Windows 7: BetterSurf, Yontoo und Bandoo haben sich eingenistet

SJB · 13.12.2013, 19:55

Guten Abend allerseits

Ich hatte bis vor kurzem ein grösseres Problem mit dem "Qone8-Virus", welchen ich dank dem Thema "Qone8 lässt sich nicht entfernen" auf dieser Seite beseitigen konnte (FRSTscan -> AdwareCleaner -> EsetOnline Scan)
Nun fand der Eset jedoch noch 36 weitere Infiszierungen, welche ich unten anführen werde.
Wie stark bzw. verherrend können deren Auswirkungen sein und was kann ich am effektivsten gegen diese noch unternehmen?

Vielen Dank für Eure wertvolle Hilfe im voraus

C:\AdwCleaner\Quarantine\C\Program Files (x86)\BetterSurf\ch\Chrome.crx.vir Win32/AdWare.BetterSurf.A application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BetterSurf\ff\BetterSurf.xpi.vir Win32/AdWare.BetterSurf.A application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\BetterSurf\ff\chrome\content\inject.js.vir Win32/AdWare.BetterSurf.A application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Windows Searchqu Toolbar\ToolBar\SearchquDx.dll.vir Win32/Adware.Bandoo application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Windows Searchqu Toolbar\ToolBar\SearchquTb.dll.vir Win32/Adware.Bandoo application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Windows Searchqu Toolbar\ToolBar\chrome\content\.#searchqutb.js.1.3.vir Win32/Adware.Bandoo application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Windows Searchqu Toolbar\ToolBar\chrome\content\searchqutb.js.vir Win32/Adware.Bandoo application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Windows Searchqu Toolbar\ToolBar\chrome\content\toolbar.htm.vir Win32/Adware.Bandoo application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Windows Searchqu Toolbar\ToolBar\chrome\content\toolbar.xul.vir Win32/Adware.Bandoo application
C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll.vir a variant of Win32/Adware.Yontoo.B application
E:\SJB-PC\Backup Set 2013-01-11 124533\Backup Files 2013-01-11 124533\Backup files 20.zip multiple threats
E:\SJB-PC\Backup Set 2013-01-11 124533\Backup Files 2013-01-11 124533\Backup files 23.zip a variant of Win32/Adware.Yontoo.B application
E:\SJB-PC\Backup Set 2013-01-11 124533\Backup Files 2013-01-11 124533\Backup files 27.zip multiple threats
E:\SJB-PC\Backup Set 2013-01-11 124533\Backup Files 2013-01-11 124533\Backup files 37.zip multiple threats
E:\SJB-PC\Backup Set 2013-01-11 124533\Backup Files 2013-02-03 190000\Backup files 1.zip multiple threats
E:\SJB-PC\Backup Set 2013-01-11 124533\Backup Files 2013-02-03 190000\Backup files 4.zip multiple threats
E:\SJB-PC\Backup Set 2013-01-11 124533\Backup Files 2013-02-03 190000\Backup files 5.zip multiple threats
E:\SJB-PC\Backup Set 2013-01-11 124533\Backup Files 2013-02-24 190001\Backup files 3.zip Win32/Adware.Yontoo application
E:\SJB-PC\Backup Set 2013-06-02 212015\Backup Files 2013-06-02 212015\Backup files 21.zip multiple threats
E:\SJB-PC\Backup Set 2013-06-02 212015\Backup Files 2013-06-02 212015\Backup files 24.zip a variant of Win32/Adware.Yontoo.B application
E:\SJB-PC\Backup Set 2013-06-02 212015\Backup Files 2013-06-02 212015\Backup files 26.zip multiple threats
E:\SJB-PC\Backup Set 2013-06-02 212015\Backup Files 2013-06-02 212015\Backup files 44.zip Win32/Adware.Yontoo application
E:\SJB-PC\Backup Set 2013-06-02 212015\Backup Files 2013-06-02 212015\Backup files 45.zip multiple threats
E:\SJB-PC\Backup Set 2013-06-21 190340\Backup Files 2013-06-21 190340\Backup files 15.zip multiple threats
E:\SJB-PC\Backup Set 2013-06-21 190340\Backup Files 2013-06-21 190340\Backup files 18.zip a variant of Win32/Adware.Yontoo.B application
E:\SJB-PC\Backup Set 2013-06-21 190340\Backup Files 2013-06-21 190340\Backup files 21.zip multiple threats
E:\SJB-PC\Backup Set 2013-06-21 190340\Backup Files 2013-06-21 190340\Backup files 37.zip Win32/Adware.Yontoo application
E:\SJB-PC\Backup Set 2013-06-21 190340\Backup Files 2013-06-21 190340\Backup files 38.zip multiple threats
E:\SJB-PC\Backup Set 2013-09-08 190001\Backup Files 2013-09-08 190001\Backup files 15.zip Win32/Adware.Bandoo application
E:\SJB-PC\Backup Set 2013-09-08 190001\Backup Files 2013-09-08 190001\Backup files 18.zip a variant of Win32/Adware.Yontoo.B application
E:\SJB-PC\Backup Set 2013-09-08 190001\Backup Files 2013-09-08 190001\Backup files 38.zip Win32/Adware.Yontoo application
E:\SJB-PC\Backup Set 2013-09-08 190001\Backup Files 2013-10-27 190001\Backup files 1.zip multiple threats
E:\SJB-PC\Backup Set 2013-09-08 190001\Backup Files 2013-11-04 173815\Backup files 1.zip multiple threats
E:\SJB-PC\Backup Set 2013-09-08 190001\Backup Files 2013-11-16 112020\Backup files 1.zip Win32/AdWare.BetterSurf.A application
E:\SJB-PC\Backup Set 2013-09-08 190001\Backup Files 2013-11-16 112020\Backup files 3.zip Win32/AdWare.BetterSurf.A application
E:\SJB-PC\Backup Set 2013-09-08 190001\Backup Files 2013-12-01 190001\Backup files 1.zip a variant of Win32/AdWare.BetterSurf.B application

schrauber · 13.12.2013, 20:35

hi,

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

SJB · 15.12.2013, 09:09

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-12-2013 01
Ran by SJB (administrator) on SJB-PC on 15-12-2013 09:01:02
Running from C:\Users\SJB\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Egis Technology Inc.) C:\Program Files (x86)\Acer Bio Protection\CompPtcVUI.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(Egis Technology Inc.) C:\Program Files (x86)\Acer Bio Protection\BASVC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Windows\PLFSetI.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.EXE
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Egis Technology Inc.) C:\Program Files (x86)\Acer Bio Protection\PwdBank.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe [186904 2009-10-13] (Intel Corporation)
HKLM\...\Run: [mwlDaemon] - C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [349480 2009-09-10] (Egis Technology Inc.)
HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe [496160 2009-12-04] (Acer Incorporated)
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8224800 2009-10-13] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1842472 2009-09-17] (Synaptics Incorporated)
HKLM\...\Run: [PLFSetI] - C:\Windows\PLFSetI.exe [200704 2009-11-21] ()
HKCU\...\Run: [GoogleChromeAutoLaunch_99BC52B355A9B9D2E0389A500BE0B941] - C:\Users\SJB\AppData\Local\Google\Chrome\Application\chrome.exe [863184 2013-12-04] (Google Inc.)
HKCU\...\Run: [Google Update] - C:\Users\SJB\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-08-15] (Google Inc.)
MountPoints2: {2446c277-14d7-11e0-9edd-00269eae5fbf} - G:\LaunchU3.exe -a
HKLM-x32\...\Run: [BackupManagerTray] - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [261888 2009-10-29] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-11-23] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [LManager] - C:\Program Files (x86)\Launch Manager\LManager.EXE [825864 2009-09-24] (Dritek System Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] - C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [401192 2009-12-09] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] - C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201512 2009-12-09] (Egis Technology Inc.)
HKLM-x32\...\Run: [VitaKeyPdtWzd] - C:\Program Files (x86)\Acer Bio Protection\PdtWzd.exe [3569152 2009-11-10] (Egis Technology Inc.)
HKLM-x32\...\Run: [AppleSyncNotifier] - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2012-02-23] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2014\avgui.exe [4956176 2013-11-07] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [mobilegeni daemon] - C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKU\Default\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-08] ()
HKU\Default User\...\RunOnce: [ScrSav] - C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe [162336 2009-07-08] ()
AppInit_DLLs:    [ ] ()
AppInit_DLLs-x32:    [ ] ()
Lsa: [Notification Packages] C:\Program Files (x86)\Acer Bio Protection\PwdFilterV64

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Acer\Acer VCM\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\SJB\AppData\Roaming\Mozilla\Firefox\Profiles\p39re3zq.default-1386615410817
FF Homepage: hxxp://www.facebook.com/#!/home.php?sk=lf
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\SJB\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\SJB\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
FF HKLM-x32\...\Thunderbird\Extensions: [avgthb@avg.com] - C:\Program Files (x86)\AVG\AVG2012\Thunderbird\

Chrome: 
=======
CHR HomePage: hxxp://www.google.ch/
CHR RestoreOnStartup: "hxxp://google.ch/"
CHR DefaultSearchKeyword: google.ch
CHR DefaultSearchProvider: Google
CHR DefaultSearchURL: {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultNewTabURL: {google:baseURL}_/chrome/newtab?{google:RLZ}{google:instantExtendedEnabledParameter}{google:ntpIsThemedParameter}ie={inputEncoding}
CHR Plugin: (Shockwave Flash) - C:\Users\SJB\AppData\Local\Google\Chrome\Application\21.0.1180.79\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Users\SJB\AppData\Local\Google\Chrome\Application\31.0.1650.63\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\SJB\AppData\Local\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\SJB\AppData\Local\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (AVG Internet Security) - C:\Users\SJB\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2191_0\plugins/avgnpss.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft\u00AE Windows Media Player Firefox Plugin) - C:\Users\SJB\AppData\Roaming\Mozilla\plugins\np-mswmp.dll (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\11.2.0\\npsitesafety.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U33) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.330.3) - C:\Windows\SysWOW64\npdeployJava1.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Extension: (DvdVideoSoft Free Youtube Download) - C:\Users\SJB\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.0.0_0
CHR Extension: (Google Wallet) - C:\Users\SJB\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3478544 2013-11-11] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-24] (AVG Technologies CZ, s.r.o.)
R2 ePowerSvc; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [788512 2009-12-04] (Acer Incorporated)
R2 IGBASVC; C:\Program Files (x86)\Acer Bio Protection\BASVC.exe [3450368 2009-11-10] (Egis Technology Inc.)
S3 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [305448 2009-09-10] (Egis Technology Inc.)
R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [253952 2009-07-10] (Acer Incorporated)
S2 0290781290016277mcinstcleanup; C:\Users\SJB\AppData\Local\Temp\029078~1.EXE C:\PROGRA~2\COMMON~1\McAfee\INSTAL~1\cleanup.ini -cleanup -nolog -service
S2 vToolbarUpdater17.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\ToolbarUpdater.exe [x]

==================== Drivers (Whitelisted) ====================

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [150808 2013-11-05] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [240920 2013-11-04] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [194872 2013-10-24] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [212280 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [294712 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123704 2013-10-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31544 2013-09-10] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [251192 2013-08-01] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2013-11-11] (AVG Technologies)
S3 hidshim; C:\Windows\system32\DRIVERS\hidshim.sys [6656 2009-09-01] (Windows (R) Win 7 DDK provider)
S3 int15.sys; C:\Windows\System32\OEM\Factory\int15.sys [17952 2008-03-28] (Acer, Inc.)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115600 2010-01-29] (EZB Systems, Inc.)
R0 johci; C:\Windows\System32\DRIVERS\johci.sys [22640 2009-08-24] (JMicron )
R3 nuvotoncir; C:\Windows\system32\DRIVERS\nuvotoncir.sys [48128 2009-08-31] (Nuvoton Technology Corporation)
S3 nuvotonhidcir; C:\Windows\system32\DRIVERS\nuvotonhidcir.sys [26624 2009-09-01] (Nuvoton Technology Corporation)
S3 nuvotonir; C:\Windows\system32\DRIVERS\nuvotonir.sys [68096 2009-08-31] (Nuvoton Technology Corporation)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] ()
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
S3 PTSimBus; system32\DRIVERS\PTSimBus.sys [x]
S3 PTSimHid; system32\DRIVERS\PTSimHid.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-15 09:00 - 2013-12-15 09:00 - 00000000 ____D C:\Users\SJB\Downloads\FRST-OlderVersion
2013-12-13 20:16 - 2013-12-15 00:14 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-12-13 18:17 - 2013-12-13 18:17 - 00004441 _____ C:\Users\SJB\Desktop\Scan-results.txt
2013-12-12 03:04 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-12 03:04 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-12 03:04 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-12 03:04 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-12 03:02 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-12 03:02 - 2013-11-26 11:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-12 03:02 - 2013-11-26 11:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-12 03:02 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-12 03:02 - 2013-11-26 10:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-12 03:02 - 2013-11-26 10:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-12 03:02 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-12 03:02 - 2013-11-26 10:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-12 03:02 - 2013-11-26 10:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-12 03:02 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-12 03:02 - 2013-11-26 10:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-12 03:02 - 2013-11-26 10:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-12 03:02 - 2013-11-26 10:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-12 03:02 - 2013-11-26 10:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-12 03:02 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-12 03:02 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-12 03:02 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-12 03:02 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-12 03:02 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-12 03:02 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-12 03:02 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-12 03:02 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-12 03:02 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-12 03:02 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-12 03:02 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-12 03:02 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-12 03:02 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-12 03:02 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-12 03:02 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-12 03:02 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-12 03:02 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-12 01:18 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-12 01:18 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-12 01:18 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-12 01:18 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-12 01:18 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-12 01:18 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-12 01:18 - 2013-10-30 02:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-12 01:18 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-12 01:18 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-12 01:18 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-12 01:18 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-12 01:18 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-12 01:18 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-12 01:18 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-12 01:18 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-12 01:18 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-12 01:18 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-12-12 01:18 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-12 01:18 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-11 16:42 - 2013-12-11 17:42 - 09272200 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2013-12-10 18:23 - 2013-12-10 18:23 - 02347384 _____ (ESET) C:\Users\SJB\Downloads\esetsmartinstaller_enu.exe
2013-12-10 18:23 - 2013-12-10 18:23 - 00000000 ____D C:\Program Files (x86)\ESET
2013-12-10 17:33 - 2013-12-10 17:35 - 00000000 ____D C:\AdwCleaner
2013-12-10 17:32 - 2013-12-10 17:32 - 01110034 _____ C:\Users\SJB\Downloads\adwcleaner.exe
2013-12-10 17:31 - 2013-12-10 17:32 - 00031737 _____ C:\Users\SJB\Downloads\Addition.txt
2013-12-10 17:30 - 2013-12-15 09:01 - 00020231 _____ C:\Users\SJB\Downloads\FRST.txt
2013-12-10 17:29 - 2013-12-15 09:00 - 01927796 _____ (Farbar) C:\Users\SJB\Downloads\FRST64.exe
2013-12-10 17:29 - 2013-12-15 09:00 - 00000000 ____D C:\FRST
2013-12-09 20:17 - 2013-12-09 20:17 - 00000000 _____ C:\autoexec.bat
2013-12-09 20:16 - 2013-12-10 17:47 - 00000000 ____D C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP
2013-12-09 20:16 - 2013-12-09 20:16 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-12-09 20:10 - 2013-12-09 20:10 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\SJB\Downloads\SpyHunter-Installer.exe
2013-12-09 19:56 - 2013-12-09 19:56 - 00000000 ____D C:\Users\SJB\Desktop\Alte Firefox-Daten
2013-12-09 19:01 - 2013-12-09 19:02 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-12-09 19:01 - 2013-12-09 19:02 - 00000000 ____D C:\Program Files\iTunes
2013-12-09 19:01 - 2013-12-09 19:02 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-12-09 19:01 - 2013-12-09 19:01 - 00000000 ____D C:\Program Files\iPod
2013-12-03 18:15 - 2013-12-03 18:15 - 00000000 ____D C:\ProgramData\Caphyon
2013-12-03 18:14 - 2013-12-03 18:14 - 04144094 _____ (No23) C:\Users\SJB\Downloads\no23-recorder_4551.exe
2013-12-03 18:02 - 2013-12-03 18:02 - 00001425 _____ C:\Users\SJB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-03 17:59 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-12-03 17:52 - 2013-12-03 17:52 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-03 17:52 - 2013-12-03 17:52 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-12-03 17:52 - 2013-12-03 17:52 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-12-03 17:52 - 2013-12-03 17:52 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-03 17:52 - 2013-12-03 17:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-12-03 17:52 - 2013-12-03 17:52 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-12-03 17:52 - 2013-12-03 17:52 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-12-03 17:52 - 2013-12-03 17:52 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-12-03 17:52 - 2013-12-03 17:52 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-12-03 17:52 - 2013-12-03 17:52 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-12-03 17:52 - 2013-12-03 17:52 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-12-03 17:52 - 2013-12-03 17:52 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-03 17:52 - 2013-12-03 17:52 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-12-03 17:52 - 2013-12-03 17:52 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-12-03 17:52 - 2013-12-03 17:52 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-03 17:52 - 2013-12-03 17:52 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-12-03 17:52 - 2013-12-03 17:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-12-03 17:52 - 2013-12-03 17:52 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-12-03 17:52 - 2013-12-03 17:52 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-03 17:52 - 2013-12-03 17:52 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-12-03 17:50 - 2013-12-03 17:59 - 00009162 _____ C:\Windows\IE11_main.log
2013-12-03 17:50 - 2013-12-03 17:50 - 63320784 _____ (Microsoft Corporation) C:\Users\SJB\Downloads\IE11-Windows6.1-x64-de-de.exe
2013-12-03 17:30 - 2013-12-03 17:30 - 00000000 ____D C:\Users\SJB\AppData\Roaming\Engelmann Media
2013-12-03 17:25 - 2013-12-03 17:25 - 00000000 ____D C:\Program Files (x86)\Engelmann Media
2013-12-03 17:22 - 2013-12-03 17:22 - 00567640 _____ C:\Users\SJB\Downloads\freetunes3_full-Downloader.exe
2013-12-03 16:46 - 2013-12-03 16:46 - 00000000 ____D C:\Users\SJB\AppData\Local\CrashRpt
2013-12-03 16:44 - 2013-12-03 16:44 - 00000000 ____D C:\ProgramData\RapidSolution
2013-12-03 16:44 - 2013-12-03 16:44 - 00000000 ____D C:\Program Files (x86)\Audials
2013-12-03 16:41 - 2013-12-03 16:41 - 00000000 ____D C:\Users\SJB\AppData\Local\RapidSolution
2013-12-02 21:54 - 2013-12-03 18:30 - 00000000 ____D C:\Program Files (x86)\Free mp3 Wma Converter
2013-12-02 21:54 - 2013-12-02 21:54 - 00000000 ____D C:\Users\SJB\AppData\Roaming\FreeAudioPack
2013-12-02 21:54 - 2011-09-29 14:20 - 02084864 _____ (NCT Company Ltd.) C:\Windows\SysWOW64\AudDesign.dll
2013-12-02 21:54 - 2011-09-29 14:20 - 01986560 _____ (NCT Company Ltd.) C:\Windows\SysWOW64\AudFile.dll
2013-12-02 21:54 - 2011-09-29 14:20 - 01212416 _____ (NCT Company Ltd.) C:\Windows\SysWOW64\AudioInfos.dll
2013-12-02 21:54 - 2011-09-29 14:20 - 00479232 _____ (NCT Company Ltd.) C:\Windows\SysWOW64\AudioVisu.dll
2013-12-02 21:54 - 2011-09-29 14:20 - 00458752 _____ (NCT Company Ltd.) C:\Windows\SysWOW64\AudPlayer.dll
2013-12-02 21:54 - 2011-09-29 14:20 - 00454656 _____ (NCT Company Ltd.) C:\Windows\SysWOW64\AudioRecord.dll
2013-12-02 21:54 - 2011-09-29 14:20 - 00417792 _____ (NCT Company Ltd.) C:\Windows\SysWOW64\AudDisplay.dll
2013-12-02 21:54 - 2011-09-29 14:20 - 00348160 _____ (NCT Company Ltd.) C:\Windows\SysWOW64\WMAFile.dll
2013-12-02 21:54 - 2011-09-29 14:20 - 00164144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COMCT232.OCX
2013-12-02 21:54 - 2011-09-29 14:20 - 00116296 _____ C:\Windows\SysWOW64\NCTWMAProfiles.prx
2013-12-02 21:54 - 2011-09-29 14:19 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCMCFR.DLL
2013-12-02 21:54 - 2011-09-29 14:19 - 00119568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VB6FR.DLL
2013-12-02 21:54 - 2011-09-29 14:19 - 00101888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VB6STKIT.DLL
2013-12-02 21:54 - 2011-09-29 14:19 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mscc2fr.dll
2013-12-02 21:54 - 2011-09-29 14:19 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CMDLGFR.DLL
2013-12-02 21:54 - 2011-09-29 14:19 - 00021504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TABCTFR.DLL
2013-12-02 21:54 - 2011-09-29 14:19 - 00015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetfr.DLL
2013-12-01 13:19 - 2013-12-03 20:32 - 00000000 ____D C:\Users\SJB\Desktop\DAVEE
2013-12-01 13:18 - 2013-12-02 18:05 - 00000000 ____D C:\Users\SJB\Desktop\Die Weisheit ruft - Vocal Prayerz
2013-11-26 12:39 - 2013-11-26 12:39 - 00047240 _____ (RapidSolution Software AG) C:\Windows\system32\Drivers\tbhsd.sys
2013-11-26 12:39 - 2013-11-26 12:39 - 00024744 _____ (Audials AG) C:\Windows\system32\Drivers\RrNetCapFilterDriver.sys
2013-11-23 13:24 - 2013-11-23 13:24 - 00001372 _____ C:\Users\SJB\Desktop\CopyTrans Control Center.lnk
2013-11-23 13:24 - 2013-11-23 13:24 - 00000000 ____D C:\Users\SJB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Suite
2013-11-23 13:23 - 2013-11-23 13:26 - 00000000 ____D C:\Users\SJB\AppData\Roaming\WindSolutions
2013-11-23 13:23 - 2013-11-23 13:25 - 00000000 ____D C:\ProgramData\WindSolutions
2013-11-23 13:23 - 2013-11-23 13:23 - 04279392 _____ (WindSolutions) C:\Users\SJB\Downloads\Install_CopyTrans_Suite.exe
2013-11-22 15:45 - 2013-11-22 15:45 - 00002140 _____ C:\Users\Public\Desktop\ImTOO iPhone Transfer.lnk
2013-11-22 15:45 - 2013-11-22 15:45 - 00000000 ____D C:\Users\SJB\Documents\ImTOO
2013-11-22 15:45 - 2013-11-22 15:45 - 00000000 ____D C:\Users\SJB\AppData\Roaming\ImTOO
2013-11-22 15:45 - 2013-11-22 15:45 - 00000000 ____D C:\ProgramData\ImTOO
2013-11-22 15:45 - 2013-11-22 15:45 - 00000000 ____D C:\Program Files (x86)\ImTOO
2013-11-22 15:45 - 2013-10-23 18:10 - 02075374 _____ C:\Users\SJB\Localizable.strings
2013-11-22 15:43 - 2013-11-22 15:44 - 58310824 _____ C:\Users\SJB\Downloads\iphone-transfer-de.exe
2013-11-21 22:28 - 2013-11-21 22:29 - 00153728 _____ (Amônétízé Ltd) C:\Users\SJB\Downloads\sof the.big.bang.theory.s05e18.avi.mp4__3516_i143714387_il1626242.exe
2013-11-16 12:31 - 2013-11-16 12:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified Files and Folders =======

2013-12-15 09:01 - 2013-12-10 17:30 - 00020231 _____ C:\Users\SJB\Downloads\FRST.txt
2013-12-15 09:00 - 2013-12-15 09:00 - 00000000 ____D C:\Users\SJB\Downloads\FRST-OlderVersion
2013-12-15 09:00 - 2013-12-10 17:29 - 01927796 _____ (Farbar) C:\Users\SJB\Downloads\FRST64.exe
2013-12-15 09:00 - 2013-12-10 17:29 - 00000000 ____D C:\FRST
2013-12-15 08:57 - 2012-08-15 19:07 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-257867256-564094623-2306078816-1000UA.job
2013-12-15 08:42 - 2012-03-30 10:15 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-15 08:31 - 2009-07-14 05:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-15 08:31 - 2009-07-14 05:45 - 00009920 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-15 08:29 - 2009-12-25 06:03 - 00654400 _____ C:\Windows\system32\perfh007.dat
2013-12-15 08:29 - 2009-12-25 06:03 - 00130240 _____ C:\Windows\system32\perfc007.dat
2013-12-15 08:29 - 2009-07-14 06:13 - 01498742 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-15 08:28 - 2013-01-13 10:08 - 00000000 ____D C:\ProgramData\MFAData
2013-12-15 08:24 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\tracing
2013-12-15 08:23 - 2013-05-31 17:31 - 00000350 _____ C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2013-12-15 08:23 - 2012-09-08 20:31 - 00065536 _____ C:\Windows\system32\Ikeext.etl
2013-12-15 08:23 - 2012-05-03 17:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-15 08:23 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-15 08:23 - 2009-07-14 05:51 - 00374704 _____ C:\Windows\setupact.log
2013-12-15 01:43 - 2009-12-25 06:22 - 01835025 _____ C:\Windows\WindowsUpdate.log
2013-12-15 01:41 - 2013-08-14 15:36 - 00000000 ____D C:\Windows\system32\MRT
2013-12-15 01:41 - 2010-11-19 16:56 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-15 01:29 - 2012-05-28 15:45 - 00000000 ____D C:\Users\SJB\AppData\Roaming\vlc
2013-12-15 00:14 - 2013-12-13 20:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-12-13 21:10 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-12-13 19:57 - 2012-08-15 19:07 - 00001060 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-257867256-564094623-2306078816-1000Core.job
2013-12-13 18:17 - 2013-12-13 18:17 - 00004441 _____ C:\Users\SJB\Desktop\Scan-results.txt
2013-12-13 16:47 - 2013-10-23 15:47 - 00000000 ____D C:\Program Files (x86)\File Type Advisor
2013-12-12 22:00 - 2013-10-26 15:47 - 00000000 ____D C:\Users\SJB\AppData\Roaming\FileAdvisor
2013-12-12 21:55 - 2010-11-18 17:40 - 00000000 ____D C:\ProgramData\DVD Shrink
2013-12-12 04:47 - 2009-07-14 05:45 - 05053240 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-12 03:03 - 2009-12-02 05:02 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-11 17:42 - 2013-12-11 16:42 - 09272200 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2013-12-11 17:42 - 2012-03-30 10:15 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-11 17:42 - 2012-03-30 10:15 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-11 17:42 - 2011-05-15 10:41 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-10 18:23 - 2013-12-10 18:23 - 02347384 _____ (ESET) C:\Users\SJB\Downloads\esetsmartinstaller_enu.exe
2013-12-10 18:23 - 2013-12-10 18:23 - 00000000 ____D C:\Program Files (x86)\ESET
2013-12-10 17:47 - 2013-12-09 20:16 - 00000000 ____D C:\Windows\72AAF4551E54475BB0AB5413C78D0E63.TMP
2013-12-10 17:35 - 2013-12-10 17:33 - 00000000 ____D C:\AdwCleaner
2013-12-10 17:32 - 2013-12-10 17:32 - 01110034 _____ C:\Users\SJB\Downloads\adwcleaner.exe
2013-12-10 17:32 - 2013-12-10 17:31 - 00031737 _____ C:\Users\SJB\Downloads\Addition.txt
2013-12-10 16:21 - 2009-12-02 05:25 - 00872306 _____ C:\Windows\PFRO.log
2013-12-09 20:17 - 2013-12-09 20:17 - 00000000 _____ C:\autoexec.bat
2013-12-09 20:16 - 2013-12-09 20:16 - 00000000 ____D C:\Program Files\Enigma Software Group
2013-12-09 20:10 - 2013-12-09 20:10 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\SJB\Downloads\SpyHunter-Installer.exe
2013-12-09 19:56 - 2013-12-09 19:56 - 00000000 ____D C:\Users\SJB\Desktop\Alte Firefox-Daten
2013-12-09 19:52 - 2012-08-15 19:07 - 00004078 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-257867256-564094623-2306078816-1000UA
2013-12-09 19:52 - 2012-08-15 19:07 - 00003682 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-257867256-564094623-2306078816-1000Core
2013-12-09 19:05 - 2013-01-13 10:12 - 00000000 ____D C:\Program Files (x86)\AVG
2013-12-09 19:02 - 2013-12-09 19:01 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-12-09 19:02 - 2013-12-09 19:01 - 00000000 ____D C:\Program Files\iTunes
2013-12-09 19:02 - 2013-12-09 19:01 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-12-09 19:01 - 2013-12-09 19:01 - 00000000 ____D C:\Program Files\iPod
2013-12-08 21:37 - 2009-12-02 05:12 - 00000000 ____D C:\Program Files\Google
2013-12-08 21:37 - 2009-12-02 05:12 - 00000000 ____D C:\Program Files (x86)\Google
2013-12-08 21:31 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-12-08 19:38 - 2010-11-17 18:47 - 00000000 ____D C:\Users\SJB\AppData\Local\Google
2013-12-08 19:38 - 2009-12-02 05:12 - 00000000 ____D C:\ProgramData\Google
2013-12-08 19:06 - 2011-04-29 17:57 - 00000000 ____D C:\Windows\Minidump
2013-12-08 09:29 - 2013-10-25 16:09 - 00000000 ____D C:\Users\SJB\Desktop\Neuä Sound zum sortierä
2013-12-05 17:19 - 2010-11-18 18:14 - 00000000 ____D C:\Users\SJB\AppData\Roaming\dvdcss
2013-12-03 20:32 - 2013-12-01 13:19 - 00000000 ____D C:\Users\SJB\Desktop\DAVEE
2013-12-03 18:30 - 2013-12-02 21:54 - 00000000 ____D C:\Program Files (x86)\Free mp3 Wma Converter
2013-12-03 18:15 - 2013-12-03 18:15 - 00000000 ____D C:\ProgramData\Caphyon
2013-12-03 18:14 - 2013-12-03 18:14 - 04144094 _____ (No23) C:\Users\SJB\Downloads\no23-recorder_4551.exe
2013-12-03 18:02 - 2013-12-03 18:02 - 00001425 _____ C:\Users\SJB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-03 17:59 - 2013-12-03 17:50 - 00009162 _____ C:\Windows\IE11_main.log
2013-12-03 17:52 - 2013-12-03 17:52 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-03 17:52 - 2013-12-03 17:52 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-12-03 17:52 - 2013-12-03 17:52 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-12-03 17:52 - 2013-12-03 17:52 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-03 17:52 - 2013-12-03 17:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-12-03 17:52 - 2013-12-03 17:52 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-12-03 17:52 - 2013-12-03 17:52 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-12-03 17:52 - 2013-12-03 17:52 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-12-03 17:52 - 2013-12-03 17:52 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-12-03 17:52 - 2013-12-03 17:52 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-12-03 17:52 - 2013-12-03 17:52 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-12-03 17:52 - 2013-12-03 17:52 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-03 17:52 - 2013-12-03 17:52 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-12-03 17:52 - 2013-12-03 17:52 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-12-03 17:52 - 2013-12-03 17:52 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-12-03 17:52 - 2013-12-03 17:52 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-12-03 17:52 - 2013-12-03 17:52 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-12-03 17:52 - 2013-12-03 17:52 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-12-03 17:52 - 2013-12-03 17:52 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-12-03 17:52 - 2013-12-03 17:52 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-03 17:52 - 2013-12-03 17:52 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-12-03 17:50 - 2013-12-03 17:50 - 63320784 _____ (Microsoft Corporation) C:\Users\SJB\Downloads\IE11-Windows6.1-x64-de-de.exe
2013-12-03 17:30 - 2013-12-03 17:30 - 00000000 ____D C:\Users\SJB\AppData\Roaming\Engelmann Media
2013-12-03 17:25 - 2013-12-03 17:25 - 00000000 ____D C:\Program Files (x86)\Engelmann Media
2013-12-03 17:22 - 2013-12-03 17:22 - 00567640 _____ C:\Users\SJB\Downloads\freetunes3_full-Downloader.exe
2013-12-03 16:46 - 2013-12-03 16:46 - 00000000 ____D C:\Users\SJB\AppData\Local\CrashRpt
2013-12-03 16:44 - 2013-12-03 16:44 - 00000000 ____D C:\ProgramData\RapidSolution
2013-12-03 16:44 - 2013-12-03 16:44 - 00000000 ____D C:\Program Files (x86)\Audials
2013-12-03 16:41 - 2013-12-03 16:41 - 00000000 ____D C:\Users\SJB\AppData\Local\RapidSolution
2013-12-02 21:54 - 2013-12-02 21:54 - 00000000 ____D C:\Users\SJB\AppData\Roaming\FreeAudioPack
2013-12-02 18:05 - 2013-12-01 13:18 - 00000000 ____D C:\Users\SJB\Desktop\Die Weisheit ruft - Vocal Prayerz
2013-12-01 16:48 - 2011-01-17 16:55 - 00000000 ____D C:\Users\SJB\AppData\Roaming\tixati
2013-12-01 16:47 - 2013-10-23 15:47 - 00003518 _____ C:\Windows\System32\Tasks\FileAdvisorCheck
2013-11-26 12:54 - 2013-12-12 03:02 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-26 12:39 - 2013-11-26 12:39 - 00047240 _____ (RapidSolution Software AG) C:\Windows\system32\Drivers\tbhsd.sys
2013-11-26 12:39 - 2013-11-26 12:39 - 00024744 _____ (Audials AG) C:\Windows\system32\Drivers\RrNetCapFilterDriver.sys
2013-11-26 11:19 - 2013-12-12 03:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-26 11:18 - 2013-12-12 03:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-26 11:11 - 2013-12-12 03:02 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-26 10:48 - 2013-12-12 03:02 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-26 10:46 - 2013-12-12 03:02 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-26 10:41 - 2013-12-12 03:02 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-26 10:29 - 2013-12-12 03:02 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-26 10:27 - 2013-12-12 03:02 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-26 10:23 - 2013-12-12 03:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-26 10:21 - 2013-12-12 03:02 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-26 10:18 - 2013-12-12 03:02 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-26 10:18 - 2013-12-12 03:02 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-26 10:16 - 2013-12-12 03:02 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-26 09:57 - 2013-12-12 03:02 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-26 09:38 - 2013-12-12 03:02 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-26 09:38 - 2013-12-12 03:02 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-26 09:35 - 2013-12-12 03:02 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-26 09:32 - 2013-12-12 03:02 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-26 09:28 - 2013-12-12 03:02 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-26 09:16 - 2013-12-12 03:02 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-26 09:02 - 2013-12-12 03:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-26 08:48 - 2013-12-12 03:02 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-26 08:32 - 2013-12-12 03:02 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-26 08:26 - 2013-12-12 03:02 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-26 08:07 - 2013-12-12 03:02 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-26 07:40 - 2013-12-12 03:02 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-26 07:34 - 2013-12-12 03:02 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-26 07:34 - 2013-12-12 03:02 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-26 07:33 - 2013-12-12 03:02 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-26 07:27 - 2013-12-12 03:02 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-25 18:15 - 2009-07-14 06:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-11-23 19:26 - 2013-12-12 01:18 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-11-23 18:47 - 2013-12-12 01:18 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-11-23 13:26 - 2013-11-23 13:23 - 00000000 ____D C:\Users\SJB\AppData\Roaming\WindSolutions
2013-11-23 13:25 - 2013-11-23 13:23 - 00000000 ____D C:\ProgramData\WindSolutions
2013-11-23 13:24 - 2013-11-23 13:24 - 00001372 _____ C:\Users\SJB\Desktop\CopyTrans Control Center.lnk
2013-11-23 13:24 - 2013-11-23 13:24 - 00000000 ____D C:\Users\SJB\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CopyTrans Suite
2013-11-23 13:23 - 2013-11-23 13:23 - 04279392 _____ (WindSolutions) C:\Users\SJB\Downloads\Install_CopyTrans_Suite.exe
2013-11-22 15:45 - 2013-11-22 15:45 - 00002140 _____ C:\Users\Public\Desktop\ImTOO iPhone Transfer.lnk
2013-11-22 15:45 - 2013-11-22 15:45 - 00000000 ____D C:\Users\SJB\Documents\ImTOO
2013-11-22 15:45 - 2013-11-22 15:45 - 00000000 ____D C:\Users\SJB\AppData\Roaming\ImTOO
2013-11-22 15:45 - 2013-11-22 15:45 - 00000000 ____D C:\ProgramData\ImTOO
2013-11-22 15:45 - 2013-11-22 15:45 - 00000000 ____D C:\Program Files (x86)\ImTOO
2013-11-22 15:45 - 2010-11-17 17:26 - 00000000 ____D C:\Users\SJB
2013-11-22 15:44 - 2013-11-22 15:43 - 58310824 _____ C:\Users\SJB\Downloads\iphone-transfer-de.exe
2013-11-21 22:29 - 2013-11-21 22:28 - 00153728 _____ (Amônétízé Ltd) C:\Users\SJB\Downloads\sof the.big.bang.theory.s05e18.avi.mp4__3516_i143714387_il1626242.exe
2013-11-19 03:33 - 2012-12-10 14:07 - 00267936 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-11-16 12:31 - 2013-11-16 12:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-16 11:17 - 2010-11-20 09:28 - 00000000 ____D C:\Users\SJB\AppData\Local\Adobe

Some content of TEMP:
====================
C:\Users\SJB\AppData\Local\Temp\Quarantine.exe
C:\Users\SJB\AppData\Local\Temp\SHSetup.exe
C:\Users\SJB\AppData\Local\Temp\vlc-2.1.1-win32.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-11-30 00:02

==================== End Of Log ============================

--- --- ---

--- --- ---

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-12-2013 01
Ran by SJB at 2013-12-15 09:07:53
Running from C:\Users\SJB\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

==================== Installed Programs ======================

Acer Arcade Instant On (x32 Version: 3.0.26.1)
Acer Backup Manager (x32 Version: 2.0.1.33)
Acer Bio Protection (x32 Version: 6.2.67)
Acer Crystal Eye Webcam (x32 Version: 5.2.10.2)
Acer eRecovery Management (x32 Version: 4.05.3006)
Acer GridVista (x32 Version: 3.01.0730)
Acer PowerSmart Manager (x32 Version: 4.06.3008)
Acer Registration (x32 Version: 1.02.3006)
Acer ScreenSaver (x32 Version: 1.11.0715)
Acer Updater (x32 Version: 1.01.3017)
Acer VCM (x32 Version: 4.05.3000)
Acrobat.com (x32 Version: 1.6.65)
Adobe AIR (x32 Version: 3.9.0.1030)
Adobe Community Help (x32 Version: 3.4.980)
Adobe Download Assistant (x32 Version: 1.0.5)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.170)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170)
Adobe Reader XI (11.0.05) - Deutsch (x32 Version: 11.0.05)
Apple Application Support (x32 Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (x32 Version: 2.1.3.127)
ATI AVIVO64 Codecs (Version: 10.11.0.41123)
ATI Catalyst Install Manager (Version: 3.0.750.0)
AVG 2014 (Version: 14.0.3658)
AVG 2014 (Version: 14.0.4259)
AVG 2014 (Version: 2014.0.4259)
Backup Manager Advance (x32 Version: 2.0.1.33)
Bonjour (Version: 3.0.0.10)
Broadcom Gigabit NetLink Controller (Version: 12.33.02)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center Core Implementation (x32 Version: 2009.1123.1057.19591)
Catalyst Control Center Graphics Full Existing (x32 Version: 2009.1123.1057.19591)
Catalyst Control Center Graphics Full New (x32 Version: 2009.1123.1057.19591)
Catalyst Control Center Graphics Light (x32 Version: 2009.1123.1057.19591)
Catalyst Control Center Graphics Previews Vista (x32 Version: 2009.1123.1057.19591)
Catalyst Control Center InstallProxy (x32 Version: 2009.1123.1057.19591)
Catalyst Control Center Localization All (x32 Version: 2009.1123.1057.19591)
CCC Help Chinese Standard (x32 Version: 2009.1123.1056.19591)
CCC Help Chinese Traditional (x32 Version: 2009.1123.1056.19591)
CCC Help Czech (x32 Version: 2009.1123.1056.19591)
CCC Help Danish (x32 Version: 2009.1123.1056.19591)
CCC Help Dutch (x32 Version: 2009.1123.1056.19591)
CCC Help English (x32 Version: 2009.1123.1056.19591)
CCC Help Finnish (x32 Version: 2009.1123.1056.19591)
CCC Help French (x32 Version: 2009.1123.1056.19591)
CCC Help German (x32 Version: 2009.1123.1056.19591)
CCC Help Greek (x32 Version: 2009.1123.1056.19591)
CCC Help Hungarian (x32 Version: 2009.1123.1056.19591)
CCC Help Italian (x32 Version: 2009.1123.1056.19591)
CCC Help Japanese (x32 Version: 2009.1123.1056.19591)
CCC Help Korean (x32 Version: 2009.1123.1056.19591)
CCC Help Norwegian (x32 Version: 2009.1123.1056.19591)
CCC Help Polish (x32 Version: 2009.1123.1056.19591)
CCC Help Portuguese (x32 Version: 2009.1123.1056.19591)
CCC Help Russian (x32 Version: 2009.1123.1056.19591)
CCC Help Spanish (x32 Version: 2009.1123.1056.19591)
CCC Help Swedish (x32 Version: 2009.1123.1056.19591)
CCC Help Thai (x32 Version: 2009.1123.1056.19591)
CCC Help Turkish (x32 Version: 2009.1123.1056.19591)
ccc-core-static (x32 Version: 2009.1123.1057.19591)
ccc-utility64 (Version: 2009.1123.1057.19591)
Compatibility Pack für 2007 Office System (x32 Version: 12.0.6612.1000)
D3DX10 (x32 Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)
DVD Shrink 3.2 (x32)
DVDFab 8.0.5.0 (18/11/2010) (x32)
ESET Online Scanner v3 (x32)
eSobi v2 (x32 Version: 2.0.4.000274)
File Type Advisor 1.0 (x32)
Fingerprint Solution (x32 Version: 6.1.67.0)
FormatFactory 2.70 (x32 Version: 2.70)
Free M4a to MP3 Converter 8.0 (x32)
Free YouTube to MP3 Converter version 3.11.32.918 (x32 Version: 3.11.32.918)
Google Chrome (HKCU Version: 31.0.1650.63)
iCloud (Version: 2.1.0.39)
Identity Card (x32 Version: 1.00.3003)
ImTOO iPhone Transfer (x32 Version: 5.5.6.20131113)
Intel(R) Management Engine Components (x32 Version: 6.0.0.1179)
Intel(R) Turbo Boost Technology Driver (x32 Version: 01.00.00.1030)
Intel(R) Turbo Boost Technology Monitor (Version: 1.0.186.6)
Intel® Matrix Storage Manager
IsoBuster 2.8.5 (x32 Version: 2.8.5)
iTunes (Version: 11.1.3.8)
Java 7 Update 45 (64-bit) (Version: 7.0.450)
Java 7 Update 45 (x32 Version: 7.0.450)
Java Auto Updater (x32 Version: 2.1.9.8)
JMicron 1394 Filter Driver (x32 Version: 1.00.05.00)
JMicron Flash Media Controller Driver (x32 Version: 1.00.29.02)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
Launch Manager (x32 Version: 3.0.02)
Mesh Runtime (x32 Version: 15.4.5722.2)
Messenger Companion (x32 Version: 15.4.3502.0922)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Office 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Home and Student 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Language Pack 2007 - German/Deutsch (x32 Version: 12.0.6612.1000)
Microsoft Office O MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000)
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office PowerPoint Viewer 2007 (German) (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000)
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3) (x32)
Microsoft Office SharePoint Designer MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office Suite Activation Assistant (x32 Version: 2.9)
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000)
Microsoft Office X MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (x32 Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (x32 Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Works (x32 Version: 9.7.0621)
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053)
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000)
MobileMe Control Panel (Version: 3.1.8.0)
Mozilla Firefox 25.0.1 (x86 de) (x32 Version: 25.0.1)
Mozilla Maintenance Service (x32 Version: 24.2.0)
Mozilla Thunderbird 24.2.0 (x86 de) (x32 Version: 24.2.0)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
MyWinLocker (x32 Version: 3.1.76.0)
NTI Backup Now 5 (x32 Version: 5.1.2.628)
NTI Backup Now Standard (x32 Version: 5.1.2.628)
NTI Media Maker 8 (x32 Version: 8.0.12.6630)
Nur Entfernen der CopyTrans Suite möglich (HKCU Version: 2.37)
Nuvoton CIR Device Drivers (x32 Version: 8.60.2002)
OpenOffice.org 3.2 (x32 Version: 3.2.9502)
QuickTime (x32 Version: 7.72.80.56)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.5958)
Safari (x32 Version: 5.33.21.1)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32)
Steuer 2012 13.0.2 (x32 Version: 13.0.2)
Synaptics Pointing Device Driver (Version: 14.0.6.0)
Tixati (x32)
UltraISO Premium V9.52 (x32)
Uninstall 1.0.0.1 (x32)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2494150) (x32)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (x32)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (x32)
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (x32)
Update für Microsoft Office Excel 2007 Help (KB963678) (x32)
Update für Microsoft Office Outlook 2007 Help (KB963677) (x32)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (x32)
Update für Microsoft Office Word 2007 Help (KB963665) (x32)
VIS (x32)
Visual Studio 2012 x64 Redistributables (Version: 14.0.0.1)
Visual Studio 2012 x86 Redistributables (x32 Version: 14.0.0.1)
VLC media player 2.1.1 (x32 Version: 2.1.1)
Welcome Center (x32 Version: 1.00.3008)
WIDCOMM Bluetooth Software (Version: 6.2.1.800)
Windows Driver Package - Broadcom Bluetooth  (07/30/2009 6.2.0.9405) (Version: 07/30/2009 6.2.0.9405)
Windows Driver Package - Broadcom Bluetooth  (09/11/2009 6.2.0.9407) (Version: 09/11/2009 6.2.0.9407)
Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800) (Version: 07/28/2009 6.2.0.9800)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3538.0513)
Windows Live Family Safety (Version: 15.4.3538.0513)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Mesh (x32 Version: 15.4.3502.0922)
Windows Live Mesh ActiveX control for remote connections (x32 Version: 15.4.5722.2)
Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live Sync (x32 Version: 14.0.8089.726)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
Windows Searchqu Toolbar (x32 Version: 2.0.0.94786) <==== ATTENTION
WinRAR 4.00 (64-bit) (Version: 4.00.0)

==================== Restore Points  =========================

08-12-2013 22:37:02 Geplanter Prüfpunkt
09-12-2013 05:35:06 Windows Update
09-12-2013 18:04:52 AVG PC TuneUp wird entfernt
09-12-2013 18:05:45 AVG PC TuneUp Language Pack (de-DE) wird entfernt
09-12-2013 19:16:13 Installed SpyHunter
10-12-2013 16:42:42 Removed SpyHunter
12-12-2013 02:00:29 Windows Update
15-12-2013 00:41:02 Windows Update

==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0146CAC1-6214-4EE4-844A-28CA58E4CABD} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-09-05] (Adobe Systems Incorporated)
Task: {102ED993-8F70-4CEF-AE68-D994C48F71F5} - System32\Tasks\Google Updater and Installer => C:\Users\SJB\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-15] (Google Inc.)
Task: {2960ACA8-9615-4209-A1D1-A4796CE54ED7} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-257867256-564094623-2306078816-1000Core => C:\Users\SJB\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-15] (Google Inc.)
Task: {40EEC5BE-6BAC-4E0B-9AF6-81CE65C9C27F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {577DA5ED-7AD0-4382-95D0-BC508D53CA97} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11] (Adobe Systems Incorporated)
Task: {73493610-6735-4385-800E-8F59174C5B04} - \AmiUpdXp No Task File
Task: {834CD6FE-8696-4ABB-8A63-ED6A7FCEA0D5} - System32\Tasks\Egis technology-Online-Aktualisierungsprogramm => C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [2009-08-04] (Egis Technology Inc.)
Task: {84A34294-15C9-4D9B-A36A-8F6D51DCFA82} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-257867256-564094623-2306078816-1000UA => C:\Users\SJB\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-15] (Google Inc.)
Task: {A0ECB9FD-94AB-4A8F-9005-ECEA44B476E8} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {C5AABF75-AC8F-4312-8C25-1CF6B0E10769} - System32\Tasks\0 => Chrome.exe 
Task: {C919DB14-6787-4E8F-A3F6-CD6EF8352AF1} - System32\Tasks\FileAdvisorUpdate => C:\Program Files (x86)\File Type Advisor\fileadvisor.exe [2013-07-12] (File Type Advisor)
Task: {D2769FC1-CD2E-4094-9F6B-11D5AFE27C38} - System32\Tasks\FileAdvisorCheck => C:\Program Files (x86)\File Type Advisor\file-type-advisor.exe [2013-07-12] (filetypeadvisor.com                                         )
Task: {F99DB129-4831-4230-B90E-F24839CF0803} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => C:\Windows\TEMP\{817E1214-518C-4C0D-AF54-B7ABAC0E6CD2}.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{817E1214-518C-4C0D-AF54-B7ABAC0E6CD2}.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-257867256-564094623-2306078816-1000Core.job => C:\Users\SJB\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-257867256-564094623-2306078816-1000UA.job => C:\Users\SJB\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2008-05-26 11:24 - 2008-05-26 11:24 - 00103424 _____ () C:\Program Files (x86)\Acer Bio Protection\PwdFilterV64.DLL
2009-07-29 22:10 - 2009-07-29 22:10 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2009-12-25 06:25 - 2009-12-25 06:25 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-11-01 23:26 - 2011-11-01 23:26 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2011-11-01 23:26 - 2011-11-01 23:26 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2009-02-03 02:33 - 2009-02-03 02:33 - 00460199 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
2008-09-29 02:55 - 2008-09-29 02:55 - 01076224 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll
2013-11-16 12:31 - 2013-11-16 12:31 - 03363952 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-12-13 20:16 - 2013-12-13 20:16 - 03017840 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2013-12-13 20:16 - 2013-12-13 20:16 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2013-12-13 20:16 - 2013-12-13 20:16 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:0B4227B4
AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\ProgramData\Temp:4CF61E54
AlternateDataStreams: C:\ProgramData\Temp:4D066AD2
AlternateDataStreams: C:\ProgramData\Temp:93DE1838

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"

==================== Faulty Device Manager Devices =============

Name: WD SES Device USB Device
Description: WD SES Device USB Device
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/13/2013 09:05:07 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (12/12/2013 04:56:57 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (12/12/2013 04:56:51 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (12/12/2013 04:56:51 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (12/12/2013 04:56:40 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (12/11/2013 09:05:45 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (12/10/2013 06:23:54 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (12/10/2013 06:23:50 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (12/08/2013 07:24:18 PM) (Source: Windows Backup) (User: )
Description: Die Sicherung war nicht erfolgreich. Fehler: "Eine der Sicherungsdateien konnte nicht erstellt werden. (0x8078002A)"

Error: (12/08/2013 07:24:01 PM) (Source: Microsoft-Windows-Backup) (User: NT-AUTORITÄT)
Description: Fehler bei der um 2013-12-08T18:00:32.534935000Z gestarteten Sicherung. Fehlercode: "2155348010" (%%2155348010). Suchen Sie in den Ereignisdetails nach einer Lösung, und führen Sie die Sicherung erneut aus, nachdem das Problem behoben wurde.


System errors:
=============
Error: (12/15/2013 08:23:44 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "vToolbarUpdater17.2.0" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (12/15/2013 00:02:41 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "vToolbarUpdater17.2.0" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (12/12/2013 04:46:23 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "vToolbarUpdater17.2.0" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (12/10/2013 05:39:10 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "vToolbarUpdater17.2.0" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (12/10/2013 04:21:39 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Wsys Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (12/09/2013 06:11:52 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Wsys Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (12/08/2013 11:01:31 PM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (12/08/2013 09:47:55 PM) (Source: Microsoft-Windows-LanguagePackSetup) (User: NT-AUTORITÄT)
Description: Fehler bei der CBS-Clientinitialisierung. Letzter Fehler: 0x80080005

Error: (12/08/2013 09:47:55 PM) (Source: DCOM) (User: )
Description: {752073A1-23F2-4396-85F0-8FDB879ED0ED}

Error: (12/08/2013 09:45:20 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Wsys Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2


Microsoft Office Sessions:
=========================
Error: (12/13/2013 09:05:07 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (12/12/2013 04:56:57 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\SJB\Downloads\esetsmartinstaller_enu.exe

Error: (12/12/2013 04:56:51 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\SJB\Downloads\esetsmartinstaller_enu.exe

Error: (12/12/2013 04:56:51 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\SJB\Downloads\esetsmartinstaller_enu.exe

Error: (12/12/2013 04:56:40 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\SJB\Downloads\esetsmartinstaller_enu.exe

Error: (12/11/2013 09:05:45 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (12/10/2013 06:23:54 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\SJB\Downloads\esetsmartinstaller_enu.exe

Error: (12/10/2013 06:23:50 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\SJB\Downloads\esetsmartinstaller_enu.exe

Error: (12/08/2013 07:24:18 PM) (Source: Windows Backup)(User: )
Description: Eine der Sicherungsdateien konnte nicht erstellt werden. (0x8078002A)

Error: (12/08/2013 07:24:01 PM) (Source: Microsoft-Windows-Backup)(User: NT-AUTORITÄT)
Description: 2013-12-08T18:00:32.534935000Z2155348010%%2155348010


==================== Memory info =========================== 

Percentage of memory in use: 27%
Total physical RAM: 8052.54 MB
Available physical RAM: 5876.75 MB
Total Pagefile: 16103.26 MB
Available Pagefile: 13816.48 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:450.16 GB) (Free:354.84 GB) NTFS
Drive d: (DATA) (Fixed) (Total:465.76 GB) (Free:238.17 GB) NTFS
Drive e: () (Removable) (Total:29.8 GB) (Free:0.44 GB) FAT32
Drive h: (My Book) (Fixed) (Total:2794.49 GB) (Free:145.61 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 697470E2)
Partition 1: (Not Active) - (Size=12 GB) - (Type=27)
Partition 2: (Not Active) - (Size=4 GB) - (Type=12)
Partition 3: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=450 GB) - (Type=OF Extended)

========================================================
Disk: 1 (Size: 466 GB) (Disk ID: 69747035)
Partition 1: (Not Active) - (Size=466 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 30 GB) (Disk ID: 00000000)
Partition 1: (Not Active) - (Size=30 GB) - (Type=0C)
Attempted reading MBR returned 0 bytes.
 Could not read MBR for disk 3.

==================== End Of Log ============================

schrauber · 15.12.2013, 09:17

Die Funde sind nur in der Quarantäne von AdwCLeaner und auf einem Backup auf Laufwerk E. Das backup würde ich komplett löschen.

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

AppInit_DLLs:    [ ] ()
AppInit_DLLs-x32:    [ ] ()
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
C:\Program Files\Enigma Software Group

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

SJB · 15.12.2013, 15:46

Code:

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 14-12-2013 01
Ran by SJB at 2013-12-15 15:43:46 Run:1
Running from C:\Users\SJB\Downloads
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
AppInit_DLLs:    [ ] ()
AppInit_DLLs-x32:    [ ] ()
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
C:\Program Files\Enigma Software Group
         
*****************

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs => Value was restored successfully.
HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs => Value was restored successfully.
esgiguard => Service deleted successfully.
C:\Program Files\Enigma Software Group => Moved successfully.

==== End of Fixlog ====

Wie finde und lösche ich das Backup auf Laufwerk E..?
Und wie behandle ich die Quarantäne vom Adwarecleaner?

Besten Dank für Deine Hilfe !!

schrauber · 16.12.2013, 09:42

Adw löschen wir nachher. Schau einfach ins Log von ESET

E:\SJB-PC\Backup Set 2013-01-11

als Beispiel. Diesen Ordner löschen, weiter so mit allen im ESET Log genannten Ordnern.

SJB · 19.12.2013, 23:31

So..

Die besagten Ordner sind nun Geschichte (und das Ungeziefer hoffentlich auch..)

Nun habe ich aber seither ein neues "Problem": Ich streame jeweils Serien auf kkiste.to. Seit ich nun meine Browser bereinigt habe, wird diese Seite bei jedem Start und jedem Klick auf der Seite mit unzähligen Werbe-Pop-ups, unseriösester Art, zugemüllt und erschwert und behindert das streamen emens..

hatte ich davor möglicherweise ein Add-on oder Plug-in, welches diesen Dreck blockt..?

Des weiteren höre ich immer wieder, dass man die Registry von Zeit zu Zeit säubern sollte, hab dazu aber bis jetzt nicht die optimale/notwenige seriöse Lösung bzw. Programm dafür gefunden.. (?)

Vielen vielen Dank für ein paar gute Tipps

schrauber · 20.12.2013, 16:28

Finger weg von der REgistry, dieses Gelaber ist ist Schwachsinn. Schau mal nach Adblock Plus oder Adblock Edge als Addon.

16.12.2013, 09:42	#6
schrauber /// the machine /// TB-Ausbilder	Windows 7: BetterSurf, Yontoo und Bandoo haben sich eingenistet Adw löschen wir nachher. Schau einfach ins Log von ESET E:\SJB-PC\Backup Set 2013-01-11 als Beispiel. Diesen Ordner löschen, weiter so mit allen im ESET Log genannten Ordnern. __________________ --> Windows 7: BetterSurf, Yontoo und Bandoo haben sich eingenistet

20.12.2013, 16:28	#8
schrauber /// the machine /// TB-Ausbilder	Windows 7: BetterSurf, Yontoo und Bandoo haben sich eingenistet Finger weg von der REgistry, dieses Gelaber ist ist Schwachsinn. Schau mal nach Adblock Plus oder Adblock Edge als Addon. __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Windows 7: BetterSurf, Yontoo und Bandoo haben sich eingenistet

Plagegeister aller Art und deren Bekämpfung: Windows 7: BetterSurf, Yontoo und Bandoo haben sich eingenistet