| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: keine Downloads mehr möglich Win7 (angeblich Viren enthalten)Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
29.12.2013, 15:39
| #1 |
| |  keine Downloads mehr möglich Win7 (angeblich Viren enthalten) Ich kann keine Downloads mehr tätigen, egal auf welchem Browser (Firefox, IE, Chrome, Safari). Beim Internet Explorer zeigt mir die Warnung unten an, dass die Datei Viren enthält, im Firefox sieht man die Datei während des herunterladens im Ordner, sobald der Download abgeschlossen ist, löscht sich die neu angelegte Datei jedoch gleich wieder. Ich habe AVG durchlaufen lassen und die Bedrohungen gelöscht, was jedoch keine Änderung gebracht hat. CC Cleaner ebenso nicht. Ich bin etwas verzweifelt und habe schon oft das gleiche Problem im Forum gelesen aber ich kenn mich mit den Logfiles nicht aus und hoffe, dass mir jemand weiterhelfen kann :-( Betriebssystem Windows 7 Home Premium Service Pack 1 32-Bit Danke bereits im Voraus! |
|
29.12.2013, 18:15
| #2 |
| /// the machine /// TB-Ausbilder    |  keine Downloads mehr möglich Win7 (angeblich Viren enthalten) hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
30.12.2013, 13:57
| #3 |
| | keine Downloads mehr möglich Win7 (angeblich Viren enthalten) FRST.txt
__________________FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 29-12-2013 01
Ran by Karel (administrator) on KAREL-HP on 30-12-2013 13:51:55
Running from C:\Users\Karel\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AEstSrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(PDF Complete Inc) C:\Program Files\PDF Complete\pdfsvc.exe
(Nuance Communications, Inc.) C:\Program Files\Nuance\PDF Professional 6\PDFProFiltSrv.exe
(Microsoft Corp.) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Nuance Communications, Inc.) C:\Program Files\Nuance\PDF Professional 6\PdfPro6Hook.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgui.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
() C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [QLBController] - C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe [256056 2010-01-28] (Hewlett-Packard Company)
HKLM\...\Run: [IAAnotif] - C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe [186904 2010-01-08] (Intel Corporation)
HKLM\...\Run: [PDF Complete] - C:\Program Files\PDF Complete\pdfsty.exe [563736 2010-01-12] (PDF Complete Inc)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1791272 2013-12-29] (Synaptics Incorporated)
HKLM\...\Run: [WirelessAssistant] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [499768 2009-09-01] (Hewlett-Packard)
HKLM\...\Run: [HotKeysCmds] - C:\windows\system32\hkcmd.exe [ ] ()
HKLM\...\Run: [PDFHook] - C:\Program Files\Nuance\PDF Professional 6\PdfPro6Hook.exe [1277952 2009-11-13] (Nuance Communications, Inc.)
HKLM\...\Run: [PDF6 Registry Controller] - C:\Program Files\Nuance\PDF Professional 6\RegistryController.exe [110880 2009-11-03] (Nuance Communications, Inc.)
HKLM\...\Run: [NortonOnlineBackupReminder] - C:\Program Files\Symantec\Norton Online Backup\Activation\NobuActivation.exe [3331944 2009-12-03] (Symantec Corporation)
HKLM\...\Run: [NSU_agent] - C:\Program Files\Nokia\Nokia Software Updater\nsu3ui_agent.exe [190768 2012-02-28] ()
HKLM\...\Run: [AVG_UI] - C:\Program Files\AVG\AVG2014\avgui.exe [4956176 2013-11-07] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray.exe [495708 2013-12-29] (IDT, Inc.)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2013-12-12] (Hewlett-Packard)
HKLM\...\runonceex: [ContentMerger] - c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\ContentMerger10.exe [19952 2009-11-23] (Sonic Solutions)
HKCU\...\Run: [Google Update*] - [x] <===== ATTENTION (ZeroAccess rootkit hidden path)
MountPoints2: G - G:\Autorun.exe
HKU\Default\...\Run: [HPAdvisorDock] - C:\Program Files\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe [ 2010-02-10] ()
HKU\Default User\...\Run: [HPAdvisorDock] - C:\Program Files\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe [ 2010-02-10] ()
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
SearchScopes: HKLM - DefaultScope value is missing.
BHO: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files\Nuance\PDF Professional 6\bin\PlusIEContextMenu.dll (Zeon Corporation)
BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll No File
BHO: ZeonIEEventHelper Class - {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} - C:\Program Files\Nuance\PDF Professional 6\bin\ZeonIEFavClient.dll (Zeon Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - Nuance PDF - {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - C:\Program Files\Nuance\PDF Professional 6\bin\ZeonIEFavClient.dll (Zeon Corporation)
Toolbar: HKLM - &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
Toolbar: HKCU - &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 06 C:\Program Files\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Karel\AppData\Roaming\Mozilla\Firefox\Profiles\nhycx0g9.default
FF Homepage: hxxp://www.google.de/
FF Keyword.URL: hxxp://go.web.de/tb/mff_keyurl_search/?su=
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: ZEON/PDF,version=2.0 - C:\Program Files\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Karel\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
FF HKLM\...\Firefox\Extensions: [{E634117B-33A8-4C70-8210-198010F03834}] - C:\Users\Karel\AppData\Roaming\01003.128
FF Extension: Java Link Helper - C:\Users\Karel\AppData\Roaming\01003.128
FF HKCU\...\Firefox\Extensions: [{E634117B-33A8-4C70-8210-198010F03834}] - C:\Users\Karel\AppData\Roaming\01003.128
FF Extension: Java Link Helper - C:\Users\Karel\AppData\Roaming\01003.128
Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR DefaultSearchURL: {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\pdf.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\31.0.1650.63\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll No File
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.99\npGoogleUpdate3.dll No File
CHR Plugin: (Zeon Plus) - C:\Program Files\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll No File
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Karel\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (YouTube) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: (Google Search) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0
CHR Extension: (Gmail) - C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0
========================== Services (Whitelisted) =================
S3 Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [68096 2010-10-18] ()
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3478544 2013-11-11] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-24] (AVG Technologies CZ, s.r.o.)
R2 hpHotkeyMonitor; C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [265272 2010-01-28] (Hewlett-Packard Company)
R2 pdfcDispatcher; C:\Program Files\PDF Complete\pdfsvc.exe [635416 2010-01-12] (PDF Complete Inc)
R2 PDFProFiltSrv; C:\Program Files\Nuance\PDF Professional 6\PDFProFiltSrv.exe [134944 2009-11-03] (Nuance Communications, Inc.)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV.exe [254034 2013-12-29] (IDT, Inc.)
U2 *etadpug; "C:\Program Files\Google\Desktop\Install\{c42bd6ab-a235-dbfa-7d01-4bc83f06ff5b}\ \...\???\{c42bd6ab-a235-dbfa-7d01-4bc83f06ff5b}\GoogleUpdate.exe" < <==== ATTENTION (ZeroAccess)
==================== Drivers (Whitelisted) ====================
R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [120600 2013-11-05] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [209176 2013-11-04] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [147768 2013-10-24] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [22840 2013-09-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [176952 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [222520 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [102712 2013-10-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27448 2013-09-10] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [193848 2013-08-01] (AVG Technologies CZ, s.r.o.)
U3 Netp35vhv;
S3 rtl819xp; C:\Windows\System32\DRIVERS\rtl819xp.sys [557088 2010-02-01] ()
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1763968 2010-04-27] ()
S0 sptd; C:\Windows\System32\Drivers\sptd.sys [639224 2010-10-18] (Duplex Secure Ltd.)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-12-30 13:51 - 2013-12-30 13:52 - 00014932 _____ C:\Users\Karel\Desktop\FRST.txt
2013-12-30 13:51 - 2013-12-30 13:51 - 00000000 ____D C:\FRST
2013-12-30 13:51 - 2013-12-30 13:47 - 01064199 _____ (Farbar) C:\Users\Karel\Desktop\FRST.exe
2013-12-29 18:28 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-12-29 18:28 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2013-12-29 18:28 - 2013-11-26 10:22 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2013-12-29 18:28 - 2013-11-26 09:53 - 00061952 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2013-12-29 18:28 - 2013-11-26 09:52 - 00051200 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2013-12-29 18:28 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-12-29 18:28 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2013-12-29 18:28 - 2013-11-26 09:36 - 00032768 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2013-12-29 18:28 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2013-12-29 18:28 - 2013-11-26 09:29 - 00112128 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2013-12-29 18:28 - 2013-11-26 09:29 - 00108032 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2013-12-29 18:28 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2013-12-29 18:28 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-12-29 18:28 - 2013-11-26 09:13 - 00208896 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-12-29 18:28 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2013-12-29 18:28 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-12-29 18:28 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2013-12-29 18:28 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-12-29 18:28 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-12-29 15:18 - 2013-12-30 13:47 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-12-29 14:59 - 2010-08-19 19:22 - 00409600 _____ (Kaspersky Lab ZAO) C:\Users\Karel\rescue2usb.exe
2013-12-29 14:59 - 2010-08-16 17:02 - 00019181 ____R C:\Users\Karel\license_notice.txt
2013-12-29 14:59 - 2010-06-22 13:39 - 00000237 _____ C:\Users\Karel\syslinux.cfg
2013-12-29 14:59 - 2010-04-01 11:01 - 00028160 _____ C:\Users\Karel\syslinux.exe
2013-12-29 14:59 - 2009-10-16 16:43 - 00237849 _____ C:\Users\Karel\grub.exe
2013-12-29 14:24 - 2013-12-29 14:24 - 00000000 ____H C:\windows\system32\Drivers\Msft_Kernel_point32_01011.Wdf
2013-12-29 14:23 - 2013-12-29 14:24 - 00000000 ____D C:\Program Files\Microsoft Mouse and Keyboard Center
2013-12-29 14:15 - 2012-05-04 10:59 - 00514560 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2013-12-29 14:10 - 2013-12-29 14:10 - 01303728 _____ (Synaptics Incorporated) C:\windows\system32\Drivers\SynTP.sys
2013-12-29 14:10 - 2013-12-29 14:10 - 00214312 _____ (Synaptics Incorporated) C:\windows\system32\SynCtrl.dll
2013-12-29 14:10 - 2013-12-29 14:10 - 00173352 _____ (Synaptics Incorporated) C:\windows\system32\SynCOM.dll
2013-12-29 14:10 - 2013-12-29 14:10 - 00165160 _____ (Synaptics Incorporated) C:\windows\system32\SynTPAPI.dll
2013-12-29 14:10 - 2013-12-29 14:10 - 00004392 _____ C:\windows\DPINST.LOG
2013-12-29 14:07 - 2013-12-29 14:06 - 12705884 _____ (IDT, Inc.) C:\windows\system32\idtcpl.cpl
2013-12-29 14:07 - 2013-12-29 14:06 - 01953792 _____ (IDT, Inc.) C:\windows\system32\stlang.dll
2013-12-29 14:07 - 2013-12-29 14:06 - 00531968 ____N (IDT, Inc.) C:\windows\system32\stapi32.dll
2013-12-29 14:07 - 2013-12-29 14:06 - 00495708 _____ (IDT, Inc.) C:\windows\sttray.exe
2013-12-29 14:07 - 2013-12-29 14:06 - 00380928 _____ (Andrea Electronics Corporation) C:\windows\system32\aestecap.dll
2013-12-29 14:07 - 2013-12-29 14:06 - 00179712 _____ (IDT, Inc.) C:\windows\system32\staco.dll
2013-12-29 14:07 - 2013-12-29 14:06 - 00140288 _____ (Andrea Electronics Corporation) C:\windows\system32\aestacap.dll
2013-12-29 14:07 - 2013-12-29 14:06 - 00086016 _____ (Andrea Electronics Corporation) C:\windows\system32\AESTCom.dll
2013-12-29 14:07 - 2013-12-29 14:06 - 00061440 _____ (Andrea Electronics Corporation) C:\windows\system32\aestaren.dll
2013-12-29 14:06 - 2013-12-29 14:06 - 00934912 _____ (IDT, Inc.) C:\windows\system32\stapo.dll
2013-12-29 14:06 - 2013-12-29 14:06 - 00431616 _____ (IDT, Inc.) C:\windows\system32\Drivers\stwrt.sys
2013-12-29 14:06 - 2013-12-29 14:06 - 00405504 _____ (IDT, Inc.) C:\windows\system32\stcplx.dll
2013-12-29 13:24 - 2013-12-29 13:26 - 00000000 ____D C:\AdwCleaner
2013-12-28 20:47 - 2013-12-28 20:50 - 00000000 ____D C:\windows\system32\MRT
2013-12-28 20:43 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL
2013-12-28 20:43 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2013-12-28 20:40 - 2013-12-28 20:40 - 01051136 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2013-12-28 20:40 - 2013-12-28 20:40 - 00646144 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2013-12-28 20:40 - 2013-12-28 20:40 - 00645120 _____ (Microsoft Corporation) C:\windows\system32\jsIntl.dll
2013-12-28 20:40 - 2013-12-28 20:40 - 00616104 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dat
2013-12-28 20:40 - 2013-12-28 20:40 - 00610304 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-12-28 20:40 - 2013-12-28 20:40 - 00523776 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-12-28 20:40 - 2013-12-28 20:40 - 00454656 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2013-12-28 20:40 - 2013-12-28 20:40 - 00367104 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2013-12-28 20:40 - 2013-12-28 20:40 - 00337408 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2013-12-28 20:40 - 2013-12-28 20:40 - 00244736 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2013-12-28 20:40 - 2013-12-28 20:40 - 00238288 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2013-12-28 20:40 - 2013-12-28 20:40 - 00233472 _____ (Microsoft Corporation) C:\windows\system32\url.dll
2013-12-28 20:40 - 2013-12-28 20:40 - 00208384 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2013-12-28 20:40 - 2013-12-28 20:40 - 00194048 _____ (Microsoft Corporation) C:\windows\system32\elshyph.dll
2013-12-28 20:40 - 2013-12-28 20:40 - 00182272 _____ (Microsoft Corporation) C:\windows\system32\msls31.dll
2013-12-28 20:40 - 2013-12-28 20:40 - 00164864 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2013-12-28 20:40 - 2013-12-28 20:40 - 00151552 _____ (Microsoft Corporation) C:\windows\system32\iexpress.exe
2013-12-28 20:40 - 2013-12-28 20:40 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\wextract.exe
2013-12-28 20:40 - 2013-12-28 20:40 - 00127488 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2013-12-28 20:40 - 2013-12-28 20:40 - 00116736 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2013-12-28 20:40 - 2013-12-28 20:40 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\IEAdvpack.dll
2013-12-28 20:40 - 2013-12-28 20:40 - 00086016 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2013-12-28 20:40 - 2013-12-28 20:40 - 00083456 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2013-12-28 20:40 - 2013-12-28 20:40 - 00074240 _____ (Microsoft Corporation) C:\windows\system32\SetIEInstalledDate.exe
2013-12-28 20:40 - 2013-12-28 20:40 - 00071680 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2013-12-28 20:40 - 2013-12-28 20:40 - 00069632 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2013-12-28 20:40 - 2013-12-28 20:40 - 00069120 _____ (Microsoft Corporation) C:\windows\system32\icardie.dll
2013-12-28 20:40 - 2013-12-28 20:40 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2013-12-28 20:40 - 2013-12-28 20:40 - 00061952 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2013-12-28 20:40 - 2013-12-28 20:40 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\pngfilt.dll
2013-12-28 20:40 - 2013-12-28 20:40 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\mshtmler.dll
2013-12-28 20:40 - 2013-12-28 20:40 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\msfeedsbs.dll
2013-12-28 20:40 - 2013-12-28 20:40 - 00036352 _____ (Microsoft Corporation) C:\windows\system32\imgutil.dll
2013-12-28 20:40 - 2013-12-28 20:40 - 00034816 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2013-12-28 20:40 - 2013-12-28 20:40 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\licmgr10.dll
2013-12-28 20:40 - 2013-12-28 20:40 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\mshta.exe
2013-12-28 20:40 - 2013-12-28 20:40 - 00012800 _____ (Microsoft Corporation) C:\windows\system32\msfeedssync.exe
2013-12-28 20:39 - 2013-12-28 20:39 - 03969472 _____ (Microsoft Corporation) C:\windows\system32\ntkrnlpa.exe
2013-12-28 20:39 - 2013-12-28 20:39 - 03914176 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2013-12-28 20:39 - 2013-12-28 20:39 - 01294272 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2013-12-28 20:39 - 2013-12-28 20:39 - 01289096 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2013-12-28 20:39 - 2013-12-28 20:39 - 00640512 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2013-12-28 20:39 - 2013-12-28 20:39 - 00619520 _____ (Microsoft Corporation) C:\windows\system32\tdh.dll
2013-12-28 20:39 - 2013-12-28 20:39 - 00338944 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys
2013-12-28 20:39 - 2013-12-28 20:39 - 00231424 _____ (Microsoft Corporation) C:\windows\system32\mswsock.dll
2013-12-28 20:38 - 2013-12-28 20:42 - 00011701 _____ C:\windows\IE11_main.log
2013-12-28 20:26 - 2013-12-30 13:49 - 00002483 _____ C:\windows\setupact.log
2013-12-28 20:26 - 2013-12-28 20:26 - 00000000 _____ C:\windows\setuperr.log
2013-12-28 20:25 - 2013-12-30 13:49 - 00056196 _____ C:\windows\PFRO.log
2013-12-28 19:44 - 2013-12-28 19:44 - 00000000 ____D C:\Users\Karel\AppData\Roaming\AVG2014
2013-12-28 19:43 - 2013-12-28 19:43 - 00000951 _____ C:\Users\Public\Desktop\AVG 2014.lnk
2013-12-28 19:43 - 2013-12-28 19:43 - 00000000 ___HD C:\$AVG
2013-12-28 19:43 - 2013-12-28 19:43 - 00000000 ____D C:\ProgramData\AVG2014
2013-12-28 19:43 - 2013-12-28 19:43 - 00000000 ____D C:\Program Files\AVG
2013-12-28 19:38 - 2013-12-30 13:51 - 00000000 ____D C:\ProgramData\MFAData
2013-12-28 19:38 - 2013-12-28 19:50 - 00000000 ____D C:\Users\Karel\AppData\Local\Avg2014
2013-12-28 19:38 - 2013-12-28 19:38 - 00000000 ____D C:\Users\Karel\AppData\Local\MFAData
2013-12-28 18:48 - 2013-12-28 18:48 - 00000000 ____D C:\Users\Karel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
2013-12-28 18:36 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\windows\system32\WMPhoto.dll
2013-12-28 18:36 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2013-12-28 18:36 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\windows\system32\msieftp.dll
2013-12-28 18:36 - 2013-10-30 02:27 - 02349056 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2013-12-28 18:36 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\windows\system32\imagehlp.dll
2013-12-28 18:36 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\windows\system32\wshom.ocx
2013-12-28 18:36 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\windows\system32\nshwfp.dll
2013-12-28 18:36 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\windows\system32\scrrun.dll
2013-12-28 18:36 - 2013-10-12 03:01 - 00679424 _____ (Microsoft Corporation) C:\windows\system32\IKEEXT.DLL
2013-12-28 18:36 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\windows\system32\FWPUCLNT.DLL
2013-12-28 18:36 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\windows\system32\wscript.exe
2013-12-28 18:36 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\windows\system32\cscript.exe
2013-12-28 18:36 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2013-12-28 18:36 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\windows\system32\SmartcardCredentialProvider.dll
2013-12-28 18:36 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
2013-12-28 18:36 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\credui.dll
2013-12-28 18:36 - 2013-10-04 02:49 - 00081408 _____ (Microsoft Corporation) C:\windows\system32\Drivers\drmk.sys
2013-12-28 18:36 - 2013-10-04 02:17 - 00177152 _____ (Microsoft Corporation) C:\windows\system32\Drivers\portcls.sys
2013-12-28 18:36 - 2013-10-03 02:58 - 00305152 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2013-12-28 18:36 - 2013-09-25 03:01 - 00136640 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2013-12-28 18:36 - 2013-09-25 03:01 - 00067520 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2013-12-28 18:36 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2013-12-28 18:36 - 2013-09-25 02:57 - 00099840 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2013-12-28 18:36 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2013-12-28 18:36 - 2013-09-25 02:56 - 01038848 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2013-12-28 18:36 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2013-12-28 18:36 - 2013-09-25 01:49 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2013-12-28 18:36 - 2013-09-25 01:49 - 00015872 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2013-12-28 18:36 - 2013-08-29 02:12 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbser.sys
2013-12-28 18:36 - 2013-08-28 01:57 - 00434688 _____ (Microsoft Corporation) C:\windows\system32\scavengeui.dll
2013-12-28 18:36 - 2013-08-01 12:03 - 00729024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
2013-12-28 18:36 - 2013-07-20 11:33 - 00102608 _____ (Microsoft Corporation) C:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2013-12-28 18:36 - 2013-07-12 11:08 - 00146816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbvideo.sys
2013-12-28 18:36 - 2013-07-12 11:07 - 00086016 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbcir.sys
2013-12-28 18:36 - 2013-07-04 13:16 - 00369848 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2013-12-28 18:36 - 2013-07-04 12:57 - 00205824 _____ (Microsoft Corporation) C:\windows\system32\WebClnt.dll
2013-12-28 18:36 - 2013-07-04 12:51 - 00081920 _____ (Microsoft Corporation) C:\windows\system32\davclnt.dll
2013-12-28 18:36 - 2013-07-04 12:50 - 00530432 _____ (Microsoft Corporation) C:\windows\system32\comctl32.dll
2013-12-28 18:36 - 2013-07-04 10:48 - 00115712 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxdav.sys
2013-12-28 18:36 - 2013-07-03 05:02 - 00036352 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbscan.sys
2013-12-28 18:36 - 2013-07-03 04:36 - 00055808 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidclass.sys
2013-12-28 18:36 - 2013-07-03 04:36 - 00025728 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidparse.sys
2013-12-28 18:36 - 2013-06-25 23:56 - 00527064 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Wdf01000.sys
2013-12-28 18:36 - 2013-06-06 05:52 - 00026112 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2013-12-28 18:36 - 2013-06-06 05:51 - 00070656 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2013-12-28 18:36 - 2013-06-06 05:50 - 00010240 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2013-12-28 18:36 - 2013-06-06 04:01 - 00295424 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2013-12-28 18:36 - 2013-06-06 04:01 - 00034304 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2013-12-28 18:27 - 2013-12-28 18:27 - 00000000 ____D C:\Intel
2013-12-28 15:33 - 2013-12-28 15:33 - 00000000 ____D C:\ProgramData\Oracle
2013-12-28 15:33 - 2013-12-28 15:33 - 00000000 ____D C:\Program Files\Common Files\Java
2013-12-28 15:33 - 2013-12-28 15:32 - 00264616 _____ (Oracle Corporation) C:\windows\system32\javaws.exe
2013-12-28 15:32 - 2013-12-28 15:32 - 00175016 _____ (Oracle Corporation) C:\windows\system32\javaw.exe
2013-12-28 15:32 - 2013-12-28 15:32 - 00174504 _____ (Oracle Corporation) C:\windows\system32\java.exe
2013-12-28 15:32 - 2013-12-28 15:32 - 00094632 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge.dll
2013-12-28 15:30 - 2013-12-28 19:43 - 00000000 ____D C:\Users\Karel\AppData\Roaming\TuneUp Software
2013-12-28 15:29 - 2013-12-28 18:55 - 00000000 ____D C:\Program Files\TuneUp Utilities 2014
2013-12-28 15:29 - 2013-12-28 16:08 - 00000000 __SHD C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2013-12-28 15:29 - 2013-12-28 15:39 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-12-28 15:19 - 2013-12-28 15:19 - 00001989 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2013-12-28 15:13 - 2013-12-28 15:36 - 2718335890 _____ C:\avenger.txt
2013-12-28 15:13 - 2013-12-28 15:13 - 00000000 ____D C:\Avenger
2013-12-28 11:46 - 2013-12-28 11:46 - 00000000 ____D C:\Users\Karel\AppData\Roaming\Malwarebytes
2013-12-28 11:46 - 2013-12-28 11:46 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-18 16:25 - 2013-12-18 16:25 - 00002170 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-12-18 07:44 - 2013-12-18 07:44 - 00000000 ____D C:\Users\Karel\AppData\Local\Macromedia
2013-12-17 21:03 - 2013-12-17 21:03 - 00692616 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe
2013-12-17 18:21 - 2013-12-17 18:21 - 00000156 _____ C:\windows\Twunk001.MTX
2013-12-17 18:21 - 2013-12-17 18:21 - 00000002 _____ C:\windows\Twain001.Mtx
2013-12-17 18:21 - 2013-12-17 18:21 - 00000000 _____ C:\windows\Twunk002.MTX
2013-12-10 15:20 - 2013-12-30 13:52 - 01197992 _____ C:\windows\WindowsUpdate.log
==================== One Month Modified Files and Folders =======
2013-12-30 13:52 - 2013-12-30 13:51 - 00014932 _____ C:\Users\Karel\Desktop\FRST.txt
2013-12-30 13:52 - 2013-12-10 15:20 - 01197992 _____ C:\windows\WindowsUpdate.log
2013-12-30 13:51 - 2013-12-30 13:51 - 00000000 ____D C:\FRST
2013-12-30 13:51 - 2013-12-28 19:38 - 00000000 ____D C:\ProgramData\MFAData
2013-12-30 13:51 - 2012-03-13 20:02 - 00001096 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-30 13:50 - 2012-03-13 20:02 - 00001092 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-30 13:49 - 2013-12-28 20:26 - 00002483 _____ C:\windows\setupact.log
2013-12-30 13:49 - 2013-12-28 20:25 - 00056196 _____ C:\windows\PFRO.log
2013-12-30 13:49 - 2009-07-14 05:53 - 00000006 ____H C:\windows\Tasks\SA.DAT
2013-12-30 13:48 - 2009-07-14 05:34 - 00019536 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-30 13:48 - 2009-07-14 05:34 - 00019536 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-30 13:47 - 2013-12-30 13:51 - 01064199 _____ (Farbar) C:\Users\Karel\Desktop\FRST.exe
2013-12-30 13:47 - 2013-12-29 15:18 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-12-30 13:47 - 2009-07-14 03:37 - 00000000 ___RD C:\Users\Public
2013-12-29 17:51 - 2011-10-07 16:41 - 00001138 _____ C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3067011553-2313972656-3019485188-1002UA.job
2013-12-29 17:27 - 2009-07-14 03:37 - 00000000 ____D C:\windows\rescache
2013-12-29 16:59 - 2009-07-14 03:37 - 00000000 ____D C:\windows\Microsoft.NET
2013-12-29 15:02 - 2010-03-31 04:00 - 00006074 _____ C:\windows\system32\PerfStringBackup.INI
2013-12-29 14:59 - 2010-09-21 17:01 - 00000000 ____D C:\Users\Karel
2013-12-29 14:28 - 2010-03-31 04:20 - 00000000 ____D C:\windows\system32\Drivers\de-DE
2013-12-29 14:28 - 2009-07-14 03:37 - 00000000 ____D C:\windows\system32\de-DE
2013-12-29 14:27 - 2009-07-14 05:33 - 01822592 _____ C:\windows\system32\FNTCACHE.DAT
2013-12-29 14:24 - 2013-12-29 14:24 - 00000000 ____H C:\windows\system32\Drivers\Msft_Kernel_point32_01011.Wdf
2013-12-29 14:24 - 2013-12-29 14:23 - 00000000 ____D C:\Program Files\Microsoft Mouse and Keyboard Center
2013-12-29 14:24 - 2010-09-21 17:05 - 00128976 _____ C:\Users\Karel\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-29 14:11 - 2010-10-11 20:48 - 00000052 _____ C:\windows\system32\DOErrors.log
2013-12-29 14:10 - 2013-12-29 14:10 - 01303728 _____ (Synaptics Incorporated) C:\windows\system32\Drivers\SynTP.sys
2013-12-29 14:10 - 2013-12-29 14:10 - 00214312 _____ (Synaptics Incorporated) C:\windows\system32\SynCtrl.dll
2013-12-29 14:10 - 2013-12-29 14:10 - 00173352 _____ (Synaptics Incorporated) C:\windows\system32\SynCOM.dll
2013-12-29 14:10 - 2013-12-29 14:10 - 00165160 _____ (Synaptics Incorporated) C:\windows\system32\SynTPAPI.dll
2013-12-29 14:10 - 2013-12-29 14:10 - 00004392 _____ C:\windows\DPINST.LOG
2013-12-29 14:10 - 2010-01-22 19:25 - 00120104 _____ (Synaptics Incorporated) C:\windows\system32\SynTPCo4.dll
2013-12-29 14:07 - 2010-04-08 10:57 - 00000000 ____D C:\Program Files\IDT
2013-12-29 14:06 - 2013-12-29 14:07 - 12705884 _____ (IDT, Inc.) C:\windows\system32\idtcpl.cpl
2013-12-29 14:06 - 2013-12-29 14:07 - 01953792 _____ (IDT, Inc.) C:\windows\system32\stlang.dll
2013-12-29 14:06 - 2013-12-29 14:07 - 00531968 ____N (IDT, Inc.) C:\windows\system32\stapi32.dll
2013-12-29 14:06 - 2013-12-29 14:07 - 00495708 _____ (IDT, Inc.) C:\windows\sttray.exe
2013-12-29 14:06 - 2013-12-29 14:07 - 00380928 _____ (Andrea Electronics Corporation) C:\windows\system32\aestecap.dll
2013-12-29 14:06 - 2013-12-29 14:07 - 00179712 _____ (IDT, Inc.) C:\windows\system32\staco.dll
2013-12-29 14:06 - 2013-12-29 14:07 - 00140288 _____ (Andrea Electronics Corporation) C:\windows\system32\aestacap.dll
2013-12-29 14:06 - 2013-12-29 14:07 - 00086016 _____ (Andrea Electronics Corporation) C:\windows\system32\AESTCom.dll
2013-12-29 14:06 - 2013-12-29 14:07 - 00061440 _____ (Andrea Electronics Corporation) C:\windows\system32\aestaren.dll
2013-12-29 14:06 - 2013-12-29 14:06 - 00934912 _____ (IDT, Inc.) C:\windows\system32\stapo.dll
2013-12-29 14:06 - 2013-12-29 14:06 - 00431616 _____ (IDT, Inc.) C:\windows\system32\Drivers\stwrt.sys
2013-12-29 14:06 - 2013-12-29 14:06 - 00405504 _____ (IDT, Inc.) C:\windows\system32\stcplx.dll
2013-12-29 13:42 - 2013-06-16 17:15 - 00000969 _____ C:\Users\Public\Desktop\CCleaner.lnk
2013-12-29 13:42 - 2013-06-16 17:15 - 00000000 ____D C:\Program Files\CCleaner
2013-12-29 13:26 - 2013-12-29 13:24 - 00000000 ____D C:\AdwCleaner
2013-12-29 13:26 - 2010-09-23 19:45 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-12-29 11:24 - 2013-11-12 14:34 - 00000320 _____ C:\windows\Tasks\HPCeeScheduleForKarel.job
2013-12-28 21:13 - 2011-11-06 10:38 - 00000000 _____ C:\windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-12-28 21:02 - 2009-07-27 09:31 - 00000000 ____D C:\windows\Panther
2013-12-28 20:50 - 2013-12-28 20:47 - 00000000 ____D C:\windows\system32\MRT
2013-12-28 20:42 - 2013-12-28 20:38 - 00011701 _____ C:\windows\IE11_main.log
2013-12-28 20:40 - 2013-12-28 20:40 - 01051136 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2013-12-28 20:40 - 2013-12-28 20:40 - 00646144 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2013-12-28 20:40 - 2013-12-28 20:40 - 00645120 _____ (Microsoft Corporation) C:\windows\system32\jsIntl.dll
2013-12-28 20:40 - 2013-12-28 20:40 - 00616104 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dat
2013-12-28 20:40 - 2013-12-28 20:40 - 00610304 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-12-28 20:40 - 2013-12-28 20:40 - 00523776 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-12-28 20:40 - 2013-12-28 20:40 - 00454656 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2013-12-28 20:40 - 2013-12-28 20:40 - 00367104 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2013-12-28 20:40 - 2013-12-28 20:40 - 00337408 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2013-12-28 20:40 - 2013-12-28 20:40 - 00244736 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2013-12-28 20:40 - 2013-12-28 20:40 - 00238288 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2013-12-28 20:40 - 2013-12-28 20:40 - 00233472 _____ (Microsoft Corporation) C:\windows\system32\url.dll
2013-12-28 20:40 - 2013-12-28 20:40 - 00208384 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2013-12-28 20:40 - 2013-12-28 20:40 - 00194048 _____ (Microsoft Corporation) C:\windows\system32\elshyph.dll
2013-12-28 20:40 - 2013-12-28 20:40 - 00182272 _____ (Microsoft Corporation) C:\windows\system32\msls31.dll
2013-12-28 20:40 - 2013-12-28 20:40 - 00164864 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2013-12-28 20:40 - 2013-12-28 20:40 - 00151552 _____ (Microsoft Corporation) C:\windows\system32\iexpress.exe
2013-12-28 20:40 - 2013-12-28 20:40 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\wextract.exe
2013-12-28 20:40 - 2013-12-28 20:40 - 00127488 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2013-12-28 20:40 - 2013-12-28 20:40 - 00116736 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2013-12-28 20:40 - 2013-12-28 20:40 - 00111616 _____ (Microsoft Corporation) C:\windows\system32\IEAdvpack.dll
2013-12-28 20:40 - 2013-12-28 20:40 - 00086016 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2013-12-28 20:40 - 2013-12-28 20:40 - 00083456 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2013-12-28 20:40 - 2013-12-28 20:40 - 00074240 _____ (Microsoft Corporation) C:\windows\system32\SetIEInstalledDate.exe
2013-12-28 20:40 - 2013-12-28 20:40 - 00071680 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2013-12-28 20:40 - 2013-12-28 20:40 - 00069632 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2013-12-28 20:40 - 2013-12-28 20:40 - 00069120 _____ (Microsoft Corporation) C:\windows\system32\icardie.dll
2013-12-28 20:40 - 2013-12-28 20:40 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2013-12-28 20:40 - 2013-12-28 20:40 - 00061952 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2013-12-28 20:40 - 2013-12-28 20:40 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\pngfilt.dll
2013-12-28 20:40 - 2013-12-28 20:40 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\mshtmler.dll
2013-12-28 20:40 - 2013-12-28 20:40 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\msfeedsbs.dll
2013-12-28 20:40 - 2013-12-28 20:40 - 00036352 _____ (Microsoft Corporation) C:\windows\system32\imgutil.dll
2013-12-28 20:40 - 2013-12-28 20:40 - 00034816 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2013-12-28 20:40 - 2013-12-28 20:40 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\licmgr10.dll
2013-12-28 20:40 - 2013-12-28 20:40 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\mshta.exe
2013-12-28 20:40 - 2013-12-28 20:40 - 00012800 _____ (Microsoft Corporation) C:\windows\system32\msfeedssync.exe
2013-12-28 20:39 - 2013-12-28 20:39 - 03969472 _____ (Microsoft Corporation) C:\windows\system32\ntkrnlpa.exe
2013-12-28 20:39 - 2013-12-28 20:39 - 03914176 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2013-12-28 20:39 - 2013-12-28 20:39 - 01294272 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2013-12-28 20:39 - 2013-12-28 20:39 - 01289096 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2013-12-28 20:39 - 2013-12-28 20:39 - 00640512 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2013-12-28 20:39 - 2013-12-28 20:39 - 00619520 _____ (Microsoft Corporation) C:\windows\system32\tdh.dll
2013-12-28 20:39 - 2013-12-28 20:39 - 00338944 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys
2013-12-28 20:39 - 2013-12-28 20:39 - 00231424 _____ (Microsoft Corporation) C:\windows\system32\mswsock.dll
2013-12-28 20:26 - 2013-12-28 20:26 - 00000000 _____ C:\windows\setuperr.log
2013-12-28 20:14 - 2013-10-09 07:02 - 00000000 ____D C:\ProgramData\UXDpgns3_old
2013-12-28 19:50 - 2013-12-28 19:38 - 00000000 ____D C:\Users\Karel\AppData\Local\Avg2014
2013-12-28 19:44 - 2013-12-28 19:44 - 00000000 ____D C:\Users\Karel\AppData\Roaming\AVG2014
2013-12-28 19:43 - 2013-12-28 19:43 - 00000951 _____ C:\Users\Public\Desktop\AVG 2014.lnk
2013-12-28 19:43 - 2013-12-28 19:43 - 00000000 ___HD C:\$AVG
2013-12-28 19:43 - 2013-12-28 19:43 - 00000000 ____D C:\ProgramData\AVG2014
2013-12-28 19:43 - 2013-12-28 19:43 - 00000000 ____D C:\Program Files\AVG
2013-12-28 19:43 - 2013-12-28 15:30 - 00000000 ____D C:\Users\Karel\AppData\Roaming\TuneUp Software
2013-12-28 19:38 - 2013-12-28 19:38 - 00000000 ____D C:\Users\Karel\AppData\Local\MFAData
2013-12-28 19:00 - 2012-01-06 16:49 - 00000000 ____D C:\windows\Minidump
2013-12-28 18:55 - 2013-12-28 15:29 - 00000000 ____D C:\Program Files\TuneUp Utilities 2014
2013-12-28 18:53 - 2012-03-13 20:02 - 00000000 ____D C:\Program Files\Google
2013-12-28 18:52 - 2010-09-23 19:30 - 00000000 ____D C:\Users\Karel\AppData\Roaming\Adobe
2013-12-28 18:50 - 2009-07-14 03:37 - 00000000 ____D C:\windows\system32\NDF
2013-12-28 18:48 - 2013-12-28 18:48 - 00000000 ____D C:\Users\Karel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
2013-12-28 18:37 - 2011-06-03 08:31 - 00000000 ____D C:\Program Files\iTunes
2013-12-28 18:37 - 2011-06-03 08:31 - 00000000 ____D C:\Program Files\iPod
2013-12-28 18:27 - 2013-12-28 18:27 - 00000000 ____D C:\Intel
2013-12-28 16:08 - 2013-12-28 15:29 - 00000000 __SHD C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2013-12-28 16:08 - 2013-11-05 21:34 - 00000000 ____D C:\ProgramData\{9BF4D58B-C6D6-467B-BC5A-FD0C1278F4AF}
2013-12-28 16:08 - 2013-10-09 13:02 - 00000000 ____D C:\Users\Karel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Antivirus Security Pro
2013-12-28 16:08 - 2011-10-06 16:16 - 00000000 ____D C:\Users\Karel\AppData\Roaming\hpqLog
2013-12-28 15:39 - 2013-12-28 15:29 - 00000000 ____D C:\ProgramData\TuneUp Software
2013-12-28 15:36 - 2013-12-28 15:13 - 2718335890 _____ C:\avenger.txt
2013-12-28 15:33 - 2013-12-28 15:33 - 00000000 ____D C:\ProgramData\Oracle
2013-12-28 15:33 - 2013-12-28 15:33 - 00000000 ____D C:\Program Files\Common Files\Java
2013-12-28 15:32 - 2013-12-28 15:33 - 00264616 _____ (Oracle Corporation) C:\windows\system32\javaws.exe
2013-12-28 15:32 - 2013-12-28 15:32 - 00175016 _____ (Oracle Corporation) C:\windows\system32\javaw.exe
2013-12-28 15:32 - 2013-12-28 15:32 - 00174504 _____ (Oracle Corporation) C:\windows\system32\java.exe
2013-12-28 15:32 - 2013-12-28 15:32 - 00094632 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge.dll
2013-12-28 15:32 - 2012-08-07 15:47 - 00000000 ____D C:\Program Files\Java
2013-12-28 15:19 - 2013-12-28 15:19 - 00001989 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2013-12-28 15:19 - 2010-10-18 20:17 - 00000000 ____D C:\ProgramData\Adobe
2013-12-28 15:19 - 2010-10-18 20:13 - 00000000 ____D C:\Program Files\Common Files\Adobe
2013-12-28 15:19 - 2010-10-18 20:13 - 00000000 ____D C:\Program Files\Adobe
2013-12-28 15:18 - 2010-10-18 20:21 - 00000000 ____D C:\Users\Karel\AppData\Local\Adobe
2013-12-28 15:13 - 2013-12-28 15:13 - 00000000 ____D C:\Avenger
2013-12-28 15:13 - 2009-07-14 05:56 - 00000000 ____D C:\windows\DigitalLocker
2013-12-28 11:46 - 2013-12-28 11:46 - 00000000 ____D C:\Users\Karel\AppData\Roaming\Malwarebytes
2013-12-28 11:46 - 2013-12-28 11:46 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-12-28 11:34 - 2013-06-08 14:41 - 00005078 _____ C:\Users\Karel\AppData\Roaming\urlsps.txt
2013-12-24 13:32 - 2011-10-07 16:41 - 00001116 _____ C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3067011553-2313972656-3019485188-1002Core.job
2013-12-23 17:32 - 2010-09-21 17:04 - 00000306 __RSH C:\ProgramData\ntuser.pol
2013-12-18 16:25 - 2013-12-18 16:25 - 00002170 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-12-18 07:44 - 2013-12-18 07:44 - 00000000 ____D C:\Users\Karel\AppData\Local\Macromedia
2013-12-17 21:03 - 2013-12-17 21:03 - 00692616 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerApp.exe
2013-12-17 21:03 - 2012-03-20 19:54 - 00071048 _____ (Adobe Systems Incorporated) C:\windows\system32\FlashPlayerCPLApp.cpl
2013-12-17 18:21 - 2013-12-17 18:21 - 00000156 _____ C:\windows\Twunk001.MTX
2013-12-17 18:21 - 2013-12-17 18:21 - 00000002 _____ C:\windows\Twain001.Mtx
2013-12-17 18:21 - 2013-12-17 18:21 - 00000000 _____ C:\windows\Twunk002.MTX
2013-12-16 13:07 - 2009-07-14 05:53 - 00032632 _____ C:\windows\Tasks\SCHEDLGU.TXT
2013-12-12 07:54 - 2010-10-19 17:46 - 00000000 ____D C:\Program Files\Mozilla Thunderbird
2013-12-01 14:42 - 2011-02-14 18:52 - 88123800 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
ZeroAccess:
C:\Users\Karel\AppData\Local\Google\Desktop\Install
ZeroAccess:
C:\Program Files\Google\Desktop\Install
Files to move or delete:
====================
C:\Users\Karel\grub.exe
C:\Users\Karel\rescue2usb.exe
C:\Users\Karel\syslinux.exe
Some content of TEMP:
====================
C:\Users\Karel\AppData\Local\Temp\Extract.exe
C:\Users\Karel\AppData\Local\Temp\MouseKeyboardCenterx86_1031.exe
C:\Users\Karel\AppData\Local\Temp\SP49415.exe
C:\Users\Karel\AppData\Local\Temp\SP51129.exe
C:\Users\Karel\AppData\Local\Temp\sp62291.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
ATTENTION: ====> ZeroAccess. Use DeleteJunctionsIndirectory: C:\Program Files\Windows Defender
LastRegBack: 2013-12-29 17:19
==================== End Of Log ============================
Addition.txt Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 29-12-2013 01
Ran by Karel at 2013-12-30 13:53:17
Running from C:\Users\Karel\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
7-Zip 4.65 (Version: - )
Adobe Anchor Service CS3 (Version: 1.0 - Adobe Systems Incorporated)
Adobe Asset Services CS3 (Version: 3 - Adobe Systems Incorporated)
Adobe Bridge CS3 (Version: 2 - Adobe Systems Incorporated)
Adobe Bridge Start Meeting (Version: 1.0 - Adobe Systems Incorporated)
Adobe Camera Raw 4.0 (Version: 4.0 - Adobe Systems Incorporated)
Adobe CMaps (Version: 1.0 - Adobe Systems Incorporated)
Adobe Color - Photoshop Specific (Version: 1.0 - Adobe Systems Incorporated)
Adobe Color Common Settings (Version: 1.0 - Adobe Systems Incorporated)
Adobe Color EU Recommended Settings (Version: 1.0 - Adobe Systems Incorporated)
Adobe Color JA Extra Settings (Version: 1.0 - Adobe Systems Incorporated)
Adobe Color NA Extra Settings (Version: 1.0 - Adobe Systems Incorporated)
Adobe Default Language CS3 (Version: 1.0 - Adobe Systems Incorporated)
Adobe Device Central CS3 (Version: 1.0 - Adobe Systems Incorporated)
Adobe ExtendScript Toolkit 2 (Version: 2.0 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (Version: 10.0.32.18 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Fonts All (Version: 1.0 - Adobe Systems Incorporated)
Adobe Help Viewer CS3 (Version: 1 - Adobe Systems Incorporated)
Adobe Linguistics CS3 (Version: 3.0.0 - Adobe Systems Incorporated)
Adobe PDF Library Files (Version: 8.0 - Adobe Systems Incorporated)
Adobe Photoshop CS3 (Version: 10 - Adobe Systems Incorporated)
Adobe Photoshop CS3 (Version: 10.0 - Adobe Systems Incorporated)
Adobe Premiere Pro 1.5 (Version: 1.5 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.03) - Deutsch (Version: 11.0.03 - Adobe Systems Incorporated)
Adobe Setup (Version: 1.0 - Adobe Systems Incorporated)
Adobe Stock Photos CS3 (Version: 1.5 - Adobe Systems Incorporated)
Adobe Type Support (Version: 1.0 - Adobe Systems Incorporated)
Adobe Update Manager CS3 (Version: 5.1.0 - Adobe Systems Incorporated)
Adobe Version Cue CS3 Client (Version: 3 - Adobe Systems Incorporated)
Adobe WinSoft Linguistics Plugin (Version: 1.0 - Adobe Systems Incorporated)
Adobe XMP Panels CS3 (Version: 1.0 - Adobe Systems Incorporated)
Apple Application Support (Version: 1.5.1 - Apple Inc.)
Apple Mobile Device Support (Version: 3.4.0.25 - Apple Inc.)
Apple Software Update (Version: 2.1.2.120 - Apple Inc.)
AVG 2014 (Version: 14.0.3658 - AVG Technologies)
AVG 2014 (Version: 14.0.4259 - AVG Technologies)
AVG 2014 (Version: 2014.0.4259 - AVG Technologies)
Barbie(TM) in Die 12 tanzenden Prinzessinnen (Version: 1.00.0000 - Activision)
Bonjour (Version: 2.0.5.0 - Apple Inc.)
Broadcom 2070 Bluetooth 2.1 + EDR (Version: 6.2.1.1100 - Broadcom Corporation)
CCleaner (Version: 4.09 - Piriform)
Cisco EAP-FAST Module (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (Version: 1.1.6 - Cisco Systems, Inc.)
DeepBurner v1.9.0.228 (Version: - )
Die*Sims™*3 (Version: 1.0.631 - Electronic Arts)
DirectX 9 Runtime (Version: 1.00.0000 - Sonic Solutions)
Du und Dein Heim für Tiere (Version: 1.0.0 - Caipirinha Games)
Facebook Video Calling 1.2.0.287 (Version: 1.2.287 - Skype Limited)
GehirnJogging_PLUS (Version: - )
Google Earth (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.22.3 - Google Inc.)
Hewlett-Packard ACLM.NET v1.2.1.1 (Version: 1.00.0000 - Hewlett-Packard Company)
HP Advisor (Version: 3.4.10262.3295 - Hewlett-Packard)
HP Customer Experience Enhancements (Version: 6.0.1.4 - Hewlett-Packard)
HP ESU for Microsoft Windows 7 (Version: 1.1.1.1 - Hewlett-Packard Company)
HP HotKey Support (Version: 3.5.14.1 - Hewlett-Packard Company)
HP Setup (Version: 1.2.3557.3169 - Hewlett-Packard)
HP SoftPaq Download Manager (Version: 3.0.5.0 - Hewlett-Packard Company)
HP Software Framework (Version: 3.5.17.1 - Hewlett-Packard Company)
HP Software Setup (Version: 7.0.1.6 - Hewlett-Packard Company)
HP Support Assistant (Version: 7.0.39.15 - Hewlett-Packard Company)
HP User Guides 0190 (Version: 1.00.0000 - Hewlett-Packard)
HP Web Camera (Version: 1.0.0 - Hewlett-Packard)
HP Webcam (Version: 1.0.25.0 - Roxio)
HP Webcam Driver (Version: 5.8.50014.0 - Sonix)
HP Wireless Assistant (Version: 3.50.10.1 - Hewlett-Packard)
IDT Audio (Version: 1.0.6300.0 - IDT)
Intel(R) Graphics Media Accelerator Driver (Version: 8.15.10.2057 - Intel Corporation)
Intel® Matrix Storage Manager (Version: - Intel Corporation)
Java 7 Update 45 (Version: 7.0.450 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.)
Jumpin'Jack (Version: - )
Landwirtschafts-Simulator 2009 Gold (Version: - GIANTS Software)
LightScribe System Software (Version: 1.18.11.1 - LightScribe)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Choice Guard (Version: 2.0.48.0 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (Version: 2.7 - Microsoft Corporation)
Microsoft Search Enhancement Pack (Version: 1.2.123.0 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (Version: 10.0.30319 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft_VC100_CRT_SP1_x86 (Version: 10.0.40219.1 - Nokia)
Microsoft-Maus- und Tastatur-Center (Version: 2.2.173.0 - Microsoft Corporation)
Minecraft PC Gamer Demo version 1.5 (Version: 1.5 - Mojang)
Mozilla Firefox (3.6.28) (Version: 3.6.28 (de) - Mozilla)
Mozilla Thunderbird (3.1.4) (Version: 3.1.4 (de) - Mozilla)
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia)
MSVC90_x86 (Version: 1.0.1.2 - Nokia)
MSVCRT (Version: 14.0.1468.721 - Microsoft)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0 - Microsoft Corporation)
Nokia Connectivity Cable Driver (Version: 7.1.78.0 - Nokia)
Nokia Software Updater (Version: 3.0.655 - Nokia Corporation)
Norton Online Backup (Version: 2.0.0.34 - Symantec)
Nuance PDF Professional 6 (Version: 6.00.3205 - Nuance Communications, Inc)
Nuance PDF Reader (Version: 6.00.0039 - Nuance Communications, Inc.)
OpenOffice.org 3.2 (Version: 3.2.9502 - OpenOffice.org)
PC Connectivity Solution (Version: 12.0.27.0 - Nokia)
PDF Complete Special Edition (Version: 3.5.116 - PDF Complete, Inc)
PDF Settings (Version: 1.0 - Adobe Systems Incorporated)
Rayman 3 version 1.0 (Version: 1.0 - )
Realtek Ethernet Controller All-In-One Windows Driver (Version: 1.12.0011 - Realtek)
REALTEK Wireless LAN Software (Version: 1.00.10.0104 - REALTEK Semiconductor Corp.)
Roxio Activation Module (Version: 1.0 - Roxio)
Roxio Creator Audio (Version: 3.8.0 - Roxio)
Roxio Creator Business (Version: 10.3 - Roxio)
Roxio Creator Business v10 (Version: 3.8.0 - Roxio)
Roxio Creator Copy (Version: 3.8.0 - Roxio)
Roxio Creator Data (Version: 3.8.0 - Roxio)
Roxio Creator Tools (Version: 3.8.0 - Roxio)
Roxio Express Labeler 3 (Version: 3.2.2 - Roxio)
Roxio MyDVD (Version: 10.3.349 - Roxio)
Scansoft PDF Professional (Version: - )
Skype™ 4.1 (Version: 4.1.179 - Skype Technologies S.A.)
Sonic CinePlayer Decoder Pack (Version: 4.3.0 - Sonic Solutions)
Synaptics Pointing Device Driver (Version: 15.0.24.0 - Synaptics Incorporated)
Turtix (Version: - )
Visual Studio 2012 x86 Redistributables (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windows 7 Default Setting (Version: 1.0.1.6 - Hewlett-Packard Company)
Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom Bluetooth (12/16/2009 6.2.0.9414) (Version: 12/16/2009 6.2.0.9414 - Broadcom)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
Windows Live Anmelde-Assistent (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Essentials (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Toolbar (Version: 14.0.8064.206 - Microsoft Corporation)
Windows Live-Uploadtool (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows-Treiberpaket - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0) (Version: 05/31/2012 7.1.2.0 - Nokia)
==================== Restore Points =========================
==================== Hosts content: ==========================
2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {0414E62E-8380-4A37-BC14-C0F619527019} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {082C9C5E-0318-4F99-A37C-97F18F05B6D3} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {0E03B6BE-32A8-4900-8D88-F38E6C292ED5} - System32\Tasks\{E1ED354B-260A-4542-BC33-94918D17BB3A} => C:\Program Files\JoWooD\Böse Nachbarn 2\bin\game.exe
Task: {18D6CF69-1E21-4C5B-A37C-BBB0053174E9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)
Task: {1A785493-50D6-40ED-A4B2-885925B26BD1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-09-23] (Hewlett-Packard Company)
Task: {20BE816F-B292-43A7-95D6-D154E03014FB} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {2DA74208-8C19-4596-A695-1D57082A7D91} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2009-10-22] (Apple Inc.)
Task: {30DEEBAA-0136-464E-8C37-FB0255EDBDC0} - System32\Tasks\Registration => C:\Program Files\Hewlett-Packard\HP Setup\RemEngine.exe [2009-10-06] ()
Task: {3D39EB09-0E13-4FB9-B188-B6243507B8D4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {48ED5DCD-4165-484B-8A7E-D28E7E093440} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-05-11] (Adobe Systems Incorporated)
Task: {581C2759-5C5B-4538-955D-AABF709A91A9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-03-13] (Google Inc.)
Task: {5C4B7501-D4AF-48CB-9E7E-A1DC8B5CE209} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {5CD3D66F-B8D9-4B77-83A8-EB675F538FAD} - System32\Tasks\HPCeeScheduleForKarel => C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05] (Hewlett-Packard)
Task: {5F45FB68-11C7-4977-A299-3424B51D32B7} - System32\Tasks\Microsoft\Windows Defender\MpIdleTask => C:\Program Files\Windows Defender\MpCmdRun.exe [2009-07-14] ()
Task: {81C8A2D8-81BD-41DC-82E1-D359C52A0D25} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3067011553-2313972656-3019485188-1002UA => C:\Users\Karel\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {8F4774E1-0E45-4ABB-8F1D-6B2140EC648F} - System32\Tasks\{E8D5A755-F31D-42B8-B9D2-7EF5953C7A07} => C:\Program Files\JoWooD\Böse Nachbarn 2\bin\game.exe
Task: {9253D39D-FDD4-4E9F-B987-71B5E78018C6} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\MouseKeyboardCenter.exe [2013-05-13] (Microsoft)
Task: {9BDADB14-9EC7-482D-A61F-0058A9ECC3FE} - System32\Tasks\{509B9480-64A5-4564-B1F4-DC5C3788D8A7} => C:\Program Files\JoWooD\Böse Nachbarn 2\bin\game.exe
Task: {A5EEA9A6-1A34-4A0B-AEB5-6748B5CFEEFE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-03-13] (Google Inc.)
Task: {CC3A6AA4-68EE-4A91-90EE-F367D1987021} - System32\Tasks\{43FF976E-C16F-4A02-8DA3-23C78F1200E5} => C:\Program Files\JoWooD\Böse Nachbarn 2\bin\game.exe
Task: {CDE2AD86-B9EE-4FF8-A4E8-E8ED5637ACF9} - System32\Tasks\{A76EFC2C-FADD-460C-88A2-EAEAC6282FEF} => C:\Program Files\JoWooD\Böse Nachbarn 2\bin\game.exe
Task: {D735E5F5-D7D5-4E2A-A986-4FE917157F70} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {DD45999A-5F8B-4913-BE5A-9E2C5D6A9EC6} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {DFF45E7C-D48B-445F-860B-8A7087825EB6} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => C:\Program Files\Windows Defender\MpCmdRun.exe [2009-07-14] ()
Task: {F14C3FAC-4204-40CE-8BD6-822D89C0E17D} - System32\Tasks\{292088F3-1110-4AEB-AB86-D25DB831746C} => C:\Program Files\JoWooD\Böse Nachbarn 2\bin\game.exe
Task: {F322C06C-1E84-476A-A614-603E82C134AB} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3067011553-2313972656-3019485188-1002Core => C:\Users\Karel\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {F49B5A8D-BC49-4C1A-A16F-73ECBCED3713} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3067011553-2313972656-3019485188-1002Core.job => C:\Users\Karel\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3067011553-2313972656-3019485188-1002UA.job => C:\Users\Karel\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\HPCeeScheduleForKarel.job => C:\Program Files\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Loaded Modules (whitelisted) =============
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (12/29/2013 05:23:31 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "1". Fehler in Manifest- oder Richtliniendatei "2" in Zeile 3.
Ungültige XML-Syntax.
Error: (12/29/2013 03:02:17 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.
Error: (12/29/2013 03:02:17 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (12/29/2013 03:02:16 PM) (Source: Microsoft-Windows-LoadPerf) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (12/29/2013 02:19:39 PM) (Source: Microsoft-Windows-LoadPerf) (User: Karel-HP)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "MSDTC Bridge 4.0.0.0" (MSDTC Bridge 4.0.0.0). Der Fehlercode ist das erste DWORD im Datenbereich.
Error: (12/29/2013 02:19:39 PM) (Source: Microsoft-Windows-LoadPerf) (User: Karel-HP)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (12/29/2013 02:19:39 PM) (Source: Microsoft-Windows-LoadPerf) (User: Karel-HP)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (12/29/2013 02:19:39 PM) (Source: Microsoft-Windows-LoadPerf) (User: Karel-HP)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "SMSvcHost 4.0.0.0" (SMSvcHost 4.0.0.0). Der Fehlercode ist das erste DWORD im Datenbereich.
Error: (12/29/2013 02:19:39 PM) (Source: Microsoft-Windows-LoadPerf) (User: Karel-HP)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (12/29/2013 02:19:39 PM) (Source: Microsoft-Windows-LoadPerf) (User: Karel-HP)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
System errors:
=============
Error: (12/30/2013 01:50:23 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%-2147024891
Error: (12/30/2013 01:50:23 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Funktionssuche-Ressourcenveröffentlichung" wurde mit folgendem Fehler beendet:
%%-2147024891
Error: (12/30/2013 01:49:51 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
sptd
Error: (12/30/2013 01:49:40 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "IKE- und AuthIP IPsec-Schlüsselerstellungsmodule" ist von folgendem Dienst abhängig: BFE. Dieser Dienst ist eventuell nicht installiert.
Error: (12/30/2013 01:49:40 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Funktionssuche-Ressourcenveröffentlichung" wurde mit folgendem Fehler beendet:
%%-2147024891
Error: (12/30/2013 01:49:39 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computerbrowser" wurde mit folgendem Fehler beendet:
%%1060
Error: (12/30/2013 01:49:00 PM) (Source: sptd) (User: )
Description: Der Treiber hat einen internen Fehler in seinen Datenstrukturen für festgestellt.
Error: (12/30/2013 01:45:02 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%-2147024891
Error: (12/30/2013 01:45:02 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Funktionssuche-Ressourcenveröffentlichung" wurde mit folgendem Fehler beendet:
%%-2147024891
Error: (12/30/2013 01:44:24 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
sptd
Microsoft Office Sessions:
=========================
Error: (12/29/2013 05:23:31 PM) (Source: SideBySide)(User: )
Description: c:\program files\microsoft\search enhancement pack\search helper\searchhelper.dllc:\program files\microsoft\search enhancement pack\search helper\searchhelper.dll2
Error: (12/29/2013 03:02:17 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: WmiApRplWmiApRpl8F20300004D070000
Error: (12/29/2013 03:02:17 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000
Error: (12/29/2013 03:02:16 PM) (Source: Microsoft-Windows-LoadPerf)(User: NT-AUTORITÄT)
Description: Performance1637070000000000000000000009030000
Error: (12/29/2013 02:19:39 PM) (Source: Microsoft-Windows-LoadPerf)(User: Karel-HP)
Description: MSDTC Bridge 4.0.0.0MSDTC Bridge 4.0.0.08F20300004D070000
Error: (12/29/2013 02:19:39 PM) (Source: Microsoft-Windows-LoadPerf)(User: Karel-HP)
Description: Performance1637070000000000000000000009030000
Error: (12/29/2013 02:19:39 PM) (Source: Microsoft-Windows-LoadPerf)(User: Karel-HP)
Description: Performance1637070000000000000000000009030000
Error: (12/29/2013 02:19:39 PM) (Source: Microsoft-Windows-LoadPerf)(User: Karel-HP)
Description: SMSvcHost 4.0.0.0SMSvcHost 4.0.0.08F20300004D070000
Error: (12/29/2013 02:19:39 PM) (Source: Microsoft-Windows-LoadPerf)(User: Karel-HP)
Description: Performance1637070000000000000000000009030000
Error: (12/29/2013 02:19:39 PM) (Source: Microsoft-Windows-LoadPerf)(User: Karel-HP)
Description: Performance1637070000000000000000000009030000
CodeIntegrity Errors:
===================================
Date: 2013-12-29 17:21:52.281
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-12-29 17:21:52.281
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-12-29 17:21:52.265
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-12-29 17:21:52.265
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-12-29 17:21:52.265
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-12-29 17:21:52.249
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-12-29 17:21:52.234
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-12-29 17:21:52.234
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-12-29 17:21:52.234
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-12-29 17:21:52.218
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX86\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 40%
Total physical RAM: 3000.27 MB
Available physical RAM: 1788.66 MB
Total Pagefile: 5998.82 MB
Available Pagefile: 4692.49 MB
Total Virtual: 2047.88 MB
Available Virtual: 1894.96 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:448.47 GB) (Free:370.82 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: () (Removable) (Total:1.92 GB) (Free:1.73 GB) FAT
Drive f: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.98 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 466 GB) (Disk ID: 3C5F7C9A)
Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=448 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=2 GB) - (Type=0C)
========================================================
Disk: 1 (Size: 2 GB) (Disk ID: 00000000)
Partition 1: (Not Active) - (Size=2 GB) - (Type=06)
==================== End Of Log ============================
|
|
31.12.2013, 08:30
| #4 | |
| /// the machine /// TB-Ausbilder | keine Downloads mehr möglich Win7 (angeblich Viren enthalten) Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter DeleteJunctionsIndirectory: C:\Program Files\Windows Defender
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!Downloade dir bitte Combofix vom folgenden Downloadspiegel Link 1 WICHTIG - Speichere Combofix auf deinem Desktop
Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort. Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten Zitat:
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
31.12.2013, 10:03
| #5 |
| | keine Downloads mehr möglich Win7 (angeblich Viren enthalten) Ok, zuerst Fixlog.txt: Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 29-12-2013 01
Ran by Karel at 2013-12-31 09:23:31 Run:1
Running from C:\Users\Karel\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
DeleteJunctionsIndirectory: C:\Program Files\Windows Defender
*****************
"C:\Program Files\Windows Defender" => Deleting reparse point and unlocking started.
"C:\Program Files\Windows Defender\de-DE" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MpAsDesc.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MpClient.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MpCmdRun.exe" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MpCommu.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MpEvMsg.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MpOAV.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MpRTP.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MpSvc.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MSASCui.exe" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MsMpCom.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MsMpLics.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender\MsMpRes.dll" => Deleting reparse point and unlocking done.
"C:\Program Files\Windows Defender" => Deleting reparse point and unlocking completed.
==== End of Fixlog ====
Combofix.txt: Code:
ATTFilter Combofix Logfile: |
|
01.01.2014, 12:42
| #6 |
| /// the machine /// TB-Ausbilder | keine Downloads mehr möglich Win7 (angeblich Viren enthalten) Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ --> keine Downloads mehr möglich Win7 (angeblich Viren enthalten) |
|
01.01.2014, 15:08
| #7 |
| | keine Downloads mehr möglich Win7 (angeblich Viren enthalten) Frohes neues Jahr!! Malwarebytes Logfile: Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2014.01.01.03 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 11.0.9600.16476 Karel :: KAREL-HP [Administrator] 01.01.2014 14:30:40 mbam-log-2014-01-01 (14-30-40).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 215443 Laufzeit: 6 Minute(n), 47 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) AdwCleaner Logfile: AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v3.016 - Bericht erstellt am 01/01/2014 um 14:54:55
# Aktualisiert 23/12/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (32 bits)
# Benutzername : Karel - KAREL-HP
# Gestartet von : C:\Users\Karel\Desktop\adwcleaner_3.016.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.16428
-\\ Mozilla Firefox v3.6.28 (de)
[ Datei : C:\Users\Karel\AppData\Roaming\Mozilla\Firefox\Profiles\nhycx0g9.default\prefs.js ]
-\\ Google Chrome v
[ Datei : C:\Users\Karel\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [1650 octets] - [29/12/2013 13:24:43]
AdwCleaner[R1].txt - [1044 octets] - [01/01/2014 14:51:55]
AdwCleaner[S0].txt - [1711 octets] - [29/12/2013 13:26:36]
AdwCleaner[S1].txt - [967 octets] - [01/01/2014 14:54:55]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1026 octets] ##########
[/CODE] Junkware Removal Logfile: Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.9 (01.01.2014:1)
OS: Windows 7 Home Premium x86
Ran by Karel on 01.01.2014 at 14:57:33,14
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ FireFox
Emptied folder: C:\Users\Karel\AppData\Roaming\mozilla\firefox\profiles\nhycx0g9.default\minidumps [2 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 01.01.2014 at 15:00:45,97
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
neues FRST Log: Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 31-12-2013
Ran by Karel at 2014-01-01 15:05:59 Run:2
Running from C:\Users\Karel\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
DeleteJunctionsIndirectory: C:\Program Files\Windows Defender
*****************
"C:\Program Files\Windows Defender" => Deleting reparse point and unlocking started.
"C:\Program Files\Windows Defender" => Deleting reparse point and unlocking completed.
==== End of Fixlog ====
|
|
02.01.2014, 09:04
| #8 |
| /// the machine /// TB-Ausbilder | keine Downloads mehr möglich Win7 (angeblich Viren enthalten)ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
02.01.2014, 17:52
| #9 |
| |  keine Downloads mehr möglich Win7 (angeblich Viren enthalten) Eset Logfile: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=44b979ec47d2984a9d27c8f02a5a68dd
# engine=16487
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-01-02 03:43:30
# local_time=2014-01-02 04:43:30 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1023 16777215 0 0 0 0 0 0
# compatibility_mode=5893 16776574 100 94 7378170 140308601 0 0
# scanned=281549
# found=0
# cleaned=0
# scan_time=4306
Security Check: Code:
ATTFilter Results of screen317's Security Check version 0.99.77 Windows 7 Service Pack 1 x86 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` AVG AntiVirus 2014 Antivirus up to date! (On Access scanning disabled!) `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware Version 1.75.0.1300 CCleaner Java 7 Update 45 Adobe Flash Player 10 Flash Player out of Date! Adobe Flash Player 11.9.900.170 Adobe Reader XI Mozilla Firefox (3.6.28) Firefox out of Date! Mozilla Thunderbird (3.1.4) Thunderbird out of Date! ````````Process Check: objlist.exe by Laurent```````` AVG avgwdsvc.exe AVG avgrsx.exe AVG avgnsx.exe AVG avgemc.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: ````````````````````End of Log`````````````````````` FRST Log: Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 02-01-2014 01
Ran by Karel at 2014-01-02 17:48:00 Run:3
Running from C:\Users\Karel\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
DeleteJunctionsIndirectory: C:\Program Files\Windows Defender
*****************
"C:\Program Files\Windows Defender" => Deleting reparse point and unlocking started.
"C:\Program Files\Windows Defender" => Deleting reparse point and unlocking completed.
==== End of Fixlog ====
KEINE PROBLEME MEHR!!! VIELEN VIELEN DANK  |
|
03.01.2014, 12:32
| #10 |
| /// the machine /// TB-Ausbilder | keine Downloads mehr möglich Win7 (angeblich Viren enthalten) Flash, Firefox und Thunderbird updaten. Frisches FRST log fehlt noch
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu keine Downloads mehr möglich Win7 (angeblich Viren enthalten) |
| angeblich, avg, browser, cc cleaner, cleaner, datei, explorer, firefox, forum, gelöscht, home, interne, internet, internet explorer, logfiles, löscht, neu, ordner, problem, viren, warnung, welchem, win, win7, windows, windows 7 |
Linear-Darstellung
