Einloggen auf diversen Seiten nicht möglich

eastside86 · 28.12.2013, 10:16

Hallo,

Habe seit langer Zeit mal wieder meinen Laptop in Benutzung und mir ist aufgefallen das ich mich z.b. bei Paypal nicht einloggen kann. beim Login erscheint "Webseite nicht mehr verfügbar" ERR_CONNECTION_RESET. Als Firwall habe ich Eset Smart Security Virenscanner von Eset ist durchgelaufen ohne Befunde. Als Browser benutze ich Chrome, da erscheint teilweise ein Pop-up zu einer Remoteverbindung zu revsci.net . Habe das Gefühl das Eset mit alle sicheren Seiten sperrt. Defogger durchlaufen lassen. Keine Meldung ausgespuckt. Die anderen 3 Logfiles sind im Anhang. Hab von Eset auch noch ein Logfile an gehangen. Ich hoffe das meine Firewall bloß der Verursacher ist. Merci

Mfg Eric

schrauber · 28.12.2013, 12:30

Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

eastside86 · 28.12.2013, 19:09

Hallo,

Habe seit langer Zeit mal wieder meinen Laptop in Benutzung und mir ist aufgefallen das ich mich z.b. bei Paypal nicht einloggen kann. beim Login erscheint "Webseite nicht mehr verfügbar" ERR_CONNECTION_RESET. Als Firwall habe ich Eset Smart Security Virenscanner von Eset ist durchgelaufen ohne Befunde. Als Browser benutze ich Chrome, da erscheint teilweise ein Pop-up zu einer Remoteverbindung zu revsci.net . Habe das Gefühl das Eset mit alle sicheren Seiten sperrt. Defogger durchlaufen lassen. Keine Meldung ausgespuckt. Die anderen 3 Logfiles sind im Anhang. Hab von Eset auch noch ein Logfile an gehangen. Ich hoffe das meine Firewall bloß der Verursacher ist.
Merci

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 27-12-2013 01
Ran by media at 2013-12-27 21:37:23
Running from C:\Users\media\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: ESET Smart Security 6.0 (Enabled - Up to date) {77DEAFED-8149-104B-25A1-21771CA47CD1}
AS: COMODO Defense+ (Disabled - Up to date) {1C31E4C3-A132-6AC6-4A85-4415E7D88418}
AS: ESET Smart Security 6.0 (Enabled - Up to date) {CCBF4E09-A773-1FC5-1F11-1A056723366C}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personal Firewall (Enabled) {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}

==================== Installed Programs ======================

[verify-U] AVS 2.1.9 (Version: 2.1.9)
32 Bit HP CIO Components Installer (Version: 3.1.1)
8000A809 (Version: 50.0.165.000)
8000A809_eDocs (Version: 50.0.165.000)
8000A809_Help (Version: 1.00.0000)
Acer Arcade Deluxe (Version: 2.5.6918)
Acer Bio Protection (Version: 6.1.20)
Acer Crystal Eye webcam Ver:1.1.79.326 (Version: 1.1.79.326)
Acer eRecovery Management (Version: 4.00.3005)
Acer GridVista (Version: 2.72.317)
Acer PowerSmart Manager (Version: 4.01.3006)
Acer Product Registration (Version: 3.0.0.10)
Acer ScreenSaver
Acer VCM (Version: 4.00.3004)
Ad-Aware
Ad-Aware (Version: 8.1.0)
Adobe Flash Player 10 ActiveX (Version: 10.0.12.36)
Adobe Flash Player 11 Plugin (Version: 11.3.300.265)
Adobe Reader X (10.1.4) - Deutsch (Version: 10.1.4)
Agere Systems HDA Modem
Airport Mania First Flight
AmIcoSingLun (Version: 1.2.117.1)
Apple Application Support (Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (Version: 2.1.3.127)
ArcSoft TotalMedia Theatre 5 (Version: 5.3.1.146)
Bitvise SSH Client 4.62 (remove only)
Bonjour (Version: 3.0.0.10)
BPDSoftware (Version: 50.0.165.000)
BPDSoftware_Ini (Version: 1.00.0000)
Broadcom Gigabit NetLink Controller (Version: 11.34.02)
BufferChm (Version: 120.0.194.000)
C:\Program Files\Acer GameZone\GameConsole (Version: 2.0.1.5)
Cake Mania 2
Choice Guard (Version: 1.2.87.0)
Compatibility Pack für 2007 Office System (Version: 12.0.6612.1000)
Cooking Dash
Cradle of Rome
Dairy Dash
DeviceDiscovery (Version: 120.0.194.000)
Diskeeper Lite (Version: 7.0.418)
Dream Day Honeymoon
Dream Day Wedding
ESET Smart Security (Version: 7.0.302.26)
Fingerprint Solution (Version: 6.1.20.0)
Firebird SQL Server - MAGIX Edition (Version: 2.1.31.0)
Free Audio CD Burner version 1.2
Free YouTube to MP3 Converter version 3.2
Galapago
Google Chrome (HKCU Version: 30.0.1599.101)
Google Desktop (Version: 5.9.0909.30391)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Gothic III (Version: 1.00.0000)
GPBaseService2 (Version: 120.0.194.000)
HP Customer Participation Program 12.0 (Version: 12.0)
HP Imaging Device Functions 12.0 (Version: 12.0)
HP Officejet Pro 8000 A809 Series (Version: 12.0)
HP Smart Web Printing (Version: 4.05)
HP Solution Center 12.0 (Version: 12.0)
HP Update (Version: 4.000.011.006)
HP Web Jetadmin 10.3 (Version: 10.03.0020)
HPProductAssistant (Version: 120.0.194.000)
inSSIDer Office (Version: 3.1.1.6)
iTunes (Version: 11.1.1.11)
Java 7 Update 40 (Version: 7.0.400)
Java Auto Updater (Version: 2.1.9.8)
Java(TM) 6 Update 33 (Version: 6.0.330)
Jewel Quest Solitaire
Junk Mail filter update (Version: 14.0.8050.1202)
K-Lite Codec Pack 6.0.4 (Basic) (Version: 6.0.4)
Launch Manager (Version: 2.0.01)
Luxor 2
MAGIX Speed burnR (MSI) (Version: 7.0.2.6)
MAGIX Video deluxe 2013 Plus (Demo) (Version: 1.0.0.0)
MAGIX Video deluxe 2013 Plus (Designelemente) (Version: 1.0.0.0)
MAGIX Video deluxe 2013 Plus (Filmvorlagen) (Version: 1.0.0.0)
MAGIX Video deluxe 2013 Plus (Fotoshow Maker-Stile 1) (Version: 1.0.0.0)
MAGIX Video deluxe 2013 Plus (Fotoshow Maker-Stile 2) (Version: 1.0.0.0)
MAGIX Video deluxe 2013 Plus (Individuelle Menüvorlagen) (Version: 1.0.0.0)
MAGIX Video deluxe 2013 Plus (Menüvorlagen 1) (Version: 1.0.0.0)
MAGIX Video deluxe 2013 Plus (Menüvorlagen 2) (Version: 1.0.0.0)
MAGIX Video deluxe 2013 Plus (Soundtrack Maker-Stile) (Version: 1.0.0.0)
MAGIX Video deluxe 2013 Plus (Titeleffekte) (Version: 1.0.0.0)
MAGIX Video deluxe 2013 Plus (Tutorials) (Version: 1.0.0.0)
MAGIX Video deluxe 2013 Plus (Überblendeffekte) (Version: 1.0.1.0)
MAGIX Video deluxe 2013 Plus (Version: 12.0.0.32)
MAGIX Video deluxe Plus 2013 Update (Version: 12.0.3.4)
Mahjong Escape Ancient China
MarketResearch (Version: 120.0.226.000)
Mein CEWE FOTOBUCH (Version: 5.1.2)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Automated Troubleshooting Services Shim
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint Viewer 2007 (German) (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Suite Activation Assistant (Version: 2.9)
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft SQL Server 2005 Express Edition (HPWJA) (Version: 9.4.5000.00)
Microsoft SQL Server Native Client (Version: 9.00.5000.00)
Microsoft SQL Server Setup Support Files (English) (Version: 9.00.5000.00)
Microsoft SQL Server VSS Writer (Version: 9.00.5000.00)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (Version: 9.0.21022)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (Version: 9.0.30411)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Works (Version: 9.7.0621)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
myPrintMileage (Officejet Pro 8000 A809) (Version: 1.00.0000)
MyWinLocker (Version: 3.1.36.0)
Network (Version: 120.0.194.000)
Nmap 6.40
NTI Backup Now 5 (Version: 5.1.2.616)
NTI Backup Now Standard (Version: 5.1.2.616)
NTI Media Maker 8 (Version: 8.0.2.6509)
Nuvoton EC Generic HID Driver (Version: 7.80.5000)
NVIDIA Drivers (Version: 1.3)
O&O Defrag Free Edition (Version: 14.1.431)
Ocean Express
OpenOffice 4.0.1 (Version: 4.01.9714)
Orion (Version: 2.5.0)
Parking Dash
PC Tools Registry Tool (Version: 1.0.0.14)
ProductContext (Version: 50.0.165.000)
Puzzle Express
QuickTime (Version: 7.74.80.86)
Realtek High Definition Audio Driver (Version: 6.0.1.5807)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30126)
Recuva (Version: 1.48)
simplitec simplicheck (Version: 1.2.6.0)
SmartWebPrinting (Version: 120.0.194.000)
SolutionCenter (Version: 120.0.194.000)
Status (Version: 120.0.194.000)
Synaptics Pointing Device Driver (Version: 12.1.0.0)
Synology Assistant (remove only)
System Explorer 3.9.9
The KMPlayer (remove only)
Toolbox (Version: 120.0.194.000)
Tradewinds 2
TrayApp (Version: 120.0.194.000)
Tri-Peaks Solitaire To Go
Trojan Remover 6.8.8 (Version: 6.8.8)
TuneUp Utilities 2014 (Version: 14.0.1000.110)
Turbo Pizza
Uninstall 1.0.0.1
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Visual C++ 2008 x86 Runtime - (v9.0.30729) (Version: 9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01 (Version: 9.0.30729.01)
Visual C++ 9.0 CRT (x86) WinSXS MSM (Version: 9.0)
VLC media player 2.0.8 (Version: 2.0.8)
WebReg (Version: 120.0.194.000)
Wedding Dash
Windows Live Anmelde-Assistent (Version: 5.000.818.6)
Windows Live Call (Version: 14.0.8050.1202)
Windows Live Communications Platform (Version: 14.0.8050.1202)
Windows Live Essentials (Version: 14.0.8050.1202)
Windows Live Fotogalerie (Version: 14.0.8051.1204)
Windows Live Mail (Version: 14.0.8050.1202)
Windows Live Messenger (Version: 14.0.8050.1202)
Windows Live Sync (Version: 14.0.8050.1202)
Windows Live Writer (Version: 14.0.8050.1202)
Windows Live-Uploadtool (Version: 14.0.8014.1029)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WinPcap 4.1.2 (Version: 4.1.0.2001)
WinSCP 5.5 (Version: 5.5)
xp-AntiSpy 3.98-2
YouTube Song Downloader (Version: 8.2)
Zuma Deluxe

==================== Restore Points  =========================

02-11-2013 17:26:18 Geplanter Prüfpunkt
10-11-2013 11:44:22 TuneUp Utilities 2014 wird entfernt
10-11-2013 11:46:04 TuneUp Utilities 2014 (de-DE) wird entfernt
14-12-2013 13:43:49 ESET Smart Security wurde installiert
24-12-2013 13:12:23 Installed inSSIDer Office
27-12-2013 13:17:35 AA11
27-12-2013 13:21:45 AA11
27-12-2013 13:27:01 AA11

==================== Hosts content: ==========================

2006-11-02 11:23 - 2013-12-27 21:19 - 00000975 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1            localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {0264D502-FB3A-4F08-81B3-6207DDA8951E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {36164E30-F954-4AA5-969B-AC969B05ABE7} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-12-03] (Lavasoft)
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {4304DE13-62CE-4361-B51D-91D40130784D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2672782871-3250023215-57372798-1000UA => C:\Users\media\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-01] (Google Inc.)
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\System32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {8D3046FC-6BDC-4CBF-AF95-2B71A29C436A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2672782871-3250023215-57372798-1001Core => C:\Users\Bettina\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-05] (Google Inc.)
Task: {9EDDE4A2-E8A5-4C4A-800E-45B5B3FFBE83} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2672782871-3250023215-57372798-1001UA => C:\Users\Bettina\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-05] (Google Inc.)
Task: {A99B5328-32A6-4679-BE62-3F62B33C7978} - System32\Tasks\Acer\Burn Notification => C:\Program Files\Acer\Acer eRecovery Management\NotificationCenter\Notification.exe [2009-02-05] (Acer)
Task: {BF9E1EE8-949A-4486-BA4A-5AFD3F7ED53B} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => C:\Program Files\Windows Defender\MpCmdRun.exe [2008-01-21] (Microsoft Corporation)
Task: {E1A9724D-7E3A-46DC-842B-5000998C4B9B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2672782871-3250023215-57372798-1000Core => C:\Users\media\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-01] (Google Inc.)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\System32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2672782871-3250023215-57372798-1000Core.job => C:\Users\media\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2672782871-3250023215-57372798-1000UA.job => C:\Users\media\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2672782871-3250023215-57372798-1001Core.job => C:\Users\Bettina\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2672782871-3250023215-57372798-1001UA.job => C:\Users\Bettina\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-07-26 17:04 - 2010-06-02 09:00 - 03827200 _____ () C:\Program Files\K-Lite Codec Pack\ffdshow\ffdshow.ax
2009-07-04 21:31 - 2003-06-07 22:30 - 00057344 _____ () C:\Program Files\Launch Manager\PowerUtl.dll
2013-10-20 12:48 - 2013-10-09 01:02 - 04055504 _____ () C:\Users\media\AppData\Local\Google\Chrome\Application\30.0.1599.101\pdf.dll
2013-10-20 12:48 - 2013-10-09 01:02 - 00415184 _____ () C:\Users\media\AppData\Local\Google\Chrome\Application\30.0.1599.101\ppGoogleNaClPluginChrome.dll
2013-10-20 12:48 - 2013-10-09 01:01 - 01604560 _____ () C:\Users\media\AppData\Local\Google\Chrome\Application\30.0.1599.101\ffmpegsumo.dll
2013-10-20 12:48 - 2013-10-09 01:02 - 13584336 _____ () C:\Users\media\AppData\Local\Google\Chrome\Application\30.0.1599.101\PepperFlash\pepflashplayer.dll
2013-10-20 12:48 - 2013-10-09 01:01 - 00698832 _____ () C:\Users\media\AppData\Local\Google\Chrome\Application\30.0.1599.101\libglesv2.dll
2013-10-20 12:48 - 2013-10-09 01:01 - 00099792 _____ () C:\Users\media\AppData\Local\Google\Chrome\Application\30.0.1599.101\libegl.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:41099CE9
AlternateDataStreams: C:\ProgramData\Temp:4F636E25
AlternateDataStreams: C:\ProgramData\Temp:798A3728
AlternateDataStreams: C:\ProgramData\Temp:8750DCE4
AlternateDataStreams: C:\ProgramData\Temp:9E22BBE8
AlternateDataStreams: C:\ProgramData\Temp:B203B914
AlternateDataStreams: C:\ProgramData\Temp:B623B5B8
AlternateDataStreams: C:\ProgramData\Temp:BB24555F
AlternateDataStreams: C:\ProgramData\Temp:CB0AACC9
AlternateDataStreams: C:\ProgramData\Temp:CDFF58FE
AlternateDataStreams: C:\ProgramData\Temp:CE0A077E
AlternateDataStreams: C:\ProgramData\Temp:D74B6CF5
AlternateDataStreams: C:\ProgramData\Temp:DCAF903C
AlternateDataStreams: C:\ProgramData\Temp:DFC5A2B2
AlternateDataStreams: C:\ProgramData\Temp:E1982A23

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Lavasoft Ad-Aware Service => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\[verify-U] => ""="Service"

==================== Faulty Device Manager Devices =============

Name: Officejet Pro 8000 A809
Description: Officejet Pro 8000 A809
Class Guid: {4d36e979-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/27/2013 09:36:05 PM) (Source: Windows Search Service) (User: )
Description: Fehler beim Laden des Protokollhandlers Search.OneIndexHandler.1. Fehlerbeschreibung: Das angegebene Modul wurde nicht gefunden.  .

Error: (12/27/2013 09:33:59 PM) (Source: Windows Search Service) (User: )
Description: Fehler beim Laden des Protokollhandlers Search.OneIndexHandler.1. Fehlerbeschreibung: Das angegebene Modul wurde nicht gefunden.  .

Error: (12/27/2013 09:32:18 PM) (Source: Windows Search Service) (User: )
Description: Fehler beim Laden des Protokollhandlers Search.OneIndexHandler.1. Fehlerbeschreibung: Das angegebene Modul wurde nicht gefunden.  .

Error: (12/27/2013 09:27:45 PM) (Source: Windows Search Service) (User: )
Description: Fehler beim Laden des Protokollhandlers Search.OneIndexHandler.1. Fehlerbeschreibung: Das angegebene Modul wurde nicht gefunden.  .

Error: (12/27/2013 09:25:08 PM) (Source: Windows Search Service) (User: )
Description: Fehler beim Laden des Protokollhandlers Search.OneIndexHandler.1. Fehlerbeschreibung: Das angegebene Modul wurde nicht gefunden.  .

Error: (12/27/2013 09:15:32 PM) (Source: Windows Search Service) (User: )
Description: Fehler beim Laden des Protokollhandlers Search.OneIndexHandler.1. Fehlerbeschreibung: Das angegebene Modul wurde nicht gefunden.  .

Error: (12/27/2013 09:12:07 PM) (Source: Windows Search Service) (User: )
Description: Fehler beim Laden des Protokollhandlers Search.OneIndexHandler.1. Fehlerbeschreibung: Das angegebene Modul wurde nicht gefunden.  .

Error: (12/27/2013 09:09:50 PM) (Source: Windows Search Service) (User: )
Description: Fehler beim Laden des Protokollhandlers Search.OneIndexHandler.1. Fehlerbeschreibung: Das angegebene Modul wurde nicht gefunden.  .

Error: (12/27/2013 09:05:38 PM) (Source: Windows Search Service) (User: )
Description: Fehler beim Laden des Protokollhandlers Search.OneIndexHandler.1. Fehlerbeschreibung: Das angegebene Modul wurde nicht gefunden.  .

Error: (12/27/2013 03:41:00 PM) (Source: Windows Search Service) (User: )
Description: Fehler beim Laden des Protokollhandlers Search.OneIndexHandler.1. Fehlerbeschreibung: Das angegebene Modul wurde nicht gefunden.  .


System errors:
=============
Error: (12/27/2013 09:23:51 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (12/27/2013 09:23:47 PM) (Source: Service Control Manager) (User: )
Description: Windows Media Player-NetzwerkfreigabedienstUPnP-Gerätehost%%1058

Error: (12/27/2013 09:23:45 PM) (Source: Service Control Manager) (User: )
Description: HPWJA Service%%1053

Error: (12/27/2013 09:23:45 PM) (Source: Service Control Manager) (User: )
Description: 30000HPWJA Service

Error: (12/27/2013 09:23:45 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (12/27/2013 09:23:45 PM) (Source: Service Control Manager) (User: )
Description: Lavasoft Ad-Aware Service%%1053

Error: (12/27/2013 09:23:45 PM) (Source: Service Control Manager) (User: )
Description: 30000Lavasoft Ad-Aware Service

Error: (12/27/2013 09:22:49 PM) (Source: HTTP) (User: )
Description: \Device\Http\ReqQueue0.0.0.0:8000

Error: (12/27/2013 09:15:02 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (12/27/2013 09:14:56 PM) (Source: Service Control Manager) (User: )
Description: Windows Media Player-NetzwerkfreigabedienstUPnP-Gerätehost%%1058


Microsoft Office Sessions:
=========================
Error: (08/17/2013 08:20:24 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1783 seconds with 1020 seconds of active time.  This session ended with a crash.


==================== Memory info =========================== 

Percentage of memory in use: 63%
Total physical RAM: 3066.08 MB
Available physical RAM: 1111.63 MB
Total Pagefile: 6335.23 MB
Available Pagefile: 4044.97 MB
Total Virtual: 2047.88 MB
Available Virtual: 1904.38 MB

==================== Drives ================================

Drive c: (ACER) (Fixed) (Total:452.99 GB) (Free:300.07 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (PS3) (CDROM) (Total:0.08 GB) (Free:0 GB) CDFS
Drive r: (RamDisk) (Fixed) (Total:0.5 GB) (Free:0.5 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: B0CDA849)
Partition 1: (Not Active) - (Size=10 GB) - (Type=27)
Partition 2: (Active) - (Size=453 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=3 GB) - (Type=12)

==================== End Of Log ============================

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 27-12-2013 01
Ran by media (administrator) on MEDIA-PC on 27-12-2013 21:36:52
Running from C:\Users\media\Downloads
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Egis Technology Inc.) C:\Program Files\Acer Bio Protection\CompPtcVUI.exe
(ArcSoft, Inc.) C:\Program Files\Common Files\ArcSoft\esinter\Bin\eservutil.exe
(Agere Systems) C:\Windows\System32\agrsmsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
(Executive Software International, Inc.) C:\Program Files\Executive Software\DiskeeperLite\DKService.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
(Egis Technology Inc.) C:\Program Files\Acer Bio Protection\BASVC.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(EgisTec Inc.) C:\Program Files\EgisTec\MyWinLocker 3\x86\MWLService.exe
(NewTech Infosystems, Inc.) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
(Acer Incorporated) C:\Program Files\Acer\Acer VCM\RS_Service.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
() C:\Program Files\Synology\Assistant\UsbClientService.exe
(Cybit AG) C:\Program Files\[verify-U] AVS\[verify-U]-Service.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
() C:\Windows\PLFSetI.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\LManager.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodtray.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Google Inc.) C:\Users\media\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Realtek Semiconductor Corp.) C:\RtkBtMnt.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Users\media\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\media\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\media\AppData\Local\Google\Chrome\Application\chrome.exe
(MAGIX AG) C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
(Google Inc.) C:\Users\media\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\media\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\media\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Google Inc.) C:\Users\media\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\media\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] - RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [6957600 2009-03-11] (Realtek Semiconductor)
HKLM\...\Run: [PLFSetI] - C:\Windows\PLFSetI.exe [200704 2009-08-07] ()
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1410344 2008-12-05] (Synaptics, Inc.)
HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe [715296 2009-03-11] (Acer Incorporated)
HKLM\...\Run: [LManager] - C:\Program Files\Launch Manager\LManager.exe [870920 2009-02-24] (Dritek System Inc.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [OODefragTray] - C:\Program Files\OO Software\Defrag\oodtray.exe [2729800 2011-01-25] (O&O Software GmbH)
HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET Smart Security\egui.exe [5110672 2013-09-12] (ESET)
HKLM\...\Run: [TrojanScanner] - C:\Program Files\Trojan Remover\Trjscan.exe [1658640 2013-11-11] (Simply Super Software)
HKCU\...\Run: [GoogleChromeAutoLaunch_8F845A354B06725D1522ED10EA9CFB1F] - C:\Users\media\AppData\Local\Google\Chrome\Application\chrome.exe [844752 2013-10-09] (Google Inc.)
HKCU\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\wmpnscfg.exe [202240 2008-01-21] (Microsoft Corporation)
HKCU\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2009-08-07] (Google Inc.)
HKCU\...\Policies\system: [LogonHoursAction] 2
HKCU\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
MountPoints2: {153c796d-ee0c-11e1-ae42-001f1698f2c3} - F:\Windows\CHECK\DriveNavigator.exe
MountPoints2: {2801413e-688f-11de-906a-806e6f6e6963} - D:\Setup.exe
HKU\Bettina\...\Run: [ProductReg] - C:\Program Files\Acer\WR_PopUp\ProductReg.exe [ 2008-11-17] (Acer)
HKU\Bettina\...\Run: [Google Update] - C:\Users\Bettina\AppData\Local\Google\Update\GoogleUpdate.exe [ 2012-08-05] (Google Inc.)
HKU\Bettina\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\wmpnscfg.exe [ 2008-01-21] (Microsoft Corporation)
HKU\Bettina\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [ 2009-08-07] (Google Inc.)
HKU\Bettina\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [ 2013-05-01] (Apple Inc.)
HKU\Bettina\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\System32\Macromed\Flash\FlashUtil10a.exe [ 2008-10-05] (Adobe Systems, Inc.)
HKU\Bettina\...\Policies\system: [LogonHoursAction] 2
HKU\Bettina\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default\...\Run: [ProductReg] - C:\Program Files\Acer\WR_PopUp\ProductReg.exe [ 2008-11-17] (Acer)
HKU\Default\...\RunOnce: [ScrSav] - C:\Windows\Screensavers\Acer\run_Acer.exe [ 2009-01-21] (TODO: <Company name>)
HKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default User\...\Run: [ProductReg] - C:\Program Files\Acer\WR_PopUp\ProductReg.exe [ 2008-11-17] (Acer)
HKU\Default User\...\RunOnce: [ScrSav] - C:\Windows\Screensavers\Acer\run_Acer.exe [ 2009-01-21] (TODO: <Company name>)
HKU\Gast\...\Run: [ProductReg] - C:\Program Files\Acer\WR_PopUp\ProductReg.exe [ 2008-11-17] (Acer)
HKU\Gast\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [ 2013-05-01] (Apple Inc.)
AppInit_DLLs: C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll [ 2009-10-31] (Google)
Lsa: [Notification Packages] c:\Program Files\Acer Bio Protection\PwdFilter

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0709&m=aspire_7738
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0709&m=aspire_7738
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://global.acer.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0709&m=aspire_7738
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0709&m=aspire_7738
SearchScopes: HKLM - DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKLM - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKCU - {70D46D94-BF1E-45ED-B567-48701376298E} URL = hxxp://127.0.0.1:4664/search&s=L0j3lVx_K5GrFy5FQS9XhkdkwKw?q={searchTerms}
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {FC11A119-C2F7-46F4-9E32-937ABA26816E} file:///D:/CDViewer/CDVIEWER/CdViewer.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Acer\Acer VCM\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Winsock: Catalog9 01 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 02 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 03 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 04 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 05 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 06 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 07 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 08 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 21 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.250

FireFox:
========
FF ProfilePath: C:\Users\media\AppData\Roaming\Mozilla\Firefox\Profiles\yhk3is3u.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_265.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin,version=10.40.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.40.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8051.1204 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @phonostar.de/phonostar - C:\Program Files\phonostar-Player\npphonostarDetectNP.dll No File
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\media\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\media\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2
FF Extension: No Name - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2
FF Extension: No Name - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2

========================== Services (Whitelisted) =================

R2 ADExchange; C:\Program Files\Common Files\ArcSoft\esinter\Bin\eservutil.exe [43072 2012-03-19] (ArcSoft, Inc.)
R2 CLHNService; C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [75048 2009-05-20] ()
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [723632 2009-12-03] (COMODO)
R2 Diskeeper; C:\Program Files\Executive Software\DiskeeperLite\DKService.exe [176128 2002-10-16] (Executive Software International, Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1337752 2013-09-12] (ESET)
R2 ePowerSvc; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [666144 2009-03-11] (Acer Incorporated)
R2 Fabs; C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe [1840128 2011-05-24] (MAGIX AG)
S3 FirebirdServerMAGIXInstance; C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®)
S3 GoogleDesktopManager-093009-130223; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2009-10-31] (Google)
S2 HPWJAService; C:\Program Files\Hewlett-Packard\Web Jetadmin 10\bin\HPWJAService.exe [45056 2012-12-20] (Hewlett-Packard Development Company, L.P.)
S2 HPWSProAdapter; C:\Program Files\Hewlett-Packard\Web Jetadmin 10\HPWSProAdapter\FileSystems\Core\bin\XP-x86\release\HP.Dss.App.WinService.exe [9728 2012-11-02] (Hewlett-Packard)
R2 IGBASVC; c:\Program Files\Acer Bio Protection\BASVC.exe [3440640 2009-02-13] (Egis Technology Inc.)
S2 Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [1184912 2009-12-03] (Lavasoft)
R2 MSSQL$HPWJA; C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
S4 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)
R2 MWLService; C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe [306736 2008-10-27] (EgisTec Inc.)
R2 NTISchedulerSvc; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [144632 2008-09-23] (NewTech Infosystems, Inc.)
R2 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [2336072 2011-01-25] (O&O Software GmbH)
R2 RS_Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [237568 2008-11-27] (Acer Incorporated)
S3 SystemExplorerHelpService; C:\Program Files\System Explorer\service\SystemExplorerService.exe [567256 2012-08-21] (Mister Group)
R2 UsbClientService; C:\Program Files\Synology\Assistant\UsbClientService.exe [248704 2012-09-18] ()
R2 [verify-U]; C:\Program Files\[verify-U] AVS\[verify-U]-Service.exe [143360 2008-01-28] (Cybit AG)
S3 msiserver; 

==================== Drivers (Whitelisted) ====================

R0 AlfaFF; C:\Windows\System32\drivers\AlfaFF.sys [42608 2009-02-13] (Alfa Corporation)
R1 ArcSec; C:\Windows\System32\drivers\ArcSec.sys [198720 2011-11-10] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [281760 2009-10-31] ()
R3 busenum; C:\Windows\System32\DRIVERS\busenum.sys [45792 2012-08-03] (Windows (R) Win 7 DDK provider)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [29520 2009-12-03] (COMODO)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [188808 2013-09-17] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [134248 2013-09-17] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [174400 2013-09-17] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [37416 2013-09-17] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [49240 2013-09-17] (ESET)
R2 FPSensor; C:\Windows\System32\Drivers\FPSensor.sys [26928 2008-12-24] (Egis)
R3 hidshim; C:\Windows\System32\DRIVERS\hidshim.sys [5632 2008-10-08] (Windows (R) Codename Longhorn DDK provider)
R2 int15; c:\Windows\system32\drivers\int15.sys [69632 2009-02-13] ()
R0 Lbd; C:\Windows\System32\DRIVERS\Lbd.sys [64288 2009-09-23] (Lavasoft AB)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2009-10-31] ()
R2 mwlPSDFilter; C:\Windows\System32\DRIVERS\mwlPSDFilter.sys [19504 2008-10-09] (Egis Incorporated.)
R2 mwlPSDNServ; C:\Windows\System32\DRIVERS\mwlPSDNServ.sys [16432 2008-10-09] (Egis Incorporated.)
R2 mwlPSDVDisk; C:\Windows\System32\DRIVERS\mwlPSDVDisk.sys [59952 2008-10-09] (Egis Incorporated.)
R2 npf; C:\Windows\System32\drivers\npf.sys [35088 2013-07-28] (CACE Technologies, Inc.)
R3 nuvotonhidgeneric; C:\Windows\System32\DRIVERS\nuvotonhidgeneric.sys [22528 2008-10-08] (Nuvoton Technology Corporation)
R0 PCTCore; C:\Windows\System32\drivers\PCTCore.sys [368616 2012-10-22] (PC Tools)
R0 pctDS; C:\Windows\System32\drivers\pctDS.sys [342168 2012-02-28] (PC Tools)
R0 pctEFA; C:\Windows\System32\drivers\pctEFA.sys [909728 2012-02-28] (PC Tools)
R1 PCTSD; C:\Windows\System32\Drivers\PCTSD.sys [202280 2012-11-01] (PC Tools)
R0 RRamdisk; C:\Windows\System32\DRIVERS\rramdisk.sys [12288 2012-08-04] (gavotte)
R1 [verify-U]_System; C:\Windows\System32\drivers\[verify-U]-driver.sys [16128 2007-11-07] (Cybits AG)
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl [87536 2009-09-18] (CyberLink Corp.)
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-27 21:37 - 2013-12-27 21:37 - 00003590 _____ C:\log3
2013-12-27 21:37 - 2013-12-27 21:37 - 00003170 _____ C:\log1
2013-12-27 21:36 - 2013-12-27 21:37 - 00020866 _____ C:\Users\media\Downloads\FRST.txt
2013-12-27 21:36 - 2013-12-27 21:36 - 01063657 _____ (Farbar) C:\Users\media\Downloads\FRST.exe
2013-12-27 21:36 - 2013-12-27 21:36 - 00049610 _____ C:\modules00
2013-12-27 21:36 - 2013-12-27 21:36 - 00000126 _____ C:\users00
2013-12-27 21:36 - 2013-12-27 21:36 - 00000003 _____ C:\others
2013-12-27 21:36 - 2013-12-27 21:36 - 00000000 ____D C:\FRST
2013-12-27 21:34 - 2013-12-27 21:34 - 00000472 _____ C:\Users\media\Downloads\defogger_disable.log
2013-12-27 21:34 - 2013-12-27 21:34 - 00000000 _____ C:\Users\media\defogger_reenable
2013-12-27 21:33 - 2013-12-27 21:33 - 00050477 _____ C:\Users\media\Downloads\Defogger.exe
2013-12-27 21:29 - 2013-12-27 21:29 - 00012312 _____ C:\Users\media\Downloads\hijackthis.log
2013-12-27 21:27 - 2013-12-27 21:27 - 00388608 _____ (Trend Micro Inc.) C:\Users\media\Downloads\HijackThis.exe
2013-12-27 21:25 - 2013-12-27 21:25 - 00002052 ___HT C:\etilqs_vUTtvclzcBJYiMx
2013-12-27 21:24 - 2013-12-27 21:24 - 00016400 ___HT C:\etilqs_hPQHLe5ZUxkOpsS
2013-12-27 21:23 - 2013-12-27 21:23 - 00002311 _____ C:\HPSLPSVC0068.log
2013-12-27 21:23 - 2013-12-27 21:23 - 00000000 ____D C:\WPDNSE
2013-12-27 21:19 - 2006-09-18 22:41 - 00000761 _____ C:\Windows\system32\Drivers\etc\hosts.trb
2013-12-27 21:18 - 2013-12-27 21:18 - 00000000 ____D C:\ProgramData\Licenses
2013-12-27 21:14 - 2013-12-27 21:14 - 00002311 _____ C:\HPSLPSVC0067.log
2013-12-27 21:10 - 2013-12-27 21:13 - 00000000 ____D C:\Program Files\Trojan Remover
2013-12-27 21:10 - 2013-12-27 21:10 - 00000940 _____ C:\Users\Public\Desktop\Trojan Remover.lnk
2013-12-27 21:10 - 2013-12-27 21:10 - 00000000 ____D C:\Users\media\Documents\Simply Super Software
2013-12-27 21:10 - 2013-12-27 21:10 - 00000000 ____D C:\Users\media\AppData\Roaming\Simply Super Software
2013-12-27 21:10 - 2013-12-27 21:10 - 00000000 ____D C:\ProgramData\Simply Super Software
2013-12-27 21:10 - 2013-12-27 21:10 - 00000000 ____D C:\is-2JUN5.tmp
2013-12-27 21:10 - 2012-06-15 15:39 - 00169744 _____ C:\Windows\system32\ztvunrar36.dll
2013-12-27 21:10 - 2012-06-15 15:35 - 00185616 _____ C:\Windows\system32\ztvunrar39.dll
2013-12-27 21:10 - 2012-06-15 15:33 - 00605968 _____ (Igor Pavlov) C:\Windows\system32\ztv7z.dll
2013-12-27 21:10 - 2012-06-15 15:33 - 00077072 _____ (Microsoft Corporation) C:\Windows\system32\ztvcabinet.dll
2013-12-27 21:10 - 2005-08-26 00:50 - 00077312 _____ C:\Windows\system32\ztvunace26.dll
2013-12-27 21:10 - 2003-02-02 19:06 - 00153088 _____ C:\Windows\system32\UNRAR3.dll
2013-12-27 21:10 - 2002-03-06 00:00 - 00075264 _____ C:\Windows\system32\unacev2.dll
2013-12-27 21:07 - 2013-12-27 21:07 - 28469872 _____ (Simply Super Software                                       ) C:\Users\media\Downloads\trjsetup688-2625.exe
2013-12-27 21:04 - 2013-12-27 21:04 - 00002311 _____ C:\HPSLPSVC0066.log
2013-12-27 15:34 - 2013-12-27 15:34 - 00001155 _____ C:\HPSLPSVC0065.log
2013-12-27 15:17 - 2013-12-27 15:17 - 00001155 _____ C:\HPSLPSVC0064.log
2013-12-27 15:11 - 2013-12-27 15:11 - 00002311 _____ C:\HPSLPSVC0063.log
2013-12-27 15:08 - 2013-12-27 15:08 - 00000999 _____ C:\Users\Public\Desktop\PC Tools File and Registry Tool.lnk
2013-12-27 15:08 - 2013-12-27 15:08 - 00000000 ____D C:\Program Files\PC Tools Registry Tool
2013-12-27 15:07 - 2013-12-27 15:08 - 02882183 _____ C:\Users\media\Downloads\pcttregtool.zip
2013-12-27 15:06 - 2013-12-27 15:06 - 00000000 ____D C:\is-6CB01.tmp
2013-12-27 15:04 - 2013-12-27 15:07 - 00002550 _____ C:\SetupProtect20131227150403251_3aeb5.log
2013-12-27 15:04 - 2013-12-27 15:05 - 02171007 _____ C:\Windows\system32\Drivers\Cat.DB
2013-12-27 15:04 - 2013-12-27 15:04 - 00000000 ____D C:\Program Files\Common Files\PC Tools
2013-12-27 15:04 - 2012-11-01 15:35 - 00202280 _____ (PC Tools) C:\Windows\system32\Drivers\PCTSD.sys
2013-12-27 15:04 - 2012-10-22 16:38 - 00368616 _____ (PC Tools) C:\Windows\system32\Drivers\PCTCore.sys
2013-12-27 15:04 - 2012-10-22 16:38 - 00163288 _____ (PC Tools) C:\Windows\system32\Drivers\PCTAppEvent.sys
2013-12-27 15:04 - 2012-02-28 11:43 - 00909728 _____ (PC Tools) C:\Windows\system32\Drivers\pctEFA.sys
2013-12-27 15:04 - 2012-02-28 11:43 - 00342168 _____ (PC Tools) C:\Windows\system32\Drivers\pctDS.sys
2013-12-27 15:01 - 2013-12-27 15:01 - 00002311 _____ C:\HPSLPSVC0062.log
2013-12-27 14:55 - 2013-12-27 14:55 - 00448512 _____ (OldTimer Tools) C:\Users\media\Downloads\TFC.exe
2013-12-27 14:34 - 2013-12-27 15:06 - 00000000 ____D C:\PC Tools Download Manager
2013-12-27 14:34 - 2013-12-27 15:04 - 00001356 _____ C:\Users\media\Desktop\sd9setup.exe.lnk
2013-12-27 14:34 - 2013-12-27 14:55 - 00015126 _____ C:\SetupProtect20131227143403530_577e45.log
2013-12-27 14:34 - 2013-12-27 14:34 - 00000000 ____D C:\Users\media\AppData\Roaming\TestApp
2013-12-27 14:34 - 2013-12-27 14:34 - 00000000 ____D C:\ProgramData\PC Tools
2013-12-27 14:33 - 2013-12-27 14:33 - 03834832 _____ (PC Tools) C:\Users\media\Downloads\sd9setup.exe
2013-12-27 14:31 - 2013-12-27 14:31 - 02470536 _____ C:\Users\media\Downloads\nw_24798_adawareinstallerexe.exe
2013-12-27 14:31 - 2013-12-27 14:31 - 00000000 __RSH C:\MSDOS.SYS
2013-12-27 14:31 - 2013-12-27 14:31 - 00000000 __RSH C:\IO.SYS
2013-12-27 14:27 - 2013-12-27 14:27 - 00023334 _____ C:\MSI1be12.LOG
2013-12-27 14:25 - 2013-12-27 14:25 - 00000000 ____D C:\Users\media\AppData\Roaming\LavasoftStatistics
2013-12-27 14:19 - 2013-12-27 14:19 - 00023252 _____ C:\MSIa30b1.LOG
2013-12-27 14:19 - 2013-12-27 14:19 - 00000000 ____D C:\Users\media\AppData\Roaming\Lavasoft
2013-12-27 14:18 - 2013-12-27 14:18 - 00000000 ____D C:\Program Files\Common Files\Lavasoft
2013-12-27 14:17 - 2013-12-27 14:17 - 01725064 _____ C:\Users\media\Downloads\Adaware_Installer_11.1.exe
2013-12-27 14:17 - 2013-12-27 14:17 - 01725064 _____ C:\Users\media\Downloads\Adaware_Installer_11.1 (1).exe
2013-12-27 13:06 - 2013-12-27 13:06 - 00000000 ____D C:\3912_17443
2013-12-27 13:00 - 2013-12-27 13:00 - 00002311 _____ C:\HPSLPSVC0061.log
2013-12-26 07:51 - 2013-12-26 07:51 - 00002311 _____ C:\HPSLPSVC0059.log
2013-12-26 07:36 - 2013-12-26 07:36 - 00000000 ____D C:\3936_3047
2013-12-26 07:30 - 2013-12-26 07:30 - 00012304 ___HT C:\etilqs_emBZBm5lMQsQJhm
2013-12-26 07:29 - 2013-12-26 07:29 - 00002311 _____ C:\HPSLPSVC0058.log
2013-12-25 10:43 - 2013-12-25 10:43 - 08060928 _____ C:\Users\media\Downloads\factory-to-ddwrt.bin
2013-12-25 10:43 - 2013-12-25 10:43 - 08060928 _____ C:\Users\media\Downloads\factory-to-ddwrt (1).bin
2013-12-25 09:13 - 2013-12-25 09:13 - 08328920 _____ C:\Users\media\Downloads\BvSshClient-Inst.exe
2013-12-25 09:13 - 2013-12-25 09:13 - 00002227 _____ C:\Users\Public\Desktop\Bitvise SSH Client.lnk
2013-12-25 09:13 - 2013-12-25 09:13 - 00000000 ____D C:\Program Files\Bitvise SSH Client
2013-12-25 09:12 - 2013-12-25 09:12 - 00319488 _____ (Simon Tatham) C:\Users\media\Downloads\puttytel.exe
2013-12-25 08:35 - 2013-12-25 08:35 - 00000000 ____D C:\2180_31161
2013-12-25 08:19 - 2013-12-25 08:19 - 00049250 _____ C:\HPSLPSVC0057.log
2013-12-24 16:39 - 2013-12-25 10:53 - 00000600 _____ C:\Users\media\AppData\Roaming\winscp.rnd
2013-12-24 16:35 - 2013-12-24 16:35 - 05132128 _____ (Martin Prikryl                                              ) C:\Users\media\Downloads\winscp550setup.exe
2013-12-24 16:35 - 2013-12-24 16:35 - 00000780 _____ C:\Users\Public\Desktop\WinSCP.lnk
2013-12-24 16:35 - 2013-12-24 16:35 - 00000000 ____D C:\Program Files\WinSCP
2013-12-24 15:31 - 2013-12-24 15:31 - 00006221 _____ C:\Users\media\Downloads\backup-OpenWrt-2011-09-08.tar.gz
2013-12-24 14:46 - 2013-12-24 15:28 - 06028681 _____ C:\Users\media\Downloads\TL-WDR4300_V1_130617.zip
2013-12-24 14:34 - 2013-12-25 10:44 - 00000000 ____D C:\Users\media\Downloads\Neuer Ordner
2013-12-24 14:12 - 2013-12-25 09:57 - 00002539 _____ C:\Users\media\Desktop\inSSIDer Office.lnk
2013-12-24 14:12 - 2013-12-24 14:12 - 00000000 ____D C:\Users\media\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MetaGeek
2013-12-24 14:12 - 2013-12-24 14:12 - 00000000 ____D C:\Program Files\MetaGeek
2013-12-24 14:11 - 2013-12-24 14:12 - 06082560 _____ C:\Users\media\Downloads\inSSIDerOffice.msi
2013-12-24 13:16 - 2013-12-24 13:16 - 00000000 ____D C:\2784_6866
2013-12-24 13:10 - 2013-12-24 13:10 - 00054873 _____ C:\HPSLPSVC0056.log
2013-12-24 09:16 - 2013-12-24 09:16 - 00000000 ____D C:\1856_5822
2013-12-24 09:03 - 2013-12-24 09:03 - 00006759 _____ C:\HPSLPSVC0055.log
2013-12-22 12:42 - 2013-12-22 12:42 - 00001121 _____ C:\Users\media\Desktop\DiskStation.lnk
2013-12-22 12:32 - 2013-12-22 12:32 - 00002943 _____ C:\HPSLPSVC0054.log
2013-12-22 12:01 - 2013-12-22 12:01 - 00000029 _____ C:\Users\media\Downloads\audiolog
2013-12-22 10:49 - 2013-12-22 10:49 - 00000000 ____D C:\1244_12487
2013-12-22 10:41 - 2013-12-22 10:41 - 00006282 _____ C:\HPSLPSVC0053.log
2013-12-20 09:39 - 2013-12-20 09:39 - 00000000 ____D C:\2172_14318
2013-12-20 09:33 - 2013-12-20 09:33 - 00002943 _____ C:\HPSLPSVC0052.log
2013-12-15 12:08 - 2013-12-15 12:08 - 00000000 ____D C:\3060_15548
2013-12-15 12:02 - 2013-12-15 12:02 - 00052918 _____ C:\HPSLPSVC0051.log
2013-12-14 14:49 - 2013-12-14 14:49 - 00000000 ____D C:\ProgramData\ESET
2013-12-14 14:43 - 2013-12-14 14:52 - 01703422 _____ C:\MSId34f4.LOG
2013-12-14 14:43 - 2013-12-14 14:43 - 23625728 _____ C:\NUP2EAD.msi
2013-12-14 14:36 - 2013-12-14 14:36 - 00000000 ____D C:\3072_1688
2013-12-14 14:30 - 2013-12-14 14:30 - 00009471 _____ C:\HPSLPSVC0049.log
2013-12-12 14:25 - 2013-12-12 14:25 - 00001155 _____ C:\HPSLPSVC0048.log
2013-12-01 16:36 - 2013-12-01 16:36 - 00005665 _____ C:\HPSLPSVC0047.log
2013-12-01 11:21 - 2013-12-01 11:21 - 00011079 _____ C:\Users\media\Documents\FST7.odt
2013-12-01 11:02 - 2013-12-01 11:03 - 00010749 _____ C:\Users\media\Documents\Tpschwer2.odt
2013-12-01 10:53 - 2013-12-01 10:53 - 00000000 ____D C:\2988_8070
2013-12-01 10:45 - 2013-12-01 10:45 - 00007360 _____ C:\HPSLPSVC0046.log
2013-11-29 10:39 - 2013-11-29 10:39 - 00000000 ____D C:\3092_23696
2013-11-29 10:32 - 2013-11-29 10:32 - 00010098 _____ C:\HPSLPSVC0045.log
2013-11-27 12:24 - 2013-11-27 12:24 - 00000000 ____D C:\2996_16463
2013-11-27 12:17 - 2013-11-27 12:17 - 00004374 _____ C:\HPSLPSVC0044.log

==================== One Month Modified Files and Folders =======

2013-12-27 21:37 - 2013-12-27 21:37 - 00003590 _____ C:\log3
2013-12-27 21:37 - 2013-12-27 21:37 - 00003232 _____ C:\log1
2013-12-27 21:37 - 2013-12-27 21:36 - 00020866 _____ C:\Users\media\Downloads\FRST.txt
2013-12-27 21:36 - 2013-12-27 21:36 - 01063657 _____ (Farbar) C:\Users\media\Downloads\FRST.exe
2013-12-27 21:36 - 2013-12-27 21:36 - 00049610 _____ C:\modules00
2013-12-27 21:36 - 2013-12-27 21:36 - 00000126 _____ C:\users00
2013-12-27 21:36 - 2013-12-27 21:36 - 00000003 _____ C:\others
2013-12-27 21:36 - 2013-12-27 21:36 - 00000000 ____D C:\FRST
2013-12-27 21:34 - 2013-12-27 21:34 - 00000472 _____ C:\Users\media\Downloads\defogger_disable.log
2013-12-27 21:34 - 2013-12-27 21:34 - 00000000 _____ C:\Users\media\defogger_reenable
2013-12-27 21:34 - 2009-08-07 10:33 - 00000000 ____D C:\Users\media
2013-12-27 21:33 - 2013-12-27 21:33 - 00050477 _____ C:\Users\media\Downloads\Defogger.exe
2013-12-27 21:29 - 2013-12-27 21:29 - 00012312 _____ C:\Users\media\Downloads\hijackthis.log
2013-12-27 21:29 - 2006-11-02 11:33 - 01692428 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-27 21:28 - 2013-10-08 17:42 - 00187293 _____ C:\jusched.log
2013-12-27 21:27 - 2013-12-27 21:27 - 00388608 _____ (Trend Micro Inc.) C:\Users\media\Downloads\HijackThis.exe
2013-12-27 21:25 - 2013-12-27 21:25 - 00002052 ___HT C:\etilqs_vUTtvclzcBJYiMx
2013-12-27 21:25 - 2013-10-08 16:32 - 00591623 _____ C:\hpqddsvc.log
2013-12-27 21:24 - 2013-12-27 21:24 - 00016400 ___HT C:\etilqs_hPQHLe5ZUxkOpsS
2013-12-27 21:23 - 2013-12-27 21:23 - 00002311 _____ C:\HPSLPSVC0068.log
2013-12-27 21:23 - 2013-12-27 21:23 - 00000000 ____D C:\WPDNSE
2013-12-27 21:23 - 2013-10-08 17:41 - 00048255 _____ C:\ProgramData\nvModes.001
2013-12-27 21:22 - 2006-11-02 13:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-27 21:22 - 2006-11-02 13:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-27 21:21 - 2009-10-31 21:59 - 00000012 _____ C:\Windows\bthservsdp.dat
2013-12-27 21:18 - 2013-12-27 21:18 - 00000000 ____D C:\ProgramData\Licenses
2013-12-27 21:14 - 2013-12-27 21:14 - 00002311 _____ C:\HPSLPSVC0067.log
2013-12-27 21:13 - 2013-12-27 21:10 - 00000000 ____D C:\Program Files\Trojan Remover
2013-12-27 21:10 - 2013-12-27 21:10 - 00000940 _____ C:\Users\Public\Desktop\Trojan Remover.lnk
2013-12-27 21:10 - 2013-12-27 21:10 - 00000000 ____D C:\Users\media\Documents\Simply Super Software
2013-12-27 21:10 - 2013-12-27 21:10 - 00000000 ____D C:\Users\media\AppData\Roaming\Simply Super Software
2013-12-27 21:10 - 2013-12-27 21:10 - 00000000 ____D C:\ProgramData\Simply Super Software
2013-12-27 21:10 - 2013-12-27 21:10 - 00000000 ____D C:\is-2JUN5.tmp
2013-12-27 21:07 - 2013-12-27 21:07 - 28469872 _____ (Simply Super Software                                       ) C:\Users\media\Downloads\trjsetup688-2625.exe
2013-12-27 21:05 - 2009-07-04 12:41 - 01905972 _____ C:\Windows\WindowsUpdate.log
2013-12-27 21:04 - 2013-12-27 21:04 - 00002311 _____ C:\HPSLPSVC0066.log
2013-12-27 15:45 - 2013-10-09 09:51 - 00000000 ____D C:\hsperfdata_media
2013-12-27 15:45 - 2013-10-08 14:27 - 00014136 _____ C:\JavaDeployReg.log
2013-12-27 15:34 - 2013-12-27 15:34 - 00001155 _____ C:\HPSLPSVC0065.log
2013-12-27 15:17 - 2013-12-27 15:17 - 00001155 _____ C:\HPSLPSVC0064.log
2013-12-27 15:17 - 2013-10-08 17:40 - 00048255 _____ C:\ProgramData\nvModes.dat
2013-12-27 15:11 - 2013-12-27 15:11 - 00002311 _____ C:\HPSLPSVC0063.log
2013-12-27 15:08 - 2013-12-27 15:08 - 00000999 _____ C:\Users\Public\Desktop\PC Tools File and Registry Tool.lnk
2013-12-27 15:08 - 2013-12-27 15:08 - 00000000 ____D C:\Program Files\PC Tools Registry Tool
2013-12-27 15:08 - 2013-12-27 15:07 - 02882183 _____ C:\Users\media\Downloads\pcttregtool.zip
2013-12-27 15:07 - 2013-12-27 15:04 - 00002550 _____ C:\SetupProtect20131227150403251_3aeb5.log
2013-12-27 15:06 - 2013-12-27 15:06 - 00000000 ____D C:\is-6CB01.tmp
2013-12-27 15:06 - 2013-12-27 14:34 - 00000000 ____D C:\PC Tools Download Manager
2013-12-27 15:05 - 2013-12-27 15:04 - 02171007 _____ C:\Windows\system32\Drivers\Cat.DB
2013-12-27 15:04 - 2013-12-27 15:04 - 00000000 ____D C:\Program Files\Common Files\PC Tools
2013-12-27 15:04 - 2013-12-27 14:34 - 00001356 _____ C:\Users\media\Desktop\sd9setup.exe.lnk
2013-12-27 15:01 - 2013-12-27 15:01 - 00002311 _____ C:\HPSLPSVC0062.log
2013-12-27 14:55 - 2013-12-27 14:55 - 00448512 _____ (OldTimer Tools) C:\Users\media\Downloads\TFC.exe
2013-12-27 14:55 - 2013-12-27 14:34 - 00015126 _____ C:\SetupProtect20131227143403530_577e45.log
2013-12-27 14:34 - 2013-12-27 14:34 - 00000000 ____D C:\Users\media\AppData\Roaming\TestApp
2013-12-27 14:34 - 2013-12-27 14:34 - 00000000 ____D C:\ProgramData\PC Tools
2013-12-27 14:33 - 2013-12-27 14:33 - 03834832 _____ (PC Tools) C:\Users\media\Downloads\sd9setup.exe
2013-12-27 14:31 - 2013-12-27 14:31 - 02470536 _____ C:\Users\media\Downloads\nw_24798_adawareinstallerexe.exe
2013-12-27 14:31 - 2013-12-27 14:31 - 00000000 __RSH C:\MSDOS.SYS
2013-12-27 14:31 - 2013-12-27 14:31 - 00000000 __RSH C:\IO.SYS
2013-12-27 14:27 - 2013-12-27 14:27 - 00023334 _____ C:\MSI1be12.LOG
2013-12-27 14:25 - 2013-12-27 14:25 - 00000000 ____D C:\Users\media\AppData\Roaming\LavasoftStatistics
2013-12-27 14:19 - 2013-12-27 14:19 - 00023252 _____ C:\MSIa30b1.LOG
2013-12-27 14:19 - 2013-12-27 14:19 - 00000000 ____D C:\Users\media\AppData\Roaming\Lavasoft
2013-12-27 14:18 - 2013-12-27 14:18 - 00000000 ____D C:\Program Files\Common Files\Lavasoft
2013-12-27 14:17 - 2013-12-27 14:17 - 01725064 _____ C:\Users\media\Downloads\Adaware_Installer_11.1.exe
2013-12-27 14:17 - 2013-12-27 14:17 - 01725064 _____ C:\Users\media\Downloads\Adaware_Installer_11.1 (1).exe
2013-12-27 14:17 - 2009-12-03 15:43 - 00000000 ____D C:\ProgramData\Lavasoft
2013-12-27 13:06 - 2013-12-27 13:06 - 00000000 ____D C:\3912_17443
2013-12-27 13:00 - 2013-12-27 13:00 - 00002311 _____ C:\HPSLPSVC0061.log
2013-12-26 07:51 - 2013-12-26 07:51 - 00002311 _____ C:\HPSLPSVC0059.log
2013-12-26 07:36 - 2013-12-26 07:36 - 00000000 ____D C:\3936_3047
2013-12-26 07:30 - 2013-12-26 07:30 - 00012304 ___HT C:\etilqs_emBZBm5lMQsQJhm
2013-12-26 07:29 - 2013-12-26 07:29 - 00002311 _____ C:\HPSLPSVC0058.log
2013-12-25 10:53 - 2013-12-24 16:39 - 00000600 _____ C:\Users\media\AppData\Roaming\winscp.rnd
2013-12-25 10:44 - 2013-12-24 14:34 - 00000000 ____D C:\Users\media\Downloads\Neuer Ordner
2013-12-25 10:43 - 2013-12-25 10:43 - 08060928 _____ C:\Users\media\Downloads\factory-to-ddwrt.bin
2013-12-25 10:43 - 2013-12-25 10:43 - 08060928 _____ C:\Users\media\Downloads\factory-to-ddwrt (1).bin
2013-12-25 10:43 - 2013-09-19 19:14 - 00000000 ____D C:\Users\media\AppData\Roaming\vlc
2013-12-25 09:57 - 2013-12-24 14:12 - 00002539 _____ C:\Users\media\Desktop\inSSIDer Office.lnk
2013-12-25 09:13 - 2013-12-25 09:13 - 08328920 _____ C:\Users\media\Downloads\BvSshClient-Inst.exe
2013-12-25 09:13 - 2013-12-25 09:13 - 00002227 _____ C:\Users\Public\Desktop\Bitvise SSH Client.lnk
2013-12-25 09:13 - 2013-12-25 09:13 - 00000000 ____D C:\Program Files\Bitvise SSH Client
2013-12-25 09:12 - 2013-12-25 09:12 - 00319488 _____ (Simon Tatham) C:\Users\media\Downloads\puttytel.exe
2013-12-25 08:35 - 2013-12-25 08:35 - 00000000 ____D C:\2180_31161
2013-12-25 08:19 - 2013-12-25 08:19 - 00049250 _____ C:\HPSLPSVC0057.log
2013-12-24 16:35 - 2013-12-24 16:35 - 05132128 _____ (Martin Prikryl                                              ) C:\Users\media\Downloads\winscp550setup.exe
2013-12-24 16:35 - 2013-12-24 16:35 - 00000780 _____ C:\Users\Public\Desktop\WinSCP.lnk
2013-12-24 16:35 - 2013-12-24 16:35 - 00000000 ____D C:\Program Files\WinSCP
2013-12-24 15:31 - 2013-12-24 15:31 - 00006221 _____ C:\Users\media\Downloads\backup-OpenWrt-2011-09-08.tar.gz
2013-12-24 15:28 - 2013-12-24 14:46 - 06028681 _____ C:\Users\media\Downloads\TL-WDR4300_V1_130617.zip
2013-12-24 15:21 - 2013-06-17 12:52 - 08258048 _____ C:\firmware.bin
2013-12-24 14:12 - 2013-12-24 14:12 - 00000000 ____D C:\Users\media\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MetaGeek
2013-12-24 14:12 - 2013-12-24 14:12 - 00000000 ____D C:\Program Files\MetaGeek
2013-12-24 14:12 - 2013-12-24 14:11 - 06082560 _____ C:\Users\media\Downloads\inSSIDerOffice.msi
2013-12-24 13:16 - 2013-12-24 13:16 - 00000000 ____D C:\2784_6866
2013-12-24 13:10 - 2013-12-24 13:10 - 00054873 _____ C:\HPSLPSVC0056.log
2013-12-24 09:16 - 2013-12-24 09:16 - 00000000 ____D C:\1856_5822
2013-12-24 09:03 - 2013-12-24 09:03 - 00006759 _____ C:\HPSLPSVC0055.log
2013-12-22 12:42 - 2013-12-22 12:42 - 00001121 _____ C:\Users\media\Desktop\DiskStation.lnk
2013-12-22 12:32 - 2013-12-22 12:32 - 00002943 _____ C:\HPSLPSVC0054.log
2013-12-22 12:01 - 2013-12-22 12:01 - 00000029 _____ C:\Users\media\Downloads\audiolog
2013-12-22 10:49 - 2013-12-22 10:49 - 00000000 ____D C:\1244_12487
2013-12-22 10:41 - 2013-12-22 10:41 - 00006282 _____ C:\HPSLPSVC0053.log
2013-12-20 09:39 - 2013-12-20 09:39 - 00000000 ____D C:\2172_14318
2013-12-20 09:33 - 2013-12-20 09:33 - 00002943 _____ C:\HPSLPSVC0052.log
2013-12-15 12:08 - 2013-12-15 12:08 - 00000000 ____D C:\3060_15548
2013-12-15 12:02 - 2013-12-15 12:02 - 00052918 _____ C:\HPSLPSVC0051.log
2013-12-14 14:52 - 2013-12-14 14:43 - 01703422 _____ C:\MSId34f4.LOG
2013-12-14 14:51 - 2006-11-02 12:18 - 00000000 __RHD C:\Users\Default
2013-12-14 14:49 - 2013-12-14 14:49 - 00000000 ____D C:\ProgramData\ESET
2013-12-14 14:43 - 2013-12-14 14:43 - 23625728 _____ C:\NUP2EAD.msi
2013-12-14 14:36 - 2013-12-14 14:36 - 00000000 ____D C:\3072_1688
2013-12-14 14:30 - 2013-12-14 14:30 - 00009471 _____ C:\HPSLPSVC0049.log
2013-12-12 14:25 - 2013-12-12 14:25 - 00001155 _____ C:\HPSLPSVC0048.log
2013-12-01 16:36 - 2013-12-01 16:36 - 00005665 _____ C:\HPSLPSVC0047.log
2013-12-01 11:21 - 2013-12-01 11:21 - 00011079 _____ C:\Users\media\Documents\FST7.odt
2013-12-01 11:03 - 2013-12-01 11:02 - 00010749 _____ C:\Users\media\Documents\Tpschwer2.odt
2013-12-01 10:53 - 2013-12-01 10:53 - 00000000 ____D C:\2988_8070
2013-12-01 10:45 - 2013-12-01 10:45 - 00007360 _____ C:\HPSLPSVC0046.log
2013-11-29 10:39 - 2013-11-29 10:39 - 00000000 ____D C:\3092_23696
2013-11-29 10:32 - 2013-11-29 10:32 - 00010098 _____ C:\HPSLPSVC0045.log
2013-11-27 12:24 - 2013-11-27 12:24 - 00000000 ____D C:\2996_16463
2013-11-27 12:17 - 2013-11-27 12:17 - 00004374 _____ C:\HPSLPSVC0044.log

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-12-27 21:31

==================== End Of Log ============================

--- --- ---

--- --- ---

Code:

ATTFilter

GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-12-27 22:00:47
Windows 6.0.6002 Service Pack 2 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 WDC_WD5000BEVT-22ZAT0 rev.01.01A01 465,76GB
Running: gmer_2.1.19163.exe; Driver: C:\Temp\kwdoypod.sys


---- System - GMER 2.1 ----

SSDT            \SystemRoot\system32\drivers\PCTCore.sys                                                               ZwCreateProcess [0x8EC7CB60]
SSDT            \SystemRoot\system32\drivers\PCTCore.sys                                                               ZwCreateProcessEx [0x8EC7CE28]
SSDT            \SystemRoot\system32\DRIVERS\ehdrv.sys                                                                 ZwCreateThread [0x986BEF80]
SSDT            \SystemRoot\system32\DRIVERS\ehdrv.sys                                                                 ZwLoadDriver [0x986BF040]
SSDT            \SystemRoot\system32\DRIVERS\ehdrv.sys                                                                 ZwSetSystemInformation [0x986BF000]
SSDT            \SystemRoot\system32\DRIVERS\ehdrv.sys                                                                 ZwSystemDebugControl [0x986BEFC0]
SSDT            \SystemRoot\system32\drivers\PCTCore.sys                                                               ZwTerminateProcess [0x8EC7C75E]
SSDT            \SystemRoot\system32\drivers\PCTCore.sys                                                               ZwCreateUserProcess [0x8EC7D124]

---- Kernel code sections - GMER 2.1 ----

.text           ntoskrnl.exe!KeInsertQueue + 3F9                                                                       86C85970 8 Bytes  [60, CB, C7, 8E, 28, CE, C7, ...]
.text           ntoskrnl.exe!KeInsertQueue + 411                                                                       86C85988 4 Bytes  [80, EF, 6B, 98] {SUB BH, 0x6b; CWDE }
.text           ntoskrnl.exe!KeInsertQueue + 56D                                                                       86C85AE4 4 Bytes  [40, F0, 6B, 98]
.text           ntoskrnl.exe!KeInsertQueue + 7CD                                                                       86C85D44 4 Bytes  [00, F0, 6B, 98]
.text           ntoskrnl.exe!KeInsertQueue + 809                                                                       86C85D80 4 Bytes  [C0, EF, 6B, 98] {SHR BH, 0x6b; CWDE }
.text           ...                                                                                                    
.text           C:\Windows\system32\DRIVERS\nvlddmkm.sys                                                               section is writeable [0x9480D340, 0x3EE307, 0xE8000020]
.text           C:\Windows\system32\DRIVERS\atksgt.sys                                                                 section is writeable [0xAA0EE300, 0x3B6D8, 0xE8000020]
.text           C:\Windows\system32\DRIVERS\lirsgt.sys                                                                 section is writeable [0xAA142300, 0x1BEE, 0xE8000020]
.text           C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl                                                  section is writeable [0xAA25E000, 0x2892, 0xE8000020]
.vmp2           C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl                                                  entry point in ".vmp2" section [0xAA281050]

---- User code sections - GMER 2.1 ----

.text           C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe[1088] ntdll.dll!NtAllocateVirtualMemory  76E53FA4 5 Bytes  JMP 0040F950 C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
.text           C:\Program Files\ESET\ESET Smart Security\ekrn.exe[2052] kernel32.dll!SetUnhandledExceptionFilter      7660A8B5 4 Bytes  [C2, 04, 00, 00]
.text           C:\Program Files\OO Software\Defrag\oodag.exe[2952] kernel32.dll!SetUnhandledExceptionFilter           7660A8B5 5 Bytes  JMP 00401340 C:\Program Files\OO Software\Defrag\oodag.exe

---- Devices - GMER 2.1 ----

AttachedDevice  \Driver\kbdclass \Device\KeyboardClass0                                                                Wdf01000.sys
AttachedDevice  \Driver\tdx \Device\Tcp                                                                                cmdhlp.sys
AttachedDevice  \Driver\tdx \Device\Udp                                                                                cmdhlp.sys
AttachedDevice  \Driver\tdx \Device\RawIp                                                                              cmdhlp.sys
AttachedDevice  \FileSystem\fastfat \Fat                                                                               fltmgr.sys

---- Threads - GMER 2.1 ----

Thread          System [4:1024]                                                                                        9B2BE540

---- Registry - GMER 2.1 ----

Reg             HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\0010609668f2                            
Reg             HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\0010609668f2@0023f1b0e35a               0xC9 0x3F 0xB2 0x9B ...
Reg             HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\0010609668f2@002265521f1b               0x20 0x32 0xB2 0xBB ...
Reg             HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\0010609668f2@000272eef839               0x7E 0x9D 0xB5 0x16 ...
Reg             HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\0010609668f2 (not active ControlSet)        
Reg             HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\0010609668f2@0023f1b0e35a                   0xC9 0x3F 0xB2 0x9B ...
Reg             HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\0010609668f2@002265521f1b                   0x20 0x32 0xB2 0xBB ...
Reg             HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\0010609668f2@000272eef839                   0x7E 0x9D 0xB5 0x16 ...

---- Disk sectors - GMER 2.1 ----

Disk            \Device\Harddisk0\DR0                                                                                  unknown MBR code

---- EOF - GMER 2.1 ----

Code:

ATTFilter

<?xml version="1.0" encoding="utf-8" ?>
<ESET>
  <LOG>
    <RECORD>
      <COLUMN NAME="Zeit">
        <DATE>28.12.2013</DATE>
        <TIME>08:35:07</TIME>
      </COLUMN>
      <COLUMN NAME="URL">https://www.paypal.com/favicon.ico</COLUMN>
      <COLUMN NAME="Status">Gesperrt durch Negativliste des Phishing-Schutzes</COLUMN>
      <COLUMN NAME="Anwendung">C:\Users\media\AppData\Local\Google\Chrome\Application\chrome.exe</COLUMN>
      <COLUMN NAME="Benutzer">media-PC\media</COLUMN>
    </RECORD>
    <RECORD>
      <COLUMN NAME="Zeit">
        <DATE>28.12.2013</DATE>
        <TIME>08:34:56</TIME>
      </COLUMN>
      <COLUMN NAME="URL">https://www.paypal.com/de/cgi-bin/webscr?cmd=_login-submit&amp;dispatch=5885d80a13c0db1f8e263663d3faee8def8934b92a630e40b7fef61ab7e9fe63</COLUMN>
      <COLUMN NAME="Status">Gesperrt durch Negativliste des Phishing-Schutzes</COLUMN>
      <COLUMN NAME="Anwendung">C:\Users\media\AppData\Local\Google\Chrome\Application\chrome.exe</COLUMN>
      <COLUMN NAME="Benutzer">media-PC\media</COLUMN>
    </RECORD>
    <RECORD>
      <COLUMN NAME="Zeit">
        <DATE>26.12.2013</DATE>
        <TIME>07:01:33</TIME>
      </COLUMN>
      <COLUMN NAME="URL">hxxp://d.audienceiq.com/r/dm/mkt/73/mpid/mpuid/2552415778168903473</COLUMN>
      <COLUMN NAME="Status">Gesperrt durch Negativliste des Phishing-Schutzes</COLUMN>
      <COLUMN NAME="Anwendung">C:\Users\media\AppData\Local\Google\Chrome\Application\chrome.exe</COLUMN>
      <COLUMN NAME="Benutzer">media-PC\media</COLUMN>
    </RECORD>
    <RECORD>
      <COLUMN NAME="Zeit">
        <DATE>26.12.2013</DATE>
        <TIME>07:01:33</TIME>
      </COLUMN>
      <COLUMN NAME="URL">hxxp://d.audienceiq.com/r/dm/mkt/44/mpid/mpuid/2552415778168903473</COLUMN>
      <COLUMN NAME="Status">Gesperrt durch Negativliste des Phishing-Schutzes</COLUMN>
      <COLUMN NAME="Anwendung">C:\Users\media\AppData\Local\Google\Chrome\Application\chrome.exe</COLUMN>
      <COLUMN NAME="Benutzer">media-PC\media</COLUMN>
    </RECORD>
  </LOG>
</ESET>

Mfg Eric

schrauber · 29.12.2013, 12:34

Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1

WICHTIG - Speichere Combofix auf deinem Desktop

Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten

Zitat:

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

starte den Rechner einfach neu. Dies sollte das Problem beheben.

eastside86 · 01.01.2014, 17:23

hallo

combofix ausgeführt.
habe eset vorrübergehend deinstalliert. da ich es nicht deaktivieren konnte.
combofix macht im scan einen neustart und windows sagt als grund einen bluescreen

Code:

ATTFilter

Problemsignatur:
  Problemereignisname:	BlueScreen
  Betriebsystemversion:	6.0.6002.2.2.0.768.3
  Gebietsschema-ID:	1031

Zusatzinformationen zum Problem:
  BCCode:	f4
  BCP1:	00000003
  BCP2:	8C44D568
  BCP3:	8C44D6B4
  BCP4:	86DFE1F0
  OS Version:	6_0_6002
  Service Pack:	2_0
  Product:	768_1

Dateien, die bei der Beschreibung des Problems hilfreich sind:
  C:\Windows\Minidump\Mini010114-01.dmp
  C:\WER-80886-0.sysdata.xml
  C:\WER7158.tmp.version.txt

Lesen Sie unsere Datenschutzrichtlinie:
  hxxp://go.microsoft.com/fwlink/?linkid=50163&clcid=0x0407

die combofix.txt ist leer

mfg eric

schrauber · 02.01.2014, 09:41

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

eastside86 · 05.01.2014, 09:35

hallo,

Malwarebytes ist 2 mal durchgelaufen, dauert ja ewig. am ende war das programm geschlossen und es wurde keine log datei erstellt.

AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v3.016 - Bericht erstellt am 05/01/2014 um 01:33:14
# Aktualisiert 23/12/2013 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Benutzername : media - MEDIA-PC
# Gestartet von : C:\Users\media\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\C0SRSUSD\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\simplitec
Ordner Gelöscht : C:\Users\Bettina\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Bettina\AppData\LocalLow\ConduitEngine
Ordner Gelöscht : C:\Users\Bettina\AppData\LocalLow\DVDVideoSoftTB
Datei Gelöscht : C:\Users\Public\Desktop\simplicheck.lnk

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}
Schlüssel Gelöscht : HKLM\Software\PIP
Schlüssel Gelöscht : HKLM\Software\simplitec
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EC3825A1-02C6-4A83-8CA4-3F97A25CD37B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{EC3825A1-02C6-4A83-8CA4-3F97A25CD37B}
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\499E8534DA7E759419D2048CB780D3D5
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5DCE3C04E576AD15F972B67D0725120C
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\62255E52F19EC97429A42D59D49024FA
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\930D9472A978D7A4EB16BF4DECB173B7
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AEB93799E8B47D14CA356E4343D632A4
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BAE7C2A75DF08824E9CEFDE20F655BD9
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1A5283CE6C2038A4C84AF3792AC53DB7
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\1A5283CE6C2038A4C84AF3792AC53DB7
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\1A5283CE6C2038A4C84AF3792AC53DB7

***** [ Browser ] *****

-\\ Internet Explorer v9.0.8112.16496


-\\ Mozilla Firefox v

[ Datei : C:\Users\media\AppData\Roaming\Mozilla\Firefox\Profiles\yhk3is3u.default\prefs.js ]


[ Datei : C:\Users\Bettina\AppData\Roaming\Mozilla\Firefox\Profiles\47csp16i.default\prefs.js ]


-\\ Google Chrome v

[ Datei : C:\Users\media\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [4333 octets] - [04/01/2014 18:50:05]
AdwCleaner[R1].txt - [3781 octets] - [05/01/2014 01:32:05]
AdwCleaner[S0].txt - [3710 octets] - [05/01/2014 01:33:14]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3770 octets] ##########

--- --- ---

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.9 (01.01.2014:1)
OS: Windows Vista (TM) Home Premium x86
Ran by media on 04.01.2014 at 18:55:53,51
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho.1
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yahoopartnertoolbar
Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"
Successfully deleted: [Registry Key] "hkey_current_user\software\pip"



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\simplitec"
Successfully deleted: [Folder] "C:\Users\media\AppData\Roaming\simplitec"
Successfully deleted: [Folder] "C:\Users\media\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\media\appdata\locallow\conduitengine"
Successfully deleted: [Folder] "C:\Users\media\appdata\locallow\dvdvideosofttb"
Successfully deleted: [Folder] "C:\Program Files\simplitec"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 04.01.2014 at 19:00:36,25
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 27-12-2013 01
Ran by media (administrator) on MEDIA-PC on 05-01-2014 09:16:58
Running from C:\Users\media\Downloads
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Egis Technology Inc.) C:\Program Files\Acer Bio Protection\CompPtcVUI.exe
(ArcSoft, Inc.) C:\Program Files\Common Files\ArcSoft\esinter\Bin\eservutil.exe
(Agere Systems) C:\Windows\System32\agrsmsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
(Executive Software International, Inc.) C:\Program Files\Executive Software\DiskeeperLite\DKService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
(Egis Technology Inc.) C:\Program Files\Acer Bio Protection\BASVC.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(EgisTec Inc.) C:\Program Files\EgisTec\MyWinLocker 3\x86\MWLService.exe
(NewTech Infosystems, Inc.) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
() C:\Windows\PLFSetI.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\LManager.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Acer Incorporated) C:\Program Files\Acer\Acer VCM\RS_Service.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
() C:\Program Files\Synology\Assistant\UsbClientService.exe
(Cybit AG) C:\Program Files\[verify-U] AVS\[verify-U]-Service.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Realtek Semiconductor Corp.) C:\RtkBtMnt.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(MAGIX AG) C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Windows\System32\UI0Detect.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] - RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [6957600 2009-03-11] (Realtek Semiconductor)
HKLM\...\Run: [PLFSetI] - C:\Windows\PLFSetI.exe [200704 2009-08-07] ()
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1410344 2008-12-05] (Synaptics, Inc.)
HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe [715296 2009-03-11] (Acer Incorporated)
HKLM\...\Run: [LManager] - C:\Program Files\Launch Manager\LManager.exe [870920 2009-02-24] (Dritek System Inc.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [OODefragTray] - C:\Program Files\OO Software\Defrag\oodtray.exe [2729800 2011-01-25] (O&O Software GmbH)
HKCU\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\wmpnscfg.exe [202240 2008-01-21] (Microsoft Corporation)
HKCU\...\Run: [GoogleChromeAutoLaunch_8F845A354B06725D1522ED10EA9CFB1F] - C:\Users\media\AppData\Local\Google\Chrome\Application\chrome.exe [844752 2013-10-09] (Google Inc.)
HKCU\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2009-08-07] (Google Inc.)
HKCU\...\Policies\system: [LogonHoursAction] 2
HKCU\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
MountPoints2: {153c796d-ee0c-11e1-ae42-001f1698f2c3} - F:\Windows\CHECK\DriveNavigator.exe
MountPoints2: {2801413e-688f-11de-906a-806e6f6e6963} - D:\Autorun.exe
HKU\Bettina\...\Run: [ProductReg] - C:\Program Files\Acer\WR_PopUp\ProductReg.exe [ 2008-11-17] (Acer)
HKU\Bettina\...\Run: [Google Update] - C:\Users\Bettina\AppData\Local\Google\Update\GoogleUpdate.exe [ 2012-08-05] (Google Inc.)
HKU\Bettina\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\wmpnscfg.exe [ 2008-01-21] (Microsoft Corporation)
HKU\Bettina\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [ 2009-08-07] (Google Inc.)
HKU\Bettina\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [ 2013-05-01] (Apple Inc.)
HKU\Bettina\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\System32\Macromed\Flash\FlashUtil10a.exe [ 2008-10-05] (Adobe Systems, Inc.)
HKU\Bettina\...\Policies\system: [LogonHoursAction] 2
HKU\Bettina\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default\...\Run: [ProductReg] - C:\Program Files\Acer\WR_PopUp\ProductReg.exe [ 2008-11-17] (Acer)
HKU\Default\...\RunOnce: [ScrSav] - C:\Windows\Screensavers\Acer\run_Acer.exe [ 2009-01-21] (TODO: <Company name>)
HKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default User\...\Run: [ProductReg] - C:\Program Files\Acer\WR_PopUp\ProductReg.exe [ 2008-11-17] (Acer)
HKU\Default User\...\RunOnce: [ScrSav] - C:\Windows\Screensavers\Acer\run_Acer.exe [ 2009-01-21] (TODO: <Company name>)
HKU\Gast\...\Run: [ProductReg] - C:\Program Files\Acer\WR_PopUp\ProductReg.exe [ 2008-11-17] (Acer)
HKU\Gast\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [ 2013-05-01] (Apple Inc.)
AppInit_DLLs: C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll [ 2009-10-31] (Google)
Lsa: [Notification Packages] c:\Program Files\Acer Bio Protection\PwdFilter

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0709&m=aspire_7738
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0709&m=aspire_7738
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://global.acer.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0709&m=aspire_7738
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0709&m=aspire_7738
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {FC11A119-C2F7-46F4-9E32-937ABA26816E} file:///D:/CDViewer/CDVIEWER/CdViewer.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Acer\Acer VCM\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Winsock: Catalog9 01 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 02 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 03 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 04 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 05 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 06 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 07 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 08 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 21 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\media\AppData\Roaming\Mozilla\Firefox\Profiles\yhk3is3u.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_265.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin,version=10.40.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.40.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8051.1204 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @phonostar.de/phonostar - C:\Program Files\phonostar-Player\npphonostarDetectNP.dll No File
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\media\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\media\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2
FF Extension: No Name - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: No Name - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2
FF Extension: No Name - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2

========================== Services (Whitelisted) =================

R2 ADExchange; C:\Program Files\Common Files\ArcSoft\esinter\Bin\eservutil.exe [43072 2012-03-19] (ArcSoft, Inc.)
R2 CLHNService; C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [75048 2009-05-20] ()
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [723632 2009-12-03] (COMODO)
R2 Diskeeper; C:\Program Files\Executive Software\DiskeeperLite\DKService.exe [176128 2002-10-16] (Executive Software International, Inc.)
R2 ePowerSvc; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [666144 2009-03-11] (Acer Incorporated)
R2 Fabs; C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe [1840128 2011-05-24] (MAGIX AG)
S3 FirebirdServerMAGIXInstance; C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®)
S3 GoogleDesktopManager-093009-130223; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2009-10-31] (Google)
S2 HPWJAService; C:\Program Files\Hewlett-Packard\Web Jetadmin 10\bin\HPWJAService.exe [45056 2012-12-20] (Hewlett-Packard Development Company, L.P.)
S2 HPWSProAdapter; C:\Program Files\Hewlett-Packard\Web Jetadmin 10\HPWSProAdapter\FileSystems\Core\bin\XP-x86\release\HP.Dss.App.WinService.exe [9728 2012-11-02] (Hewlett-Packard)
R2 IGBASVC; c:\Program Files\Acer Bio Protection\BASVC.exe [3440640 2009-02-13] (Egis Technology Inc.)
S2 Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [1184912 2009-12-03] (Lavasoft)
R2 MSSQL$HPWJA; C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
S4 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)
R2 MWLService; C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe [306736 2008-10-27] (EgisTec Inc.)
R2 NTISchedulerSvc; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [144632 2008-09-23] (NewTech Infosystems, Inc.)
R2 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [2336072 2011-01-25] (O&O Software GmbH)
R2 RS_Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [237568 2008-11-27] (Acer Incorporated)
S3 SystemExplorerHelpService; C:\Program Files\System Explorer\service\SystemExplorerService.exe [567256 2012-08-21] (Mister Group)
R2 UsbClientService; C:\Program Files\Synology\Assistant\UsbClientService.exe [248704 2012-09-18] ()
R2 [verify-U]; C:\Program Files\[verify-U] AVS\[verify-U]-Service.exe [143360 2008-01-28] (Cybit AG)

==================== Drivers (Whitelisted) ====================

R0 AlfaFF; C:\Windows\System32\drivers\AlfaFF.sys [42608 2009-02-13] (Alfa Corporation)
R1 ArcSec; C:\Windows\System32\drivers\ArcSec.sys [198720 2011-11-10] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [281760 2009-10-31] ()
R3 busenum; C:\Windows\System32\DRIVERS\busenum.sys [45792 2012-08-03] (Windows (R) Win 7 DDK provider)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [29520 2009-12-03] (COMODO)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [37416 2013-09-17] (ESET)
R2 FPSensor; C:\Windows\System32\Drivers\FPSensor.sys [26928 2008-12-24] (Egis)
R3 hidshim; C:\Windows\System32\DRIVERS\hidshim.sys [5632 2008-10-08] (Windows (R) Codename Longhorn DDK provider)
R2 int15; c:\Windows\system32\drivers\int15.sys [69632 2009-02-13] ()
R0 Lbd; C:\Windows\System32\DRIVERS\Lbd.sys [64288 2009-09-23] (Lavasoft AB)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2009-10-31] ()
R2 mwlPSDFilter; C:\Windows\System32\DRIVERS\mwlPSDFilter.sys [19504 2008-10-09] (Egis Incorporated.)
R2 mwlPSDNServ; C:\Windows\System32\DRIVERS\mwlPSDNServ.sys [16432 2008-10-09] (Egis Incorporated.)
R2 mwlPSDVDisk; C:\Windows\System32\DRIVERS\mwlPSDVDisk.sys [59952 2008-10-09] (Egis Incorporated.)
R2 npf; C:\Windows\System32\drivers\npf.sys [35088 2013-07-28] (CACE Technologies, Inc.)
R3 nuvotonhidgeneric; C:\Windows\System32\DRIVERS\nuvotonhidgeneric.sys [22528 2008-10-08] (Nuvoton Technology Corporation)
R0 PCTCore; C:\Windows\System32\drivers\PCTCore.sys [368616 2012-10-22] (PC Tools)
R0 pctDS; C:\Windows\System32\drivers\pctDS.sys [342168 2012-02-28] (PC Tools)
R0 pctEFA; C:\Windows\System32\drivers\pctEFA.sys [909728 2012-02-28] (PC Tools)
R1 PCTSD; C:\Windows\System32\Drivers\PCTSD.sys [202280 2012-11-01] (PC Tools)
R0 RRamdisk; C:\Windows\System32\DRIVERS\rramdisk.sys [12288 2012-08-04] (gavotte)
R1 [verify-U]_System; C:\Windows\System32\drivers\[verify-U]-driver.sys [16128 2007-11-07] (Cybits AG)
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl [87536 2009-09-18] (CyberLink Corp.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
S3 catchme; \??\C:\Temp\catchme.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-05 09:17 - 2014-01-05 09:17 - 00004421 _____ C:\log3
2014-01-05 09:17 - 2014-01-05 09:17 - 00004001 _____ C:\log1
2014-01-05 09:16 - 2014-01-05 09:16 - 00000126 _____ C:\users00
2014-01-05 09:16 - 2014-01-05 09:16 - 00000003 _____ C:\others
2014-01-05 01:36 - 2014-01-05 01:36 - 00003850 _____ C:\Users\media\Desktop\AdwCleaner[S0].txt
2014-01-05 01:36 - 2014-01-05 01:36 - 00003575 _____ C:\HPSLPSVC0078.log
2014-01-05 01:36 - 2014-01-05 01:36 - 00000000 ____D C:\WPDNSE
2014-01-05 01:28 - 2014-01-05 01:28 - 00004068 _____ C:\HPSLPSVC0077.log
2014-01-04 19:00 - 2014-01-04 19:00 - 00001467 _____ C:\Users\media\Desktop\JRT.txt
2014-01-04 18:55 - 2014-01-04 18:55 - 00000000 ____D C:\Windows\ERUNT
2014-01-04 18:50 - 2014-01-05 01:33 - 00000000 _____ C:\preferences
2014-01-04 18:46 - 2014-01-05 01:33 - 00000000 ____D C:\AdwCleaner
2014-01-04 18:46 - 2014-01-04 18:46 - 00000910 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-04 18:46 - 2014-01-04 18:46 - 00000000 ____D C:\Users\media\AppData\Roaming\Malwarebytes
2014-01-04 18:46 - 2014-01-04 18:46 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-04 18:46 - 2014-01-04 18:46 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2014-01-04 18:46 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-04 18:32 - 2014-01-04 18:32 - 00000000 ____D C:\2188_1108
2014-01-04 18:31 - 2014-01-04 18:31 - 00000000 _____ C:\A9RA4A8.tmp
2014-01-04 18:28 - 2014-01-04 18:29 - 00001071 _____ C:\AdobeARM.log
2014-01-04 18:28 - 2014-01-04 18:28 - 00036178 _____ C:\A9R27FA.tmp
2014-01-04 18:28 - 2014-01-04 18:28 - 00000000 _____ C:\A9RC3EB.tmp
2014-01-04 18:25 - 2014-01-04 18:25 - 00015114 _____ C:\HPSLPSVC0076.log
2014-01-01 17:19 - 2014-01-01 17:11 - 00000366 _____ C:\Users\media\Desktop\ComboFix.txt
2014-01-01 17:18 - 2014-01-01 17:18 - 00000000 ___SD C:\Users\media\Desktop\ComboFix
2014-01-01 17:15 - 2014-01-01 17:15 - 00000581 _____ C:\Users\media\Desktop\blue.txt
2014-01-01 17:13 - 2014-01-01 17:13 - 00139096 _____ C:\Windows\Minidump\Mini010114-01.dmp
2014-01-01 17:13 - 2014-01-01 17:13 - 00002943 _____ C:\HPSLPSVC0075.log
2014-01-01 17:09 - 2014-01-01 17:11 - 00000000 ___SD C:\ComboFix
2014-01-01 17:08 - 2014-01-01 17:08 - 00002943 _____ C:\HPSLPSVC0074.log
2014-01-01 17:01 - 2014-01-01 17:05 - 01019232 _____ C:\MSI382e5.LOG
2014-01-01 16:59 - 2014-01-01 16:59 - 00003736 _____ C:\HPSLPSVC0073.log
2014-01-01 16:53 - 2014-01-01 16:55 - 00003590 _____ C:\Users\media\Desktop\Msirepair.reg
2014-01-01 16:47 - 2014-01-01 16:47 - 14371472 _____ C:\httB700.tmp
2014-01-01 16:42 - 2014-01-01 16:42 - 00001566 _____ C:\MSI7db7.LOG
2014-01-01 16:26 - 2014-01-01 16:26 - 00005181 _____ C:\HPSLPSVC0072.log
2014-01-01 16:20 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2014-01-01 16:20 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2014-01-01 16:20 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-01-01 16:20 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-01-01 16:20 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-01-01 16:20 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2014-01-01 16:20 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2014-01-01 16:20 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2014-01-01 16:18 - 2014-01-01 16:19 - 00000000 ____D C:\Qoobox
2014-01-01 16:18 - 2014-01-01 16:18 - 00000000 ____D C:\Windows\erdnt
2014-01-01 16:16 - 2014-01-01 16:16 - 05160176 ____R (Swearware) C:\Users\media\Desktop\ComboFix.exe
2014-01-01 16:15 - 2014-01-01 16:16 - 05160176 _____ (Swearware) C:\Users\media\Downloads\ComboFix.exe
2014-01-01 16:11 - 2014-01-01 16:11 - 00000000 ____D C:\224_8663
2014-01-01 16:05 - 2014-01-01 16:23 - 00004068 _____ C:\HPSLPSVC0071.log
2013-12-28 18:36 - 2013-12-28 18:36 - 00021583 _____ C:\Users\media\Downloads\Addition (1).txt
2013-12-28 09:52 - 2013-12-28 09:52 - 00004700 _____ C:\Users\media\Desktop\scaneset.xml
2013-12-28 09:51 - 2013-12-28 09:51 - 00002073 _____ C:\Users\media\Desktop\eset4.xml
2013-12-28 09:51 - 2013-12-28 09:51 - 00002073 _____ C:\Users\media\Desktop\eset3.xml
2013-12-28 09:51 - 2013-12-28 09:51 - 00002073 _____ C:\Users\media\Desktop\eset2.xml
2013-12-28 09:51 - 2013-12-28 09:51 - 00002073 _____ C:\Users\media\Desktop\eset1.txt
2013-12-28 09:46 - 2013-12-28 09:46 - 00000000 ____D C:\5480_3664
2013-12-28 09:33 - 2013-12-28 09:33 - 00006305 _____ C:\HPSLPSVC0069.log
2013-12-27 21:39 - 2013-12-27 21:39 - 00377856 _____ C:\Users\media\Downloads\gmer_2.1.19163.exe
2013-12-27 21:38 - 2013-12-28 09:39 - 00000000 ____D C:\Users\media\Desktop\troj
2013-12-27 21:37 - 2013-12-27 21:38 - 00021583 _____ C:\Users\media\Downloads\Addition.txt
2013-12-27 21:36 - 2014-01-05 09:16 - 00019153 _____ C:\Users\media\Downloads\FRST.txt
2013-12-27 21:36 - 2013-12-27 21:36 - 01063657 _____ (Farbar) C:\Users\media\Downloads\FRST.exe
2013-12-27 21:36 - 2013-12-27 21:36 - 00000000 ____D C:\FRST
2013-12-27 21:34 - 2013-12-27 21:34 - 00000472 _____ C:\Users\media\Downloads\defogger_disable.log
2013-12-27 21:34 - 2013-12-27 21:34 - 00000000 _____ C:\Users\media\defogger_reenable
2013-12-27 21:33 - 2013-12-27 21:33 - 00050477 _____ C:\Users\media\Downloads\Defogger.exe
2013-12-27 21:29 - 2013-12-27 21:29 - 00012312 _____ C:\Users\media\Downloads\hijackthis.log
2013-12-27 21:27 - 2013-12-27 21:27 - 00388608 _____ (Trend Micro Inc.) C:\Users\media\Downloads\HijackThis.exe
2013-12-27 21:23 - 2013-12-27 21:23 - 00002944 _____ C:\HPSLPSVC0068.log
2013-12-27 21:19 - 2006-09-18 22:41 - 00000761 _____ C:\Windows\system32\Drivers\etc\hosts.trb
2013-12-27 21:18 - 2013-12-27 21:18 - 00000000 ____D C:\ProgramData\Licenses
2013-12-27 21:14 - 2013-12-27 21:14 - 00002311 _____ C:\HPSLPSVC0067.log
2013-12-27 21:10 - 2013-12-27 21:13 - 00000000 ____D C:\Program Files\Trojan Remover
2013-12-27 21:10 - 2013-12-27 21:10 - 00000940 _____ C:\Users\Public\Desktop\Trojan Remover.lnk
2013-12-27 21:10 - 2013-12-27 21:10 - 00000000 ____D C:\Users\media\Documents\Simply Super Software
2013-12-27 21:10 - 2013-12-27 21:10 - 00000000 ____D C:\Users\media\AppData\Roaming\Simply Super Software
2013-12-27 21:10 - 2013-12-27 21:10 - 00000000 ____D C:\ProgramData\Simply Super Software
2013-12-27 21:10 - 2013-12-27 21:10 - 00000000 ____D C:\is-2JUN5.tmp
2013-12-27 21:10 - 2012-06-15 15:39 - 00169744 _____ C:\Windows\system32\ztvunrar36.dll
2013-12-27 21:10 - 2012-06-15 15:35 - 00185616 _____ C:\Windows\system32\ztvunrar39.dll
2013-12-27 21:10 - 2012-06-15 15:33 - 00605968 _____ (Igor Pavlov) C:\Windows\system32\ztv7z.dll
2013-12-27 21:10 - 2012-06-15 15:33 - 00077072 _____ (Microsoft Corporation) C:\Windows\system32\ztvcabinet.dll
2013-12-27 21:10 - 2005-08-26 00:50 - 00077312 _____ C:\Windows\system32\ztvunace26.dll
2013-12-27 21:10 - 2003-02-02 19:06 - 00153088 _____ C:\Windows\system32\UNRAR3.dll
2013-12-27 21:10 - 2002-03-06 00:00 - 00075264 _____ C:\Windows\system32\unacev2.dll
2013-12-27 21:07 - 2013-12-27 21:07 - 28469872 _____ (Simply Super Software                                       ) C:\Users\media\Downloads\trjsetup688-2625.exe
2013-12-27 21:04 - 2013-12-27 21:04 - 00002311 _____ C:\HPSLPSVC0066.log
2013-12-27 15:34 - 2013-12-27 15:34 - 00001155 _____ C:\HPSLPSVC0065.log
2013-12-27 15:17 - 2013-12-27 15:17 - 00001155 _____ C:\HPSLPSVC0064.log
2013-12-27 15:11 - 2013-12-27 15:11 - 00002311 _____ C:\HPSLPSVC0063.log
2013-12-27 15:08 - 2013-12-27 15:08 - 00000999 _____ C:\Users\Public\Desktop\PC Tools File and Registry Tool.lnk
2013-12-27 15:08 - 2013-12-27 15:08 - 00000000 ____D C:\Program Files\PC Tools Registry Tool
2013-12-27 15:07 - 2013-12-27 15:08 - 02882183 _____ C:\Users\media\Downloads\pcttregtool.zip
2013-12-27 15:06 - 2013-12-27 15:06 - 00000000 ____D C:\is-6CB01.tmp
2013-12-27 15:04 - 2014-01-01 16:50 - 02180707 _____ C:\Windows\system32\Drivers\Cat.DB
2013-12-27 15:04 - 2013-12-27 15:07 - 00002550 _____ C:\SetupProtect20131227150403251_3aeb5.log
2013-12-27 15:04 - 2013-12-27 15:04 - 00000000 ____D C:\Program Files\Common Files\PC Tools
2013-12-27 15:04 - 2012-11-01 15:35 - 00202280 _____ (PC Tools) C:\Windows\system32\Drivers\PCTSD.sys
2013-12-27 15:04 - 2012-10-22 16:38 - 00368616 _____ (PC Tools) C:\Windows\system32\Drivers\PCTCore.sys
2013-12-27 15:04 - 2012-10-22 16:38 - 00163288 _____ (PC Tools) C:\Windows\system32\Drivers\PCTAppEvent.sys
2013-12-27 15:04 - 2012-02-28 11:43 - 00909728 _____ (PC Tools) C:\Windows\system32\Drivers\pctEFA.sys
2013-12-27 15:04 - 2012-02-28 11:43 - 00342168 _____ (PC Tools) C:\Windows\system32\Drivers\pctDS.sys
2013-12-27 15:01 - 2013-12-27 15:01 - 00002311 _____ C:\HPSLPSVC0062.log
2013-12-27 14:55 - 2013-12-27 14:55 - 00448512 _____ (OldTimer Tools) C:\Users\media\Downloads\TFC.exe
2013-12-27 14:34 - 2013-12-27 15:06 - 00000000 ____D C:\PC Tools Download Manager
2013-12-27 14:34 - 2013-12-27 15:04 - 00001356 _____ C:\Users\media\Desktop\sd9setup.exe.lnk
2013-12-27 14:34 - 2013-12-27 14:55 - 00015126 _____ C:\SetupProtect20131227143403530_577e45.log
2013-12-27 14:34 - 2013-12-27 14:34 - 00000000 ____D C:\Users\media\AppData\Roaming\TestApp
2013-12-27 14:34 - 2013-12-27 14:34 - 00000000 ____D C:\ProgramData\PC Tools
2013-12-27 14:33 - 2013-12-27 14:33 - 03834832 _____ (PC Tools) C:\Users\media\Downloads\sd9setup.exe
2013-12-27 14:31 - 2013-12-27 14:31 - 02470536 _____ C:\Users\media\Downloads\nw_24798_adawareinstallerexe.exe
2013-12-27 14:31 - 2013-12-27 14:31 - 00000000 __RSH C:\MSDOS.SYS
2013-12-27 14:31 - 2013-12-27 14:31 - 00000000 __RSH C:\IO.SYS
2013-12-27 14:27 - 2013-12-27 14:27 - 00023334 _____ C:\MSI1be12.LOG
2013-12-27 14:25 - 2013-12-27 14:25 - 00000000 ____D C:\Users\media\AppData\Roaming\LavasoftStatistics
2013-12-27 14:19 - 2013-12-27 14:19 - 00023252 _____ C:\MSIa30b1.LOG
2013-12-27 14:19 - 2013-12-27 14:19 - 00000000 ____D C:\Users\media\AppData\Roaming\Lavasoft
2013-12-27 14:18 - 2013-12-27 14:18 - 00000000 ____D C:\Program Files\Common Files\Lavasoft
2013-12-27 14:17 - 2013-12-27 14:17 - 01725064 _____ C:\Users\media\Downloads\Adaware_Installer_11.1.exe
2013-12-27 14:17 - 2013-12-27 14:17 - 01725064 _____ C:\Users\media\Downloads\Adaware_Installer_11.1 (1).exe
2013-12-27 13:06 - 2013-12-27 13:06 - 00000000 ____D C:\3912_17443
2013-12-27 13:00 - 2013-12-27 13:00 - 00002311 _____ C:\HPSLPSVC0061.log
2013-12-26 07:51 - 2013-12-26 07:51 - 00002311 _____ C:\HPSLPSVC0059.log
2013-12-26 07:36 - 2013-12-26 07:36 - 00000000 ____D C:\3936_3047
2013-12-26 07:30 - 2013-12-26 07:30 - 00012304 ___HT C:\etilqs_emBZBm5lMQsQJhm
2013-12-26 07:29 - 2013-12-26 07:29 - 00002311 _____ C:\HPSLPSVC0058.log
2013-12-25 10:43 - 2013-12-25 10:43 - 08060928 _____ C:\Users\media\Downloads\factory-to-ddwrt.bin
2013-12-25 10:43 - 2013-12-25 10:43 - 08060928 _____ C:\Users\media\Downloads\factory-to-ddwrt (1).bin
2013-12-25 09:13 - 2013-12-25 09:13 - 08328920 _____ C:\Users\media\Downloads\BvSshClient-Inst.exe
2013-12-25 09:13 - 2013-12-25 09:13 - 00002227 _____ C:\Users\Public\Desktop\Bitvise SSH Client.lnk
2013-12-25 09:13 - 2013-12-25 09:13 - 00000000 ____D C:\Program Files\Bitvise SSH Client
2013-12-25 09:12 - 2013-12-25 09:12 - 00319488 _____ (Simon Tatham) C:\Users\media\Downloads\puttytel.exe
2013-12-25 08:35 - 2013-12-25 08:35 - 00000000 ____D C:\2180_31161
2013-12-25 08:19 - 2013-12-25 08:19 - 00049250 _____ C:\HPSLPSVC0057.log
2013-12-24 16:39 - 2013-12-25 10:53 - 00000600 _____ C:\Users\media\AppData\Roaming\winscp.rnd
2013-12-24 16:35 - 2013-12-24 16:35 - 05132128 _____ (Martin Prikryl                                              ) C:\Users\media\Downloads\winscp550setup.exe
2013-12-24 16:35 - 2013-12-24 16:35 - 00000780 _____ C:\Users\Public\Desktop\WinSCP.lnk
2013-12-24 16:35 - 2013-12-24 16:35 - 00000000 ____D C:\Program Files\WinSCP
2013-12-24 15:31 - 2013-12-24 15:31 - 00006221 _____ C:\Users\media\Downloads\backup-OpenWrt-2011-09-08.tar.gz
2013-12-24 14:46 - 2013-12-24 15:28 - 06028681 _____ C:\Users\media\Downloads\TL-WDR4300_V1_130617.zip
2013-12-24 14:34 - 2013-12-25 10:44 - 00000000 ____D C:\Users\media\Downloads\Neuer Ordner
2013-12-24 14:12 - 2013-12-28 19:54 - 00002539 _____ C:\Users\media\Desktop\inSSIDer Office.lnk
2013-12-24 14:12 - 2013-12-24 14:12 - 00000000 ____D C:\Users\media\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MetaGeek
2013-12-24 14:12 - 2013-12-24 14:12 - 00000000 ____D C:\Program Files\MetaGeek
2013-12-24 14:11 - 2013-12-24 14:12 - 06082560 _____ C:\Users\media\Downloads\inSSIDerOffice.msi
2013-12-24 13:16 - 2013-12-24 13:16 - 00000000 ____D C:\2784_6866
2013-12-24 13:10 - 2013-12-24 13:10 - 00054873 _____ C:\HPSLPSVC0056.log
2013-12-24 09:16 - 2013-12-24 09:16 - 00000000 ____D C:\1856_5822
2013-12-24 09:03 - 2013-12-24 09:03 - 00006759 _____ C:\HPSLPSVC0055.log
2013-12-22 12:42 - 2013-12-22 12:42 - 00001121 _____ C:\Users\media\Desktop\DiskStation.lnk
2013-12-22 12:32 - 2013-12-22 12:32 - 00002943 _____ C:\HPSLPSVC0054.log
2013-12-22 12:01 - 2013-12-22 12:01 - 00000029 _____ C:\Users\media\Downloads\audiolog
2013-12-22 10:49 - 2013-12-22 10:49 - 00000000 ____D C:\1244_12487
2013-12-22 10:41 - 2013-12-22 10:41 - 00006282 _____ C:\HPSLPSVC0053.log
2013-12-20 09:39 - 2013-12-20 09:39 - 00000000 ____D C:\2172_14318
2013-12-20 09:33 - 2013-12-20 09:33 - 00002943 _____ C:\HPSLPSVC0052.log
2013-12-15 12:08 - 2013-12-15 12:08 - 00000000 ____D C:\3060_15548
2013-12-15 12:02 - 2013-12-15 12:02 - 00052918 _____ C:\HPSLPSVC0051.log
2013-12-14 14:43 - 2013-12-14 14:52 - 01703422 _____ C:\MSId34f4.LOG
2013-12-14 14:43 - 2013-12-14 14:43 - 23625728 _____ C:\NUP2EAD.msi
2013-12-14 14:36 - 2013-12-14 14:36 - 00000000 ____D C:\3072_1688
2013-12-14 14:30 - 2013-12-14 14:30 - 00009471 _____ C:\HPSLPSVC0049.log
2013-12-12 14:25 - 2013-12-12 14:25 - 00001155 _____ C:\HPSLPSVC0048.log

==================== One Month Modified Files and Folders =======

2014-01-05 09:17 - 2014-01-05 09:17 - 00004421 _____ C:\log3
2014-01-05 09:17 - 2014-01-05 09:17 - 00004063 _____ C:\log1
2014-01-05 09:17 - 2013-12-27 21:36 - 00019153 _____ C:\Users\media\Downloads\FRST.txt
2014-01-05 09:16 - 2014-01-05 09:16 - 00000126 _____ C:\users00
2014-01-05 09:16 - 2014-01-05 09:16 - 00000003 _____ C:\others
2014-01-05 07:37 - 2006-11-02 13:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-05 07:37 - 2006-11-02 13:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-05 04:37 - 2013-10-08 17:42 - 00206435 _____ C:\jusched.log
2014-01-05 01:43 - 2006-11-02 11:33 - 01692428 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-05 01:39 - 2009-07-04 12:41 - 01239311 _____ C:\Windows\WindowsUpdate.log
2014-01-05 01:38 - 2013-10-08 16:32 - 00662463 _____ C:\hpqddsvc.log
2014-01-05 01:36 - 2014-01-05 01:36 - 00003850 _____ C:\Users\media\Desktop\AdwCleaner[S0].txt
2014-01-05 01:36 - 2014-01-05 01:36 - 00003575 _____ C:\HPSLPSVC0078.log
2014-01-05 01:36 - 2014-01-05 01:36 - 00000000 ____D C:\WPDNSE
2014-01-05 01:36 - 2013-10-08 17:41 - 00093643 _____ C:\ProgramData\nvModes.001
2014-01-05 01:34 - 2009-10-31 21:59 - 00000012 _____ C:\Windows\bthservsdp.dat
2014-01-05 01:33 - 2014-01-04 18:50 - 00000000 _____ C:\preferences
2014-01-05 01:33 - 2014-01-04 18:46 - 00000000 ____D C:\AdwCleaner
2014-01-05 01:28 - 2014-01-05 01:28 - 00004068 _____ C:\HPSLPSVC0077.log
2014-01-05 01:28 - 2013-10-08 17:40 - 00093643 _____ C:\ProgramData\nvModes.dat
2014-01-04 21:04 - 2013-10-09 09:51 - 00000000 ____D C:\hsperfdata_media
2014-01-04 21:04 - 2013-10-08 14:27 - 00015686 _____ C:\JavaDeployReg.log
2014-01-04 19:00 - 2014-01-04 19:00 - 00001467 _____ C:\Users\media\Desktop\JRT.txt
2014-01-04 18:55 - 2014-01-04 18:55 - 00000000 ____D C:\Windows\ERUNT
2014-01-04 18:46 - 2014-01-04 18:46 - 00000910 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-04 18:46 - 2014-01-04 18:46 - 00000000 ____D C:\Users\media\AppData\Roaming\Malwarebytes
2014-01-04 18:46 - 2014-01-04 18:46 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-04 18:46 - 2014-01-04 18:46 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2014-01-04 18:32 - 2014-01-04 18:32 - 00000000 ____D C:\2188_1108
2014-01-04 18:31 - 2014-01-04 18:31 - 00000000 _____ C:\A9RA4A8.tmp
2014-01-04 18:29 - 2014-01-04 18:28 - 00001071 _____ C:\AdobeARM.log
2014-01-04 18:28 - 2014-01-04 18:28 - 00036178 _____ C:\A9R27FA.tmp
2014-01-04 18:28 - 2014-01-04 18:28 - 00000000 _____ C:\A9RC3EB.tmp
2014-01-04 18:25 - 2014-01-04 18:25 - 00015114 _____ C:\HPSLPSVC0076.log
2014-01-01 17:18 - 2014-01-01 17:18 - 00000000 ___SD C:\Users\media\Desktop\ComboFix
2014-01-01 17:15 - 2014-01-01 17:15 - 00000581 _____ C:\Users\media\Desktop\blue.txt
2014-01-01 17:13 - 2014-01-01 17:13 - 00139096 _____ C:\Windows\Minidump\Mini010114-01.dmp
2014-01-01 17:13 - 2014-01-01 17:13 - 00002943 _____ C:\HPSLPSVC0075.log
2014-01-01 17:13 - 2013-10-10 00:06 - 00025226 _____ C:\Windows\PFRO.log
2014-01-01 17:13 - 2013-04-25 12:26 - 462617774 _____ C:\Windows\MEMORY.DMP
2014-01-01 17:13 - 2011-10-17 15:54 - 00000000 ____D C:\Windows\Minidump
2014-01-01 17:11 - 2014-01-01 17:19 - 00000366 _____ C:\Users\media\Desktop\ComboFix.txt
2014-01-01 17:11 - 2014-01-01 17:09 - 00000000 ___SD C:\ComboFix
2014-01-01 17:08 - 2014-01-01 17:08 - 00002943 _____ C:\HPSLPSVC0074.log
2014-01-01 17:05 - 2014-01-01 17:01 - 01019232 _____ C:\MSI382e5.LOG
2014-01-01 16:59 - 2014-01-01 16:59 - 00003736 _____ C:\HPSLPSVC0073.log
2014-01-01 16:55 - 2014-01-01 16:53 - 00003590 _____ C:\Users\media\Desktop\Msirepair.reg
2014-01-01 16:50 - 2013-12-27 15:04 - 02180707 _____ C:\Windows\system32\Drivers\Cat.DB
2014-01-01 16:47 - 2014-01-01 16:47 - 14371472 _____ C:\httB700.tmp
2014-01-01 16:42 - 2014-01-01 16:42 - 00001566 _____ C:\MSI7db7.LOG
2014-01-01 16:26 - 2014-01-01 16:26 - 00005181 _____ C:\HPSLPSVC0072.log
2014-01-01 16:23 - 2014-01-01 16:05 - 00004068 _____ C:\HPSLPSVC0071.log
2014-01-01 16:19 - 2014-01-01 16:18 - 00000000 ____D C:\Qoobox
2014-01-01 16:18 - 2014-01-01 16:18 - 00000000 ____D C:\Windows\erdnt
2014-01-01 16:16 - 2014-01-01 16:16 - 05160176 ____R (Swearware) C:\Users\media\Desktop\ComboFix.exe
2014-01-01 16:16 - 2014-01-01 16:15 - 05160176 _____ (Swearware) C:\Users\media\Downloads\ComboFix.exe
2014-01-01 16:11 - 2014-01-01 16:11 - 00000000 ____D C:\224_8663
2013-12-28 19:54 - 2013-12-24 14:12 - 00002539 _____ C:\Users\media\Desktop\inSSIDer Office.lnk
2013-12-28 19:00 - 2009-08-07 10:33 - 00000000 ____D C:\Users\media
2013-12-28 18:36 - 2013-12-28 18:36 - 00021583 _____ C:\Users\media\Downloads\Addition (1).txt
2013-12-28 09:52 - 2013-12-28 09:52 - 00004700 _____ C:\Users\media\Desktop\scaneset.xml
2013-12-28 09:51 - 2013-12-28 09:51 - 00002073 _____ C:\Users\media\Desktop\eset4.xml
2013-12-28 09:51 - 2013-12-28 09:51 - 00002073 _____ C:\Users\media\Desktop\eset3.xml
2013-12-28 09:51 - 2013-12-28 09:51 - 00002073 _____ C:\Users\media\Desktop\eset2.xml
2013-12-28 09:51 - 2013-12-28 09:51 - 00002073 _____ C:\Users\media\Desktop\eset1.txt
2013-12-28 09:46 - 2013-12-28 09:46 - 00000000 ____D C:\5480_3664
2013-12-28 09:39 - 2013-12-27 21:38 - 00000000 ____D C:\Users\media\Desktop\troj
2013-12-28 09:33 - 2013-12-28 09:33 - 00006305 _____ C:\HPSLPSVC0069.log
2013-12-27 21:39 - 2013-12-27 21:39 - 00377856 _____ C:\Users\media\Downloads\gmer_2.1.19163.exe
2013-12-27 21:38 - 2013-12-27 21:37 - 00021583 _____ C:\Users\media\Downloads\Addition.txt
2013-12-27 21:36 - 2013-12-27 21:36 - 01063657 _____ (Farbar) C:\Users\media\Downloads\FRST.exe
2013-12-27 21:36 - 2013-12-27 21:36 - 00000000 ____D C:\FRST
2013-12-27 21:34 - 2013-12-27 21:34 - 00000472 _____ C:\Users\media\Downloads\defogger_disable.log
2013-12-27 21:34 - 2013-12-27 21:34 - 00000000 _____ C:\Users\media\defogger_reenable
2013-12-27 21:33 - 2013-12-27 21:33 - 00050477 _____ C:\Users\media\Downloads\Defogger.exe
2013-12-27 21:29 - 2013-12-27 21:29 - 00012312 _____ C:\Users\media\Downloads\hijackthis.log
2013-12-27 21:27 - 2013-12-27 21:27 - 00388608 _____ (Trend Micro Inc.) C:\Users\media\Downloads\HijackThis.exe
2013-12-27 21:23 - 2013-12-27 21:23 - 00002944 _____ C:\HPSLPSVC0068.log
2013-12-27 21:18 - 2013-12-27 21:18 - 00000000 ____D C:\ProgramData\Licenses
2013-12-27 21:14 - 2013-12-27 21:14 - 00002311 _____ C:\HPSLPSVC0067.log
2013-12-27 21:13 - 2013-12-27 21:10 - 00000000 ____D C:\Program Files\Trojan Remover
2013-12-27 21:10 - 2013-12-27 21:10 - 00000940 _____ C:\Users\Public\Desktop\Trojan Remover.lnk
2013-12-27 21:10 - 2013-12-27 21:10 - 00000000 ____D C:\Users\media\Documents\Simply Super Software
2013-12-27 21:10 - 2013-12-27 21:10 - 00000000 ____D C:\Users\media\AppData\Roaming\Simply Super Software
2013-12-27 21:10 - 2013-12-27 21:10 - 00000000 ____D C:\ProgramData\Simply Super Software
2013-12-27 21:10 - 2013-12-27 21:10 - 00000000 ____D C:\is-2JUN5.tmp
2013-12-27 21:07 - 2013-12-27 21:07 - 28469872 _____ (Simply Super Software                                       ) C:\Users\media\Downloads\trjsetup688-2625.exe
2013-12-27 21:04 - 2013-12-27 21:04 - 00002311 _____ C:\HPSLPSVC0066.log
2013-12-27 15:34 - 2013-12-27 15:34 - 00001155 _____ C:\HPSLPSVC0065.log
2013-12-27 15:17 - 2013-12-27 15:17 - 00001155 _____ C:\HPSLPSVC0064.log
2013-12-27 15:11 - 2013-12-27 15:11 - 00002311 _____ C:\HPSLPSVC0063.log
2013-12-27 15:08 - 2013-12-27 15:08 - 00000999 _____ C:\Users\Public\Desktop\PC Tools File and Registry Tool.lnk
2013-12-27 15:08 - 2013-12-27 15:08 - 00000000 ____D C:\Program Files\PC Tools Registry Tool
2013-12-27 15:08 - 2013-12-27 15:07 - 02882183 _____ C:\Users\media\Downloads\pcttregtool.zip
2013-12-27 15:07 - 2013-12-27 15:04 - 00002550 _____ C:\SetupProtect20131227150403251_3aeb5.log
2013-12-27 15:06 - 2013-12-27 15:06 - 00000000 ____D C:\is-6CB01.tmp
2013-12-27 15:06 - 2013-12-27 14:34 - 00000000 ____D C:\PC Tools Download Manager
2013-12-27 15:04 - 2013-12-27 15:04 - 00000000 ____D C:\Program Files\Common Files\PC Tools
2013-12-27 15:04 - 2013-12-27 14:34 - 00001356 _____ C:\Users\media\Desktop\sd9setup.exe.lnk
2013-12-27 15:01 - 2013-12-27 15:01 - 00002311 _____ C:\HPSLPSVC0062.log
2013-12-27 14:55 - 2013-12-27 14:55 - 00448512 _____ (OldTimer Tools) C:\Users\media\Downloads\TFC.exe
2013-12-27 14:55 - 2013-12-27 14:34 - 00015126 _____ C:\SetupProtect20131227143403530_577e45.log
2013-12-27 14:34 - 2013-12-27 14:34 - 00000000 ____D C:\Users\media\AppData\Roaming\TestApp
2013-12-27 14:34 - 2013-12-27 14:34 - 00000000 ____D C:\ProgramData\PC Tools
2013-12-27 14:33 - 2013-12-27 14:33 - 03834832 _____ (PC Tools) C:\Users\media\Downloads\sd9setup.exe
2013-12-27 14:31 - 2013-12-27 14:31 - 02470536 _____ C:\Users\media\Downloads\nw_24798_adawareinstallerexe.exe
2013-12-27 14:31 - 2013-12-27 14:31 - 00000000 __RSH C:\MSDOS.SYS
2013-12-27 14:31 - 2013-12-27 14:31 - 00000000 __RSH C:\IO.SYS
2013-12-27 14:27 - 2013-12-27 14:27 - 00023334 _____ C:\MSI1be12.LOG
2013-12-27 14:25 - 2013-12-27 14:25 - 00000000 ____D C:\Users\media\AppData\Roaming\LavasoftStatistics
2013-12-27 14:19 - 2013-12-27 14:19 - 00023252 _____ C:\MSIa30b1.LOG
2013-12-27 14:19 - 2013-12-27 14:19 - 00000000 ____D C:\Users\media\AppData\Roaming\Lavasoft
2013-12-27 14:18 - 2013-12-27 14:18 - 00000000 ____D C:\Program Files\Common Files\Lavasoft
2013-12-27 14:17 - 2013-12-27 14:17 - 01725064 _____ C:\Users\media\Downloads\Adaware_Installer_11.1.exe
2013-12-27 14:17 - 2013-12-27 14:17 - 01725064 _____ C:\Users\media\Downloads\Adaware_Installer_11.1 (1).exe
2013-12-27 14:17 - 2009-12-03 15:43 - 00000000 ____D C:\ProgramData\Lavasoft
2013-12-27 13:06 - 2013-12-27 13:06 - 00000000 ____D C:\3912_17443
2013-12-27 13:00 - 2013-12-27 13:00 - 00002311 _____ C:\HPSLPSVC0061.log
2013-12-26 07:51 - 2013-12-26 07:51 - 00002311 _____ C:\HPSLPSVC0059.log
2013-12-26 07:36 - 2013-12-26 07:36 - 00000000 ____D C:\3936_3047
2013-12-26 07:30 - 2013-12-26 07:30 - 00012304 ___HT C:\etilqs_emBZBm5lMQsQJhm
2013-12-26 07:29 - 2013-12-26 07:29 - 00002311 _____ C:\HPSLPSVC0058.log
2013-12-25 10:53 - 2013-12-24 16:39 - 00000600 _____ C:\Users\media\AppData\Roaming\winscp.rnd
2013-12-25 10:44 - 2013-12-24 14:34 - 00000000 ____D C:\Users\media\Downloads\Neuer Ordner
2013-12-25 10:43 - 2013-12-25 10:43 - 08060928 _____ C:\Users\media\Downloads\factory-to-ddwrt.bin
2013-12-25 10:43 - 2013-12-25 10:43 - 08060928 _____ C:\Users\media\Downloads\factory-to-ddwrt (1).bin
2013-12-25 10:43 - 2013-09-19 19:14 - 00000000 ____D C:\Users\media\AppData\Roaming\vlc
2013-12-25 09:13 - 2013-12-25 09:13 - 08328920 _____ C:\Users\media\Downloads\BvSshClient-Inst.exe
2013-12-25 09:13 - 2013-12-25 09:13 - 00002227 _____ C:\Users\Public\Desktop\Bitvise SSH Client.lnk
2013-12-25 09:13 - 2013-12-25 09:13 - 00000000 ____D C:\Program Files\Bitvise SSH Client
2013-12-25 09:12 - 2013-12-25 09:12 - 00319488 _____ (Simon Tatham) C:\Users\media\Downloads\puttytel.exe
2013-12-25 08:35 - 2013-12-25 08:35 - 00000000 ____D C:\2180_31161
2013-12-25 08:19 - 2013-12-25 08:19 - 00049250 _____ C:\HPSLPSVC0057.log
2013-12-24 16:35 - 2013-12-24 16:35 - 05132128 _____ (Martin Prikryl                                              ) C:\Users\media\Downloads\winscp550setup.exe
2013-12-24 16:35 - 2013-12-24 16:35 - 00000780 _____ C:\Users\Public\Desktop\WinSCP.lnk
2013-12-24 16:35 - 2013-12-24 16:35 - 00000000 ____D C:\Program Files\WinSCP
2013-12-24 15:31 - 2013-12-24 15:31 - 00006221 _____ C:\Users\media\Downloads\backup-OpenWrt-2011-09-08.tar.gz
2013-12-24 15:28 - 2013-12-24 14:46 - 06028681 _____ C:\Users\media\Downloads\TL-WDR4300_V1_130617.zip
2013-12-24 15:21 - 2013-06-17 12:52 - 08258048 _____ C:\firmware.bin
2013-12-24 14:12 - 2013-12-24 14:12 - 00000000 ____D C:\Users\media\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MetaGeek
2013-12-24 14:12 - 2013-12-24 14:12 - 00000000 ____D C:\Program Files\MetaGeek
2013-12-24 14:12 - 2013-12-24 14:11 - 06082560 _____ C:\Users\media\Downloads\inSSIDerOffice.msi
2013-12-24 13:16 - 2013-12-24 13:16 - 00000000 ____D C:\2784_6866
2013-12-24 13:10 - 2013-12-24 13:10 - 00054873 _____ C:\HPSLPSVC0056.log
2013-12-24 09:16 - 2013-12-24 09:16 - 00000000 ____D C:\1856_5822
2013-12-24 09:03 - 2013-12-24 09:03 - 00006759 _____ C:\HPSLPSVC0055.log
2013-12-23 00:11 - 2013-10-17 08:07 - 00360051 _____ C:\Quarantine.exe
2013-12-22 12:42 - 2013-12-22 12:42 - 00001121 _____ C:\Users\media\Desktop\DiskStation.lnk
2013-12-22 12:32 - 2013-12-22 12:32 - 00002943 _____ C:\HPSLPSVC0054.log
2013-12-22 12:01 - 2013-12-22 12:01 - 00000029 _____ C:\Users\media\Downloads\audiolog
2013-12-22 10:49 - 2013-12-22 10:49 - 00000000 ____D C:\1244_12487
2013-12-22 10:41 - 2013-12-22 10:41 - 00006282 _____ C:\HPSLPSVC0053.log
2013-12-20 09:39 - 2013-12-20 09:39 - 00000000 ____D C:\2172_14318
2013-12-20 09:33 - 2013-12-20 09:33 - 00002943 _____ C:\HPSLPSVC0052.log
2013-12-15 12:08 - 2013-12-15 12:08 - 00000000 ____D C:\3060_15548
2013-12-15 12:02 - 2013-12-15 12:02 - 00052918 _____ C:\HPSLPSVC0051.log
2013-12-14 14:52 - 2013-12-14 14:43 - 01703422 _____ C:\MSId34f4.LOG
2013-12-14 14:51 - 2006-11-02 12:18 - 00000000 __RHD C:\Users\Default
2013-12-14 14:43 - 2013-12-14 14:43 - 23625728 _____ C:\NUP2EAD.msi
2013-12-14 14:36 - 2013-12-14 14:36 - 00000000 ____D C:\3072_1688
2013-12-14 14:30 - 2013-12-14 14:30 - 00009471 _____ C:\HPSLPSVC0049.log
2013-12-12 14:25 - 2013-12-12 14:25 - 00001155 _____ C:\HPSLPSVC0048.log

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-05 01:42

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

mfg eric

schrauber · 06.01.2014, 01:25

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

eastside86 · 06.01.2014, 18:11

Hallo

eset online hat nix gefunden

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=5a241b0183e35e46b7108314a0a3fcde
# engine=16535
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-01-06 03:00:42
# local_time=2014-01-06 04:00:42 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=3073 16777214 0 60 7729250 129172492 0 0
# compatibility_mode=5892 16776574 100 100 6907965 226553170 0 0
# scanned=280963
# found=0
# cleaned=0
# scan_time=6306

Code:

ATTFilter

 Results of screen317's Security Check version 0.99.78  
 Windows Vista Service Pack 2 x86 (UAC is disabled!)  
 Internet Explorer 9  
 Internet Explorer 8  
``````````````Antivirus/Firewall Check:`````````````` 
ESET Smart Security 7.0   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Ad-Aware 
 xp-AntiSpy 3.98-2    
 Trojan Remover 6.8.8   
 Malwarebytes Anti-Malware Version 1.75.0.1300  
 TuneUp Utilities 2014   
 TuneUp Utilities 2014 (de-DE)  
 TuneUp Utilities 2014   
 Java(TM) 6 Update 33  
 Java 7 Update 40  
 Java version out of Date! 
 Adobe Flash Player 10 Flash Player out of Date! 
 Adobe Flash Player 	11.3.300.265  
 Adobe Reader 10.1.4 Adobe Reader out of Date!  
 Google Chrome 30.0.1599.101  
 Google Chrome 30.0.1599.69  
````````Process Check: objlist.exe by Laurent````````  
 Ad-Aware AAWService.exe is disabled! 
 Ad-Aware AAWTray.exe is disabled! 
 ESET NOD32 Antivirus egui.exe  
 ESET NOD32 Antivirus ekrn.exe  
 Comodo Firewall cmdagent.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 27-12-2013 01
Ran by media (administrator) on MEDIA-PC on 06-01-2014 17:39:13
Running from C:\Users\media\Downloads
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Egis Technology Inc.) C:\Program Files\Acer Bio Protection\CompPtcVUI.exe
(ArcSoft, Inc.) C:\Program Files\Common Files\ArcSoft\esinter\Bin\eservutil.exe
(Agere Systems) C:\Windows\System32\agrsmsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
(Executive Software International, Inc.) C:\Program Files\Executive Software\DiskeeperLite\DKService.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
(Egis Technology Inc.) C:\Program Files\Acer Bio Protection\BASVC.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
(EgisTec Inc.) C:\Program Files\EgisTec\MyWinLocker 3\x86\MWLService.exe
(NewTech Infosystems, Inc.) C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
(Acer Incorporated) C:\Program Files\Acer\Acer VCM\RS_Service.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe
() C:\Program Files\Synology\Assistant\UsbClientService.exe
(Cybit AG) C:\Program Files\[verify-U] AVS\[verify-U]-Service.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesApp32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
() C:\Windows\PLFSetI.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\LManager.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodtray.exe
(BUFFALO INC.) C:\Program Files\BUFFALO\BuffaloTools\BuffaloTools.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Google Inc.) C:\Users\media\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(BUFFALO INC.) C:\Program Files\BUFFALO\BFRD4G\BRDUtilTray.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Realtek Semiconductor Corp.) C:\RtkBtMnt.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Users\media\AppData\Local\Google\Chrome\Application\chrome.exe
(MAGIX AG) C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
(Google Inc.) C:\Users\media\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Windows\System32\UI0Detect.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [NvCplDaemon] - RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [NvMediaCenter] - RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [6957600 2009-03-11] (Realtek Semiconductor)
HKLM\...\Run: [PLFSetI] - C:\Windows\PLFSetI.exe [200704 2009-08-07] ()
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1410344 2008-12-05] (Synaptics, Inc.)
HKLM\...\Run: [Acer ePower Management] - C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe [715296 2009-03-11] (Acer Incorporated)
HKLM\...\Run: [LManager] - C:\Program Files\Launch Manager\LManager.exe [870920 2009-02-24] (Dritek System Inc.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [OODefragTray] - C:\Program Files\OO Software\Defrag\oodtray.exe [2729800 2011-01-25] (O&O Software GmbH)
HKLM\...\Run: [BuffaloTools] - C:\Program Files\BUFFALO\BuffaloTools\BuffaloTools.exe [169336 2010-03-05] (BUFFALO INC.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [919008 2012-07-27] (Adobe Systems Incorporated)
HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET Smart Security\egui.exe [5110672 2013-09-12] (ESET)
HKCU\...\Run: [GoogleChromeAutoLaunch_8F845A354B06725D1522ED10EA9CFB1F] - C:\Users\media\AppData\Local\Google\Chrome\Application\chrome.exe [844752 2013-10-09] (Google Inc.)
HKCU\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2009-08-07] (Google Inc.)
HKCU\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\wmpnscfg.exe [202240 2008-01-21] (Microsoft Corporation)
HKCU\...\Policies\system: [LogonHoursAction] 2
HKCU\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKCU\...\Policies\Explorer: [NoDrives] 0x00000000
MountPoints2: {153c796d-ee0c-11e1-ae42-001f1698f2c3} - E:\Windows\CHECK\DriveNavigator.exe
HKU\Bettina\...\Run: [ProductReg] - C:\Program Files\Acer\WR_PopUp\ProductReg.exe [ 2008-11-17] (Acer)
HKU\Bettina\...\Run: [Google Update] - C:\Users\Bettina\AppData\Local\Google\Update\GoogleUpdate.exe [ 2012-08-05] (Google Inc.)
HKU\Bettina\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\wmpnscfg.exe [ 2008-01-21] (Microsoft Corporation)
HKU\Bettina\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [ 2009-08-07] (Google Inc.)
HKU\Bettina\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [ 2013-05-01] (Apple Inc.)
HKU\Bettina\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\System32\Macromed\Flash\FlashUtil10a.exe [ 2008-10-05] (Adobe Systems, Inc.)
HKU\Bettina\...\Policies\system: [LogonHoursAction] 2
HKU\Bettina\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default\...\Run: [ProductReg] - C:\Program Files\Acer\WR_PopUp\ProductReg.exe [ 2008-11-17] (Acer)
HKU\Default\...\RunOnce: [ScrSav] - C:\Windows\Screensavers\Acer\run_Acer.exe [ 2009-01-21] (TODO: <Company name>)
HKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\Default User\...\Run: [ProductReg] - C:\Program Files\Acer\WR_PopUp\ProductReg.exe [ 2008-11-17] (Acer)
HKU\Default User\...\RunOnce: [ScrSav] - C:\Windows\Screensavers\Acer\run_Acer.exe [ 2009-01-21] (TODO: <Company name>)
HKU\Gast\...\Run: [ProductReg] - C:\Program Files\Acer\WR_PopUp\ProductReg.exe [ 2008-11-17] (Acer)
HKU\Gast\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [ 2013-05-01] (Apple Inc.)
AppInit_DLLs: C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll [ 2009-10-31] (Google)
Lsa: [Notification Packages] c:\Program Files\Acer Bio Protection\PwdFilter

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0709&m=aspire_7738
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0709&m=aspire_7738
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://global.acer.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0709&m=aspire_7738
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=2&o=vp32&d=0709&m=aspire_7738
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_33-windows-i586.cab
DPF: {FC11A119-C2F7-46F4-9E32-937ABA26816E} file:///D:/CDViewer/CDVIEWER/CdViewer.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Acer\Acer VCM\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Winsock: Catalog9 01 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 02 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 03 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 04 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 05 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 06 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 07 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 08 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Winsock: Catalog9 21 C:\Windows\system32\wpclsp.dll [72192] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\media\AppData\Roaming\Mozilla\Firefox\Profiles\yhk3is3u.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_265.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin,version=10.40.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.40.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8051.1204 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @phonostar.de/phonostar - C:\Program Files\phonostar-Player\npphonostarDetectNP.dll No File
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\media\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\media\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2
FF Extension: No Name - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2
FF Extension: No Name - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2

========================== Services (Whitelisted) =================

R2 ADExchange; C:\Program Files\Common Files\ArcSoft\esinter\Bin\eservutil.exe [43072 2012-03-19] (ArcSoft, Inc.)
R2 CLHNService; C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [75048 2009-05-20] ()
R2 cmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [723632 2009-12-03] (COMODO)
R2 Diskeeper; C:\Program Files\Executive Software\DiskeeperLite\DKService.exe [176128 2002-10-16] (Executive Software International, Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1337752 2013-09-12] (ESET)
R2 ePowerSvc; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [666144 2009-03-11] (Acer Incorporated)
R2 Fabs; C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe [1840128 2011-05-24] (MAGIX AG)
S3 FirebirdServerMAGIXInstance; C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®)
S3 GoogleDesktopManager-093009-130223; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2009-10-31] (Google)
S2 HPWJAService; C:\Program Files\Hewlett-Packard\Web Jetadmin 10\bin\HPWJAService.exe [45056 2012-12-20] (Hewlett-Packard Development Company, L.P.)
S2 HPWSProAdapter; C:\Program Files\Hewlett-Packard\Web Jetadmin 10\HPWSProAdapter\FileSystems\Core\bin\XP-x86\release\HP.Dss.App.WinService.exe [9728 2012-11-02] (Hewlett-Packard)
R2 IGBASVC; c:\Program Files\Acer Bio Protection\BASVC.exe [3440640 2009-02-13] (Egis Technology Inc.)
S2 Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [1184912 2009-12-03] (Lavasoft)
R2 MSSQL$HPWJA; C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
S4 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [44384 2010-12-10] (Microsoft Corporation)
R2 MWLService; C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe [306736 2008-10-27] (EgisTec Inc.)
R2 NTISchedulerSvc; C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [144632 2008-09-23] (NewTech Infosystems, Inc.)
R2 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [2336072 2011-01-25] (O&O Software GmbH)
R2 RS_Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [237568 2008-11-27] (Acer Incorporated)
S3 SystemExplorerHelpService; C:\Program Files\System Explorer\service\SystemExplorerService.exe [567256 2012-08-21] (Mister Group)
R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe [1739576 2013-10-30] (TuneUp Software)
R2 UsbClientService; C:\Program Files\Synology\Assistant\UsbClientService.exe [248704 2012-09-18] ()
R2 [verify-U]; C:\Program Files\[verify-U] AVS\[verify-U]-Service.exe [143360 2008-01-28] (Cybit AG)

==================== Drivers (Whitelisted) ====================

R0 AlfaFF; C:\Windows\System32\drivers\AlfaFF.sys [42608 2009-02-13] (Alfa Corporation)
R1 ArcSec; C:\Windows\System32\drivers\ArcSec.sys [198720 2011-11-10] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [281760 2009-10-31] ()
R0 BFRD4G; C:\Windows\System32\DRIVERS\BFRD4G.sys [38264 2010-03-10] (BUFFALO INC.)
S3 busenum; C:\Windows\System32\DRIVERS\busenum.sys [45792 2012-08-03] (Windows (R) Win 7 DDK provider)
R1 cmdHlp; C:\Windows\System32\DRIVERS\cmdhlp.sys [29520 2009-12-03] (COMODO)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [188808 2013-09-17] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [134248 2013-09-17] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [174400 2013-09-17] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [37416 2013-09-17] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [49240 2013-09-17] (ESET)
R2 FPSensor; C:\Windows\System32\Drivers\FPSensor.sys [26928 2008-12-24] (Egis)
R3 hidshim; C:\Windows\System32\DRIVERS\hidshim.sys [5632 2008-10-08] (Windows (R) Codename Longhorn DDK provider)
R2 int15; c:\Windows\system32\drivers\int15.sys [69632 2009-02-13] ()
R0 Lbd; C:\Windows\System32\DRIVERS\Lbd.sys [64288 2009-09-23] (Lavasoft AB)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2009-10-31] ()
R2 mwlPSDFilter; C:\Windows\System32\DRIVERS\mwlPSDFilter.sys [19504 2008-10-09] (Egis Incorporated.)
R2 mwlPSDNServ; C:\Windows\System32\DRIVERS\mwlPSDNServ.sys [16432 2008-10-09] (Egis Incorporated.)
R2 mwlPSDVDisk; C:\Windows\System32\DRIVERS\mwlPSDVDisk.sys [59952 2008-10-09] (Egis Incorporated.)
R2 npf; C:\Windows\System32\drivers\npf.sys [35088 2013-07-28] (CACE Technologies, Inc.)
R3 nuvotonhidgeneric; C:\Windows\System32\DRIVERS\nuvotonhidgeneric.sys [22528 2008-10-08] (Nuvoton Technology Corporation)
R0 PCTCore; C:\Windows\System32\drivers\PCTCore.sys [368616 2012-10-22] (PC Tools)
R0 pctDS; C:\Windows\System32\drivers\pctDS.sys [342168 2012-02-28] (PC Tools)
R0 pctEFA; C:\Windows\System32\drivers\pctEFA.sys [909728 2012-02-28] (PC Tools)
R1 PCTSD; C:\Windows\System32\Drivers\PCTSD.sys [202280 2012-11-01] (PC Tools)
R0 RRamdisk; C:\Windows\System32\DRIVERS\rramdisk.sys [12288 2012-08-04] (gavotte)
R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesDriver32.sys [12320 2013-09-18] (TuneUp Software)
R1 [verify-U]_System; C:\Windows\System32\drivers\[verify-U]-driver.sys [16128 2007-11-07] (Cybits AG)
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796}; C:\Program Files\Acer Arcade Deluxe\PlayMovie\000.fcl [87536 2009-09-18] (CyberLink Corp.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
S3 catchme; \??\C:\Temp\catchme.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-06 17:40 - 2014-01-06 17:40 - 00005806 _____ C:\log3
2014-01-06 17:40 - 2014-01-06 17:40 - 00005316 _____ C:\log1
2014-01-06 17:39 - 2014-01-06 17:39 - 14212547 _____ C:\NOD54F6.tmp
2014-01-06 17:39 - 2014-01-06 17:39 - 00000126 _____ C:\users00
2014-01-06 17:39 - 2014-01-06 17:39 - 00000003 _____ C:\others
2014-01-06 16:47 - 2014-01-06 16:47 - 00016400 ___HT C:\etilqs_undhpiB95GDiSJe
2014-01-06 16:39 - 2014-01-06 16:39 - 00000000 ____D C:\WPDNSE
2014-01-06 16:38 - 2014-01-06 16:38 - 00002943 _____ C:\HPSLPSVC0088.log
2014-01-06 16:29 - 2014-01-06 16:34 - 00000000 ____D C:\RunBoot-Temp_.6822b2cf-a7f3-40dc-a540-c88a82b92f98
2014-01-06 16:23 - 2014-01-06 16:09 - 00987410 _____ C:\Users\media\Desktop\SecurityCheck.exe
2014-01-06 16:18 - 2014-01-06 16:18 - 00308776 _____ (ESET) C:\InstHelper.exe
2014-01-06 16:14 - 2014-01-06 16:18 - 00000000 ____D C:\eset
2014-01-06 16:14 - 2014-01-06 16:14 - 00000000 ____D C:\ProgramData\ESET
2014-01-06 16:13 - 2014-01-06 16:13 - 01581384 _____ (ESET) C:\Users\media\Downloads\eset_smart_security_live_installer_.exe
2014-01-06 16:09 - 2014-01-06 16:09 - 00987410 _____ C:\Users\media\Downloads\SecurityCheck.exe
2014-01-06 16:07 - 2014-01-06 17:22 - 00000000 ____D C:\Users\media\Desktop\neu log
2014-01-06 16:02 - 2014-01-06 16:02 - 00000228 _____ C:\Windows\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013.job
2014-01-06 14:13 - 2014-01-06 14:13 - 02347384 _____ (ESET) C:\Users\media\Downloads\esetsmartinstaller_enu.exe
2014-01-06 14:07 - 2014-01-06 14:07 - 00000237 _____ C:\AdobeARM_NotLocked.log
2014-01-06 14:06 - 2014-01-06 14:06 - 00036178 _____ C:\A9R9187.tmp
2014-01-06 14:04 - 2014-01-06 14:04 - 00001896 _____ C:\Users\Public\Desktop\Adobe Reader X.lnk
2014-01-06 14:04 - 2014-01-06 14:04 - 00000000 ____D C:\Program Files\Common Files\Adobe
2014-01-06 14:00 - 2014-01-06 14:00 - 00139762 _____ C:\MSI985f1.LOG
2014-01-06 13:58 - 2014-01-06 13:58 - 00000000 ____D C:\4044_29408
2014-01-06 13:51 - 2014-01-06 13:51 - 00003897 _____ C:\HPSLPSVC0087.log
2014-01-06 13:50 - 2014-01-06 17:39 - 536870912 ____H C:\BFRD_000.dat
2014-01-06 13:48 - 2014-01-06 13:48 - 00002943 _____ C:\HPSLPSVC0086.log
2014-01-06 13:45 - 2014-01-06 13:45 - 00000000 ____D C:\Users\media\AppData\Roaming\BUFFALO
2014-01-06 13:44 - 2014-01-06 13:44 - 00000000 ____D C:\Program Files\BUFFALO
2014-01-06 13:44 - 2010-03-10 07:05 - 00012448 ____R C:\Windows\UN091114.INI
2014-01-06 13:44 - 2010-03-10 03:29 - 00038264 _____ (BUFFALO INC.) C:\Windows\system32\Drivers\BFRD4G.sys
2014-01-06 13:44 - 2010-03-09 03:02 - 00012170 ____R C:\Windows\UN091201.INI
2014-01-06 13:36 - 2014-01-06 13:36 - 00002943 _____ C:\HPSLPSVC0085.log
2014-01-05 19:41 - 2013-10-30 10:45 - 00036152 _____ (TuneUp Software) C:\Windows\system32\uxtuneup.dll
2014-01-05 19:40 - 2014-01-05 19:41 - 00000000 ____D C:\UpdateWizard_104020
2014-01-05 19:39 - 2014-01-05 19:41 - 00000000 ____D C:\totalcmd
2014-01-05 19:39 - 2014-01-05 19:39 - 00001873 _____ C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
2014-01-05 19:39 - 2014-01-05 19:39 - 00001869 _____ C:\Users\Public\Desktop\TuneUp Utilities 2014.lnk
2014-01-05 19:39 - 2014-01-05 19:39 - 00000588 _____ C:\Users\media\Desktop\Total Commander.lnk
2014-01-05 19:39 - 2014-01-05 19:39 - 00000000 ____D C:\Users\media\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
2014-01-05 19:39 - 2014-01-05 19:39 - 00000000 ____D C:\Users\media\AppData\Roaming\GHISLER
2014-01-05 19:39 - 2013-10-30 10:45 - 00036664 _____ (TuneUp Software) C:\Windows\system32\TURegOpt.exe
2014-01-05 19:39 - 2013-10-30 10:45 - 00025400 _____ (TuneUp Software) C:\Windows\system32\authuitu.dll
2014-01-05 19:38 - 2014-01-05 19:38 - 05896408 _____ (Ghisler Software GmbH) C:\Users\media\Downloads\tcm801x32_64.exe
2014-01-05 19:36 - 2014-01-05 19:41 - 00000000 ____D C:\Program Files\TuneUp Utilities 2014
2014-01-05 19:34 - 2014-01-05 19:34 - 02646016 _____ C:\TUM9B94.tmp
2014-01-05 19:34 - 2014-01-05 19:34 - 00000000 _____ C:\TUM9BD3.tmp
2014-01-05 19:33 - 2014-01-05 19:33 - 32522152 _____ (TuneUp Software) C:\Users\media\Downloads\TuneUpUtilities2014_de-DE_b1000.143.exe
2014-01-05 19:24 - 2014-01-05 19:24 - 00000000 _____ C:\DMI9E32.tmp
2014-01-05 19:05 - 2014-01-05 19:05 - 00005181 _____ C:\HPSLPSVC0084.log
2014-01-05 18:09 - 2014-01-05 18:09 - 00139096 _____ C:\Windows\Minidump\Mini010514-01.dmp
2014-01-05 18:09 - 2014-01-05 18:09 - 00002943 _____ C:\HPSLPSVC0083.log
2014-01-05 17:24 - 2014-01-05 17:26 - 00000000 ____D C:\Users\media\Desktop\gg
2014-01-05 17:23 - 2014-01-05 17:23 - 00002310 _____ C:\HPSLPSVC0082.log
2014-01-05 17:01 - 2014-01-05 17:01 - 00000000 ____D C:\Temp2_Realtek_XPVistaWin7_WHQL_6.1.7600.30126.zip
2014-01-05 17:01 - 2010-10-29 16:11 - 00197224 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsUStor.sys
2014-01-05 16:57 - 2014-01-05 16:58 - 00000000 ____D C:\RunBoot-Temp_.b37fdc6f-11df-4c59-96bc-7e178d9e3370
2014-01-05 16:51 - 2014-01-05 17:05 - 00000000 ____D C:\Temp1_usb228deview.zip
2014-01-05 16:36 - 2014-01-05 16:36 - 00007733 _____ C:\HPSLPSVC0081.log
2014-01-05 15:47 - 2014-01-05 15:47 - 00016384 _____ C:\~DF3BBD.tmp
2014-01-05 15:43 - 2014-01-05 15:44 - 00000720 _____ C:\Users\media\Desktop\Router-Einstellungen.txt
2014-01-05 15:29 - 2014-01-05 15:29 - 00000000 ____D C:\Users\media\Desktop\TL-WDR4900_V1_130424
2014-01-05 15:29 - 2014-01-05 15:28 - 12071900 _____ C:\Users\media\AppData\TL-WDR4900_V1_130424.zip
2014-01-05 15:28 - 2014-01-05 15:28 - 12071900 _____ C:\Users\media\Downloads\TL-WDR4900_V1_130424.zip
2014-01-05 15:05 - 2014-01-05 15:05 - 00000000 _____ C:\oodag 14.1.431 2014-1-5 12.45.54.742.dmp
2014-01-05 13:52 - 2014-01-05 13:52 - 00000000 ____D C:\3960_10210
2014-01-05 13:49 - 2014-01-05 13:49 - 00000000 ____D C:\Users\media\Downloads\HighResAudio.com
2014-01-05 13:48 - 2014-01-05 13:48 - 00000000 ____D C:\Program Files\HIGHRESAUDIOManager
2014-01-05 13:47 - 2014-01-05 13:48 - 00007213 _____ C:\i4j_nlog_2
2014-01-05 13:46 - 2014-01-05 13:46 - 00020517 _____ C:\HPSLPSVC0079.log
2014-01-05 09:18 - 2014-01-05 09:18 - 00047508 _____ C:\Users\media\Desktop\FRST.txt
2014-01-05 01:36 - 2014-01-05 01:36 - 00006291 _____ C:\HPSLPSVC0078.log
2014-01-05 01:36 - 2014-01-05 01:36 - 00003850 _____ C:\Users\media\Desktop\AdwCleaner[S0].txt
2014-01-05 01:28 - 2014-01-05 01:28 - 00004068 _____ C:\HPSLPSVC0077.log
2014-01-04 19:00 - 2014-01-04 19:00 - 00001467 _____ C:\Users\media\Desktop\JRT.txt
2014-01-04 18:55 - 2014-01-04 18:55 - 00000000 ____D C:\Windows\ERUNT
2014-01-04 18:50 - 2014-01-05 01:33 - 00000000 _____ C:\preferences
2014-01-04 18:46 - 2014-01-05 01:33 - 00000000 ____D C:\AdwCleaner
2014-01-04 18:46 - 2014-01-04 18:46 - 00000910 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-04 18:46 - 2014-01-04 18:46 - 00000000 ____D C:\Users\media\AppData\Roaming\Malwarebytes
2014-01-04 18:46 - 2014-01-04 18:46 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-04 18:46 - 2014-01-04 18:46 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2014-01-04 18:46 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-04 18:32 - 2014-01-04 18:32 - 00000000 ____D C:\2188_1108
2014-01-04 18:28 - 2014-01-06 16:39 - 00004706 _____ C:\AdobeARM.log
2014-01-04 18:25 - 2014-01-04 18:25 - 00015114 _____ C:\HPSLPSVC0076.log
2014-01-01 17:19 - 2014-01-01 17:11 - 00000366 _____ C:\Users\media\Desktop\ComboFix.txt
2014-01-01 17:18 - 2014-01-01 17:18 - 00000000 ___SD C:\Users\media\Desktop\ComboFix
2014-01-01 17:15 - 2014-01-01 17:15 - 00000581 _____ C:\Users\media\Desktop\blue.txt
2014-01-01 17:13 - 2014-01-01 17:13 - 00139096 _____ C:\Windows\Minidump\Mini010114-01.dmp
2014-01-01 17:13 - 2014-01-01 17:13 - 00002943 _____ C:\HPSLPSVC0075.log
2014-01-01 17:09 - 2014-01-01 17:11 - 00000000 ___SD C:\ComboFix
2014-01-01 17:08 - 2014-01-01 17:08 - 00002943 _____ C:\HPSLPSVC0074.log
2014-01-01 17:01 - 2014-01-01 17:05 - 01019232 _____ C:\MSI382e5.LOG
2014-01-01 16:59 - 2014-01-01 16:59 - 00003736 _____ C:\HPSLPSVC0073.log
2014-01-01 16:53 - 2014-01-01 16:55 - 00003590 _____ C:\Users\media\Desktop\Msirepair.reg
2014-01-01 16:47 - 2014-01-01 16:47 - 14371472 _____ C:\httB700.tmp
2014-01-01 16:42 - 2014-01-01 16:42 - 00001566 _____ C:\MSI7db7.LOG
2014-01-01 16:26 - 2014-01-01 16:26 - 00005181 _____ C:\HPSLPSVC0072.log
2014-01-01 16:20 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2014-01-01 16:20 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2014-01-01 16:20 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-01-01 16:20 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-01-01 16:20 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-01-01 16:20 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2014-01-01 16:20 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2014-01-01 16:20 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2014-01-01 16:18 - 2014-01-01 16:19 - 00000000 ____D C:\Qoobox
2014-01-01 16:18 - 2014-01-01 16:18 - 00000000 ____D C:\Windows\erdnt
2014-01-01 16:16 - 2014-01-01 16:16 - 05160176 ____R (Swearware) C:\Users\media\Desktop\ComboFix.exe
2014-01-01 16:15 - 2014-01-01 16:16 - 05160176 _____ (Swearware) C:\Users\media\Downloads\ComboFix.exe
2014-01-01 16:11 - 2014-01-01 16:11 - 00000000 ____D C:\224_8663
2014-01-01 16:05 - 2014-01-01 16:23 - 00004068 _____ C:\HPSLPSVC0071.log
2013-12-28 18:36 - 2013-12-28 18:36 - 00021583 _____ C:\Users\media\Downloads\Addition (1).txt
2013-12-28 09:52 - 2013-12-28 09:52 - 00004700 _____ C:\Users\media\Desktop\scaneset.xml
2013-12-28 09:51 - 2013-12-28 09:51 - 00002073 _____ C:\Users\media\Desktop\eset4.xml
2013-12-28 09:51 - 2013-12-28 09:51 - 00002073 _____ C:\Users\media\Desktop\eset3.xml
2013-12-28 09:51 - 2013-12-28 09:51 - 00002073 _____ C:\Users\media\Desktop\eset2.xml
2013-12-28 09:51 - 2013-12-28 09:51 - 00002073 _____ C:\Users\media\Desktop\eset1.txt
2013-12-28 09:46 - 2013-12-28 09:46 - 00000000 ____D C:\5480_3664
2013-12-28 09:33 - 2013-12-28 09:33 - 00006305 _____ C:\HPSLPSVC0069.log
2013-12-27 21:39 - 2013-12-27 21:39 - 00377856 _____ C:\Users\media\Downloads\gmer_2.1.19163.exe
2013-12-27 21:38 - 2013-12-28 09:39 - 00000000 ____D C:\Users\media\Desktop\troj
2013-12-27 21:37 - 2013-12-27 21:38 - 00021583 _____ C:\Users\media\Downloads\Addition.txt
2013-12-27 21:36 - 2014-01-06 17:39 - 00020991 _____ C:\Users\media\Downloads\FRST.txt
2013-12-27 21:36 - 2013-12-27 21:36 - 01063657 _____ (Farbar) C:\Users\media\Downloads\FRST.exe
2013-12-27 21:36 - 2013-12-27 21:36 - 00000000 ____D C:\FRST
2013-12-27 21:34 - 2013-12-27 21:34 - 00000472 _____ C:\Users\media\Downloads\defogger_disable.log
2013-12-27 21:34 - 2013-12-27 21:34 - 00000000 _____ C:\Users\media\defogger_reenable
2013-12-27 21:33 - 2013-12-27 21:33 - 00050477 _____ C:\Users\media\Downloads\Defogger.exe
2013-12-27 21:29 - 2013-12-27 21:29 - 00012312 _____ C:\Users\media\Downloads\hijackthis.log
2013-12-27 21:27 - 2013-12-27 21:27 - 00388608 _____ (Trend Micro Inc.) C:\Users\media\Downloads\HijackThis.exe
2013-12-27 21:23 - 2013-12-27 21:23 - 00002944 _____ C:\HPSLPSVC0068.log
2013-12-27 21:19 - 2006-09-18 22:41 - 00000761 _____ C:\Windows\system32\Drivers\etc\hosts.trb
2013-12-27 21:18 - 2013-12-27 21:18 - 00000000 ____D C:\ProgramData\Licenses
2013-12-27 21:14 - 2013-12-27 21:14 - 00002311 _____ C:\HPSLPSVC0067.log
2013-12-27 21:10 - 2013-12-27 21:13 - 00000000 ____D C:\Program Files\Trojan Remover
2013-12-27 21:10 - 2013-12-27 21:10 - 00000940 _____ C:\Users\Public\Desktop\Trojan Remover.lnk
2013-12-27 21:10 - 2013-12-27 21:10 - 00000000 ____D C:\Users\media\Documents\Simply Super Software
2013-12-27 21:10 - 2013-12-27 21:10 - 00000000 ____D C:\Users\media\AppData\Roaming\Simply Super Software
2013-12-27 21:10 - 2013-12-27 21:10 - 00000000 ____D C:\ProgramData\Simply Super Software
2013-12-27 21:10 - 2013-12-27 21:10 - 00000000 ____D C:\is-2JUN5.tmp
2013-12-27 21:10 - 2012-06-15 15:39 - 00169744 _____ C:\Windows\system32\ztvunrar36.dll
2013-12-27 21:10 - 2012-06-15 15:35 - 00185616 _____ C:\Windows\system32\ztvunrar39.dll
2013-12-27 21:10 - 2012-06-15 15:33 - 00605968 _____ (Igor Pavlov) C:\Windows\system32\ztv7z.dll
2013-12-27 21:10 - 2012-06-15 15:33 - 00077072 _____ (Microsoft Corporation) C:\Windows\system32\ztvcabinet.dll
2013-12-27 21:10 - 2005-08-26 00:50 - 00077312 _____ C:\Windows\system32\ztvunace26.dll
2013-12-27 21:10 - 2003-02-02 19:06 - 00153088 _____ C:\Windows\system32\UNRAR3.dll
2013-12-27 21:10 - 2002-03-06 00:00 - 00075264 _____ C:\Windows\system32\unacev2.dll
2013-12-27 21:07 - 2013-12-27 21:07 - 28469872 _____ (Simply Super Software                                       ) C:\Users\media\Downloads\trjsetup688-2625.exe
2013-12-27 21:04 - 2013-12-27 21:04 - 00002311 _____ C:\HPSLPSVC0066.log
2013-12-27 15:34 - 2013-12-27 15:34 - 00001155 _____ C:\HPSLPSVC0065.log
2013-12-27 15:17 - 2013-12-27 15:17 - 00001155 _____ C:\HPSLPSVC0064.log
2013-12-27 15:11 - 2013-12-27 15:11 - 00002311 _____ C:\HPSLPSVC0063.log
2013-12-27 15:08 - 2013-12-27 15:08 - 00000999 _____ C:\Users\Public\Desktop\PC Tools File and Registry Tool.lnk
2013-12-27 15:08 - 2013-12-27 15:08 - 00000000 ____D C:\Program Files\PC Tools Registry Tool
2013-12-27 15:07 - 2013-12-27 15:08 - 02882183 _____ C:\Users\media\Downloads\pcttregtool.zip
2013-12-27 15:06 - 2013-12-27 15:06 - 00000000 ____D C:\is-6CB01.tmp
2013-12-27 15:04 - 2014-01-06 16:26 - 02182655 _____ C:\Windows\system32\Drivers\Cat.DB
2013-12-27 15:04 - 2013-12-27 15:07 - 00002550 _____ C:\SetupProtect20131227150403251_3aeb5.log
2013-12-27 15:04 - 2013-12-27 15:04 - 00000000 ____D C:\Program Files\Common Files\PC Tools
2013-12-27 15:04 - 2012-11-01 15:35 - 00202280 _____ (PC Tools) C:\Windows\system32\Drivers\PCTSD.sys
2013-12-27 15:04 - 2012-10-22 16:38 - 00368616 _____ (PC Tools) C:\Windows\system32\Drivers\PCTCore.sys
2013-12-27 15:04 - 2012-10-22 16:38 - 00163288 _____ (PC Tools) C:\Windows\system32\Drivers\PCTAppEvent.sys
2013-12-27 15:04 - 2012-02-28 11:43 - 00909728 _____ (PC Tools) C:\Windows\system32\Drivers\pctEFA.sys
2013-12-27 15:04 - 2012-02-28 11:43 - 00342168 _____ (PC Tools) C:\Windows\system32\Drivers\pctDS.sys
2013-12-27 15:01 - 2013-12-27 15:01 - 00002311 _____ C:\HPSLPSVC0062.log
2013-12-27 14:55 - 2013-12-27 14:55 - 00448512 _____ (OldTimer Tools) C:\Users\media\Downloads\TFC.exe
2013-12-27 14:34 - 2013-12-27 15:06 - 00000000 ____D C:\PC Tools Download Manager
2013-12-27 14:34 - 2013-12-27 15:04 - 00001356 _____ C:\Users\media\Desktop\sd9setup.exe.lnk
2013-12-27 14:34 - 2013-12-27 14:55 - 00015126 _____ C:\SetupProtect20131227143403530_577e45.log
2013-12-27 14:34 - 2013-12-27 14:34 - 00000000 ____D C:\Users\media\AppData\Roaming\TestApp
2013-12-27 14:34 - 2013-12-27 14:34 - 00000000 ____D C:\ProgramData\PC Tools
2013-12-27 14:33 - 2013-12-27 14:33 - 03834832 _____ (PC Tools) C:\Users\media\Downloads\sd9setup.exe
2013-12-27 14:31 - 2013-12-27 14:31 - 02470536 _____ C:\Users\media\Downloads\nw_24798_adawareinstallerexe.exe
2013-12-27 14:31 - 2013-12-27 14:31 - 00000000 __RSH C:\MSDOS.SYS
2013-12-27 14:31 - 2013-12-27 14:31 - 00000000 __RSH C:\IO.SYS
2013-12-27 14:27 - 2013-12-27 14:27 - 00023334 _____ C:\MSI1be12.LOG
2013-12-27 14:25 - 2013-12-27 14:25 - 00000000 ____D C:\Users\media\AppData\Roaming\LavasoftStatistics
2013-12-27 14:19 - 2013-12-27 14:19 - 00023252 _____ C:\MSIa30b1.LOG
2013-12-27 14:19 - 2013-12-27 14:19 - 00000000 ____D C:\Users\media\AppData\Roaming\Lavasoft
2013-12-27 14:18 - 2013-12-27 14:18 - 00000000 ____D C:\Program Files\Common Files\Lavasoft
2013-12-27 14:17 - 2013-12-27 14:17 - 01725064 _____ C:\Users\media\Downloads\Adaware_Installer_11.1.exe
2013-12-27 14:17 - 2013-12-27 14:17 - 01725064 _____ C:\Users\media\Downloads\Adaware_Installer_11.1 (1).exe
2013-12-27 13:06 - 2013-12-27 13:06 - 00000000 ____D C:\3912_17443
2013-12-27 13:00 - 2013-12-27 13:00 - 00002311 _____ C:\HPSLPSVC0061.log
2013-12-26 07:51 - 2013-12-26 07:51 - 00002311 _____ C:\HPSLPSVC0059.log
2013-12-26 07:36 - 2013-12-26 07:36 - 00000000 ____D C:\3936_3047
2013-12-26 07:30 - 2013-12-26 07:30 - 00012304 ___HT C:\etilqs_emBZBm5lMQsQJhm
2013-12-26 07:29 - 2013-12-26 07:29 - 00002311 _____ C:\HPSLPSVC0058.log
2013-12-25 10:43 - 2013-12-25 10:43 - 08060928 _____ C:\Users\media\Downloads\factory-to-ddwrt.bin
2013-12-25 10:43 - 2013-12-25 10:43 - 08060928 _____ C:\Users\media\Downloads\factory-to-ddwrt (1).bin
2013-12-25 09:13 - 2013-12-25 09:13 - 08328920 _____ C:\Users\media\Downloads\BvSshClient-Inst.exe
2013-12-25 09:13 - 2013-12-25 09:13 - 00002227 _____ C:\Users\Public\Desktop\Bitvise SSH Client.lnk
2013-12-25 09:13 - 2013-12-25 09:13 - 00000000 ____D C:\Program Files\Bitvise SSH Client
2013-12-25 09:12 - 2013-12-25 09:12 - 00319488 _____ (Simon Tatham) C:\Users\media\Downloads\puttytel.exe
2013-12-25 08:35 - 2013-12-25 08:35 - 00000000 ____D C:\2180_31161
2013-12-25 08:19 - 2013-12-25 08:19 - 00049250 _____ C:\HPSLPSVC0057.log
2013-12-24 16:39 - 2013-12-25 10:53 - 00000600 _____ C:\Users\media\AppData\Roaming\winscp.rnd
2013-12-24 16:35 - 2013-12-24 16:35 - 05132128 _____ (Martin Prikryl                                              ) C:\Users\media\Downloads\winscp550setup.exe
2013-12-24 16:35 - 2013-12-24 16:35 - 00000780 _____ C:\Users\Public\Desktop\WinSCP.lnk
2013-12-24 16:35 - 2013-12-24 16:35 - 00000000 ____D C:\Program Files\WinSCP
2013-12-24 15:31 - 2013-12-24 15:31 - 00006221 _____ C:\Users\media\Downloads\backup-OpenWrt-2011-09-08.tar.gz
2013-12-24 14:46 - 2013-12-24 15:28 - 06028681 _____ C:\Users\media\Downloads\TL-WDR4300_V1_130617.zip
2013-12-24 14:34 - 2013-12-25 10:44 - 00000000 ____D C:\Users\media\Downloads\Neuer Ordner
2013-12-24 14:12 - 2013-12-28 19:54 - 00002539 _____ C:\Users\media\Desktop\inSSIDer Office.lnk
2013-12-24 14:12 - 2013-12-24 14:12 - 00000000 ____D C:\Users\media\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MetaGeek
2013-12-24 14:12 - 2013-12-24 14:12 - 00000000 ____D C:\Program Files\MetaGeek
2013-12-24 14:11 - 2013-12-24 14:12 - 06082560 _____ C:\Users\media\Downloads\inSSIDerOffice.msi
2013-12-24 13:16 - 2013-12-24 13:16 - 00000000 ____D C:\2784_6866
2013-12-24 13:10 - 2013-12-24 13:10 - 00054873 _____ C:\HPSLPSVC0056.log
2013-12-24 09:16 - 2013-12-24 09:16 - 00000000 ____D C:\1856_5822
2013-12-24 09:03 - 2013-12-24 09:03 - 00006759 _____ C:\HPSLPSVC0055.log
2013-12-22 12:42 - 2013-12-22 12:42 - 00001121 _____ C:\Users\media\Desktop\DiskStation.lnk
2013-12-22 12:32 - 2013-12-22 12:32 - 00002943 _____ C:\HPSLPSVC0054.log
2013-12-22 12:01 - 2013-12-22 12:01 - 00000029 _____ C:\Users\media\Downloads\audiolog
2013-12-22 10:49 - 2013-12-22 10:49 - 00000000 ____D C:\1244_12487
2013-12-22 10:41 - 2013-12-22 10:41 - 00006282 _____ C:\HPSLPSVC0053.log
2013-12-20 09:39 - 2013-12-20 09:39 - 00000000 ____D C:\2172_14318
2013-12-20 09:33 - 2013-12-20 09:33 - 00002943 _____ C:\HPSLPSVC0052.log
2013-12-15 12:08 - 2013-12-15 12:08 - 00000000 ____D C:\3060_15548
2013-12-15 12:02 - 2013-12-15 12:02 - 00052918 _____ C:\HPSLPSVC0051.log
2013-12-14 14:43 - 2013-12-14 14:52 - 01703422 _____ C:\MSId34f4.LOG
2013-12-14 14:43 - 2013-12-14 14:43 - 23625728 _____ C:\NUP2EAD.msi
2013-12-14 14:36 - 2013-12-14 14:36 - 00000000 ____D C:\3072_1688
2013-12-14 14:30 - 2013-12-14 14:30 - 00009471 _____ C:\HPSLPSVC0049.log
2013-12-12 14:25 - 2013-12-12 14:25 - 00001155 _____ C:\HPSLPSVC0048.log

==================== One Month Modified Files and Folders =======

2014-01-06 17:40 - 2014-01-06 17:40 - 00005806 _____ C:\log3
2014-01-06 17:40 - 2014-01-06 17:40 - 00005378 _____ C:\log1
2014-01-06 17:39 - 2014-01-06 17:39 - 14212547 _____ C:\NOD54F6.tmp
2014-01-06 17:39 - 2014-01-06 17:39 - 00000126 _____ C:\users00
2014-01-06 17:39 - 2014-01-06 17:39 - 00000003 _____ C:\others
2014-01-06 17:39 - 2014-01-06 13:50 - 536870912 ____H C:\BFRD_000.dat
2014-01-06 17:39 - 2013-12-27 21:36 - 00020991 _____ C:\Users\media\Downloads\FRST.txt
2014-01-06 17:22 - 2014-01-06 16:07 - 00000000 ____D C:\Users\media\Desktop\neu log
2014-01-06 16:51 - 2013-10-08 14:27 - 00016461 _____ C:\JavaDeployReg.log
2014-01-06 16:47 - 2014-01-06 16:47 - 00016400 ___HT C:\etilqs_undhpiB95GDiSJe
2014-01-06 16:44 - 2013-10-08 17:42 - 00227481 _____ C:\jusched.log
2014-01-06 16:44 - 2006-11-02 11:33 - 01692428 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-06 16:40 - 2013-10-08 17:41 - 00093643 _____ C:\ProgramData\nvModes.001
2014-01-06 16:40 - 2013-10-08 16:32 - 00824891 _____ C:\hpqddsvc.log
2014-01-06 16:39 - 2014-01-06 16:39 - 00000000 ____D C:\WPDNSE
2014-01-06 16:39 - 2014-01-04 18:28 - 00004706 _____ C:\AdobeARM.log
2014-01-06 16:38 - 2014-01-06 16:38 - 00002943 _____ C:\HPSLPSVC0088.log
2014-01-06 16:38 - 2006-11-02 13:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-06 16:38 - 2006-11-02 13:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-06 16:37 - 2013-10-10 00:06 - 00026496 _____ C:\Windows\PFRO.log
2014-01-06 16:35 - 2009-10-31 21:59 - 00000012 _____ C:\Windows\bthservsdp.dat
2014-01-06 16:35 - 2009-07-04 12:41 - 01856624 _____ C:\Windows\WindowsUpdate.log
2014-01-06 16:34 - 2014-01-06 16:29 - 00000000 ____D C:\RunBoot-Temp_.6822b2cf-a7f3-40dc-a540-c88a82b92f98
2014-01-06 16:34 - 2013-09-12 20:44 - 00000000 ____D C:\msdtadmin
2014-01-06 16:26 - 2013-12-27 15:04 - 02182655 _____ C:\Windows\system32\Drivers\Cat.DB
2014-01-06 16:18 - 2014-01-06 16:18 - 00308776 _____ (ESET) C:\InstHelper.exe
2014-01-06 16:18 - 2014-01-06 16:14 - 00000000 ____D C:\eset
2014-01-06 16:18 - 2009-08-07 10:33 - 00000000 ____D C:\Users\media
2014-01-06 16:14 - 2014-01-06 16:14 - 00000000 ____D C:\ProgramData\ESET
2014-01-06 16:13 - 2014-01-06 16:13 - 01581384 _____ (ESET) C:\Users\media\Downloads\eset_smart_security_live_installer_.exe
2014-01-06 16:09 - 2014-01-06 16:23 - 00987410 _____ C:\Users\media\Desktop\SecurityCheck.exe
2014-01-06 16:09 - 2014-01-06 16:09 - 00987410 _____ C:\Users\media\Downloads\SecurityCheck.exe
2014-01-06 16:08 - 2010-12-18 18:38 - 00000000 ____D C:\Program Files\ESET
2014-01-06 16:02 - 2014-01-06 16:02 - 00000228 _____ C:\Windows\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013.job
2014-01-06 14:13 - 2014-01-06 14:13 - 02347384 _____ (ESET) C:\Users\media\Downloads\esetsmartinstaller_enu.exe
2014-01-06 14:07 - 2014-01-06 14:07 - 00000237 _____ C:\AdobeARM_NotLocked.log
2014-01-06 14:06 - 2014-01-06 14:06 - 00036178 _____ C:\A9R9187.tmp
2014-01-06 14:05 - 2013-11-10 12:14 - 00003689 _____ C:\AdobeSFX.log
2014-01-06 14:04 - 2014-01-06 14:04 - 00001896 _____ C:\Users\Public\Desktop\Adobe Reader X.lnk
2014-01-06 14:04 - 2014-01-06 14:04 - 00000000 ____D C:\Program Files\Common Files\Adobe
2014-01-06 14:04 - 2009-03-12 04:26 - 00000000 ____D C:\ProgramData\Adobe
2014-01-06 14:04 - 2009-03-12 04:26 - 00000000 ____D C:\Program Files\Adobe
2014-01-06 14:00 - 2014-01-06 14:00 - 00139762 _____ C:\MSI985f1.LOG
2014-01-06 13:58 - 2014-01-06 13:58 - 00000000 ____D C:\4044_29408
2014-01-06 13:51 - 2014-01-06 13:51 - 00003897 _____ C:\HPSLPSVC0087.log
2014-01-06 13:48 - 2014-01-06 13:48 - 00002943 _____ C:\HPSLPSVC0086.log
2014-01-06 13:48 - 2006-11-02 12:18 - 00000000 ___RD C:\Users\Public
2014-01-06 13:45 - 2014-01-06 13:45 - 00000000 ____D C:\Users\media\AppData\Roaming\BUFFALO
2014-01-06 13:44 - 2014-01-06 13:44 - 00000000 ____D C:\Program Files\BUFFALO
2014-01-06 13:36 - 2014-01-06 13:36 - 00002943 _____ C:\HPSLPSVC0085.log
2014-01-05 20:09 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\system32\LogFiles
2014-01-05 19:41 - 2014-01-05 19:40 - 00000000 ____D C:\UpdateWizard_104020
2014-01-05 19:41 - 2014-01-05 19:39 - 00000000 ____D C:\totalcmd
2014-01-05 19:41 - 2014-01-05 19:36 - 00000000 ____D C:\Program Files\TuneUp Utilities 2014
2014-01-05 19:39 - 2014-01-05 19:39 - 00001873 _____ C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
2014-01-05 19:39 - 2014-01-05 19:39 - 00001869 _____ C:\Users\Public\Desktop\TuneUp Utilities 2014.lnk
2014-01-05 19:39 - 2014-01-05 19:39 - 00000588 _____ C:\Users\media\Desktop\Total Commander.lnk
2014-01-05 19:39 - 2014-01-05 19:39 - 00000000 ____D C:\Users\media\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
2014-01-05 19:39 - 2014-01-05 19:39 - 00000000 ____D C:\Users\media\AppData\Roaming\GHISLER
2014-01-05 19:38 - 2014-01-05 19:38 - 05896408 _____ (Ghisler Software GmbH) C:\Users\media\Downloads\tcm801x32_64.exe
2014-01-05 19:34 - 2014-01-05 19:34 - 02646016 _____ C:\TUM9B94.tmp
2014-01-05 19:34 - 2014-01-05 19:34 - 00000000 _____ C:\TUM9BD3.tmp
2014-01-05 19:33 - 2014-01-05 19:33 - 32522152 _____ (TuneUp Software) C:\Users\media\Downloads\TuneUpUtilities2014_de-DE_b1000.143.exe
2014-01-05 19:24 - 2014-01-05 19:24 - 00000000 _____ C:\DMI9E32.tmp
2014-01-05 19:05 - 2014-01-05 19:05 - 00005181 _____ C:\HPSLPSVC0084.log
2014-01-05 19:05 - 2013-10-08 17:40 - 00093643 _____ C:\ProgramData\nvModes.dat
2014-01-05 18:09 - 2014-01-05 18:09 - 00139096 _____ C:\Windows\Minidump\Mini010514-01.dmp
2014-01-05 18:09 - 2014-01-05 18:09 - 00002943 _____ C:\HPSLPSVC0083.log
2014-01-05 18:08 - 2013-04-25 12:26 - 411298990 _____ C:\Windows\MEMORY.DMP
2014-01-05 17:26 - 2014-01-05 17:24 - 00000000 ____D C:\Users\media\Desktop\gg
2014-01-05 17:23 - 2014-01-05 17:23 - 00002310 _____ C:\HPSLPSVC0082.log
2014-01-05 17:05 - 2014-01-05 16:51 - 00000000 ____D C:\Temp1_usb228deview.zip
2014-01-05 17:01 - 2014-01-05 17:01 - 00000000 ____D C:\Temp2_Realtek_XPVistaWin7_WHQL_6.1.7600.30126.zip
2014-01-05 17:01 - 2009-08-07 10:44 - 00000000 ____D C:\Program Files\Realtek
2014-01-05 16:58 - 2014-01-05 16:57 - 00000000 ____D C:\RunBoot-Temp_.b37fdc6f-11df-4c59-96bc-7e178d9e3370
2014-01-05 16:41 - 2013-10-09 09:51 - 00000000 ____D C:\hsperfdata_media
2014-01-05 16:36 - 2014-01-05 16:36 - 00007733 _____ C:\HPSLPSVC0081.log
2014-01-05 15:47 - 2014-01-05 15:47 - 00016384 _____ C:\~DF3BBD.tmp
2014-01-05 15:44 - 2014-01-05 15:43 - 00000720 _____ C:\Users\media\Desktop\Router-Einstellungen.txt
2014-01-05 15:29 - 2014-01-05 15:29 - 00000000 ____D C:\Users\media\Desktop\TL-WDR4900_V1_130424
2014-01-05 15:28 - 2014-01-05 15:29 - 12071900 _____ C:\Users\media\AppData\TL-WDR4900_V1_130424.zip
2014-01-05 15:28 - 2014-01-05 15:28 - 12071900 _____ C:\Users\media\Downloads\TL-WDR4900_V1_130424.zip
2014-01-05 15:05 - 2014-01-05 15:05 - 00000000 _____ C:\oodag 14.1.431 2014-1-5 12.45.54.742.dmp
2014-01-05 13:52 - 2014-01-05 13:52 - 00000000 ____D C:\3960_10210
2014-01-05 13:49 - 2014-01-05 13:49 - 00000000 ____D C:\Users\media\Downloads\HighResAudio.com
2014-01-05 13:48 - 2014-01-05 13:48 - 00000000 ____D C:\Program Files\HIGHRESAUDIOManager
2014-01-05 13:48 - 2014-01-05 13:47 - 00007213 _____ C:\i4j_nlog_2
2014-01-05 13:46 - 2014-01-05 13:46 - 00020517 _____ C:\HPSLPSVC0079.log
2014-01-05 09:18 - 2014-01-05 09:18 - 00047508 _____ C:\Users\media\Desktop\FRST.txt
2014-01-05 01:36 - 2014-01-05 01:36 - 00006291 _____ C:\HPSLPSVC0078.log
2014-01-05 01:36 - 2014-01-05 01:36 - 00003850 _____ C:\Users\media\Desktop\AdwCleaner[S0].txt
2014-01-05 01:33 - 2014-01-04 18:50 - 00000000 _____ C:\preferences
2014-01-05 01:33 - 2014-01-04 18:46 - 00000000 ____D C:\AdwCleaner
2014-01-05 01:28 - 2014-01-05 01:28 - 00004068 _____ C:\HPSLPSVC0077.log
2014-01-04 19:00 - 2014-01-04 19:00 - 00001467 _____ C:\Users\media\Desktop\JRT.txt
2014-01-04 18:55 - 2014-01-04 18:55 - 00000000 ____D C:\Windows\ERUNT
2014-01-04 18:46 - 2014-01-04 18:46 - 00000910 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-04 18:46 - 2014-01-04 18:46 - 00000000 ____D C:\Users\media\AppData\Roaming\Malwarebytes
2014-01-04 18:46 - 2014-01-04 18:46 - 00000000 ____D C:\ProgramData\Malwarebytes
2014-01-04 18:46 - 2014-01-04 18:46 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2014-01-04 18:32 - 2014-01-04 18:32 - 00000000 ____D C:\2188_1108
2014-01-04 18:25 - 2014-01-04 18:25 - 00015114 _____ C:\HPSLPSVC0076.log
2014-01-01 17:18 - 2014-01-01 17:18 - 00000000 ___SD C:\Users\media\Desktop\ComboFix
2014-01-01 17:15 - 2014-01-01 17:15 - 00000581 _____ C:\Users\media\Desktop\blue.txt
2014-01-01 17:13 - 2014-01-01 17:13 - 00139096 _____ C:\Windows\Minidump\Mini010114-01.dmp
2014-01-01 17:13 - 2014-01-01 17:13 - 00002943 _____ C:\HPSLPSVC0075.log
2014-01-01 17:13 - 2011-10-17 15:54 - 00000000 ____D C:\Windows\Minidump
2014-01-01 17:11 - 2014-01-01 17:19 - 00000366 _____ C:\Users\media\Desktop\ComboFix.txt
2014-01-01 17:11 - 2014-01-01 17:09 - 00000000 ___SD C:\ComboFix
2014-01-01 17:08 - 2014-01-01 17:08 - 00002943 _____ C:\HPSLPSVC0074.log
2014-01-01 17:05 - 2014-01-01 17:01 - 01019232 _____ C:\MSI382e5.LOG
2014-01-01 16:59 - 2014-01-01 16:59 - 00003736 _____ C:\HPSLPSVC0073.log
2014-01-01 16:55 - 2014-01-01 16:53 - 00003590 _____ C:\Users\media\Desktop\Msirepair.reg
2014-01-01 16:47 - 2014-01-01 16:47 - 14371472 _____ C:\httB700.tmp
2014-01-01 16:42 - 2014-01-01 16:42 - 00001566 _____ C:\MSI7db7.LOG
2014-01-01 16:26 - 2014-01-01 16:26 - 00005181 _____ C:\HPSLPSVC0072.log
2014-01-01 16:23 - 2014-01-01 16:05 - 00004068 _____ C:\HPSLPSVC0071.log
2014-01-01 16:19 - 2014-01-01 16:18 - 00000000 ____D C:\Qoobox
2014-01-01 16:18 - 2014-01-01 16:18 - 00000000 ____D C:\Windows\erdnt
2014-01-01 16:16 - 2014-01-01 16:16 - 05160176 ____R (Swearware) C:\Users\media\Desktop\ComboFix.exe
2014-01-01 16:16 - 2014-01-01 16:15 - 05160176 _____ (Swearware) C:\Users\media\Downloads\ComboFix.exe
2014-01-01 16:11 - 2014-01-01 16:11 - 00000000 ____D C:\224_8663
2013-12-28 19:54 - 2013-12-24 14:12 - 00002539 _____ C:\Users\media\Desktop\inSSIDer Office.lnk
2013-12-28 18:36 - 2013-12-28 18:36 - 00021583 _____ C:\Users\media\Downloads\Addition (1).txt
2013-12-28 09:52 - 2013-12-28 09:52 - 00004700 _____ C:\Users\media\Desktop\scaneset.xml
2013-12-28 09:51 - 2013-12-28 09:51 - 00002073 _____ C:\Users\media\Desktop\eset4.xml
2013-12-28 09:51 - 2013-12-28 09:51 - 00002073 _____ C:\Users\media\Desktop\eset3.xml
2013-12-28 09:51 - 2013-12-28 09:51 - 00002073 _____ C:\Users\media\Desktop\eset2.xml
2013-12-28 09:51 - 2013-12-28 09:51 - 00002073 _____ C:\Users\media\Desktop\eset1.txt
2013-12-28 09:46 - 2013-12-28 09:46 - 00000000 ____D C:\5480_3664
2013-12-28 09:39 - 2013-12-27 21:38 - 00000000 ____D C:\Users\media\Desktop\troj
2013-12-28 09:33 - 2013-12-28 09:33 - 00006305 _____ C:\HPSLPSVC0069.log
2013-12-27 21:39 - 2013-12-27 21:39 - 00377856 _____ C:\Users\media\Downloads\gmer_2.1.19163.exe
2013-12-27 21:38 - 2013-12-27 21:37 - 00021583 _____ C:\Users\media\Downloads\Addition.txt
2013-12-27 21:36 - 2013-12-27 21:36 - 01063657 _____ (Farbar) C:\Users\media\Downloads\FRST.exe
2013-12-27 21:36 - 2013-12-27 21:36 - 00000000 ____D C:\FRST
2013-12-27 21:34 - 2013-12-27 21:34 - 00000472 _____ C:\Users\media\Downloads\defogger_disable.log
2013-12-27 21:34 - 2013-12-27 21:34 - 00000000 _____ C:\Users\media\defogger_reenable
2013-12-27 21:33 - 2013-12-27 21:33 - 00050477 _____ C:\Users\media\Downloads\Defogger.exe
2013-12-27 21:29 - 2013-12-27 21:29 - 00012312 _____ C:\Users\media\Downloads\hijackthis.log
2013-12-27 21:27 - 2013-12-27 21:27 - 00388608 _____ (Trend Micro Inc.) C:\Users\media\Downloads\HijackThis.exe
2013-12-27 21:23 - 2013-12-27 21:23 - 00002944 _____ C:\HPSLPSVC0068.log
2013-12-27 21:18 - 2013-12-27 21:18 - 00000000 ____D C:\ProgramData\Licenses
2013-12-27 21:14 - 2013-12-27 21:14 - 00002311 _____ C:\HPSLPSVC0067.log
2013-12-27 21:13 - 2013-12-27 21:10 - 00000000 ____D C:\Program Files\Trojan Remover
2013-12-27 21:10 - 2013-12-27 21:10 - 00000940 _____ C:\Users\Public\Desktop\Trojan Remover.lnk
2013-12-27 21:10 - 2013-12-27 21:10 - 00000000 ____D C:\Users\media\Documents\Simply Super Software
2013-12-27 21:10 - 2013-12-27 21:10 - 00000000 ____D C:\Users\media\AppData\Roaming\Simply Super Software
2013-12-27 21:10 - 2013-12-27 21:10 - 00000000 ____D C:\ProgramData\Simply Super Software
2013-12-27 21:10 - 2013-12-27 21:10 - 00000000 ____D C:\is-2JUN5.tmp
2013-12-27 21:07 - 2013-12-27 21:07 - 28469872 _____ (Simply Super Software                                       ) C:\Users\media\Downloads\trjsetup688-2625.exe
2013-12-27 21:04 - 2013-12-27 21:04 - 00002311 _____ C:\HPSLPSVC0066.log
2013-12-27 15:34 - 2013-12-27 15:34 - 00001155 _____ C:\HPSLPSVC0065.log
2013-12-27 15:17 - 2013-12-27 15:17 - 00001155 _____ C:\HPSLPSVC0064.log
2013-12-27 15:11 - 2013-12-27 15:11 - 00002311 _____ C:\HPSLPSVC0063.log
2013-12-27 15:08 - 2013-12-27 15:08 - 00000999 _____ C:\Users\Public\Desktop\PC Tools File and Registry Tool.lnk
2013-12-27 15:08 - 2013-12-27 15:08 - 00000000 ____D C:\Program Files\PC Tools Registry Tool
2013-12-27 15:08 - 2013-12-27 15:07 - 02882183 _____ C:\Users\media\Downloads\pcttregtool.zip
2013-12-27 15:07 - 2013-12-27 15:04 - 00002550 _____ C:\SetupProtect20131227150403251_3aeb5.log
2013-12-27 15:06 - 2013-12-27 15:06 - 00000000 ____D C:\is-6CB01.tmp
2013-12-27 15:06 - 2013-12-27 14:34 - 00000000 ____D C:\PC Tools Download Manager
2013-12-27 15:04 - 2013-12-27 15:04 - 00000000 ____D C:\Program Files\Common Files\PC Tools
2013-12-27 15:04 - 2013-12-27 14:34 - 00001356 _____ C:\Users\media\Desktop\sd9setup.exe.lnk
2013-12-27 15:01 - 2013-12-27 15:01 - 00002311 _____ C:\HPSLPSVC0062.log
2013-12-27 14:55 - 2013-12-27 14:55 - 00448512 _____ (OldTimer Tools) C:\Users\media\Downloads\TFC.exe
2013-12-27 14:55 - 2013-12-27 14:34 - 00015126 _____ C:\SetupProtect20131227143403530_577e45.log
2013-12-27 14:34 - 2013-12-27 14:34 - 00000000 ____D C:\Users\media\AppData\Roaming\TestApp
2013-12-27 14:34 - 2013-12-27 14:34 - 00000000 ____D C:\ProgramData\PC Tools
2013-12-27 14:33 - 2013-12-27 14:33 - 03834832 _____ (PC Tools) C:\Users\media\Downloads\sd9setup.exe
2013-12-27 14:31 - 2013-12-27 14:31 - 02470536 _____ C:\Users\media\Downloads\nw_24798_adawareinstallerexe.exe
2013-12-27 14:31 - 2013-12-27 14:31 - 00000000 __RSH C:\MSDOS.SYS
2013-12-27 14:31 - 2013-12-27 14:31 - 00000000 __RSH C:\IO.SYS
2013-12-27 14:27 - 2013-12-27 14:27 - 00023334 _____ C:\MSI1be12.LOG
2013-12-27 14:25 - 2013-12-27 14:25 - 00000000 ____D C:\Users\media\AppData\Roaming\LavasoftStatistics
2013-12-27 14:19 - 2013-12-27 14:19 - 00023252 _____ C:\MSIa30b1.LOG
2013-12-27 14:19 - 2013-12-27 14:19 - 00000000 ____D C:\Users\media\AppData\Roaming\Lavasoft
2013-12-27 14:18 - 2013-12-27 14:18 - 00000000 ____D C:\Program Files\Common Files\Lavasoft
2013-12-27 14:17 - 2013-12-27 14:17 - 01725064 _____ C:\Users\media\Downloads\Adaware_Installer_11.1.exe
2013-12-27 14:17 - 2013-12-27 14:17 - 01725064 _____ C:\Users\media\Downloads\Adaware_Installer_11.1 (1).exe
2013-12-27 14:17 - 2009-12-03 15:43 - 00000000 ____D C:\ProgramData\Lavasoft
2013-12-27 13:06 - 2013-12-27 13:06 - 00000000 ____D C:\3912_17443
2013-12-27 13:00 - 2013-12-27 13:00 - 00002311 _____ C:\HPSLPSVC0061.log
2013-12-26 07:51 - 2013-12-26 07:51 - 00002311 _____ C:\HPSLPSVC0059.log
2013-12-26 07:36 - 2013-12-26 07:36 - 00000000 ____D C:\3936_3047
2013-12-26 07:30 - 2013-12-26 07:30 - 00012304 ___HT C:\etilqs_emBZBm5lMQsQJhm
2013-12-26 07:29 - 2013-12-26 07:29 - 00002311 _____ C:\HPSLPSVC0058.log
2013-12-25 10:53 - 2013-12-24 16:39 - 00000600 _____ C:\Users\media\AppData\Roaming\winscp.rnd
2013-12-25 10:44 - 2013-12-24 14:34 - 00000000 ____D C:\Users\media\Downloads\Neuer Ordner
2013-12-25 10:43 - 2013-12-25 10:43 - 08060928 _____ C:\Users\media\Downloads\factory-to-ddwrt.bin
2013-12-25 10:43 - 2013-12-25 10:43 - 08060928 _____ C:\Users\media\Downloads\factory-to-ddwrt (1).bin
2013-12-25 10:43 - 2013-09-19 19:14 - 00000000 ____D C:\Users\media\AppData\Roaming\vlc
2013-12-25 09:13 - 2013-12-25 09:13 - 08328920 _____ C:\Users\media\Downloads\BvSshClient-Inst.exe
2013-12-25 09:13 - 2013-12-25 09:13 - 00002227 _____ C:\Users\Public\Desktop\Bitvise SSH Client.lnk
2013-12-25 09:13 - 2013-12-25 09:13 - 00000000 ____D C:\Program Files\Bitvise SSH Client
2013-12-25 09:12 - 2013-12-25 09:12 - 00319488 _____ (Simon Tatham) C:\Users\media\Downloads\puttytel.exe
2013-12-25 08:35 - 2013-12-25 08:35 - 00000000 ____D C:\2180_31161
2013-12-25 08:19 - 2013-12-25 08:19 - 00049250 _____ C:\HPSLPSVC0057.log
2013-12-24 16:35 - 2013-12-24 16:35 - 05132128 _____ (Martin Prikryl                                              ) C:\Users\media\Downloads\winscp550setup.exe
2013-12-24 16:35 - 2013-12-24 16:35 - 00000780 _____ C:\Users\Public\Desktop\WinSCP.lnk
2013-12-24 16:35 - 2013-12-24 16:35 - 00000000 ____D C:\Program Files\WinSCP
2013-12-24 15:31 - 2013-12-24 15:31 - 00006221 _____ C:\Users\media\Downloads\backup-OpenWrt-2011-09-08.tar.gz
2013-12-24 15:28 - 2013-12-24 14:46 - 06028681 _____ C:\Users\media\Downloads\TL-WDR4300_V1_130617.zip
2013-12-24 15:21 - 2013-06-17 12:52 - 08258048 _____ C:\firmware.bin
2013-12-24 14:12 - 2013-12-24 14:12 - 00000000 ____D C:\Users\media\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MetaGeek
2013-12-24 14:12 - 2013-12-24 14:12 - 00000000 ____D C:\Program Files\MetaGeek
2013-12-24 14:12 - 2013-12-24 14:11 - 06082560 _____ C:\Users\media\Downloads\inSSIDerOffice.msi
2013-12-24 13:16 - 2013-12-24 13:16 - 00000000 ____D C:\2784_6866
2013-12-24 13:10 - 2013-12-24 13:10 - 00054873 _____ C:\HPSLPSVC0056.log
2013-12-24 09:16 - 2013-12-24 09:16 - 00000000 ____D C:\1856_5822
2013-12-24 09:03 - 2013-12-24 09:03 - 00006759 _____ C:\HPSLPSVC0055.log
2013-12-23 00:11 - 2013-10-17 08:07 - 00360051 _____ C:\Quarantine.exe
2013-12-22 12:42 - 2013-12-22 12:42 - 00001121 _____ C:\Users\media\Desktop\DiskStation.lnk
2013-12-22 12:32 - 2013-12-22 12:32 - 00002943 _____ C:\HPSLPSVC0054.log
2013-12-22 12:01 - 2013-12-22 12:01 - 00000029 _____ C:\Users\media\Downloads\audiolog
2013-12-22 10:49 - 2013-12-22 10:49 - 00000000 ____D C:\1244_12487
2013-12-22 10:41 - 2013-12-22 10:41 - 00006282 _____ C:\HPSLPSVC0053.log
2013-12-20 09:39 - 2013-12-20 09:39 - 00000000 ____D C:\2172_14318
2013-12-20 09:33 - 2013-12-20 09:33 - 00002943 _____ C:\HPSLPSVC0052.log
2013-12-15 12:08 - 2013-12-15 12:08 - 00000000 ____D C:\3060_15548
2013-12-15 12:02 - 2013-12-15 12:02 - 00052918 _____ C:\HPSLPSVC0051.log
2013-12-14 14:52 - 2013-12-14 14:43 - 01703422 _____ C:\MSId34f4.LOG
2013-12-14 14:51 - 2006-11-02 12:18 - 00000000 __RHD C:\Users\Default
2013-12-14 14:43 - 2013-12-14 14:43 - 23625728 _____ C:\NUP2EAD.msi
2013-12-14 14:36 - 2013-12-14 14:36 - 00000000 ____D C:\3072_1688
2013-12-14 14:30 - 2013-12-14 14:30 - 00009471 _____ C:\HPSLPSVC0049.log
2013-12-12 14:25 - 2013-12-12 14:25 - 00001155 _____ C:\HPSLPSVC0048.log

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-06 16:43

==================== End Of Log ============================

--- --- ---

--- --- ---

Das Problem besteht nicht mehr, was war jetzt die Ursache?

MfG Eric

schrauber · 07.01.2014, 10:15

Java, Flash und Adobe updaten.

Wir haben jede Menge Adware gelöscht

Fertig

Die Reihenfolge ist hier entscheidend.

Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
- Windowstaste + R > Combofix /Uninstall (eingeben) > OK
- Alternative: Combofix.exe in uninstall.exe umbenennen und starten
- Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
Downloade Dir bitte auf jeden Fall DelFix auf deinen Desktop:
- Schließe alle offenen Programme.
- Starte die delfix.exe mit einem Doppelklick.
- Setze vor jede Funktion ein Häkchen.
- Klicke auf Start.
- Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
- Starte deinen Rechner abschließend neu.
Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.

Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun

Hier noch ein paar Tipps zur Absicherung deines Systems.

Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.

Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
Windows Updates
- Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
- Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
Gehe sicher das die automatischen Updates aktiviert sind.
Software Updates
Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.

Anti- Viren Software

Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.

Zusätzlicher Schutz

MalwareBytes Anti Malware
Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
Ein Tutorial zur Verwendung findest Du hier.
WinPatrol
Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.

Sicheres Browsen

SpywareBlaster
Eine kurze Einführung findest du Hier
MVPs hosts file
Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
WOT (Web of trust)
Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.

Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.

Opera
Mozilla Firefox.
- Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
- NoScript
  Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
- AdblockPlus
  Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
  Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )

Don'ts

Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe

Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

eastside86 · 26.01.2014, 13:51

hallo,

danke für die ganzen tipps, hab mal alles auf den aktuellsten stand gebracht. hat alles super funktioniert.

danke

mfg eric

schrauber · 27.01.2014, 09:05

Gern Geschehen

27.01.2014, 09:05	#12
schrauber /// the machine /// TB-Ausbilder	Einloggen auf diversen Seiten nicht möglich Gern Geschehen __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Einloggen auf diversen Seiten nicht möglich

Log-Analyse und Auswertung: Einloggen auf diversen Seiten nicht möglich