Error: (11/27/2013 07:23:08 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: tbhcn.exe, Version: 1.0.0.5, Zeitstempel: 0x50f25761
Name des fehlerhaften Moduls: tbhcn.exe, Version: 1.0.0.5, Zeitstempel: 0x50f25761
Ausnahmecode: 0x40000015
Fehleroffset: 0x0007a2fd
ID des fehlerhaften Prozesses: 0x1cd0
Startzeit der fehlerhaften Anwendung: 0xtbhcn.exe0
Pfad der fehlerhaften Anwendung: tbhcn.exe1
Pfad des fehlerhaften Moduls: tbhcn.exe2
Berichtskennung: tbhcn.exe3

Error: (11/27/2013 06:31:59 PM) (Source: Application Hang) (User: )
Description: Programm iexplore.exe, Version 8.0.7600.17267 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1830

Startzeit: 01ceeb95b0c1b636

Endzeit: 20

Anwendungspfad: C:\Program Files\Internet Explorer\iexplore.exe

Berichts-ID: c86d1bd7-5789-11e3-96a2-544249ef1ace

Error: (11/27/2013 05:52:15 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: tbhcn.exe, Version: 1.0.0.5, Zeitstempel: 0x50f25761
Name des fehlerhaften Moduls: tbhcn.exe, Version: 1.0.0.5, Zeitstempel: 0x50f25761
Ausnahmecode: 0x40000015
Fehleroffset: 0x0007a2fd
ID des fehlerhaften Prozesses: 0x830
Startzeit der fehlerhaften Anwendung: 0xtbhcn.exe0
Pfad der fehlerhaften Anwendung: tbhcn.exe1
Pfad des fehlerhaften Moduls: tbhcn.exe2
Berichtskennung: tbhcn.exe3

Error: (11/27/2013 04:58:33 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: tbhcn.exe, Version: 1.0.0.5, Zeitstempel: 0x50f25761
Name des fehlerhaften Moduls: tbhcn.exe, Version: 1.0.0.5, Zeitstempel: 0x50f25761
Ausnahmecode: 0x40000015
Fehleroffset: 0x0007a2fd
ID des fehlerhaften Prozesses: 0x544
Startzeit der fehlerhaften Anwendung: 0xtbhcn.exe0
Pfad der fehlerhaften Anwendung: tbhcn.exe1
Pfad des fehlerhaften Moduls: tbhcn.exe2
Berichtskennung: tbhcn.exe3

Error: (11/27/2013 04:07:20 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: tbhcn.exe, Version: 1.0.0.5, Zeitstempel: 0x50f25761
Name des fehlerhaften Moduls: tbhcn.exe, Version: 1.0.0.5, Zeitstempel: 0x50f25761
Ausnahmecode: 0x40000015
Fehleroffset: 0x0007a2fd
ID des fehlerhaften Prozesses: 0x6c8
Startzeit der fehlerhaften Anwendung: 0xtbhcn.exe0
Pfad der fehlerhaften Anwendung: tbhcn.exe1
Pfad des fehlerhaften Moduls: tbhcn.exe2
Berichtskennung: tbhcn.exe3

Error: (11/27/2013 04:07:20 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: tbhcn.exe, Version: 1.0.0.5, Zeitstempel: 0x50f25761
Name des fehlerhaften Moduls: tbhcn.exe, Version: 1.0.0.5, Zeitstempel: 0x50f25761
Ausnahmecode: 0x40000015
Fehleroffset: 0x0007a2fd
ID des fehlerhaften Prozesses: 0x6ac
Startzeit der fehlerhaften Anwendung: 0xtbhcn.exe0
Pfad der fehlerhaften Anwendung: tbhcn.exe1
Pfad des fehlerhaften Moduls: tbhcn.exe2
Berichtskennung: tbhcn.exe3

Error: (11/27/2013 00:54:28 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: tbhcn.exe, Version: 1.0.0.5, Zeitstempel: 0x50f25761
Name des fehlerhaften Moduls: tbhcn.exe, Version: 1.0.0.5, Zeitstempel: 0x50f25761
Ausnahmecode: 0x40000015
Fehleroffset: 0x0007a2fd
ID des fehlerhaften Prozesses: 0x1bf4
Startzeit der fehlerhaften Anwendung: 0xtbhcn.exe0
Pfad der fehlerhaften Anwendung: tbhcn.exe1
Pfad des fehlerhaften Moduls: tbhcn.exe2
Berichtskennung: tbhcn.exe3

Error: (11/27/2013 00:38:29 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (11/27/2013 00:27:58 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005


System errors:
=============
Error: (11/27/2013 07:09:56 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst avgwd erreicht.

Error: (11/27/2013 06:57:22 PM) (Source: Microsoft Antimalware) (User: )
Description: Beim Anwenden von Aktionen auf Schadsoftware und potenziell unerwünschte Software wurde von %TrojanDownloader:Win32/Brantall.D60 ein schwerwiegender Fehler festgestellt.

Weitere Informationen finden Sie hier:
%TrojanDownloader:Win32/Brantall.D603

	Name: TrojanDownloader:Win32/Brantall.D

	ID: 2147684061

	Schweregrad: %TrojanDownloader:Win32/Brantall.D600

	Kategorie: %TrojanDownloader:Win32/Brantall.D602

	Pfad: 4.4.0304.02

	Ursprung der Erkennung: 4.4.0304.04

	Typ der Erkennung: 4.4.0304.08

	Quelle der Erkennung: %TrojanDownloader:Win32/Brantall.D608

	Benutzer: {B1F99CA7-E9B5-4FE7-9A3B-2DF7DA656074}9

	Prozessname: %TrojanDownloader:Win32/Brantall.D609

	Aktion: {B1F99CA7-E9B5-4FE7-9A3B-2DF7DA656074}1

	Aktionsstatus:  {B1F99CA7-E9B5-4FE7-9A3B-2DF7DA656074}8

	Fehlercode: {B1F99CA7-E9B5-4FE7-9A3B-2DF7DA656074}3

	Fehlerbeschreibung: {B1F99CA7-E9B5-4FE7-9A3B-2DF7DA656074}4

	Signaturversion: 2013-11-27T17:56:39.536Z1

	Modulversion: 2013-11-27T17:56:39.536Z2

Error: (11/27/2013 05:49:32 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst avgwd erreicht.

Error: (11/27/2013 05:32:08 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AVG Designerweiterung" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1083

Error: (11/27/2013 05:16:08 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "vToolbarUpdater14.2.0" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (11/27/2013 05:14:48 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst AVGIDSAgent erreicht.

Error: (11/27/2013 04:58:18 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "vToolbarUpdater14.2.0" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (11/27/2013 04:07:09 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "vToolbarUpdater14.2.0" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (11/27/2013 11:45:40 AM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

	Neue Signaturversion: 

	Vorherige Signaturversion: 1.163.622.0

	Aktualisierungsquelle: %NT-AUTORITÄT59

	Aktualisierungsphase: 4.4.0304.00

	Quellpfad: 4.4.0304.01

	Signaturtyp: %NT-AUTORITÄT602

	Aktualisierungstyp: %NT-AUTORITÄT604

	Benutzer: NT-AUTORITÄT\SYSTEM

	Aktuelle Modulversion: %NT-AUTORITÄT605

	Vorherige Modulversion: %NT-AUTORITÄT606

	Fehlercode: %NT-AUTORITÄT607

	Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (11/27/2013 11:35:52 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "vToolbarUpdater14.2.0" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2


Microsoft Office Sessions:
=========================
Error: (11/27/2013 07:53:13 PM) (Source: Application Error)(User: )
Description: tbhcn.exe1.0.0.550f25761tbhcn.exe1.0.0.550f25761400000150007a2fd1f8801ceeba1e7e3259cC:\ProgramData\GinyasBrowserCompanion\tbhcn.exeC:\ProgramData\GinyasBrowserCompanion\tbhcn.exe2a73c44d-5795-11e3-9f0c-544249ef1ace

Error: (11/27/2013 07:23:08 PM) (Source: Application Error)(User: )
Description: tbhcn.exe1.0.0.550f25761tbhcn.exe1.0.0.550f25761400000150007a2fd1cd001ceeb9db4fe73bfC:\ProgramData\GinyasBrowserCompanion\tbhcn.exeC:\ProgramData\GinyasBrowserCompanion\tbhcn.exef64db8ab-5790-11e3-9f0c-544249ef1ace

Error: (11/27/2013 06:31:59 PM) (Source: Application Hang)(User: )
Description: iexplore.exe8.0.7600.17267183001ceeb95b0c1b63620C:\Program Files\Internet Explorer\iexplore.exec86d1bd7-5789-11e3-96a2-544249ef1ace

Error: (11/27/2013 05:52:15 PM) (Source: Application Error)(User: )
Description: tbhcn.exe1.0.0.550f25761tbhcn.exe1.0.0.550f25761400000150007a2fd83001ceeb90fae77214C:\ProgramData\GinyasBrowserCompanion\tbhcn.exeC:\ProgramData\GinyasBrowserCompanion\tbhcn.exe4448e16d-5784-11e3-96a2-544249ef1ace

Error: (11/27/2013 04:58:33 PM) (Source: Application Error)(User: )
Description: tbhcn.exe1.0.0.550f25761tbhcn.exe1.0.0.550f25761400000150007a2fd54401ceeb8976bbaad8C:\ProgramData\GinyasBrowserCompanion\tbhcn.exeC:\ProgramData\GinyasBrowserCompanion\tbhcn.exec428b7d9-577c-11e3-ba4c-544249ef1ace

Error: (11/27/2013 04:07:20 PM) (Source: Application Error)(User: )
Description: tbhcn.exe1.0.0.550f25761tbhcn.exe1.0.0.550f25761400000150007a2fd6c801ceeb824d9644b8C:\ProgramData\GinyasBrowserCompanion\tbhcn.exeC:\ProgramData\GinyasBrowserCompanion\tbhcn.exe9c6d22e2-5775-11e3-8e00-c0cb38fb7502

Error: (11/27/2013 04:07:20 PM) (Source: Application Error)(User: )
Description: tbhcn.exe1.0.0.550f25761tbhcn.exe1.0.0.550f25761400000150007a2fd6ac01ceeb824d9644b8C:\ProgramData\GinyasBrowserCompanion\tbhcn.exeC:\ProgramData\GinyasBrowserCompanion\tbhcn.exe9c6cfbd2-5775-11e3-8e00-c0cb38fb7502

Error: (11/27/2013 00:54:28 PM) (Source: Application Error)(User: )
Description: tbhcn.exe1.0.0.550f25761tbhcn.exe1.0.0.550f25761400000150007a2fd1bf401ceeb67387995bdC:\ProgramData\GinyasBrowserCompanion\tbhcn.exeC:\ProgramData\GinyasBrowserCompanion\tbhcn.exeaa834c58-575a-11e3-83a7-544249ef1ace

Error: (11/27/2013 00:38:29 PM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (11/27/2013 00:27:58 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005


==================== Memory info =========================== 

Percentage of memory in use: 72%
Total physical RAM: 3950.1 MB
Available physical RAM: 1080.97 MB
Total Pagefile: 7898.33 MB
Available Pagefile: 5222.93 MB
Total Virtual: 8192 MB
Available Virtual: 8191.78 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:452.34 GB) (Free:322.06 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: ADF2723C)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=452 GB) - (Type=07 NTFS)

==================== End Of Log ============================

schrauber · 28.11.2013, 13:16

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

Lin88 · 28.11.2013, 22:18

Hi lieber Malware-Experte,
hier also das Logfile nach dem Scan (s. Anhang-zip malware) Alles Weitere mit der nächsten Antwort. DANKE, DANKE - Uff - bin ganz schön erleichtert, dass du mir hilfst. Spende?!
Lin

Lin88 · 28.11.2013, 23:26

Code:

ATTFilter

Hi - hier dann die files  AdwCleaner, JRT und das frische FRST log im Anhang. Bin gespannt!
LG, Lin :dankeschoen

schrauber · 29.11.2013, 19:53

Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

Wie Adware.generic5.ACKC unschädlich machen?

Plagegeister aller Art und deren Bekämpfung: Wie Adware.generic5.ACKC unschädlich machen?