| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Win-7: Adware / Virus entfernen - Virenscanner inaktiv - Weiterleitung auf Adware WebseiteWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
30.12.2013, 22:18
| #1 |
| |  Win-7: Adware / Virus entfernen - Virenscanner inaktiv - Weiterleitung auf Adware Webseite Hallo zusammen Ich habe den Auftrag bekommen einen eventuell infizierten (ziemlich sicher) Computer auf Malware usw. zu überprüfen. Kurze Zusammenfassung des Problems: Bei dem Versuch eine PDF Datei zu downloaden über ein Downloadprogramm wurden folgende Programme (Adware wahrscheinlich) installiert. (Windows -7 32 Bit) - MarkKit - MoboEngine - PC Speed UP - Snap.Do - Wajam Leider war der Virenscanner - AVG AntiVirus FREE - offenbar seit einiger Zeit inaktiv. Auftretende Symptome. - Durch die Installation der Programme wurde die Startseite des Google Chrome verändert. - Erweiterungen von Snap.Do und Wajam wurden Google Chrome automatisch hinzugefügt, welche ich entfernt habe. - Das Programm Icon von Chrome (taskliste) wurde durch eine Lupe ersetzt (Wahrscheinlich von Snap.Do) - Beim Öffnen des Browsers wurde meist ein weiteres Browserfenster geöffnet in welchem man auf angebliche Fehler im System informiert wird. Man solle doch dieses Programm xyz herunterladen usw. - Hohe Prozessor Auslastung. - AVG AntiVirus FREE war im Windows Security Center als "Ausgeschalten" gemeldet. Einfaches Wiedereinschalten war nicht möglich. Was habe ich gemacht?: - Google Chrome Erweiterungen von Snap.Do und Wajam entfernt. - Startseite auch Google zurückgesetzt. (Beim Start von Google Chrome wird kein Weiteres Browserfenster mehr geöffnet.) - AVG AntiVirus FREE mit der Repair-funktion nochmals installiert. (Wird nun von Windows als Aktiv erkannt.) - Virenscan mit Desinfec't disc von CD mit - Avira - Bitdefender - Kaspersky - ClamAV Funde: Werden beim editieren eingefügt: *EDIT START* Code:
ATTFilter 1. /media/2E8671598671230F/Users/username/AppData/Local/Microsoft/Windows/Temporary Internet Files/Content.IE5/YO9NO6S2/MarkKit_2040-1071[1].exe ((NSIS o))
2. /media/2E8671598671230F/Users/username/AppData/Local/cache/data7/2/ejx1ic42.d
3. /media/2E8671598671230F/Users/username/AppData/Local/Microsoft/Windows/Temporary Internet Files/Content.IE5/YO9NO6S2/config[1].js
4. /media/2E8671598671230F/Windows/Installer/434c35.msp
5. /media/2E8671598671230F/Program Files/Common Files/microsoft 6. shared/VBA/VBA6/VBE6.DLL
6. /media/2E8671598671230F/Program Files/MarkKit/MKupdater.exe
1. Bitdefender, Gen:Variant.Adware.AddLyrics.4 2. Kaspersky, HEUR:Trojan.Script.Iframer 3. ClamAV, CVE_2011_3397-9 4. CalmAV, W32.Virut.Gen.D-159 5. CalmAV, W32.Virut.Gen.D-159 6. Bitdefender, Gen:Variant.Adware.AddLyrics.5 *EDIT ENDE* Da der Virenscanner wahrscheinlich seit ein paar Tagen nicht mehr lief könnten sich sonst noch Schad Programme eingeschlichen haben. Wie soll ich fortfahren? Danke im Voraus. MfG history Geändert von history (30.12.2013 um 22:39 Uhr) Grund: Virenfunden von Desinfec't 2013 Eingefügt |
|
31.12.2013, 02:24
| #2 |
| /// the machine /// TB-Ausbilder    | Win-7: Adware / Virus entfernen - Virenscanner inaktiv - Weiterleitung auf Adware Webseite hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
31.12.2013, 15:21
| #3 |
| | Win-7: Adware / Virus entfernen - Virenscanner inaktiv - Weiterleitung auf Adware Webseite Danke für die schnelle Antwort.
__________________Diese Platzhalter habe ich verwendet: username = Name des Hauptbenutzers zweiterName = Name eines zweiten Benutzers -------- / ******* = Bedenkenloses Programm FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 31-12-2013
Ran by username (administrator) on COMPUTERNAME on 31-12-2013 14:35:59
Running from C:\Users\username\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\stacsv.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files\PC Speed Up\PCSUService.exe
(Validity Sensors, Inc.) C:\Windows\System32\vfsFPService.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpHostW.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\AEstSrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Garmin Ltd or its subsidiaries) C:\Users\username\Desktop\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgnsx.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Visicom Media Inc. (Powered by Panda Security)) C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgui.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
() C:\Program Files\Mobogenie\DaemonProcess.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe
(Smartbar) C:\Users\username\AppData\Local\Smartbar\Application\SnapDo.exe
() C:\Program Files\PC Speed Up\PCSUNotifier.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
(CyberLink) C:\Program Files\Hewlett-Packard\Media\Webcam\YCMMirage.exe
(Google Inc.) C:\Users\username\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\username\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\username\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\username\AppData\Local\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Google Inc.) C:\Users\username\AppData\Local\Google\Chrome\Application\chrome.exe
(Elaborate Bytes AG) C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files\Mobogenie\mgusb.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-07-02] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [WirelessAssistant] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [499768 2009-09-01] (Hewlett-Packard)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2299176 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [Anti-phishing Domain Advisor] - C:\ProgramData\Anti-phishing Domain Advisor\visicom_antiphishing.exe [232104 2011-01-31] (Visicom Media Inc. (Powered by Panda Security))
HKLM\...\Run: [HP Software Update] - C:\Program Files\HP\HP Software Update\hpwuschd2.exe [49208 2011-03-24] (Hewlett-Packard)
HKLM\...\Run: [] - [x]
HKLM\...\Run: [AVG_UI] - C:\Program Files\AVG\AVG2014\avgui.exe [4956176 2013-11-07] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray.exe [495708 2010-03-23] (IDT, Inc.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM\...\Run: [mobilegeni daemon] - C:\Program Files\Mobogenie\DaemonProcess.exe [761536 2013-12-30] ()
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2013-12-12] (Hewlett-Packard)
HKCU\...\Run: [AdobeBridge] - [x]
HKCU\...\Run: [HP Officejet Pro 8600 (NET)] - C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [1804648 2011-09-09] (Hewlett-Packard Co.)
HKCU\...\Run: [Google Update] - C:\Users\username\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-03-30] (Google Inc.)
HKCU\...\Run: [Browser Infrastructure Helper] - C:\Users\username\AppData\Local\Smartbar\Application\SnapDo.exe [21024 2013-12-22] (Smartbar)
HKCU\...\Run: [PCSpeedUp] - C:\Program Files\PC Speed Up\PCSUNotifier.exe [267568 2013-07-23] ()
HKU\zweiterName\...\Run: [HPADVISOR] - [x] (Zweiter Name von mir eingefügt)
HKU\Default\...\Run: [HPADVISOR] - [x]
HKU\Default User\...\Run: [HPADVISOR] - [x]
Lsa: [Notification Packages] scecli DPPWDFLT
Startup: C:\Users\username\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\username\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet Pro 8600 (Netzwerk).lnk
ShortcutTarget: Tintenwarnungen überwachen - HP Officejet Pro 8600 (Netzwerk).lnk -> C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?publisher=SoftPublisherYB&dpid=SoftpublisherYB&co=CH&userid=a3e68747-0799-6a30-66e2-597ef933f100&searchtype=ds&q={searchTerms}&installDate=30/12/2013
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://feed.snapdo.com/?publisher=SoftPublisherYB&dpid=SoftpublisherYB&co=CH&userid=a3e68747-0799-6a30-66e2-597ef933f100&searchtype=hp&installDate=30/12/2013
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://ch.msn.com/default.aspx?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xBAFA669A882FCC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-ch
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?publisher=SoftPublisherYB&dpid=SoftpublisherYB&co=CH&userid=a3e68747-0799-6a30-66e2-597ef933f100&searchtype=ds&q={searchTerms}&installDate=30/12/2013
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
SearchScopes: HKLM - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=SoftPublisherYB&dpid=SoftpublisherYB&co=CH&userid=a3e68747-0799-6a30-66e2-597ef933f100&searchtype=ds&q={searchTerms}&installDate=30/12/2013
SearchScopes: HKLM - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=SoftPublisherYB&dpid=SoftpublisherYB&co=CH&userid=a3e68747-0799-6a30-66e2-597ef933f100&searchtype=ds&q={searchTerms}&installDate=30/12/2013
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=SoftPublisherYB&dpid=SoftpublisherYB&co=CH&userid=a3e68747-0799-6a30-66e2-597ef933f100&searchtype=ds&q={searchTerms}&installDate=30/12/2013
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=SoftPublisherYB&dpid=SoftpublisherYB&co=CH&userid=a3e68747-0799-6a30-66e2-597ef933f100&searchtype=ds&q={searchTerms}&installDate=30/12/2013
BHO: Snap.DoEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
BHO: DigitalPersona Personal Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files\DigitalPersona\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll No File
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: MarkKit - {8ee6a58a-f0e6-4a9c-82ab-3739378d719c} - C:\Program Files\MarkKit\150.dll ()
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll No File
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll No File
Toolbar: HKLM - Snap.Do - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\System32\mscoree.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {0FEF2D2C-CDA6-45E4-B2ED-9DF7C50C95FF} - No File
Toolbar: HKCU - No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll No File
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\microsoft shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\17.2.0\ViProtocol.dll No File
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\username\AppData\Roaming\Mozilla\Firefox\Profiles\cn3zmdsu.default
FF NewTab: hxxp://feed.snapdo.com/?publisher=SoftPublisherYB&dpid=SoftpublisherYB&co=CH&userid=a3e68747-0799-6a30-66e2-597ef933f100&searchtype=nt&installDate=30/12/2013
FF DefaultSearchEngine: Ask.com
FF SearchEngineOrder.1: Ask.com
FF SelectedSearchEngine: Web Search
FF Homepage: hxxp://feed.snapdo.com/?publisher=SoftPublisherYB&dpid=SoftpublisherYB&co=CH&userid=a3e68747-0799-6a30-66e2-597ef933f100&searchtype=hp&installDate=30/12/2013
FF Keyword.URL: hxxp://feed.snapdo.com/?publisher=SoftPublisherYB&dpid=SoftpublisherYB&co=CH&userid=a3e68747-0799-6a30-66e2-597ef933f100&searchtype=ds&installDate=30/12/2013&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\17.2.0\\npsitesafety.dll No File
FF Plugin: @garmin.com/GpsControl - C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 - C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\username\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\username\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Users\username\AppData\Roaming\Mozilla\Firefox\Profiles\cn3zmdsu.default\searchplugins\Web Search.xml
FF Extension: Snap.Do - C:\Users\username\AppData\Roaming\Mozilla\Firefox\Profiles\cn3zmdsu.default\Extensions\{a3e68747-0799-6a30-66e2-597ef933f100}
FF HKLM\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files\DigitalPersona\Bin\FirefoxExt\
FF Extension: DigitalPersona Extension - C:\Program Files\DigitalPersona\Bin\FirefoxExt\
FF HKCU\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files\DigitalPersona\Bin\firefoxext
FF Extension: DigitalPersona Extension - C:\Program Files\DigitalPersona\Bin\firefoxext
FF HKCU\...\Firefox\Extensions: [{ff2fb4b9-d669-4eab-8b3d-baa18eb5edf6}] - C:\Program Files\MarkKit\150.xpi
FF Extension: MarkKit - C:\Program Files\MarkKit\150.xpi
FF Extension: MarkKit - C:\Program Files\MarkKit\150.xpi
FF HKCU\...\Firefox\Extensions: [{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}] - C:\Program Files\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi
FF Extension: Wajam - C:\Program Files\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi
FF Extension: Wajam - C:\Program Files\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi
Chrome:
=======
CHR HomePage: https://www.google.ch/
CHR DefaultSearchKeyword: search.snapdo.com
CHR DefaultSearchProvider: Web
CHR DefaultSearchURL: hxxp://feed.snapdo.com/?publisher=SoftPublisherYB&dpid=SoftpublisherYB&co=CH&userid=a3e68747-0799-6a30-66e2-597ef933f100&searchtype=ds&q={searchTerms}&installDate={installDate}
CHR DefaultNewTabURL:
CHR Plugin: (Shockwave Flash) - C:\Users\username\AppData\Local\Google\Chrome\User Data\PepperFlash\11.7.700.225\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\username\AppData\Local\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\username\AppData\Local\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\15.2.0\\npsitesafety.dll No File
CHR Plugin: (Garmin Communicator Plug-In) - C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U21) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Plugin: (Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (RocketLife Secure Plug-In Layer) - C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Extension: (YouTube) - C:\Users\username\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\username\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Google Wallet) - C:\Users\username\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0
CHR Extension: (Gmail) - C:\Users\username\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM\...\Chrome\Extension: [fepfchmifnojkckdkccoedjenodhcicc] - C:\Program Files\MarkKit\150.crx
CHR HKLM\...\Chrome\Extension: [jpmbfleldcgkldadpdinhjjopdfpjfjp] - C:\Users\username\AppData\Local\Wajam\Chrome\wajam.crx
CHR StartMenuInternet: Google Chrome - C:\Users\username\AppData\Local\Google\Chrome\Application\chrome.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
========================== Services (Whitelisted) =================
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3478544 2013-11-11] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-24] (AVG Technologies CZ, s.r.o.)
R2 Garmin Core Update Service; C:\Users\username\Desktop\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [185688 2013-03-27] (Garmin Ltd or its subsidiaries)
R2 PCSUService; C:\Program Files\PC Speed Up\PCSUService.exe [413488 2013-07-23] ()
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\STacSV.exe [229458 2010-03-23] (IDT, Inc.)
S2 vToolbarUpdater17.2.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\ToolbarUpdater.exe [x]
==================== Drivers (Whitelisted) ====================
R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [120600 2013-11-05] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [209176 2013-11-04] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [147768 2013-10-24] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [22840 2013-09-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [176952 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [222520 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [102712 2013-10-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27448 2013-09-10] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [193848 2013-08-01] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [37664 2013-11-10] (AVG Technologies)
R3 clwvd; C:\Windows\System32\DRIVERS\clwvd.sys [29168 2010-07-30] (Windows (R) Win 7 DDK provider)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [31088 2010-12-16] (Elaborate Bytes AG)
S3 grmnusb; C:\Windows\System32\drivers\grmnusb.sys [15720 2012-04-18] (GARMIN Corp.)
S2 adfs; No ImagePath
S3 pfc; system32\drivers\pfc.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-12-31 14:35 - 2013-12-31 14:37 - 00022499 _____ C:\Users\username\Desktop\FRST.txt
2013-12-31 14:35 - 2013-12-31 14:35 - 00000000 ____D C:\FRST
2013-12-31 14:32 - 2013-12-31 14:33 - 01064333 _____ (Farbar) C:\Users\username\Desktop\FRST.exe
2013-12-30 19:44 - 2013-12-30 19:47 - 137189352 _____ (AVG Technologies) C:\Users\username\Downloads\avg_free_x86_all_2014_4259a6848.exe
2013-12-30 19:05 - 2013-12-30 19:05 - 00001226 _____ C:\Users\username\Desktop\Revo Uninstaller.lnk
2013-12-30 19:05 - 2013-12-30 19:05 - 00000000 ____D C:\Program Files\VS Revo Group
2013-12-30 19:02 - 2013-12-30 19:02 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\username\Downloads\revosetup95.exe
2013-12-30 17:10 - 2013-12-30 20:40 - 00000488 _____ C:\Users\zweiterName\daemonprocess.txt (zweiterName wurde von mir eingefügt)
2013-12-30 02:16 - 2013-12-30 02:16 - 00000000 ____D C:\Users\username\Documents\PCSpeedUp
2013-12-30 01:54 - 2013-12-30 01:55 - 01098256 _____ (LiveSoftAction) C:\Users\username\Downloads\VOLKSWAGEN RNS 510 user guide provided through bedienungsanleitung-pdf.com (1).exe
2013-12-30 01:42 - 2013-12-31 14:26 - 00000000 ____D C:\Program Files\PC Speed Up
2013-12-30 01:42 - 2013-12-30 16:32 - 00000336 _____ C:\Windows\Tasks\PC SpeedUp Service Deactivator.job
2013-12-30 01:42 - 2013-12-30 01:42 - 00001010 _____ C:\Users\username\Desktop\PC Speed Up.lnk
2013-12-30 01:42 - 2013-12-30 01:42 - 00000000 ____D C:\Users\username\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
2013-12-30 01:42 - 2013-12-30 01:42 - 00000000 ____D C:\Users\username\AppData\Local\Wajam
2013-12-30 01:42 - 2013-12-30 01:42 - 00000000 ____D C:\Program Files\Wajam
2013-12-30 01:42 - 2013-12-30 01:42 - 00000000 _____ C:\end
2013-12-30 01:32 - 2013-12-30 01:32 - 00491784 _____ C:\Users\username\Downloads\incredimail_install (5).exe
2013-12-30 01:15 - 2013-12-30 01:18 - 00002737 _____ C:\Users\username\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2013-12-30 01:15 - 2013-12-30 01:18 - 00002712 _____ C:\Users\username\Desktop\Search.lnk
2013-12-30 01:13 - 2013-12-30 01:15 - 00000000 ____D C:\Users\username\AppData\Local\Smartbar
2013-12-30 01:12 - 2013-12-30 22:40 - 00003271 _____ C:\Users\username\daemonprocess.txt
2013-12-30 01:12 - 2013-12-30 02:00 - 00000000 ____D C:\Users\username\AppData\Local\Mobogenie
2013-12-30 01:12 - 2013-12-30 01:28 - 00000000 ____D C:\Program Files\Mobogenie
2013-12-30 01:12 - 2013-12-30 01:12 - 00000981 _____ C:\Users\username\Desktop\Mobogenie.lnk
2013-12-30 01:12 - 2013-12-30 01:12 - 00000000 ____D C:\Users\username\Documents\Mobogenie
2013-12-30 01:12 - 2013-12-30 01:12 - 00000000 ____D C:\Users\username\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
2013-12-30 01:12 - 2013-12-30 01:12 - 00000000 ____D C:\Users\username\AppData\Local\cache
2013-12-30 01:11 - 2013-12-31 14:27 - 00000368 _____ C:\Windows\Tasks\MarkKit Update.job
2013-12-30 01:11 - 2013-12-30 01:12 - 00000000 ____D C:\Program Files\MarkKit
2013-12-30 01:11 - 2013-12-30 01:11 - 00000000 ____D C:\Users\username\AppData\Roaming\VOLKSWAGEN RNS 510 user guide
2013-12-30 01:10 - 2013-12-30 01:10 - 01098256 _____ (LiveSoftAction) C:\Users\username\Downloads\VOLKSWAGEN RNS 510 user guide provided through bedienungsanleitung-pdf.com.exe
2013-12-27 10:20 - 2013-12-27 10:20 - 00000000 ____D C:\Users\zweiterName\AppData\Roaming\AVG2014
2013-12-27 10:20 - 2013-12-27 10:20 - 00000000 ____D C:\Users\zweiterName\AppData\Local\Avg2014
2013-12-22 16:53 - 2013-12-22 16:53 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-12-22 16:52 - 2013-12-22 16:53 - 00000000 ____D C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-12-22 16:52 - 2013-12-22 16:52 - 00000000 ____D C:\Program Files\iTunes
2013-12-22 16:52 - 2013-12-22 16:52 - 00000000 ____D C:\Program Files\iPod
2013-12-15 23:41 - 2013-12-15 23:41 - 00002170 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-12-12 01:45 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-12 01:45 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-12 01:45 - 2013-11-26 10:22 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-12 01:45 - 2013-11-26 09:53 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-12 01:45 - 2013-11-26 09:52 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-12 01:45 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-12 01:45 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-12 01:45 - 2013-11-26 09:36 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-12 01:45 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-12 01:45 - 2013-11-26 09:29 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-12 01:45 - 2013-11-26 09:29 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-12 01:45 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-12 01:45 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-12 01:45 - 2013-11-26 09:13 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-12 01:45 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-12 01:45 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-12 01:45 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-12 01:45 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-12 01:45 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-12 01:40 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-12 01:40 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-11 22:56 - 2013-12-11 22:56 - 00491784 _____ C:\Users\username\Downloads\incredimail_install (4).exe
2013-12-11 22:54 - 2013-12-11 22:55 - 00491784 _____ C:\Users\username\Downloads\incredimail_install (3).exe
2013-12-11 21:04 - 2013-12-11 21:04 - 00491784 _____ C:\Users\username\Downloads\incredimail_install (2).exe
2013-12-11 21:04 - 2013-12-11 21:04 - 00491784 _____ C:\Users\username\Downloads\incredimail_install (1).exe
2013-12-11 21:03 - 2013-12-11 21:03 - 00491784 _____ C:\Users\username\Downloads\incredimail_install.exe
2013-12-11 20:33 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-11 20:32 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-11 20:32 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-11 20:32 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-11 20:32 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-11 20:32 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-11 20:31 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-11 20:31 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-11 20:30 - 2013-10-30 02:27 - 02349056 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-11 20:30 - 2013-10-04 02:49 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-11 20:30 - 2013-10-04 02:17 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-10 19:54 - 2013-12-10 22:21 - 00000000 ____D C:\Program Files\7-Zip
2013-12-05 23:22 - 2013-12-05 23:22 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-05 23:22 - 2013-12-05 23:22 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-12-05 23:22 - 2013-12-05 23:22 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-05 23:22 - 2013-12-05 23:22 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00238288 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-12-05 23:22 - 2013-12-05 23:22 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-12-05 23:22 - 2013-12-05 23:22 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-12-05 23:22 - 2013-12-05 23:22 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-05 23:22 - 2013-12-05 23:22 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-12-05 23:22 - 2013-12-05 23:22 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-12-05 23:22 - 2013-12-05 23:22 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-05 23:21 - 2013-12-05 23:26 - 00009900 _____ C:\Windows\IE11_main.log
==================== One Month Modified Files and Folders =======
2013-12-31 14:37 - 2013-12-31 14:35 - 00022499 _____ C:\Users\username\Desktop\FRST.txt
2013-12-31 14:35 - 2013-12-31 14:35 - 00000000 ____D C:\FRST
2013-12-31 14:34 - 2013-02-20 00:04 - 00074451 _____ C:\Windows\setupact.log
2013-12-31 14:34 - 2009-07-14 05:34 - 00021888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-31 14:34 - 2009-07-14 05:34 - 00021888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-31 14:33 - 2013-12-31 14:32 - 01064333 _____ (Farbar) C:\Users\username\Desktop\FRST.exe
2013-12-31 14:33 - 2011-06-22 20:51 - 00000000 ____D C:\ProgramData\MFAData
2013-12-31 14:32 - 2011-06-23 20:39 - 01960183 _____ C:\Windows\WindowsUpdate.log
2013-12-31 14:27 - 2013-12-30 01:11 - 00000368 _____ C:\Windows\Tasks\MarkKit Update.job
2013-12-31 14:27 - 2011-09-14 17:32 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-31 14:26 - 2013-12-30 01:42 - 00000000 ____D C:\Program Files\PC Speed Up
2013-12-31 14:26 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-30 22:40 - 2013-12-30 01:12 - 00003271 _____ C:\Users\username\daemonprocess.txt
2013-12-30 22:38 - 2011-09-14 17:32 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-30 22:26 - 2012-10-31 20:12 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-30 22:19 - 2013-04-22 22:01 - 00000358 _____ C:\Windows\Tasks\HP Photo Creations Communicator.job
2013-12-30 22:19 - 2012-05-17 23:23 - 00001160 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1427649414-2167026269-3160858664-1000UA.job
2013-12-30 22:19 - 2012-05-17 23:23 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1427649414-2167026269-3160858664-1000Core.job
2013-12-30 20:40 - 2013-12-30 17:10 - 00000488 _____ C:\Users\zweiterName\daemonprocess.txt
2013-12-30 20:37 - 2013-09-30 19:56 - 00000951 _____ C:\Users\Public\Desktop\AVG 2014.lnk
2013-12-30 19:47 - 2013-12-30 19:44 - 137189352 _____ (AVG Technologies) C:\Users\username\Downloads\avg_free_x86_all_2014_4259a6848.exe
2013-12-30 19:22 - 2011-06-22 19:31 - 00000000 ____D C:\Program Files\Adobe
2013-12-30 19:16 - 2011-06-22 19:34 - 00000000 ____D C:\Users\username\AppData\Roaming\Adobe
2013-12-30 19:16 - 2011-06-22 19:31 - 00000000 ____D C:\Program Files\Common Files\Adobe
2013-12-30 19:15 - 2011-06-22 19:30 - 00000000 ____D C:\ProgramData\Adobe
2013-12-30 19:05 - 2013-12-30 19:05 - 00001226 _____ C:\Users\username\Desktop\Revo Uninstaller.lnk
2013-12-30 19:05 - 2013-12-30 19:05 - 00000000 ____D C:\Program Files\VS Revo Group
2013-12-30 19:02 - 2013-12-30 19:02 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\username\Downloads\revosetup95.exe
2013-12-30 17:10 - 2013-04-15 22:03 - 00000000 ____D C:\Users\zweiterName
2013-12-30 16:32 - 2013-12-30 01:42 - 00000336 _____ C:\Windows\Tasks\PC SpeedUp Service Deactivator.job
2013-12-30 02:48 - 2010-11-20 22:01 - 01498742 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-30 02:16 - 2013-12-30 02:16 - 00000000 ____D C:\Users\username\Documents\PCSpeedUp
2013-12-30 02:00 - 2013-12-30 01:12 - 00000000 ____D C:\Users\username\AppData\Local\Mobogenie
2013-12-30 01:55 - 2013-12-30 01:54 - 01098256 _____ (LiveSoftAction) C:\Users\username\Downloads\VOLKSWAGEN RNS 510 user guide provided through bedienungsanleitung-pdf.com (1).exe
2013-12-30 01:42 - 2013-12-30 01:42 - 00001010 _____ C:\Users\username\Desktop\PC Speed Up.lnk
2013-12-30 01:42 - 2013-12-30 01:42 - 00000000 ____D C:\Users\username\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
2013-12-30 01:42 - 2013-12-30 01:42 - 00000000 ____D C:\Users\username\AppData\Local\Wajam
2013-12-30 01:42 - 2013-12-30 01:42 - 00000000 ____D C:\Program Files\Wajam
2013-12-30 01:42 - 2013-12-30 01:42 - 00000000 _____ C:\end
2013-12-30 01:32 - 2013-12-30 01:32 - 00491784 _____ C:\Users\username\Downloads\incredimail_install (5).exe
2013-12-30 01:28 - 2013-12-30 01:12 - 00000000 ____D C:\Program Files\Mobogenie
2013-12-30 01:18 - 2013-12-30 01:15 - 00002737 _____ C:\Users\username\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2013-12-30 01:18 - 2013-12-30 01:15 - 00002712 _____ C:\Users\username\Desktop\Search.lnk
2013-12-30 01:15 - 2013-12-30 01:13 - 00000000 ____D C:\Users\username\AppData\Local\Smartbar
2013-12-30 01:14 - 2012-06-10 21:42 - 00000000 ____D C:\ProgramData\AVG Secure Search
2013-12-30 01:14 - 2012-06-10 21:42 - 00000000 ____D C:\Program Files\Common Files\AVG Secure Search
2013-12-30 01:12 - 2013-12-30 01:12 - 00000981 _____ C:\Users\username\Desktop\Mobogenie.lnk
2013-12-30 01:12 - 2013-12-30 01:12 - 00000000 ____D C:\Users\username\Documents\Mobogenie
2013-12-30 01:12 - 2013-12-30 01:12 - 00000000 ____D C:\Users\username\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
2013-12-30 01:12 - 2013-12-30 01:12 - 00000000 ____D C:\Users\username\AppData\Local\cache
2013-12-30 01:12 - 2013-12-30 01:11 - 00000000 ____D C:\Program Files\MarkKit
2013-12-30 01:12 - 2011-06-20 20:37 - 00000000 ____D C:\Users\username
2013-12-30 01:11 - 2013-12-30 01:11 - 00000000 ____D C:\Users\username\AppData\Roaming\VOLKSWAGEN RNS 510 user guide
2013-12-30 01:10 - 2013-12-30 01:10 - 01098256 _____ (LiveSoftAction) C:\Users\username\Downloads\VOLKSWAGEN RNS 510 user guide provided through bedienungsanleitung-pdf.com.exe
2013-12-27 10:20 - 2013-12-27 10:20 - 00000000 ____D C:\Users\zweiterName\AppData\Roaming\AVG2014
2013-12-27 10:20 - 2013-12-27 10:20 - 00000000 ____D C:\Users\zweiterName\AppData\Local\Avg2014
2013-12-27 10:20 - 2013-04-15 22:04 - 00099272 _____ C:\Users\zweiterName\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-27 01:19 - 2012-08-29 22:42 - 00000000 ____D C:\Users\username\AppData\Roaming\HpUpdate
2013-12-23 21:08 - 2011-12-12 22:53 - 00000000 _____ C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-12-23 21:08 - 2011-07-04 16:26 - 00000052 _____ C:\Windows\system32\DOErrors.log
2013-12-22 22:45 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\rescache
2013-12-22 16:53 - 2013-12-22 16:53 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-12-22 16:53 - 2013-12-22 16:52 - 00000000 ____D C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-12-22 16:52 - 2013-12-22 16:52 - 00000000 ____D C:\Program Files\iTunes
2013-12-22 16:52 - 2013-12-22 16:52 - 00000000 ____D C:\Program Files\iPod
2013-12-22 16:52 - 2013-02-27 21:20 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-12-22 15:07 - 2012-12-17 22:42 - 00000000 ____D C:\Users\username\Downloads\Hypozinsprognosen CS
2013-12-15 23:41 - 2013-12-15 23:41 - 00002170 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-12-15 23:41 - 2011-06-22 19:57 - 00000000 ____D C:\Program Files\Google
2013-12-15 23:29 - 2013-04-22 22:02 - 00000000 ___RD C:\Users\username\Documents\HP Photo Creations
2013-12-15 23:29 - 2013-04-22 22:01 - 00001953 _____ C:\Users\Public\Desktop\HP Photo Creations.lnk
2013-12-15 23:29 - 2013-04-22 22:01 - 00000000 ____D C:\ProgramData\HP Photo Creations
2013-12-12 20:20 - 2009-07-14 05:33 - 02293648 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-12 20:16 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\de-DE
2013-12-12 01:45 - 2011-06-20 21:02 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-12 01:43 - 2013-08-08 08:09 - 00000000 ____D C:\Windows\system32\MRT
2013-12-12 01:41 - 2011-10-29 01:11 - 88123800 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-12 01:39 - 2011-06-22 19:56 - 00000039 _____ C:\Windows\vbaddin.ini
2013-12-12 01:18 - 2012-08-28 21:54 - 00000000 ___SD C:\Users\username\Documents\Meine Shapes
2013-12-11 22:56 - 2013-12-11 22:56 - 00491784 _____ C:\Users\username\Downloads\incredimail_install (4).exe
2013-12-11 22:55 - 2013-12-11 22:54 - 00491784 _____ C:\Users\username\Downloads\incredimail_install (3).exe
2013-12-11 21:26 - 2012-10-31 20:12 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-12-11 21:26 - 2011-06-22 19:51 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-12-11 21:04 - 2013-12-11 21:04 - 00491784 _____ C:\Users\username\Downloads\incredimail_install (2).exe
2013-12-11 21:04 - 2013-12-11 21:04 - 00491784 _____ C:\Users\username\Downloads\incredimail_install (1).exe
2013-12-11 21:03 - 2013-12-11 21:03 - 00491784 _____ C:\Users\username\Downloads\incredimail_install.exe
2013-12-10 22:21 - 2013-12-10 19:54 - 00000000 ____D C:\Program Files\7-Zip
2013-12-05 23:26 - 2013-12-05 23:21 - 00009900 _____ C:\Windows\IE11_main.log
2013-12-05 23:22 - 2013-12-05 23:22 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-05 23:22 - 2013-12-05 23:22 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-12-05 23:22 - 2013-12-05 23:22 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-05 23:22 - 2013-12-05 23:22 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00238288 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-12-05 23:22 - 2013-12-05 23:22 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-12-05 23:22 - 2013-12-05 23:22 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-12-05 23:22 - 2013-12-05 23:22 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-05 23:22 - 2013-12-05 23:22 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-12-05 23:22 - 2013-12-05 23:22 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-12-05 23:22 - 2013-12-05 23:22 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-05 21:49 - 2011-06-20 21:02 - 00000000 ____D C:\Users\username\AppData\Local\Microsoft Help
2013-12-05 21:49 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\wfp
2013-12-05 21:49 - 2009-07-14 03:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-12-05 21:48 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\registration
2013-12-05 21:48 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-12-05 21:46 - 2011-06-20 21:02 - 00000000 __RHD C:\MSOCache
2013-12-05 21:42 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\LogFiles
Some content of TEMP:
====================
C:\Users\zweiterName\AppData\Local\Temp\tmp6450.exe
C:\Users\username\AppData\Local\Temp\APNStub.exe
C:\Users\username\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\username\AppData\Local\Temp\HPHelpUpdater.exe
C:\Users\username\AppData\Local\Temp\i4jdel0.exe
C:\Users\username\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\username\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\username\AppData\Local\Temp\oi_{5398F582-623A-49FC-9A2D-62062664354F}.exe
C:\Users\username\AppData\Local\Temp\Resource.exe
C:\Users\username\AppData\Local\Temp\sp58915.exe
C:\Users\username\AppData\Local\Temp\sp62291.exe
C:\Users\username\AppData\Local\Temp\tmp24BE.exe
C:\Users\username\AppData\Local\Temp\tmp6805.exe
C:\Users\username\AppData\Local\Temp\tmpCB01.exe
C:\Users\username\AppData\Local\Temp\tmpD3E1.exe
C:\Users\username\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\username\AppData\Local\Temp\WinTools5522114432543705076.dll
C:\Users\username\AppData\Local\Temp\{45C3337B-C96B-4519-A30B-8652794F5EE7}-GoogleUpdateSetup.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-12-30 16:30
==================== End Of Log ============================
--- --- --- --- --- --- Log Addition Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 31-12-2013
Ran by username at 2013-12-31 14:39:07
Running from C:\Users\username\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
==================== Installed Programs ======================
Adobe Flash Player 11 ActiveX (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Reader X (10.1.8) - Deutsch (Version: 10.1.8 - Adobe Systems Incorporated)
Anti-phishing Domain Advisor (Version: 1.0.0.1 - Visicom Media Inc. (Powered by Panda Security))
Apple Application Support (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (Version: 2.1.3.127 - Apple Inc.)
ArcSoft Camera Suite 2.1 (Version: - )
Ask Toolbar (Version: 1.15.23.0 - Ask.com) <==== ATTENTION
Ask Toolbar Updater (Version: 1.2.5.36191 - Ask.com) <==== ATTENTION
ATI Catalyst Install Manager (Version: 3.0.732.0 - ATI Technologies, Inc.)
Audacity 2.0.2 (Version: 2.0.2 - Audacity Team)
AVerMedia A309 (MiniCard, DVB-T) 1.0.0.40 (Version: 1.0.0.40 - AVerMedia TECHNOLOGIES, Inc.)
AVerMedia TV Tuner Card 1.0.0.4 (Version: 1.0.0.4 - AVerMedia TECHNOLOGIES, Inc.)
AVG 2014 (Version: 14.0.3658 - AVG Technologies)
AVG 2014 (Version: 14.0.4259 - AVG Technologies)
AVG 2014 (Version: 2014.0.4259 - AVG Technologies)
Banana Buchhaltung 6.0 (Version: 6.0.8.0 - Banana.ch SA - Lugano (Switzerland))
Bonjour (Version: 3.0.0.10 - Apple Inc.)
Broadcom 802.11 Wireless LAN Adapter (Version: 5.60.18.12 - Broadcom Corporation)
Camera Window DS (Version: 5.0 - Canon)
Camera Window DVC (Version: 5.0 - Canon)
Camera Window MC (Version: 5.0 - Canon)
Canon Camera Support Core Library (Version: 7.1.0.11 - Canon)
Canon Camera Window DS for ZoomBrowser EX (Version: 5.0 - Canon)
Canon Camera Window DVC for ZoomBrowser EX (Version: 5.0 - Canon)
Canon Camera Window for ZoomBrowser EX (Version: 5.0 - Canon)
Canon Internet Library for ZoomBrowser EX (Version: 1.3.3 - Canon Inc.)
Canon MovieEdit Task for ZoomBrowser EX (Version: 1.2.0.21 - Canon)
Canon PhotoRecord (Version: 02.01.00069 - Cisra)
Canon RAW Image Task for ZoomBrowser EX (Version: 1.2 - Canon)
Canon RemoteCapture Task for ZoomBrowser EX (Version: 1.1 - Canon)
Canon Utilities PhotoStitch 3.1 (Version: 3.1.14 - Canon)
Canon ZoomBrowser EX (Version: 5.00.0000 - Canon)
Catalyst Control Center - Branding (Version: 1.00.0000 - ATI)
Catalyst Control Center Core Implementation (Version: 2009.0702.1239.20840 - ATI)
Catalyst Control Center Graphics Full Existing (Version: 2009.0702.1239.20840 - ATI)
Catalyst Control Center Graphics Full New (Version: 2009.0702.1239.20840 - ATI)
Catalyst Control Center Graphics Light (Version: 2009.0702.1239.20840 - ATI)
Catalyst Control Center Graphics Previews Common (Version: 2009.0702.1239.20840 - ATI)
Catalyst Control Center Graphics Previews Vista (Version: 2009.0702.1239.20840 - ATI)
Catalyst Control Center InstallProxy (Version: 2009.0702.1239.20840 - ATI Technologies, Inc.)
Catalyst Control Center Localization All (Version: 2009.0702.1239.20840 - ATI)
CCC Help Chinese Standard (Version: 2009.0702.1238.20840 - ATI)
CCC Help Chinese Traditional (Version: 2009.0702.1238.20840 - ATI)
CCC Help Czech (Version: 2009.0702.1238.20840 - ATI)
CCC Help Danish (Version: 2009.0702.1238.20840 - ATI)
CCC Help Dutch (Version: 2009.0702.1238.20840 - ATI)
CCC Help English (Version: 2009.0702.1238.20840 - ATI)
CCC Help Finnish (Version: 2009.0702.1238.20840 - ATI)
CCC Help French (Version: 2009.0702.1238.20840 - ATI)
CCC Help German (Version: 2009.0702.1238.20840 - ATI)
CCC Help Greek (Version: 2009.0702.1238.20840 - ATI)
CCC Help Hungarian (Version: 2009.0702.1238.20840 - ATI)
CCC Help Italian (Version: 2009.0702.1238.20840 - ATI)
CCC Help Japanese (Version: 2009.0702.1238.20840 - ATI)
CCC Help Korean (Version: 2009.0702.1238.20840 - ATI)
CCC Help Norwegian (Version: 2009.0702.1238.20840 - ATI)
CCC Help Polish (Version: 2009.0702.1238.20840 - ATI)
CCC Help Portuguese (Version: 2009.0702.1238.20840 - ATI)
CCC Help Russian (Version: 2009.0702.1238.20840 - ATI)
CCC Help Spanish (Version: 2009.0702.1238.20840 - ATI)
CCC Help Swedish (Version: 2009.0702.1238.20840 - ATI)
CCC Help Thai (Version: 2009.0702.1238.20840 - ATI)
CCC Help Turkish (Version: 2009.0702.1238.20840 - ATI)
ccc-core-static (Version: 2009.0702.1239.20840 - Ihr Firmenname)
ccc-utility (Version: 2009.0702.1239.20840 - ATI)
CCleaner (Version: 3.07 - Piriform)
D3DX10 (Version: 15.4.2368.0902 - Microsoft)
DATA BECKER CD-DVD Druckerei 7 LE (Version: 7.50.0.30 - DATA BECKER GmbH & Co. KG)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (Version: - Microsoft)
DigitalPersona Personal 4.01 (Version: 4.01.3749 - DigitalPersona, Inc.)
Elevated Installer (Version: 2.1.13 - Garmin Ltd or its subsidiaries)
Exact Audio Copy 1.0beta3 (Version: 1.0beta3 - Andre Wiethoff)
Fotogalerie (Version: 16.4.3505.0912 - Microsoft Corporation)
Garmin Communicator Plugin (Version: 4.0.3 - Garmin Ltd or its subsidiaries)
Garmin Express (Version: 2.1.13 - Garmin Ltd or its subsidiaries)
Garmin Express Tray (Version: 2.1.13 - Garmin Ltd or its subsidiaries)
Garmin Update Service (Version: 2.1.13 - Garmin Ltd or its subsidiaries)
Google Chrome (Version: 31.0.1650.63 - Google Inc.)
Google Earth (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.22.3 - Google Inc.)
Hewlett-Packard ACLM.NET v1.2.1.1 (Version: 1.00.0000 - Hewlett-Packard Company)
HP Advisor (Version: 3.3.12286.3436 - Hewlett-Packard)
HP MediaSmart DVD (Version: 4.1.4328 - Hewlett-Packard)
HP MediaSmart Music (Version: 4.1.4321 - Hewlett-Packard)
HP MediaSmart Webcam (Version: 4.1.3130 - Hewlett-Packard)
HP Officejet Pro 8600 - Grundlegende Software für das Gerät (Version: 25.0.619.0 - Hewlett-Packard Co.)
HP Officejet Pro 8600 Hilfe (Version: 140.0.2.2 - Hewlett Packard)
HP Photo Creations (Version: 1.0.0.12412 - HP)
HP Product Detection (Version: 10.7.9.0 - Hewlett-Packard Company)
HP Support Assistant (Version: 7.0.39.15 - Hewlett-Packard Company)
HP Update (Version: 5.003.000.004 - Hewlett-Packard)
HP Wireless Assistant (Version: 3.50.10.1 - Hewlett-Packard)
I.R.I.S. OCR (Version: 12.3.4.0 - HP)
IDT Audio (Version: 1.0.6225.0 - IDT)
Internet Library (Version: 1.3.3 - Canon Inc.)
iTunes (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 45 (Version: 7.0.450 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.)
JavaFX 2.1.1 (Version: 2.1.1 - Oracle Corporation)
JMicron Flash Media Controller Driver (Version: 1.0.32.1 - JMicron Technology Corp.)
Malwarebytes' Anti-Malware Version 1.51.0.1200 (Version: 1.51.0.1200 - Malwarebytes Corporation)
MarkKit (Version: - MarkKit Software)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation)
Microsoft Office 2010 Service Pack 1 (SP1) (Version: - Microsoft)
Microsoft Office Access MUI (German) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office Outlook 2010 (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office Outlook Connector (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office Proof (German) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office Proof (Italian) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office Proofing (German) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office Visio Professional 2003 (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Word MUI (German) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Outlook 2010 (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Mobogenie (Version: - Mobogenie.com)
Movie Maker (Version: 16.4.3505.0912 - Microsoft Corporation)
MovieEdit Task (Version: 1.2.0.21 - Canon)
Mozilla Firefox 20.0.1 (x86 de) (Version: 20.0.1 - Mozilla)
Mozilla Maintenance Service (Version: 20.0.1 - Mozilla)
MSVCRT (Version: 15.4.2862.0708 - Microsoft)
MSVCRT110 (Version: 16.4.1108.0727 - Microsoft)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0 - Microsoft Corporation)
PC Speed Up (Version: 3.2.15.0 - Speedchecker Limited)
Photo Gallery (Version: 16.4.3505.0912 - Microsoft Corporation)
PhotoStitch (Version: 3.1.14 - Canon)
Picasa 3 (Version: 3.9 - Google, Inc.)
PIF DESIGNER2.1 (Version: - )
Q-Haushalt (Version: - )
RAW Image Task 1.2 (Version: 1.2 - Canon)
RemoteCapture Task 1.1 (Version: 1.1 - Canon)
Revo Uninstaller 1.95 (Version: 1.95 - VS Revo Group)
ScanToWeb (Version: - )
Snap.Do (Version: 10.239.1.14117 - ReSoft Ltd.)
Snap.Do Engine (Version: 10.239.1.14117 - ReSoft Ltd.)
------------ 2011 11.3.49 (Version: 11.3.49 - ******** Informatik AG) (Diese Zeilen sind OK)
------------ 2012 12.3.23 (Version: 12.3.23 - ******** Informatik AG) (Diese Zeilen sind OK)
SprayR 1.0 RC7b (Version: 1.0 RC7b - Jan 'neofrag' Willms)
Studie zur Verbesserung von HP Officejet Pro 8600 Produkten (Version: 25.0.619.0 - Hewlett-Packard Co.)
Synaptics Pointing Device Driver (Version: 15.3.29.0 - Synaptics Incorporated)
Tastaturschreiben (Version: - )
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (Version: 3 - Microsoft Corporation)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553065) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2566458) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (Version: - Microsoft)
Validity Sensors software (Version: 2.8.120 - Validity Sensors, Inc.)
VirtualCloneDrive (Version: - Elaborate Bytes)
VirtualDJ Home FREE (Version: 7.3 - Atomix Productions)
Visual Studio 2012 x86 Redistributables (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Wajam (Version: 2.05 - Wajam) <==== ATTENTION
Windows Live Communications Platform (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation)
Windows Live Installer (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Photo Common (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live PIMT Platform (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live SOXE (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live SOXE Definitions (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live UX Platform (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live UX Platform Language Pack (Version: 16.4.3505.0912 - Microsoft Corporation)
==================== Restore Points =========================
05-12-2013 22:20:45 Windows Update
12-12-2013 00:37:46 Windows Update
22-12-2013 21:44:53 Geplanter Prüfpunkt
30-12-2013 15:37:30 Geplanter Prüfpunkt
30-12-2013 18:42:09 Windows Update
30-12-2013 18:44:14 Revo Uninstaller's restore point - AVG 2014
30-12-2013 18:46:53 Removed AVG 2014
30-12-2013 18:57:36 Revo Uninstaller's restore point - AVG 2014
30-12-2013 19:00:31 Removed AVG 2014
30-12-2013 19:33:36 Installed AVG 2014
==================== Hosts content: ==========================
2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {207A90F5-0254-4520-9E72-ECE7C69B2083} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1427649414-2167026269-3160858664-1000Core => C:\Users\username\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-30] (Google Inc.)
Task: {212156CE-1BF7-4D61-828F-FF7661D92B5F} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {23FCA2D7-3965-419E-B730-16F926B1CE7E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFUpdater.exe [2013-02-19] (Hewlett-Packard)
Task: {304C4874-54B2-4EBB-A69A-8A12A0DE5CCC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {308768F2-9344-40BF-901B-24098E197F30} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files\Ask.com\UpdateTask.exe
Task: {377E19B0-6228-46B1-96F5-94DA111DB131} - System32\Tasks\MirageAgent => C:\Program Files\Hewlett-Packard\Media\Webcam\YCMMirage.exe [2010-07-30] (CyberLink)
Task: {4DDB0750-57C5-4D20-BD11-A29674BDC813} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {65044A47-600C-4E39-806C-3306833BAD41} - System32\Tasks\HP Photo Creations Communicator => C:\ProgramData\HP Photo Creations\Communicator.exe [2013-04-22] ()
Task: {69D3ECE1-0C8C-4CE2-9BE7-2C21BD3B9868} - System32\Tasks\PC SpeedUp Service Deactivator => C:\Program Files\PC Speed Up\PCSUSD.exe [2013-07-23] () <==== ATTENTION
Task: {9A0962F9-4228-4273-83F2-30E6A24D8E83} - System32\Tasks\MarkKit Update => C:\Program Files\MarkKit\MKupdater.exe [2013-12-30] ()
Task: {A6EF04EF-973A-4DBE-A805-20CB0275DFF0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {C73A6360-B87B-4B84-86BB-6538D68AB83F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1427649414-2167026269-3160858664-1000UA => C:\Users\username\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-30] (Google Inc.)
Task: {C7FCEEEE-D3C4-4F82-AD54-230A8529A5A8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11] (Adobe Systems Incorporated)
Task: {CCB76675-B2E8-411A-8F4A-49AB61F98CBF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-09-14] (Google Inc.)
Task: {D07BAE86-2A2F-4A7D-89BD-9AD44192A86F} - System32\Tasks\HPCustParticipation HP Officejet Pro 8600 => C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPCustPartic.exe [2011-09-09] (Hewlett-Packard Co.)
Task: {E0C77928-9EFD-4268-BF25-DD2F2307D5A7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-09-14] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1427649414-2167026269-3160858664-1000Core.job => C:\Users\username\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1427649414-2167026269-3160858664-1000UA.job => C:\Users\username\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HP Photo Creations Communicator.job => C:\ProgramData\HP Photo Creations\Communicator.exe
Task: C:\Windows\Tasks\MarkKit Update.job => C:\Program Files\MarkKit\MKupdater.exe
Task: C:\Windows\Tasks\PC SpeedUp Service Deactivator.job => C:\Program Files\PC Speed Up\PCSUSD.exe
==================== Loaded Modules (whitelisted) =============
2012-11-28 14:13 - 2012-11-28 14:13 - 00087952 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2012-11-28 14:13 - 2012-11-28 14:13 - 01242512 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-12-22 14:40 - 2013-12-22 14:40 - 00034848 _____ () C:\Users\username\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll
2013-12-22 14:41 - 2013-12-22 14:41 - 00064032 _____ () C:\Users\username\AppData\Local\Smartbar\Application\srau.dll
2013-12-22 14:40 - 2013-12-22 14:40 - 00150560 _____ () C:\Users\username\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll
2013-12-22 14:40 - 2013-12-22 14:40 - 00112672 _____ () C:\Users\username\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll
2013-12-22 14:40 - 2013-12-22 14:40 - 02057760 _____ () C:\Users\username\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll
2013-12-22 14:41 - 2013-12-22 14:41 - 00055840 _____ () C:\Users\username\AppData\Local\Smartbar\Application\spbl.dll
2013-12-22 14:40 - 2013-12-22 14:40 - 00013344 _____ () C:\Users\username\AppData\Local\Smartbar\Application\siem.dll
2013-12-22 14:41 - 2013-12-22 14:41 - 00048672 _____ () C:\Users\username\AppData\Local\Smartbar\Application\sppsm.dll
2013-12-22 14:40 - 2013-12-22 14:40 - 00728096 _____ () C:\Users\username\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll
2013-12-22 14:40 - 2013-12-22 14:40 - 00081952 _____ () C:\Users\username\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll
2013-12-22 14:40 - 2013-12-22 14:40 - 00014368 _____ () C:\Users\username\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll
2013-12-22 14:40 - 2013-12-22 14:40 - 00017440 _____ () C:\Users\username\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll
2013-12-22 14:41 - 2013-12-22 14:41 - 00031264 _____ () C:\Users\username\AppData\Local\Smartbar\Application\srut.dll
2013-12-22 14:41 - 2013-12-22 14:41 - 00020512 _____ () C:\Users\username\AppData\Local\Smartbar\Application\srsbs.dll
2013-12-22 14:40 - 2013-12-22 14:40 - 00057376 _____ () C:\Users\username\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll
2013-12-22 14:41 - 2013-12-22 14:41 - 00014368 _____ () C:\Users\username\AppData\Local\Smartbar\Application\srpdm.dll
2013-12-30 01:13 - 2013-12-30 01:13 - 00911904 _____ () C:\Windows\assembly\GAC_32\System.Data.SQLite\1.0.66.0__db937bc2d44ff139\System.Data.SQLite.dll
2013-12-22 14:40 - 2013-12-22 14:40 - 00014368 _____ () C:\Users\username\AppData\Local\Smartbar\Application\sgml.dll
2013-12-22 14:40 - 2013-12-22 14:40 - 00053280 _____ () C:\Users\username\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll
2013-12-22 14:39 - 2013-12-22 14:39 - 00048160 _____ () C:\Users\username\AppData\Local\Smartbar\Application\MACTrackBarLib.dll
2013-12-22 14:39 - 2013-12-22 14:39 - 00026144 _____ () C:\Users\username\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll
2013-12-22 14:40 - 2013-12-22 14:40 - 00025632 _____ () C:\Users\username\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll
2013-12-22 14:40 - 2013-12-22 14:40 - 00193056 _____ () C:\Users\username\AppData\Local\Smartbar\Application\sgmu.dll
2013-12-22 14:39 - 2013-12-22 14:39 - 00068640 _____ () C:\Users\username\AppData\Local\Smartbar\Application\AxInterop.WMPLib.dll
2013-12-22 14:41 - 2013-12-22 14:41 - 00248352 _____ () C:\Users\username\AppData\Local\Smartbar\Application\srns.dll
2013-12-30 01:42 - 2013-07-23 08:14 - 00585608 _____ () C:\Program Files\PC Speed Up\sqlite3.dll
2013-12-30 01:42 - 2013-07-23 08:14 - 00325424 _____ () C:\Program Files\PC Speed Up\PopupNotification.dll
2009-07-07 10:56 - 2009-07-07 10:56 - 00016384 ____R () C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-06-23 20:18 - 2011-06-23 20:18 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2013-12-08 14:39 - 2013-12-04 03:47 - 00702416 _____ () C:\Users\username\AppData\Local\Google\Chrome\Application\31.0.1650.63\libglesv2.dll
2013-12-08 14:39 - 2013-12-04 03:47 - 00099792 _____ () C:\Users\username\AppData\Local\Google\Chrome\Application\31.0.1650.63\libegl.dll
2013-12-08 14:39 - 2013-12-04 03:48 - 04055504 _____ () C:\Users\username\AppData\Local\Google\Chrome\Application\31.0.1650.63\pdf.dll
2013-12-08 14:39 - 2013-12-04 03:48 - 00399312 _____ () C:\Users\username\AppData\Local\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
2013-12-08 14:39 - 2013-12-04 03:47 - 01619408 _____ () C:\Users\username\AppData\Local\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
Name: adfs
Description: adfs
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: adfs
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (12/31/2013 02:27:33 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/30/2013 10:03:49 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1170
Error: (12/30/2013 10:03:49 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1170
Error: (12/30/2013 10:03:49 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (12/30/2013 09:48:54 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1114830
Error: (12/30/2013 09:48:54 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1114830
Error: (12/30/2013 09:48:54 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (12/30/2013 09:48:53 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1113831
Error: (12/30/2013 09:48:53 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1113831
Error: (12/30/2013 09:48:53 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
System errors:
=============
Error: (12/31/2013 02:27:01 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "vToolbarUpdater17.2.0" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (12/31/2013 02:26:55 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "adfs" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (12/30/2013 08:47:44 PM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0x80004005
Error: (12/30/2013 08:47:08 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "vToolbarUpdater17.2.0" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (12/30/2013 08:47:02 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "adfs" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (12/30/2013 08:44:39 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst AVGIDSAgent konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden.
Error: (12/30/2013 08:41:39 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst avgwd erreicht.
Error: (12/30/2013 08:40:58 PM) (Source: DCOM) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
Error: (12/30/2013 08:03:42 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AVG WatchDog" wurde mit folgendem dienstspezifischem Fehler beendet: %%-536805290.
Error: (12/30/2013 08:03:32 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AVG WatchDog" wurde mit folgendem dienstspezifischem Fehler beendet: %%-536805290.
Microsoft Office Sessions:
=========================
Error: (12/31/2013 02:27:33 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/30/2013 10:03:49 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1170
Error: (12/30/2013 10:03:49 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1170
Error: (12/30/2013 10:03:49 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (12/30/2013 09:48:54 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1114830
Error: (12/30/2013 09:48:54 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1114830
Error: (12/30/2013 09:48:54 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (12/30/2013 09:48:53 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1113831
Error: (12/30/2013 09:48:53 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1113831
Error: (12/30/2013 09:48:53 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
==================== Memory info ===========================
Percentage of memory in use: 44%
Total physical RAM: 3069.2 MB
Available physical RAM: 1704.14 MB
Total Pagefile: 6136.68 MB
Available Pagefile: 4359.44 MB
Total Virtual: 2047.88 MB
Available Virtual: 1894.4 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:221.32 GB) (Free:170.47 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (Daten) (Fixed) (Total:232.88 GB) (Free:216.28 GB) NTFS
Drive g: (desinfDATA) (Removable) (Total:5.33 GB) (Free:5.31 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 233 GB) (Disk ID: 3751AB45)
Partition 1: (Not Active) - (Size=233 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 6D694358)
Partition 1: (Active) - (Size=221 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 15 GB) (Disk ID: 00000000)
Partition: GPT Partition Type
==================== End Of Log ============================
|
|
01.01.2014, 13:14
| #4 |
| /// the machine /// TB-Ausbilder | Win-7: Adware / Virus entfernen - Virenscanner inaktiv - Weiterleitung auf Adware Webseite Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
01.01.2014, 21:16
| #5 |
| | Win-7: Adware / Virus entfernen - Virenscanner inaktiv - Weiterleitung auf Adware Webseite Hallo Ich habe alle Programme mal durchlaufen lassen. Snap.Do und MarkKit sind immer noch drauf. Soll ich die mal normal deinstallieren (Revo Uninstaller) und dann das ganze wiederholen? Da die Logdateien zu gross sind schicke ich sie dir als Anhang mit. |
|
02.01.2014, 10:00
| #6 |
| | Win-7: Adware / Virus entfernen - Virenscanner inaktiv - Weiterleitung auf Adware Webseite Hallo schrauber Ich habe heute morgen diese Anleitung von eurem Board gefunden. http://www.trojaner-board.de/147055-...entfernen.html Soll ich mal nach dieser Anleitung weiterfahren? |
|
03.01.2014, 09:50
| #7 |
| /// the machine /// TB-Ausbilder | Win-7: Adware / Virus entfernen - Virenscanner inaktiv - Weiterleitung auf Adware Webseite Die Tools haben wir doch grad benutzt  Mach das mit Revo, dann alle 3 nochmal. denk auch an das frische FRST log. Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
03.01.2014, 12:32
| #8 |
| | Win-7: Adware / Virus entfernen - Virenscanner inaktiv - Weiterleitung auf Adware Webseite Hallo schrauber Ich dachte da noch an den Shortcut Cleaner und an den ESET Online Scanner. Welchen Virenscanner würdest du empfehlen, dass sowas nicht nochmals passiert? Hier noch die logs. Malwarebytes: Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2014.01.03.02 Windows 7 Service Pack 1 x86 NTFS Internet Explorer 11.0.9600.16476 username :: computername [Administrator] 03.01.2014 11:30:52 mbam-log-2014-01-03 (11-30-52).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 249670 Laufzeit: 16 Minute(n), 12 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter # AdwCleaner v3.016 - Bericht erstellt am 03/01/2014 um 11:59:59
# Aktualisiert 23/12/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (32 bits)
# Benutzername : username - computername
# Gestartet von : C:\Users\username\Desktop\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.16428
-\\ Mozilla Firefox v20.0.1 (de)
[ Datei : C:\Users\username\AppData\Roaming\Mozilla\Firefox\Profiles\cn3zmdsu.default\prefs.js ]
Zeile gelöscht : user_pref("extensions.helperbar.DockingPositionDown", false);
Zeile gelöscht : user_pref("extensions.helperbar.SmartbarDisabled", false);
Zeile gelöscht : user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
Zeile gelöscht : user_pref("extensions.helperbar.Visibility", false);
Zeile gelöscht : user_pref("extensions.helperbar.lastExternalJsUpdate", "1388699907112");
-\\ Google Chrome v
[ Datei : C:\Users\username\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Gelöscht : icon_url
Gelöscht : search_url
Gelöscht : keyword
*************************
AdwCleaner[R1].txt - [1336 octets] - [03/01/2014 11:57:06]
AdwCleaner[S1].txt - [1348 octets] - [03/01/2014 11:59:59]
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1408 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.9 (01.01.2014:1)
OS: Windows 7 Home Premium x86
Ran by username on 03.01.2014 at 12:02:55.48
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 03.01.2014 at 12:05:58.47
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 02-01-2014 01
Ran by username (administrator) on computername on 03-01-2014 12:07:00
Running from C:\Users\username\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\stacsv.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Validity Sensors, Inc.) C:\Windows\System32\vfsFPService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpHostW.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\AEstSrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Garmin Ltd or its subsidiaries) C:\Users\username\Desktop\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgnsx.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgui.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
() C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
(CyberLink) C:\Program Files\Hewlett-Packard\Media\Webcam\YCMMirage.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-07-02] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [WirelessAssistant] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [499768 2009-09-01] (Hewlett-Packard)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2299176 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [HP Software Update] - C:\Program Files\HP\HP Software Update\hpwuschd2.exe [49208 2011-03-24] (Hewlett-Packard)
HKLM\...\Run: [] - [x]
HKLM\...\Run: [AVG_UI] - C:\Program Files\AVG\AVG2014\avgui.exe [4956176 2013-11-07] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray.exe [495708 2010-03-23] (IDT, Inc.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2013-12-12] (Hewlett-Packard)
HKCU\...\Run: [AdobeBridge] - [x]
HKCU\...\Run: [HP Officejet Pro 8600 (NET)] - C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [1804648 2011-09-09] (Hewlett-Packard Co.)
HKCU\...\Run: [Google Update] - C:\Users\username\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-03-30] (Google Inc.)
HKU\zweiterName\...\Run: [HPADVISOR] - [x]
HKU\Default\...\Run: [HPADVISOR] - [x]
HKU\Default User\...\Run: [HPADVISOR] - [x]
Lsa: [Notification Packages] scecli DPPWDFLT
Startup: C:\Users\username\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\username\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet Pro 8600 (Netzwerk).lnk
ShortcutTarget: Tintenwarnungen überwachen - HP Officejet Pro 8600 (Netzwerk).lnk -> C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://ch.msn.com/default.aspx?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xBAFA669A882FCC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-ch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
SearchScopes: HKLM - DefaultScope value is missing.
BHO: DigitalPersona Personal Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files\DigitalPersona\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKCU - No Name - {0FEF2D2C-CDA6-45E4-B2ED-9DF7C50C95FF} - No File
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll No File
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\microsoft shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\username\AppData\Roaming\Mozilla\Firefox\Profiles\cn3zmdsu.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @garmin.com/GpsControl - C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 - C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\username\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\username\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF HKLM\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files\DigitalPersona\Bin\FirefoxExt\
FF Extension: DigitalPersona Extension - C:\Program Files\DigitalPersona\Bin\FirefoxExt\
FF HKCU\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files\DigitalPersona\Bin\firefoxext
FF Extension: DigitalPersona Extension - C:\Program Files\DigitalPersona\Bin\firefoxext
Chrome:
=======
CHR HomePage: https://www.google.ch/
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR DefaultSearchProvider: Web
CHR DefaultSearchURL: hxxp://www.google.com
CHR DefaultNewTabURL:
CHR Plugin: (Shockwave Flash) - C:\Users\username\AppData\Local\Google\Chrome\User Data\PepperFlash\11.7.700.225\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\username\AppData\Local\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\username\AppData\Local\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\15.2.0\\npsitesafety.dll No File
CHR Plugin: (Garmin Communicator Plug-In) - C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U21) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Plugin: (Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (RocketLife Secure Plug-In Layer) - C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Extension: (YouTube) - C:\Users\username\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\username\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Google Wallet) - C:\Users\username\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0
CHR Extension: (Gmail) - C:\Users\username\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR StartMenuInternet: Google Chrome - C:\Users\username\AppData\Local\Google\Chrome\Application\chrome.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
========================== Services (Whitelisted) =================
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3478544 2013-11-11] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-24] (AVG Technologies CZ, s.r.o.)
R2 Garmin Core Update Service; C:\Users\username\Desktop\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [185688 2013-03-27] (Garmin Ltd or its subsidiaries)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\STacSV.exe [229458 2010-03-23] (IDT, Inc.)
S2 vToolbarUpdater17.2.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\ToolbarUpdater.exe [x]
==================== Drivers (Whitelisted) ====================
R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [120600 2013-11-05] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [209176 2013-11-04] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [147768 2013-10-24] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [22840 2013-09-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [176952 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [222520 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [102712 2013-10-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27448 2013-09-10] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [193848 2013-08-01] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [37664 2013-11-10] (AVG Technologies)
R3 clwvd; C:\Windows\System32\DRIVERS\clwvd.sys [29168 2010-07-30] (Windows (R) Win 7 DDK provider)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [31088 2010-12-16] (Elaborate Bytes AG)
S3 grmnusb; C:\Windows\System32\drivers\grmnusb.sys [15720 2012-04-18] (GARMIN Corp.)
S2 adfs; No ImagePath
S3 pfc; system32\drivers\pfc.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-03 12:07 - 2014-01-03 12:08 - 00016393 _____ C:\Users\username\Desktop\FRST.txt
2014-01-03 12:05 - 2014-01-03 12:05 - 00000635 _____ C:\Users\username\Desktop\JRT.txt
2014-01-03 12:02 - 2014-01-03 12:02 - 00001488 _____ C:\Users\username\Desktop\AdwCleaner[S1].txt
2014-01-03 11:16 - 2014-01-03 11:17 - 00000000 ____D C:\Users\username\Desktop\2nd scan
2014-01-01 21:14 - 2014-01-01 21:14 - 00027465 _____ C:\Users\username\Desktop\logs.7z
2014-01-01 21:13 - 2014-01-01 21:13 - 01110476 _____ C:\Users\username\Downloads\7z920.exe
2014-01-01 19:49 - 2014-01-03 12:06 - 00000000 ____D C:\Users\username\Desktop\FRST-OlderVersion
2014-01-01 19:17 - 2014-01-01 19:17 - 00000000 ____D C:\Windows\ERUNT
2014-01-01 19:15 - 2014-01-01 19:15 - 00000000 ____D C:\Users\username\Desktop\1st scan
2014-01-01 18:50 - 2014-01-03 12:00 - 00000000 ____D C:\AdwCleaner
2014-01-01 16:45 - 2014-01-01 16:45 - 00001071 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-01 16:43 - 2014-01-01 16:43 - 01036305 _____ (Thisisu) C:\Users\username\Desktop\JRT.exe
2014-01-01 16:42 - 2014-01-01 16:43 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\username\Desktop\mbam-setup-1.75.0.1300.exe
2014-01-01 16:42 - 2014-01-01 16:42 - 01233962 _____ C:\Users\username\Desktop\adwcleaner.exe
2013-12-31 14:35 - 2014-01-03 12:06 - 00000000 ____D C:\FRST
2013-12-31 14:32 - 2014-01-03 12:06 - 01064581 _____ (Farbar) C:\Users\username\Desktop\FRST.exe
2013-12-30 19:44 - 2013-12-30 19:47 - 137189352 _____ (AVG Technologies) C:\Users\username\Downloads\avg_free_x86_all_2014_4259a6848.exe
2013-12-30 19:05 - 2013-12-30 19:05 - 00001226 _____ C:\Users\username\Desktop\Revo Uninstaller.lnk
2013-12-30 19:05 - 2013-12-30 19:05 - 00000000 ____D C:\Program Files\VS Revo Group
2013-12-30 19:02 - 2013-12-30 19:02 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\username\Downloads\revosetup95.exe
2013-12-30 17:10 - 2013-12-30 20:40 - 00000488 _____ C:\Users\zweiterName\daemonprocess.txt
2013-12-30 01:32 - 2013-12-30 01:32 - 00491784 _____ C:\Users\username\Downloads\incredimail_install (5).exe
2013-12-30 01:15 - 2014-01-01 19:12 - 00001463 _____ C:\Users\username\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2013-12-30 01:15 - 2014-01-01 19:12 - 00001438 _____ C:\Users\username\Desktop\Search.lnk
2013-12-30 01:12 - 2014-01-01 18:43 - 00004103 _____ C:\Users\username\daemonprocess.txt
2013-12-30 01:12 - 2013-12-30 01:12 - 00000000 ____D C:\Users\username\AppData\Local\cache
2013-12-30 01:11 - 2013-12-30 01:11 - 00000000 ____D C:\Users\username\AppData\Roaming\VOLKSWAGEN RNS 510 user guide
2013-12-27 10:20 - 2013-12-27 10:20 - 00000000 ____D C:\Users\zweiterName\AppData\Roaming\AVG2014
2013-12-27 10:20 - 2013-12-27 10:20 - 00000000 ____D C:\Users\zweiterName\AppData\Local\Avg2014
2013-12-22 16:53 - 2013-12-22 16:53 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-12-22 16:52 - 2013-12-22 16:53 - 00000000 ____D C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-12-22 16:52 - 2013-12-22 16:52 - 00000000 ____D C:\Program Files\iTunes
2013-12-22 16:52 - 2013-12-22 16:52 - 00000000 ____D C:\Program Files\iPod
2013-12-15 23:41 - 2013-12-15 23:41 - 00002170 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-12-12 01:45 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-12 01:45 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-12 01:45 - 2013-11-26 10:22 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-12 01:45 - 2013-11-26 09:53 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-12 01:45 - 2013-11-26 09:52 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-12 01:45 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-12 01:45 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-12 01:45 - 2013-11-26 09:36 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-12 01:45 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-12 01:45 - 2013-11-26 09:29 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-12 01:45 - 2013-11-26 09:29 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-12 01:45 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-12 01:45 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-12 01:45 - 2013-11-26 09:13 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-12 01:45 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-12 01:45 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-12 01:45 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-12 01:45 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-12 01:45 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-12 01:40 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-12 01:40 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-11 22:56 - 2013-12-11 22:56 - 00491784 _____ C:\Users\username\Downloads\incredimail_install (4).exe
2013-12-11 22:54 - 2013-12-11 22:55 - 00491784 _____ C:\Users\username\Downloads\incredimail_install (3).exe
2013-12-11 21:04 - 2013-12-11 21:04 - 00491784 _____ C:\Users\username\Downloads\incredimail_install (2).exe
2013-12-11 21:04 - 2013-12-11 21:04 - 00491784 _____ C:\Users\username\Downloads\incredimail_install (1).exe
2013-12-11 21:03 - 2013-12-11 21:03 - 00491784 _____ C:\Users\username\Downloads\incredimail_install.exe
2013-12-11 20:33 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-11 20:32 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-11 20:32 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-11 20:32 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-11 20:32 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-11 20:32 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-11 20:31 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-11 20:31 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-11 20:30 - 2013-10-30 02:27 - 02349056 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-11 20:30 - 2013-10-04 02:49 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-11 20:30 - 2013-10-04 02:17 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-10 19:54 - 2014-01-01 21:13 - 00000000 ____D C:\Program Files\7-Zip
2013-12-05 23:22 - 2013-12-05 23:22 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-05 23:22 - 2013-12-05 23:22 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-12-05 23:22 - 2013-12-05 23:22 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-05 23:22 - 2013-12-05 23:22 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00238288 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-12-05 23:22 - 2013-12-05 23:22 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-12-05 23:22 - 2013-12-05 23:22 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-12-05 23:22 - 2013-12-05 23:22 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-05 23:22 - 2013-12-05 23:22 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-12-05 23:22 - 2013-12-05 23:22 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-12-05 23:22 - 2013-12-05 23:22 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-05 23:21 - 2013-12-05 23:26 - 00009900 _____ C:\Windows\IE11_main.log
==================== One Month Modified Files and Folders =======
2014-01-03 12:08 - 2014-01-03 12:07 - 00016393 _____ C:\Users\username\Desktop\FRST.txt
2014-01-03 12:06 - 2014-01-01 19:49 - 00000000 ____D C:\Users\username\Desktop\FRST-OlderVersion
2014-01-03 12:06 - 2013-12-31 14:35 - 00000000 ____D C:\FRST
2014-01-03 12:06 - 2013-12-31 14:32 - 01064581 _____ (Farbar) C:\Users\username\Desktop\FRST.exe
2014-01-03 12:06 - 2013-04-22 22:01 - 00000358 _____ C:\Windows\Tasks\HP Photo Creations Communicator.job
2014-01-03 12:05 - 2014-01-03 12:05 - 00000635 _____ C:\Users\username\Desktop\JRT.txt
2014-01-03 12:05 - 2011-06-23 20:39 - 01065354 _____ C:\Windows\WindowsUpdate.log
2014-01-03 12:02 - 2014-01-03 12:02 - 00001488 _____ C:\Users\username\Desktop\AdwCleaner[S1].txt
2014-01-03 12:01 - 2013-04-02 18:16 - 00426474 _____ C:\Windows\PFRO.log
2014-01-03 12:01 - 2013-02-20 00:04 - 00076019 _____ C:\Windows\setupact.log
2014-01-03 12:01 - 2011-09-14 17:32 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-03 12:01 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-03 12:00 - 2014-01-01 18:50 - 00000000 ____D C:\AdwCleaner
2014-01-03 11:38 - 2011-09-14 17:32 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-03 11:26 - 2012-10-31 20:12 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-03 11:19 - 2012-05-17 23:23 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1427649414-2167026269-3160858664-1000Core.job
2014-01-03 11:18 - 2011-06-22 20:51 - 00000000 ____D C:\ProgramData\MFAData
2014-01-03 11:17 - 2014-01-03 11:16 - 00000000 ____D C:\Users\username\Desktop\2nd scan
2014-01-03 11:15 - 2012-05-17 23:23 - 00001160 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1427649414-2167026269-3160858664-1000UA.job
2014-01-03 11:14 - 2012-08-29 22:42 - 00000000 ____D C:\Users\username\AppData\Roaming\HpUpdate
2014-01-02 09:20 - 2009-07-14 05:34 - 00021888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-02 09:20 - 2009-07-14 05:34 - 00021888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-01 21:14 - 2014-01-01 21:14 - 00027465 _____ C:\Users\username\Desktop\logs.7z
2014-01-01 21:13 - 2014-01-01 21:13 - 01110476 _____ C:\Users\username\Downloads\7z920.exe
2014-01-01 21:13 - 2013-12-10 19:54 - 00000000 ____D C:\Program Files\7-Zip
2014-01-01 19:17 - 2014-01-01 19:17 - 00000000 ____D C:\Windows\ERUNT
2014-01-01 19:15 - 2014-01-01 19:15 - 00000000 ____D C:\Users\username\Desktop\1st scan
2014-01-01 19:12 - 2013-12-30 01:15 - 00001463 _____ C:\Users\username\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-01-01 19:12 - 2013-12-30 01:15 - 00001438 _____ C:\Users\username\Desktop\Search.lnk
2014-01-01 18:43 - 2013-12-30 01:12 - 00004103 _____ C:\Users\username\daemonprocess.txt
2014-01-01 16:45 - 2014-01-01 16:45 - 00001071 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-01 16:45 - 2011-06-22 21:00 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2014-01-01 16:43 - 2014-01-01 16:43 - 01036305 _____ (Thisisu) C:\Users\username\Desktop\JRT.exe
2014-01-01 16:43 - 2014-01-01 16:42 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\username\Desktop\mbam-setup-1.75.0.1300.exe
2014-01-01 16:42 - 2014-01-01 16:42 - 01233962 _____ C:\Users\username\Desktop\adwcleaner.exe
2013-12-30 20:40 - 2013-12-30 17:10 - 00000488 _____ C:\Users\zweiterName\daemonprocess.txt
2013-12-30 20:37 - 2013-09-30 19:56 - 00000951 _____ C:\Users\Public\Desktop\AVG 2014.lnk
2013-12-30 19:47 - 2013-12-30 19:44 - 137189352 _____ (AVG Technologies) C:\Users\username\Downloads\avg_free_x86_all_2014_4259a6848.exe
2013-12-30 19:22 - 2011-06-22 19:31 - 00000000 ____D C:\Program Files\Adobe
2013-12-30 19:16 - 2011-06-22 19:34 - 00000000 ____D C:\Users\username\AppData\Roaming\Adobe
2013-12-30 19:16 - 2011-06-22 19:31 - 00000000 ____D C:\Program Files\Common Files\Adobe
2013-12-30 19:15 - 2011-06-22 19:30 - 00000000 ____D C:\ProgramData\Adobe
2013-12-30 19:05 - 2013-12-30 19:05 - 00001226 _____ C:\Users\username\Desktop\Revo Uninstaller.lnk
2013-12-30 19:05 - 2013-12-30 19:05 - 00000000 ____D C:\Program Files\VS Revo Group
2013-12-30 19:02 - 2013-12-30 19:02 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\username\Downloads\revosetup95.exe
2013-12-30 17:10 - 2013-04-15 22:03 - 00000000 ____D C:\Users\zweiterName
2013-12-30 02:48 - 2010-11-20 22:01 - 01498742 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-30 01:32 - 2013-12-30 01:32 - 00491784 _____ C:\Users\username\Downloads\incredimail_install (5).exe
2013-12-30 01:12 - 2013-12-30 01:12 - 00000000 ____D C:\Users\username\AppData\Local\cache
2013-12-30 01:12 - 2011-06-20 20:37 - 00000000 ____D C:\Users\username
2013-12-30 01:11 - 2013-12-30 01:11 - 00000000 ____D C:\Users\username\AppData\Roaming\VOLKSWAGEN RNS 510 user guide
2013-12-27 10:20 - 2013-12-27 10:20 - 00000000 ____D C:\Users\zweiterName\AppData\Roaming\AVG2014
2013-12-27 10:20 - 2013-12-27 10:20 - 00000000 ____D C:\Users\zweiterName\AppData\Local\Avg2014
2013-12-27 10:20 - 2013-04-15 22:04 - 00099272 _____ C:\Users\zweiterName\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-23 21:08 - 2011-12-12 22:53 - 00000000 _____ C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-12-23 21:08 - 2011-07-04 16:26 - 00000052 _____ C:\Windows\system32\DOErrors.log
2013-12-22 22:45 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\rescache
2013-12-22 16:53 - 2013-12-22 16:53 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-12-22 16:53 - 2013-12-22 16:52 - 00000000 ____D C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-12-22 16:52 - 2013-12-22 16:52 - 00000000 ____D C:\Program Files\iTunes
2013-12-22 16:52 - 2013-12-22 16:52 - 00000000 ____D C:\Program Files\iPod
2013-12-22 16:52 - 2013-02-27 21:20 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-12-22 15:07 - 2012-12-17 22:42 - 00000000 ____D C:\Users\username\Downloads\Hypozinsprognosen CS
2013-12-15 23:41 - 2013-12-15 23:41 - 00002170 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-12-15 23:41 - 2011-06-22 19:57 - 00000000 ____D C:\Program Files\Google
2013-12-15 23:29 - 2013-04-22 22:02 - 00000000 ___RD C:\Users\username\Documents\HP Photo Creations
2013-12-15 23:29 - 2013-04-22 22:01 - 00001953 _____ C:\Users\Public\Desktop\HP Photo Creations.lnk
2013-12-15 23:29 - 2013-04-22 22:01 - 00000000 ____D C:\ProgramData\HP Photo Creations
2013-12-12 20:20 - 2009-07-14 05:33 - 02293648 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-12 20:16 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\de-DE
2013-12-12 01:45 - 2011-06-20 21:02 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-12 01:43 - 2013-08-08 08:09 - 00000000 ____D C:\Windows\system32\MRT
2013-12-12 01:41 - 2011-10-29 01:11 - 88123800 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-12 01:39 - 2011-06-22 19:56 - 00000039 _____ C:\Windows\vbaddin.ini
2013-12-12 01:18 - 2012-08-28 21:54 - 00000000 ___SD C:\Users\username\Documents\Meine Shapes
2013-12-11 22:56 - 2013-12-11 22:56 - 00491784 _____ C:\Users\username\Downloads\incredimail_install (4).exe
2013-12-11 22:55 - 2013-12-11 22:54 - 00491784 _____ C:\Users\username\Downloads\incredimail_install (3).exe
2013-12-11 21:26 - 2012-10-31 20:12 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-12-11 21:26 - 2011-06-22 19:51 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-12-11 21:04 - 2013-12-11 21:04 - 00491784 _____ C:\Users\username\Downloads\incredimail_install (2).exe
2013-12-11 21:04 - 2013-12-11 21:04 - 00491784 _____ C:\Users\username\Downloads\incredimail_install (1).exe
2013-12-11 21:03 - 2013-12-11 21:03 - 00491784 _____ C:\Users\username\Downloads\incredimail_install.exe
2013-12-05 23:26 - 2013-12-05 23:21 - 00009900 _____ C:\Windows\IE11_main.log
2013-12-05 23:22 - 2013-12-05 23:22 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-05 23:22 - 2013-12-05 23:22 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-12-05 23:22 - 2013-12-05 23:22 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-05 23:22 - 2013-12-05 23:22 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00238288 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-12-05 23:22 - 2013-12-05 23:22 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-12-05 23:22 - 2013-12-05 23:22 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-12-05 23:22 - 2013-12-05 23:22 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-05 23:22 - 2013-12-05 23:22 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-12-05 23:22 - 2013-12-05 23:22 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-12-05 23:22 - 2013-12-05 23:22 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-05 21:49 - 2011-06-20 21:02 - 00000000 ____D C:\Users\username\AppData\Local\Microsoft Help
2013-12-05 21:49 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\wfp
2013-12-05 21:49 - 2009-07-14 03:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-12-05 21:48 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\registration
2013-12-05 21:48 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-12-05 21:46 - 2011-06-20 21:02 - 00000000 __RHD C:\MSOCache
2013-12-05 21:42 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\LogFiles
Some content of TEMP:
====================
C:\Users\zweiterName\AppData\Local\Temp\tmp6450.exe
C:\Users\username\AppData\Local\Temp\APNStub.exe
C:\Users\username\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\username\AppData\Local\Temp\HPHelpUpdater.exe
C:\Users\username\AppData\Local\Temp\i4jdel0.exe
C:\Users\username\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\username\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\username\AppData\Local\Temp\oi_{5398F582-623A-49FC-9A2D-62062664354F}.exe
C:\Users\username\AppData\Local\Temp\Quarantine.exe
C:\Users\username\AppData\Local\Temp\Resource.exe
C:\Users\username\AppData\Local\Temp\sp58915.exe
C:\Users\username\AppData\Local\Temp\sp62291.exe
C:\Users\username\AppData\Local\Temp\tmp24BE.exe
C:\Users\username\AppData\Local\Temp\tmp6805.exe
C:\Users\username\AppData\Local\Temp\tmpCB01.exe
C:\Users\username\AppData\Local\Temp\tmpD3E1.exe
C:\Users\username\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\username\AppData\Local\Temp\WinTools5522114432543705076.dll
C:\Users\username\AppData\Local\Temp\{45C3337B-C96B-4519-A30B-8652794F5EE7}-GoogleUpdateSetup.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-12-30 16:30
==================== End Of Log ============================
--- --- --- --- --- --- Addition Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 02-01-2014 01
Ran by username at 2014-01-03 12:09:44
Running from C:\Users\username\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: AVG AntiVirus Free Edition 2014 (Disabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Disabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
==================== Installed Programs ======================
7-Zip 9.20 (Version: - )
Adobe Flash Player 11 ActiveX (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Reader X (10.1.8) - Deutsch (Version: 10.1.8 - Adobe Systems Incorporated)
Apple Application Support (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (Version: 2.1.3.127 - Apple Inc.)
ArcSoft Camera Suite 2.1 (Version: - )
ATI Catalyst Install Manager (Version: 3.0.732.0 - ATI Technologies, Inc.)
Audacity 2.0.2 (Version: 2.0.2 - Audacity Team)
AVerMedia A309 (MiniCard, DVB-T) 1.0.0.40 (Version: 1.0.0.40 - AVerMedia TECHNOLOGIES, Inc.)
AVerMedia TV Tuner Card 1.0.0.4 (Version: 1.0.0.4 - AVerMedia TECHNOLOGIES, Inc.)
AVG 2014 (Version: 14.0.3658 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4259 - AVG Technologies) Hidden
AVG 2014 (Version: 2014.0.4259 - AVG Technologies)
Banana Buchhaltung 6.0 (Version: 6.0.8.0 - Banana.ch SA - Lugano (Switzerland))
Bonjour (Version: 3.0.0.10 - Apple Inc.)
Broadcom 802.11 Wireless LAN Adapter (Version: 5.60.18.12 - Broadcom Corporation)
Camera Support Core Library (Version: 7.1.0.11 - Canon) Hidden
Camera Window DS (Version: 5.0 - Canon) Hidden
Camera Window DVC (Version: 5.0 - Canon) Hidden
Camera Window MC (Version: 5.0 - Canon) Hidden
Canon Camera Support Core Library (Version: 7.1.0.11 - Canon)
Canon Camera Window DS for ZoomBrowser EX (Version: 5.0 - Canon)
Canon Camera Window DVC for ZoomBrowser EX (Version: 5.0 - Canon)
Canon Camera Window for ZoomBrowser EX (Version: 5.0 - Canon)
Canon Internet Library for ZoomBrowser EX (Version: 1.3.3 - Canon Inc.)
Canon MovieEdit Task for ZoomBrowser EX (Version: 1.2.0.21 - Canon)
Canon PhotoRecord (Version: 02.01.00069 - Cisra)
Canon RAW Image Task for ZoomBrowser EX (Version: 1.2 - Canon)
Canon RemoteCapture Task for ZoomBrowser EX (Version: 1.1 - Canon)
Canon Utilities PhotoStitch 3.1 (Version: 3.1.14 - Canon)
Canon ZoomBrowser EX (Version: 5.00.0000 - Canon)
Catalyst Control Center - Branding (Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center Graphics Full New (Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center Graphics Light (Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center InstallProxy (Version: 2009.0702.1239.20840 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (Version: 2009.0702.1239.20840 - ATI) Hidden
CCC Help Chinese Standard (Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Chinese Traditional (Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Czech (Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Danish (Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Dutch (Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help English (Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Finnish (Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help French (Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help German (Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Greek (Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Hungarian (Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Italian (Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Japanese (Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Korean (Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Norwegian (Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Polish (Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Portuguese (Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Russian (Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Spanish (Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Swedish (Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Thai (Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Turkish (Version: 2009.0702.1238.20840 - ATI) Hidden
ccc-core-static (Version: 2009.0702.1239.20840 - Ihr Firmenname) Hidden
ccc-utility (Version: 2009.0702.1239.20840 - ATI) Hidden
CCleaner (Version: 3.07 - Piriform)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DATA BECKER CD-DVD Druckerei 7 LE (Version: 7.50.0.30 - DATA BECKER GmbH & Co. KG)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (Version: - Microsoft)
DigitalPersona Personal 4.01 (Version: 4.01.3749 - DigitalPersona, Inc.)
Elevated Installer (Version: 2.1.13 - Garmin Ltd or its subsidiaries) Hidden
Exact Audio Copy 1.0beta3 (Version: 1.0beta3 - Andre Wiethoff)
Fotogalerie (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Garmin Communicator Plugin (Version: 4.0.3 - Garmin Ltd or its subsidiaries)
Garmin Express (Version: 2.1.13 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (Version: 2.1.13 - Garmin Ltd or its subsidiaries) Hidden
Garmin Update Service (Version: 2.1.13 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (Version: 31.0.1650.63 - Google Inc.)
Google Earth (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.22.3 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.1.1 (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Advisor (Version: 3.3.12286.3436 - Hewlett-Packard)
HP MediaSmart DVD (Version: 4.1.4328 - Hewlett-Packard)
HP MediaSmart DVD (Version: 4.1.4328 - Hewlett-Packard) Hidden
HP MediaSmart Music (Version: 4.1.4321 - Hewlett-Packard)
HP MediaSmart Music (Version: 4.1.4321 - Hewlett-Packard) Hidden
HP MediaSmart Webcam (Version: 4.1.3130 - Hewlett-Packard)
HP MediaSmart Webcam (Version: 4.1.3130 - Hewlett-Packard) Hidden
HP Officejet Pro 8600 - Grundlegende Software für das Gerät (Version: 25.0.619.0 - Hewlett-Packard Co.)
HP Officejet Pro 8600 Hilfe (Version: 140.0.2.2 - Hewlett Packard)
HP Photo Creations (Version: 1.0.0.12412 - HP)
HP Product Detection (Version: 10.7.9.0 - Hewlett-Packard Company)
HP Support Assistant (Version: 7.0.39.15 - Hewlett-Packard Company)
HP Update (Version: 5.003.000.004 - Hewlett-Packard)
HP Wireless Assistant (Version: 3.50.10.1 - Hewlett-Packard)
I.R.I.S. OCR (Version: 12.3.4.0 - HP)
IDT Audio (Version: 1.0.6225.0 - IDT)
Internet Library (Version: 1.3.3 - Canon Inc.) Hidden
iTunes (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 45 (Version: 7.0.450 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JavaFX 2.1.1 (Version: 2.1.1 - Oracle Corporation)
JMicron Flash Media Controller Driver (Version: 1.0.32.1 - JMicron Technology Corp.)
Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 Service Pack 1 (SP1) (Version: - Microsoft) Hidden
Microsoft Office Access MUI (German) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2010 (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Visio Professional 2003 (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Word MUI (German) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Outlook 2010 (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MovieEdit Task (Version: 1.2.0.21 - Canon) Hidden
Mozilla Firefox 20.0.1 (x86 de) (Version: 20.0.1 - Mozilla)
Mozilla Maintenance Service (Version: 20.0.1 - Mozilla)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (Version: 16.4.1108.0727 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0 - Microsoft Corporation)
Photo Gallery (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
PhotoStitch (Version: 3.1.14 - Canon) Hidden
Picasa 3 (Version: 3.9 - Google, Inc.)
PIF DESIGNER2.1 (Version: - )
Q-Haushalt (Version: - )
RAW Image Task 1.2 (Version: 1.2 - Canon) Hidden
RemoteCapture Task 1.1 (Version: 1.1 - Canon) Hidden
Revo Uninstaller 1.95 (Version: 1.95 - VS Revo Group)
ScanToWeb (Version: - )
************ 2011 11.3.49 (Version: 11.3.49 - ************ Informatik AG)
************ 2012 12.3.23 (Version: 12.3.23 - ************ Informatik AG)
SprayR 1.0 RC7b (Version: 1.0 RC7b - Jan 'neofrag' Willms)
Studie zur Verbesserung von HP Officejet Pro 8600 Produkten (Version: 25.0.619.0 - Hewlett-Packard Co.)
Synaptics Pointing Device Driver (Version: 15.3.29.0 - Synaptics Incorporated)
Tastaturschreiben (Version: - )
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (Version: 3 - Microsoft Corporation)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553065) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2566458) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (Version: - Microsoft)
Validity Sensors software (Version: 2.8.120 - Validity Sensors, Inc.)
VirtualCloneDrive (Version: - Elaborate Bytes)
VirtualDJ Home FREE (Version: 7.3 - Atomix Productions)
Visual Studio 2012 x86 Redistributables (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windows Live Communications Platform (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
==================== Restore Points =========================
05-12-2013 22:20:45 Windows Update
12-12-2013 00:37:46 Windows Update
22-12-2013 21:44:53 Geplanter Prüfpunkt
30-12-2013 15:37:30 Geplanter Prüfpunkt
30-12-2013 18:42:09 Windows Update
30-12-2013 18:44:14 Revo Uninstaller's restore point - AVG 2014
30-12-2013 18:46:53 Removed AVG 2014
30-12-2013 18:57:36 Revo Uninstaller's restore point - AVG 2014
30-12-2013 19:00:31 Removed AVG 2014
30-12-2013 19:33:36 Installed AVG 2014
03-01-2014 10:18:30 Revo Uninstaller's restore point - MarkKit
03-01-2014 10:19:57 Revo Uninstaller's restore point - Snap.Do
03-01-2014 10:21:28 Revo Uninstaller's restore point - Snap.Do
03-01-2014 10:25:32 Revo Uninstaller's restore point - Snap.Do Engine
03-01-2014 10:26:23 Revo Uninstaller's restore point - Snap.Do
03-01-2014 10:26:58 Revo Uninstaller's restore point - Snap.Do
==================== Hosts content: ==========================
2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {207A90F5-0254-4520-9E72-ECE7C69B2083} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1427649414-2167026269-3160858664-1000Core => C:\Users\username\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-30] (Google Inc.)
Task: {212156CE-1BF7-4D61-828F-FF7661D92B5F} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {23FCA2D7-3965-419E-B730-16F926B1CE7E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFUpdater.exe [2013-02-19] (Hewlett-Packard)
Task: {304C4874-54B2-4EBB-A69A-8A12A0DE5CCC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {377E19B0-6228-46B1-96F5-94DA111DB131} - System32\Tasks\MirageAgent => C:\Program Files\Hewlett-Packard\Media\Webcam\YCMMirage.exe [2010-07-30] (CyberLink)
Task: {4DDB0750-57C5-4D20-BD11-A29674BDC813} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {65044A47-600C-4E39-806C-3306833BAD41} - System32\Tasks\HP Photo Creations Communicator => C:\ProgramData\HP Photo Creations\Communicator.exe [2013-04-22] ()
Task: {A6EF04EF-973A-4DBE-A805-20CB0275DFF0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {C73A6360-B87B-4B84-86BB-6538D68AB83F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1427649414-2167026269-3160858664-1000UA => C:\Users\username\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-30] (Google Inc.)
Task: {C7FCEEEE-D3C4-4F82-AD54-230A8529A5A8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11] (Adobe Systems Incorporated)
Task: {CCB76675-B2E8-411A-8F4A-49AB61F98CBF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-09-14] (Google Inc.)
Task: {D07BAE86-2A2F-4A7D-89BD-9AD44192A86F} - System32\Tasks\HPCustParticipation HP Officejet Pro 8600 => C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPCustPartic.exe [2011-09-09] (Hewlett-Packard Co.)
Task: {E0C77928-9EFD-4268-BF25-DD2F2307D5A7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-09-14] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1427649414-2167026269-3160858664-1000Core.job => C:\Users\username\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1427649414-2167026269-3160858664-1000UA.job => C:\Users\username\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HP Photo Creations Communicator.job => C:\ProgramData\HP Photo Creations\Communicator.exe
==================== Loaded Modules (whitelisted) =============
2012-11-28 14:13 - 2012-11-28 14:13 - 00087952 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2012-11-28 14:13 - 2012-11-28 14:13 - 01242512 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2009-07-07 10:56 - 2009-07-07 10:56 - 00016384 ____R () C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-06-23 20:18 - 2011-06-23 20:18 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
Name: adfs
Description: adfs
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: adfs
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Percentage of memory in use: 48%
Total physical RAM: 3069.2 MB
Available physical RAM: 1568.35 MB
Total Pagefile: 6136.68 MB
Available Pagefile: 4178.85 MB
Total Virtual: 2047.88 MB
Available Virtual: 1913.96 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:221.32 GB) (Free:169.11 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (Daten) (Fixed) (Total:232.88 GB) (Free:216.28 GB) NTFS
Drive g: (desinfDATA) (Removable) (Total:5.33 GB) (Free:5.31 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 233 GB) (Disk ID: 3751AB45)
Partition 1: (Not Active) - (Size=233 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 6D694358)
Partition 1: (Active) - (Size=221 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 15 GB) (Disk ID: 00000000)
Partition: GPT Partition Type
==================== End Of Log ============================
|
|
04.01.2014, 09:28
| #9 |
| /// the machine /// TB-Ausbilder | Win-7: Adware / Virus entfernen - Virenscanner inaktiv - Weiterleitung auf Adware WebseiteESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
04.01.2014, 18:41
| #10 |
| | Win-7: Adware / Virus entfernen - Virenscanner inaktiv - Weiterleitung auf Adware Webseite Hallo schrauber Ich hab die Tools mal durchlaufen lassen. Wie soll ich die Funde von ESET entfernen? Reicht da normales löschen aus? Danach werde ich sicher aber noch einmal ESET und Malwarebytes durchlaufen lassen, zuletzt noch AVG. Die veralteten Programme werde ich auch selbstverständlich updaten. Hier die logs: ESET: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=64e275d5d8c4d342b3b4b95b99b95292
# engine=16517
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-01-04 12:55:39
# local_time=2014-01-04 01:55:39 (+0100, Mitteleuropäische Zeit)
# country="Switzerland"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 100 94 411503 140471330 0 0
# scanned=161470
# found=0
# cleaned=0
# scan_time=5120
Code:
ATTFilter C:\AdwCleaner\Quarantine\C\Users\username\AppData\Local\Temp\TempDir\pcspeedup_with_icon.exe.vir a variant of Win32/Speedchecker.A application
C:\Users\username\AppData\Local\Microsoft\Silverlight\OutOfBrowser\Speedchecker.PCSpeedUp\application.xap a variant of Win32/Speedchecker.A application
C:\Users\username\AppData\Local\Temp\APNStub.exe a variant of Win32/Bundled.Toolbar.Ask application
C:\Windows\Installer\d6d59d.msi a variant of Win32/Bundled.Toolbar.Ask application
Code:
ATTFilter Results of screen317's Security Check version 0.99.78 Windows 7 Service Pack 1 x86 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` AVG AntiVirus Free Edition 2014 Antivirus up to date! (On Access scanning disabled!) `````````Anti-malware/Other Utilities Check:````````` Malwarebytes Anti-Malware Version 1.75.0.1300 CCleaner JavaFX 2.1.1 Java 7 Update 45 Adobe Flash Player 11.9.900.170 Adobe Reader 10.1.8 Adobe Reader out of Date! Mozilla Firefox 20.0.1 Firefox out of Date! Google Chrome 31.0.1650.57 Google Chrome 31.0.1650.63 ````````Process Check: objlist.exe by Laurent```````` AVG avgwdsvc.exe AVG avgrsx.exe AVG avgnsx.exe AVG avgemc.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: ````````````````````End of Log`````````````````````` FRST Logfile: FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 04-01-2014
Ran by username (administrator) on computername on 04-01-2014 16:37:23
Running from C:\Users\username\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\stacsv.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Validity Sensors, Inc.) C:\Windows\System32\vfsFPService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpHostW.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\AEstSrv.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Garmin Ltd or its subsidiaries) C:\Users\username\Desktop\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgnsx.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Google Inc.) C:\Users\username\AppData\Local\Google\Chrome\Application\chrome.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgui.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Users\username\AppData\Local\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(CyberLink) C:\Program Files\Hewlett-Packard\Media\Webcam\YCMMirage.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Users\username\AppData\Local\Google\Chrome\Application\chrome.exe
() C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Microsoft Corporation) C:\Windows\System32\mmc.exe
(Google Inc.) C:\Users\username\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\username\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\username\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-07-02] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [WirelessAssistant] - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [499768 2009-09-01] (Hewlett-Packard)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2299176 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [HP Software Update] - C:\Program Files\HP\HP Software Update\hpwuschd2.exe [49208 2011-03-24] (Hewlett-Packard)
HKLM\...\Run: [] - [x]
HKLM\...\Run: [AVG_UI] - C:\Program Files\AVG\AVG2014\avgui.exe [4956176 2013-11-07] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray.exe [495708 2010-03-23] (IDT, Inc.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2013-12-12] (Hewlett-Packard)
HKCU\...\Run: [AdobeBridge] - [x]
HKCU\...\Run: [HP Officejet Pro 8600 (NET)] - C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [1804648 2011-09-09] (Hewlett-Packard Co.)
HKCU\...\Run: [Google Update] - C:\Users\username\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-03-30] (Google Inc.)
HKU\zweiterName\...\Run: [HPADVISOR] - [x]
HKU\Default\...\Run: [HPADVISOR] - [x]
HKU\Default User\...\Run: [HPADVISOR] - [x]
Lsa: [Notification Packages] scecli DPPWDFLT
Startup: C:\Users\username\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\username\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet Pro 8600 (Netzwerk).lnk
ShortcutTarget: Tintenwarnungen überwachen - HP Officejet Pro 8600 (Netzwerk).lnk -> C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://ch.msn.com/default.aspx?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xBAFA669A882FCC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-ch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
SearchScopes: HKLM - DefaultScope value is missing.
BHO: DigitalPersona Personal Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - C:\Program Files\DigitalPersona\Bin\DpOtsPluginIe8.dll (DigitalPersona, Inc.)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKCU - No Name - {0FEF2D2C-CDA6-45E4-B2ED-9DF7C50C95FF} - No File
DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} hxxp://h20270.www2.hp.com/ediags/gmn2/install/HPProductDetection2.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll No File
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\microsoft shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\username\AppData\Roaming\Mozilla\Firefox\Profiles\cn3zmdsu.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @garmin.com/GpsControl - C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 - C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\username\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\username\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF HKLM\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files\DigitalPersona\Bin\FirefoxExt\
FF Extension: DigitalPersona Extension - C:\Program Files\DigitalPersona\Bin\FirefoxExt\
FF HKCU\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files\DigitalPersona\Bin\firefoxext
FF Extension: DigitalPersona Extension - C:\Program Files\DigitalPersona\Bin\firefoxext
Chrome:
=======
CHR HomePage: https://www.google.ch/
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR Plugin: (Shockwave Flash) - C:\Users\username\AppData\Local\Google\Chrome\User Data\PepperFlash\11.7.700.225\pepflashplayer.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\username\AppData\Local\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\username\AppData\Local\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (AVG SiteSafety plugin) - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\15.2.0\\npsitesafety.dll No File
CHR Plugin: (Garmin Communicator Plug-In) - C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 7 U21) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll No File
CHR Plugin: (Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (RocketLife Secure Plug-In Layer) - C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll No File
CHR Extension: (YouTube) - C:\Users\username\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\username\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Google Wallet) - C:\Users\username\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0
CHR Extension: (Gmail) - C:\Users\username\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR StartMenuInternet: Google Chrome - C:\Users\username\AppData\Local\Google\Chrome\Application\chrome.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
========================== Services (Whitelisted) =================
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3478544 2013-11-11] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-24] (AVG Technologies CZ, s.r.o.)
R2 Garmin Core Update Service; C:\Users\username\Desktop\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [185688 2013-03-27] (Garmin Ltd or its subsidiaries)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9691412ff1876250\STacSV.exe [229458 2010-03-23] (IDT, Inc.)
S2 vToolbarUpdater17.2.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\ToolbarUpdater.exe [x]
==================== Drivers (Whitelisted) ====================
R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [120600 2013-11-05] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [209176 2013-11-04] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [147768 2013-10-24] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [22840 2013-09-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [176952 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [222520 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [102712 2013-10-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27448 2013-09-10] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [193848 2013-08-01] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [37664 2013-11-10] (AVG Technologies)
R3 clwvd; C:\Windows\System32\DRIVERS\clwvd.sys [29168 2010-07-30] (Windows (R) Win 7 DDK provider)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [31088 2010-12-16] (Elaborate Bytes AG)
S3 grmnusb; C:\Windows\System32\drivers\grmnusb.sys [15720 2012-04-18] (GARMIN Corp.)
S2 adfs; No ImagePath
S3 pfc; system32\drivers\pfc.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-01-04 16:35 - 2014-01-04 16:35 - 00000503 _____ C:\Users\username\Desktop\found.txt
2014-01-04 14:16 - 2014-01-04 14:16 - 00001048 _____ C:\Users\username\Desktop\checkup.txt
2014-01-04 13:53 - 2014-01-04 13:53 - 00987410 _____ C:\Users\username\Desktop\SecurityCheck.exe
2014-01-04 12:27 - 2014-01-04 12:27 - 00000000 ____D C:\Program Files\ESET
2014-01-04 12:24 - 2014-01-04 12:24 - 02347384 _____ (ESET) C:\Users\username\Desktop\esetsmartinstaller_enu.exe
2014-01-03 12:09 - 2014-01-03 12:16 - 00023257 _____ C:\Users\username\Desktop\Addition.txt
2014-01-03 12:07 - 2014-01-04 16:38 - 00016839 _____ C:\Users\username\Desktop\FRST.txt
2014-01-03 12:05 - 2014-01-03 12:11 - 00000628 _____ C:\Users\username\Desktop\JRT.txt
2014-01-03 12:02 - 2014-01-03 12:09 - 00001464 _____ C:\Users\username\Desktop\AdwCleaner[S1].txt
2014-01-03 11:16 - 2014-01-03 11:17 - 00000000 ____D C:\Users\username\Desktop\2nd scan
2014-01-01 21:14 - 2014-01-01 21:14 - 00027465 _____ C:\Users\username\Desktop\logs.7z
2014-01-01 21:13 - 2014-01-01 21:13 - 01110476 _____ C:\Users\username\Downloads\7z920.exe
2014-01-01 19:49 - 2014-01-04 16:37 - 00000000 ____D C:\Users\username\Desktop\FRST-OlderVersion
2014-01-01 19:17 - 2014-01-01 19:17 - 00000000 ____D C:\Windows\ERUNT
2014-01-01 19:15 - 2014-01-01 19:15 - 00000000 ____D C:\Users\username\Desktop\1st scan
2014-01-01 18:50 - 2014-01-03 12:00 - 00000000 ____D C:\AdwCleaner
2014-01-01 16:45 - 2014-01-01 16:45 - 00001071 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-01 16:43 - 2014-01-01 16:43 - 01036305 _____ (Thisisu) C:\Users\username\Desktop\JRT.exe
2014-01-01 16:42 - 2014-01-01 16:43 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\username\Desktop\mbam-setup-1.75.0.1300.exe
2014-01-01 16:42 - 2014-01-01 16:42 - 01233962 _____ C:\Users\username\Desktop\adwcleaner.exe
2013-12-31 14:35 - 2014-01-04 16:37 - 00000000 ____D C:\FRST
2013-12-31 14:32 - 2014-01-04 16:37 - 01064761 _____ (Farbar) C:\Users\username\Desktop\FRST.exe
2013-12-30 19:44 - 2013-12-30 19:47 - 137189352 _____ (AVG Technologies) C:\Users\username\Downloads\avg_free_x86_all_2014_4259a6848.exe
2013-12-30 19:05 - 2013-12-30 19:05 - 00001226 _____ C:\Users\username\Desktop\Revo Uninstaller.lnk
2013-12-30 19:05 - 2013-12-30 19:05 - 00000000 ____D C:\Program Files\VS Revo Group
2013-12-30 19:02 - 2013-12-30 19:02 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\username\Downloads\revosetup95.exe
2013-12-30 17:10 - 2013-12-30 20:40 - 00000488 _____ C:\Users\zweiterName\daemonprocess.txt
2013-12-30 01:32 - 2013-12-30 01:32 - 00491784 _____ C:\Users\username\Downloads\incredimail_install (5).exe
2013-12-30 01:15 - 2014-01-01 19:12 - 00001463 _____ C:\Users\username\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2013-12-30 01:15 - 2014-01-01 19:12 - 00001438 _____ C:\Users\username\Desktop\Search.lnk
2013-12-30 01:12 - 2014-01-01 18:43 - 00004103 _____ C:\Users\username\daemonprocess.txt
2013-12-30 01:12 - 2013-12-30 01:12 - 00000000 ____D C:\Users\username\AppData\Local\cache
2013-12-30 01:11 - 2013-12-30 01:11 - 00000000 ____D C:\Users\username\AppData\Roaming\VOLKSWAGEN RNS 510 user guide
2013-12-27 10:20 - 2013-12-27 10:20 - 00000000 ____D C:\Users\zweiterName\AppData\Roaming\AVG2014
2013-12-27 10:20 - 2013-12-27 10:20 - 00000000 ____D C:\Users\zweiterName\AppData\Local\Avg2014
2013-12-22 16:53 - 2013-12-22 16:53 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-12-22 16:52 - 2013-12-22 16:53 - 00000000 ____D C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-12-22 16:52 - 2013-12-22 16:52 - 00000000 ____D C:\Program Files\iTunes
2013-12-22 16:52 - 2013-12-22 16:52 - 00000000 ____D C:\Program Files\iPod
2013-12-15 23:41 - 2013-12-15 23:41 - 00002170 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-12-12 01:45 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-12 01:45 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-12 01:45 - 2013-11-26 10:22 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-12 01:45 - 2013-11-26 09:53 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-12 01:45 - 2013-11-26 09:52 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-12 01:45 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-12 01:45 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-12 01:45 - 2013-11-26 09:36 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-12 01:45 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-12 01:45 - 2013-11-26 09:29 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-12 01:45 - 2013-11-26 09:29 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-12 01:45 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-12 01:45 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-12 01:45 - 2013-11-26 09:13 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-12 01:45 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-12 01:45 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-12 01:45 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-12 01:45 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-12 01:45 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-12 01:40 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-12 01:40 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-11 22:56 - 2013-12-11 22:56 - 00491784 _____ C:\Users\username\Downloads\incredimail_install (4).exe
2013-12-11 22:54 - 2013-12-11 22:55 - 00491784 _____ C:\Users\username\Downloads\incredimail_install (3).exe
2013-12-11 21:04 - 2013-12-11 21:04 - 00491784 _____ C:\Users\username\Downloads\incredimail_install (2).exe
2013-12-11 21:04 - 2013-12-11 21:04 - 00491784 _____ C:\Users\username\Downloads\incredimail_install (1).exe
2013-12-11 21:03 - 2013-12-11 21:03 - 00491784 _____ C:\Users\username\Downloads\incredimail_install.exe
2013-12-11 20:33 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-11 20:32 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-11 20:32 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-11 20:32 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-11 20:32 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-11 20:32 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-11 20:31 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-11 20:31 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-11 20:30 - 2013-10-30 02:27 - 02349056 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-11 20:30 - 2013-10-04 02:49 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-11 20:30 - 2013-10-04 02:17 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-10 19:54 - 2014-01-01 21:13 - 00000000 ____D C:\Program Files\7-Zip
2013-12-05 23:22 - 2013-12-05 23:22 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-05 23:22 - 2013-12-05 23:22 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-12-05 23:22 - 2013-12-05 23:22 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-05 23:22 - 2013-12-05 23:22 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00238288 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-12-05 23:22 - 2013-12-05 23:22 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-12-05 23:22 - 2013-12-05 23:22 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-12-05 23:22 - 2013-12-05 23:22 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-05 23:22 - 2013-12-05 23:22 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-12-05 23:22 - 2013-12-05 23:22 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-12-05 23:22 - 2013-12-05 23:22 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-05 23:21 - 2013-12-05 23:26 - 00009900 _____ C:\Windows\IE11_main.log
==================== One Month Modified Files and Folders =======
2014-01-04 16:38 - 2014-01-03 12:07 - 00016839 _____ C:\Users\username\Desktop\FRST.txt
2014-01-04 16:38 - 2011-09-14 17:32 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-04 16:37 - 2014-01-01 19:49 - 00000000 ____D C:\Users\username\Desktop\FRST-OlderVersion
2014-01-04 16:37 - 2013-12-31 14:35 - 00000000 ____D C:\FRST
2014-01-04 16:37 - 2013-12-31 14:32 - 01064761 _____ (Farbar) C:\Users\username\Desktop\FRST.exe
2014-01-04 16:36 - 2013-02-20 00:04 - 00076691 _____ C:\Windows\setupact.log
2014-01-04 16:35 - 2014-01-04 16:35 - 00000503 _____ C:\Users\username\Desktop\found.txt
2014-01-04 16:26 - 2012-10-31 20:12 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-04 16:15 - 2012-05-17 23:23 - 00001160 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1427649414-2167026269-3160858664-1000UA.job
2014-01-04 16:10 - 2013-04-22 22:01 - 00000358 _____ C:\Windows\Tasks\HP Photo Creations Communicator.job
2014-01-04 16:10 - 2011-06-23 20:39 - 01121446 _____ C:\Windows\WindowsUpdate.log
2014-01-04 14:38 - 2011-09-14 17:32 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-04 14:16 - 2014-01-04 14:16 - 00001048 _____ C:\Users\username\Desktop\checkup.txt
2014-01-04 13:53 - 2014-01-04 13:53 - 00987410 _____ C:\Users\username\Desktop\SecurityCheck.exe
2014-01-04 12:29 - 2009-07-14 05:34 - 00021888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-04 12:29 - 2009-07-14 05:34 - 00021888 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-04 12:27 - 2014-01-04 12:27 - 00000000 ____D C:\Program Files\ESET
2014-01-04 12:27 - 2011-06-22 20:51 - 00000000 ____D C:\ProgramData\MFAData
2014-01-04 12:24 - 2014-01-04 12:24 - 02347384 _____ (ESET) C:\Users\username\Desktop\esetsmartinstaller_enu.exe
2014-01-04 12:22 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-03 12:16 - 2014-01-03 12:09 - 00023257 _____ C:\Users\username\Desktop\Addition.txt
2014-01-03 12:11 - 2014-01-03 12:05 - 00000628 _____ C:\Users\username\Desktop\JRT.txt
2014-01-03 12:09 - 2014-01-03 12:02 - 00001464 _____ C:\Users\username\Desktop\AdwCleaner[S1].txt
2014-01-03 12:01 - 2013-04-02 18:16 - 00426474 _____ C:\Windows\PFRO.log
2014-01-03 12:00 - 2014-01-01 18:50 - 00000000 ____D C:\AdwCleaner
2014-01-03 11:19 - 2012-05-17 23:23 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1427649414-2167026269-3160858664-1000Core.job
2014-01-03 11:17 - 2014-01-03 11:16 - 00000000 ____D C:\Users\username\Desktop\2nd scan
2014-01-03 11:14 - 2012-08-29 22:42 - 00000000 ____D C:\Users\username\AppData\Roaming\HpUpdate
2014-01-01 21:14 - 2014-01-01 21:14 - 00027465 _____ C:\Users\username\Desktop\logs.7z
2014-01-01 21:13 - 2014-01-01 21:13 - 01110476 _____ C:\Users\username\Downloads\7z920.exe
2014-01-01 21:13 - 2013-12-10 19:54 - 00000000 ____D C:\Program Files\7-Zip
2014-01-01 19:17 - 2014-01-01 19:17 - 00000000 ____D C:\Windows\ERUNT
2014-01-01 19:15 - 2014-01-01 19:15 - 00000000 ____D C:\Users\username\Desktop\1st scan
2014-01-01 19:12 - 2013-12-30 01:15 - 00001463 _____ C:\Users\username\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-01-01 19:12 - 2013-12-30 01:15 - 00001438 _____ C:\Users\username\Desktop\Search.lnk
2014-01-01 18:43 - 2013-12-30 01:12 - 00004103 _____ C:\Users\username\daemonprocess.txt
2014-01-01 16:45 - 2014-01-01 16:45 - 00001071 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-01 16:45 - 2011-06-22 21:00 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2014-01-01 16:43 - 2014-01-01 16:43 - 01036305 _____ (Thisisu) C:\Users\username\Desktop\JRT.exe
2014-01-01 16:43 - 2014-01-01 16:42 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\username\Desktop\mbam-setup-1.75.0.1300.exe
2014-01-01 16:42 - 2014-01-01 16:42 - 01233962 _____ C:\Users\username\Desktop\adwcleaner.exe
2013-12-30 20:40 - 2013-12-30 17:10 - 00000488 _____ C:\Users\zweiterName\daemonprocess.txt
2013-12-30 20:37 - 2013-09-30 19:56 - 00000951 _____ C:\Users\Public\Desktop\AVG 2014.lnk
2013-12-30 19:47 - 2013-12-30 19:44 - 137189352 _____ (AVG Technologies) C:\Users\username\Downloads\avg_free_x86_all_2014_4259a6848.exe
2013-12-30 19:22 - 2011-06-22 19:31 - 00000000 ____D C:\Program Files\Adobe
2013-12-30 19:16 - 2011-06-22 19:34 - 00000000 ____D C:\Users\username\AppData\Roaming\Adobe
2013-12-30 19:16 - 2011-06-22 19:31 - 00000000 ____D C:\Program Files\Common Files\Adobe
2013-12-30 19:15 - 2011-06-22 19:30 - 00000000 ____D C:\ProgramData\Adobe
2013-12-30 19:05 - 2013-12-30 19:05 - 00001226 _____ C:\Users\username\Desktop\Revo Uninstaller.lnk
2013-12-30 19:05 - 2013-12-30 19:05 - 00000000 ____D C:\Program Files\VS Revo Group
2013-12-30 19:02 - 2013-12-30 19:02 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\username\Downloads\revosetup95.exe
2013-12-30 17:10 - 2013-04-15 22:03 - 00000000 ____D C:\Users\zweiterName
2013-12-30 02:48 - 2010-11-20 22:01 - 01498742 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-30 01:32 - 2013-12-30 01:32 - 00491784 _____ C:\Users\username\Downloads\incredimail_install (5).exe
2013-12-30 01:12 - 2013-12-30 01:12 - 00000000 ____D C:\Users\username\AppData\Local\cache
2013-12-30 01:12 - 2011-06-20 20:37 - 00000000 ____D C:\Users\username
2013-12-30 01:11 - 2013-12-30 01:11 - 00000000 ____D C:\Users\username\AppData\Roaming\VOLKSWAGEN RNS 510 user guide
2013-12-27 10:20 - 2013-12-27 10:20 - 00000000 ____D C:\Users\zweiterName\AppData\Roaming\AVG2014
2013-12-27 10:20 - 2013-12-27 10:20 - 00000000 ____D C:\Users\zweiterName\AppData\Local\Avg2014
2013-12-27 10:20 - 2013-04-15 22:04 - 00099272 _____ C:\Users\zweiterName\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-23 21:08 - 2011-12-12 22:53 - 00000000 _____ C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-12-23 21:08 - 2011-07-04 16:26 - 00000052 _____ C:\Windows\system32\DOErrors.log
2013-12-22 22:45 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\rescache
2013-12-22 16:53 - 2013-12-22 16:53 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-12-22 16:53 - 2013-12-22 16:52 - 00000000 ____D C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1
2013-12-22 16:52 - 2013-12-22 16:52 - 00000000 ____D C:\Program Files\iTunes
2013-12-22 16:52 - 2013-12-22 16:52 - 00000000 ____D C:\Program Files\iPod
2013-12-22 16:52 - 2013-02-27 21:20 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-12-22 15:07 - 2012-12-17 22:42 - 00000000 ____D C:\Users\username\Downloads\Hypozinsprognosen CS
2013-12-15 23:41 - 2013-12-15 23:41 - 00002170 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-12-15 23:41 - 2011-06-22 19:57 - 00000000 ____D C:\Program Files\Google
2013-12-15 23:29 - 2013-04-22 22:02 - 00000000 ___RD C:\Users\username\Documents\HP Photo Creations
2013-12-15 23:29 - 2013-04-22 22:01 - 00001953 _____ C:\Users\Public\Desktop\HP Photo Creations.lnk
2013-12-15 23:29 - 2013-04-22 22:01 - 00000000 ____D C:\ProgramData\HP Photo Creations
2013-12-12 20:20 - 2009-07-14 05:33 - 02293648 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-12 20:16 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\de-DE
2013-12-12 01:45 - 2011-06-20 21:02 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-12-12 01:43 - 2013-08-08 08:09 - 00000000 ____D C:\Windows\system32\MRT
2013-12-12 01:41 - 2011-10-29 01:11 - 88123800 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-12 01:39 - 2011-06-22 19:56 - 00000039 _____ C:\Windows\vbaddin.ini
2013-12-12 01:18 - 2012-08-28 21:54 - 00000000 ___SD C:\Users\username\Documents\Meine Shapes
2013-12-11 22:56 - 2013-12-11 22:56 - 00491784 _____ C:\Users\username\Downloads\incredimail_install (4).exe
2013-12-11 22:55 - 2013-12-11 22:54 - 00491784 _____ C:\Users\username\Downloads\incredimail_install (3).exe
2013-12-11 21:26 - 2012-10-31 20:12 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-12-11 21:26 - 2011-06-22 19:51 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-12-11 21:04 - 2013-12-11 21:04 - 00491784 _____ C:\Users\username\Downloads\incredimail_install (2).exe
2013-12-11 21:04 - 2013-12-11 21:04 - 00491784 _____ C:\Users\username\Downloads\incredimail_install (1).exe
2013-12-11 21:03 - 2013-12-11 21:03 - 00491784 _____ C:\Users\username\Downloads\incredimail_install.exe
2013-12-05 23:26 - 2013-12-05 23:21 - 00009900 _____ C:\Windows\IE11_main.log
2013-12-05 23:22 - 2013-12-05 23:22 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-12-05 23:22 - 2013-12-05 23:22 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-12-05 23:22 - 2013-12-05 23:22 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-12-05 23:22 - 2013-12-05 23:22 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00238288 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-12-05 23:22 - 2013-12-05 23:22 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-12-05 23:22 - 2013-12-05 23:22 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-12-05 23:22 - 2013-12-05 23:22 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-12-05 23:22 - 2013-12-05 23:22 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-12-05 23:22 - 2013-12-05 23:22 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-12-05 23:22 - 2013-12-05 23:22 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-12-05 23:22 - 2013-12-05 23:22 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-12-05 21:49 - 2011-06-20 21:02 - 00000000 ____D C:\Users\username\AppData\Local\Microsoft Help
2013-12-05 21:49 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\wfp
2013-12-05 21:49 - 2009-07-14 03:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2013-12-05 21:48 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\registration
2013-12-05 21:48 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\Microsoft.NET
2013-12-05 21:46 - 2011-06-20 21:02 - 00000000 __RHD C:\MSOCache
2013-12-05 21:42 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\LogFiles
Some content of TEMP:
====================
C:\Users\zweiterName\AppData\Local\Temp\tmp6450.exe
C:\Users\username\AppData\Local\Temp\APNStub.exe
C:\Users\username\AppData\Local\Temp\fp_pl_pfs_installer.exe
C:\Users\username\AppData\Local\Temp\HPHelpUpdater.exe
C:\Users\username\AppData\Local\Temp\i4jdel0.exe
C:\Users\username\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\username\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\username\AppData\Local\Temp\oi_{5398F582-623A-49FC-9A2D-62062664354F}.exe
C:\Users\username\AppData\Local\Temp\Quarantine.exe
C:\Users\username\AppData\Local\Temp\Resource.exe
C:\Users\username\AppData\Local\Temp\sp58915.exe
C:\Users\username\AppData\Local\Temp\sp62291.exe
C:\Users\username\AppData\Local\Temp\tmp24BE.exe
C:\Users\username\AppData\Local\Temp\tmp6805.exe
C:\Users\username\AppData\Local\Temp\tmpCB01.exe
C:\Users\username\AppData\Local\Temp\tmpD3E1.exe
C:\Users\username\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\username\AppData\Local\Temp\WinTools5522114432543705076.dll
C:\Users\username\AppData\Local\Temp\{45C3337B-C96B-4519-A30B-8652794F5EE7}-GoogleUpdateSetup.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-12-30 16:30
==================== End Of Log ============================
--- --- --- --- --- --- --- --- --- Addition: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 04-01-2014
Ran by username at 2014-01-04 16:39:08
Running from C:\Users\username\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: AVG AntiVirus Free Edition 2014 (Disabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Disabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
==================== Installed Programs ======================
7-Zip 9.20 (Version: - )
Adobe Flash Player 11 ActiveX (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Reader X (10.1.8) - Deutsch (Version: 10.1.8 - Adobe Systems Incorporated)
Apple Application Support (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (Version: 2.1.3.127 - Apple Inc.)
ArcSoft Camera Suite 2.1 (Version: - )
ATI Catalyst Install Manager (Version: 3.0.732.0 - ATI Technologies, Inc.)
Audacity 2.0.2 (Version: 2.0.2 - Audacity Team)
AVerMedia A309 (MiniCard, DVB-T) 1.0.0.40 (Version: 1.0.0.40 - AVerMedia TECHNOLOGIES, Inc.)
AVerMedia TV Tuner Card 1.0.0.4 (Version: 1.0.0.4 - AVerMedia TECHNOLOGIES, Inc.)
AVG 2014 (Version: 14.0.3658 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4259 - AVG Technologies) Hidden
AVG 2014 (Version: 2014.0.4259 - AVG Technologies)
Banana Buchhaltung 6.0 (Version: 6.0.8.0 - Banana.ch SA - Lugano (Switzerland))
Bonjour (Version: 3.0.0.10 - Apple Inc.)
Broadcom 802.11 Wireless LAN Adapter (Version: 5.60.18.12 - Broadcom Corporation)
Camera Support Core Library (Version: 7.1.0.11 - Canon) Hidden
Camera Window DS (Version: 5.0 - Canon) Hidden
Camera Window DVC (Version: 5.0 - Canon) Hidden
Camera Window MC (Version: 5.0 - Canon) Hidden
Canon Camera Support Core Library (Version: 7.1.0.11 - Canon)
Canon Camera Window DS for ZoomBrowser EX (Version: 5.0 - Canon)
Canon Camera Window DVC for ZoomBrowser EX (Version: 5.0 - Canon)
Canon Camera Window for ZoomBrowser EX (Version: 5.0 - Canon)
Canon Internet Library for ZoomBrowser EX (Version: 1.3.3 - Canon Inc.)
Canon MovieEdit Task for ZoomBrowser EX (Version: 1.2.0.21 - Canon)
Canon PhotoRecord (Version: 02.01.00069 - Cisra)
Canon RAW Image Task for ZoomBrowser EX (Version: 1.2 - Canon)
Canon RemoteCapture Task for ZoomBrowser EX (Version: 1.1 - Canon)
Canon Utilities PhotoStitch 3.1 (Version: 3.1.14 - Canon)
Canon ZoomBrowser EX (Version: 5.00.0000 - Canon)
Catalyst Control Center - Branding (Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center Graphics Full New (Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center Graphics Light (Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (Version: 2009.0702.1239.20840 - ATI) Hidden
Catalyst Control Center InstallProxy (Version: 2009.0702.1239.20840 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (Version: 2009.0702.1239.20840 - ATI) Hidden
CCC Help Chinese Standard (Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Chinese Traditional (Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Czech (Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Danish (Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Dutch (Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help English (Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Finnish (Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help French (Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help German (Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Greek (Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Hungarian (Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Italian (Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Japanese (Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Korean (Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Norwegian (Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Polish (Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Portuguese (Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Russian (Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Spanish (Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Swedish (Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Thai (Version: 2009.0702.1238.20840 - ATI) Hidden
CCC Help Turkish (Version: 2009.0702.1238.20840 - ATI) Hidden
ccc-core-static (Version: 2009.0702.1239.20840 - Ihr Firmenname) Hidden
ccc-utility (Version: 2009.0702.1239.20840 - ATI) Hidden
CCleaner (Version: 3.07 - Piriform)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DATA BECKER CD-DVD Druckerei 7 LE (Version: 7.50.0.30 - DATA BECKER GmbH & Co. KG)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (Version: - Microsoft)
DigitalPersona Personal 4.01 (Version: 4.01.3749 - DigitalPersona, Inc.)
Elevated Installer (Version: 2.1.13 - Garmin Ltd or its subsidiaries) Hidden
ESET Online Scanner v3 (Version: - )
Exact Audio Copy 1.0beta3 (Version: 1.0beta3 - Andre Wiethoff)
Fotogalerie (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Garmin Communicator Plugin (Version: 4.0.3 - Garmin Ltd or its subsidiaries)
Garmin Express (Version: 2.1.13 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (Version: 2.1.13 - Garmin Ltd or its subsidiaries) Hidden
Garmin Update Service (Version: 2.1.13 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (Version: 31.0.1650.63 - Google Inc.)
Google Earth (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.22.3 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.1.1 (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Advisor (Version: 3.3.12286.3436 - Hewlett-Packard)
HP MediaSmart DVD (Version: 4.1.4328 - Hewlett-Packard)
HP MediaSmart DVD (Version: 4.1.4328 - Hewlett-Packard) Hidden
HP MediaSmart Music (Version: 4.1.4321 - Hewlett-Packard)
HP MediaSmart Music (Version: 4.1.4321 - Hewlett-Packard) Hidden
HP MediaSmart Webcam (Version: 4.1.3130 - Hewlett-Packard)
HP MediaSmart Webcam (Version: 4.1.3130 - Hewlett-Packard) Hidden
HP Officejet Pro 8600 - Grundlegende Software für das Gerät (Version: 25.0.619.0 - Hewlett-Packard Co.)
HP Officejet Pro 8600 Hilfe (Version: 140.0.2.2 - Hewlett Packard)
HP Photo Creations (Version: 1.0.0.12412 - HP)
HP Product Detection (Version: 10.7.9.0 - Hewlett-Packard Company)
HP Support Assistant (Version: 7.0.39.15 - Hewlett-Packard Company)
HP Update (Version: 5.003.000.004 - Hewlett-Packard)
HP Wireless Assistant (Version: 3.50.10.1 - Hewlett-Packard)
I.R.I.S. OCR (Version: 12.3.4.0 - HP)
IDT Audio (Version: 1.0.6225.0 - IDT)
Internet Library (Version: 1.3.3 - Canon Inc.) Hidden
iTunes (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 45 (Version: 7.0.450 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JavaFX 2.1.1 (Version: 2.1.1 - Oracle Corporation)
JMicron Flash Media Controller Driver (Version: 1.0.32.1 - JMicron Technology Corp.)
Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 Service Pack 1 (SP1) (Version: - Microsoft) Hidden
Microsoft Office Access MUI (German) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Home and Student 2010 (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Office Visio Professional 2003 (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Word MUI (German) 2010 (Version: 14.0.6029.1000 - Microsoft Corporation) Hidden
Microsoft Outlook 2010 (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Silverlight (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
MovieEdit Task (Version: 1.2.0.21 - Canon) Hidden
Mozilla Firefox 20.0.1 (x86 de) (Version: 20.0.1 - Mozilla)
Mozilla Maintenance Service (Version: 20.0.1 - Mozilla)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (Version: 16.4.1108.0727 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0 - Microsoft Corporation)
Photo Gallery (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
PhotoStitch (Version: 3.1.14 - Canon) Hidden
Picasa 3 (Version: 3.9 - Google, Inc.)
PIF DESIGNER2.1 (Version: - )
Q-Haushalt (Version: - )
RAW Image Task 1.2 (Version: 1.2 - Canon) Hidden
RemoteCapture Task 1.1 (Version: 1.1 - Canon) Hidden
Revo Uninstaller 1.95 (Version: 1.95 - VS Revo Group)
ScanToWeb (Version: - )
************ 2011 11.3.49 (Version: 11.3.49 - ************ Informatik AG)
************ 2012 12.3.23 (Version: 12.3.23 - ************ Informatik AG)
SprayR 1.0 RC7b (Version: 1.0 RC7b - Jan 'neofrag' Willms)
Studie zur Verbesserung von HP Officejet Pro 8600 Produkten (Version: 25.0.619.0 - Hewlett-Packard Co.)
Synaptics Pointing Device Driver (Version: 15.3.29.0 - Synaptics Incorporated)
Tastaturschreiben (Version: - )
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (Version: 3 - Microsoft Corporation)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553065) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2566458) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2826026) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (Version: - Microsoft)
Update for Microsoft Word 2010 (KB2837593) 32-Bit Edition (Version: - Microsoft)
Validity Sensors software (Version: 2.8.120 - Validity Sensors, Inc.)
VirtualCloneDrive (Version: - Elaborate Bytes)
VirtualDJ Home FREE (Version: 7.3 - Atomix Productions)
Visual Studio 2012 x86 Redistributables (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windows Live Communications Platform (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
==================== Restore Points =========================
05-12-2013 22:20:45 Windows Update
12-12-2013 00:37:46 Windows Update
22-12-2013 21:44:53 Geplanter Prüfpunkt
30-12-2013 15:37:30 Geplanter Prüfpunkt
30-12-2013 18:42:09 Windows Update
30-12-2013 18:44:14 Revo Uninstaller's restore point - AVG 2014
30-12-2013 18:46:53 Removed AVG 2014
30-12-2013 18:57:36 Revo Uninstaller's restore point - AVG 2014
30-12-2013 19:00:31 Removed AVG 2014
30-12-2013 19:33:36 Installed AVG 2014
03-01-2014 10:18:30 Revo Uninstaller's restore point - MarkKit
03-01-2014 10:19:57 Revo Uninstaller's restore point - Snap.Do
03-01-2014 10:21:28 Revo Uninstaller's restore point - Snap.Do
03-01-2014 10:25:32 Revo Uninstaller's restore point - Snap.Do Engine
03-01-2014 10:26:23 Revo Uninstaller's restore point - Snap.Do
03-01-2014 10:26:58 Revo Uninstaller's restore point - Snap.Do
==================== Hosts content: ==========================
2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {207A90F5-0254-4520-9E72-ECE7C69B2083} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1427649414-2167026269-3160858664-1000Core => C:\Users\username\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-30] (Google Inc.)
Task: {212156CE-1BF7-4D61-828F-FF7661D92B5F} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {23FCA2D7-3965-419E-B730-16F926B1CE7E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFUpdater.exe [2013-02-19] (Hewlett-Packard)
Task: {304C4874-54B2-4EBB-A69A-8A12A0DE5CCC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {377E19B0-6228-46B1-96F5-94DA111DB131} - System32\Tasks\MirageAgent => C:\Program Files\Hewlett-Packard\Media\Webcam\YCMMirage.exe [2010-07-30] (CyberLink)
Task: {4DDB0750-57C5-4D20-BD11-A29674BDC813} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {65044A47-600C-4E39-806C-3306833BAD41} - System32\Tasks\HP Photo Creations Communicator => C:\ProgramData\HP Photo Creations\Communicator.exe [2013-04-22] ()
Task: {A6EF04EF-973A-4DBE-A805-20CB0275DFF0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {C73A6360-B87B-4B84-86BB-6538D68AB83F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1427649414-2167026269-3160858664-1000UA => C:\Users\username\AppData\Local\Google\Update\GoogleUpdate.exe [2012-03-30] (Google Inc.)
Task: {C7FCEEEE-D3C4-4F82-AD54-230A8529A5A8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11] (Adobe Systems Incorporated)
Task: {CCB76675-B2E8-411A-8F4A-49AB61F98CBF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-09-14] (Google Inc.)
Task: {D07BAE86-2A2F-4A7D-89BD-9AD44192A86F} - System32\Tasks\HPCustParticipation HP Officejet Pro 8600 => C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPCustPartic.exe [2011-09-09] (Hewlett-Packard Co.)
Task: {E0C77928-9EFD-4268-BF25-DD2F2307D5A7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2011-09-14] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1427649414-2167026269-3160858664-1000Core.job => C:\Users\username\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1427649414-2167026269-3160858664-1000UA.job => C:\Users\username\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HP Photo Creations Communicator.job => C:\ProgramData\HP Photo Creations\Communicator.exe
==================== Loaded Modules (whitelisted) =============
2003-07-11 10:09 - 2003-07-11 10:09 - 00048192 _____ () C:\Program Files\Common Files\Microsoft Shared\Web Folders\1031\nsextint.dll
2013-12-08 14:39 - 2013-12-04 03:47 - 00702416 _____ () C:\Users\username\AppData\Local\Google\Chrome\Application\31.0.1650.63\libglesv2.dll
2013-12-08 14:39 - 2013-12-04 03:47 - 00099792 _____ () C:\Users\username\AppData\Local\Google\Chrome\Application\31.0.1650.63\libegl.dll
2012-11-28 14:13 - 2012-11-28 14:13 - 00087952 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2012-11-28 14:13 - 2012-11-28 14:13 - 01242512 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2009-07-07 10:56 - 2009-07-07 10:56 - 00016384 ____R () C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-06-23 20:18 - 2011-06-23 20:18 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2013-12-08 14:39 - 2013-12-04 03:48 - 04055504 _____ () C:\Users\username\AppData\Local\Google\Chrome\Application\31.0.1650.63\pdf.dll
2013-12-08 14:39 - 2013-12-04 03:48 - 00399312 _____ () C:\Users\username\AppData\Local\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll
2013-12-08 14:39 - 2013-12-04 03:47 - 01619408 _____ () C:\Users\username\AppData\Local\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll
2013-12-08 14:39 - 2013-12-04 03:48 - 13586896 _____ () C:\Users\username\AppData\Local\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
Name: adfs
Description: adfs
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: adfs
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (01/04/2014 04:10:17 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1991836
Error: (01/04/2014 04:10:17 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1991836
Error: (01/04/2014 04:10:17 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (01/04/2014 03:37:14 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8471
Error: (01/04/2014 03:37:14 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8471
Error: (01/04/2014 03:37:14 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (01/04/2014 03:37:12 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7082
Error: (01/04/2014 03:37:12 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7082
Error: (01/04/2014 03:37:12 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (01/04/2014 03:37:11 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6068
System errors:
=============
Error: (01/04/2014 00:22:27 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "vToolbarUpdater17.2.0" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (01/04/2014 00:22:23 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "adfs" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (01/03/2014 00:14:55 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Microsoft Office Sessions:
=========================
Error: (01/04/2014 04:10:17 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1991836
Error: (01/04/2014 04:10:17 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1991836
Error: (01/04/2014 04:10:17 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (01/04/2014 03:37:14 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8471
Error: (01/04/2014 03:37:14 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8471
Error: (01/04/2014 03:37:14 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (01/04/2014 03:37:12 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7082
Error: (01/04/2014 03:37:12 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7082
Error: (01/04/2014 03:37:12 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (01/04/2014 03:37:11 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6068
==================== Memory info ===========================
Percentage of memory in use: 48%
Total physical RAM: 3069.2 MB
Available physical RAM: 1572.82 MB
Total Pagefile: 6136.68 MB
Available Pagefile: 4357 MB
Total Virtual: 2047.88 MB
Available Virtual: 1915.97 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:221.32 GB) (Free:167.09 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (Daten) (Fixed) (Total:232.88 GB) (Free:216.28 GB) NTFS
Drive g: (desinfDATA) (Removable) (Total:5.33 GB) (Free:5.31 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 233 GB) (Disk ID: 3751AB45)
Partition 1: (Not Active) - (Size=233 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 233 GB) (Disk ID: 6D694358)
Partition 1: (Active) - (Size=221 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 15 GB) (Disk ID: 00000000)
Partition: GPT Partition Type
==================== End Of Log ============================
Geändert von history (04.01.2014 um 18:43 Uhr) Grund: Nachtrag- Update |
|
05.01.2014, 16:16
| #11 |
| /// the machine /// TB-Ausbilder | Win-7: Adware / Virus entfernen - Virenscanner inaktiv - Weiterleitung auf Adware Webseite Funde von ESET hast du gelöscht`? Fertig Falls Du Lob oder Kritik loswerden möchtest kannst Du das hier tun Die Reihenfolge ist hier entscheidend.
Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
06.01.2014, 08:05
| #12 |
| | Win-7: Adware / Virus entfernen - Virenscanner inaktiv - Weiterleitung auf Adware Webseite Hallo schrauber Die funde von ESET wurden gelöscht. Besten dank für die schnell lösung des Problems. Der Thread kann von mir aus geschlossen werden. MfG history |
|
07.01.2014, 09:38
| #13 |
| /// the machine /// TB-Ausbilder | Win-7: Adware / Virus entfernen - Virenscanner inaktiv - Weiterleitung auf Adware Webseite Gern Geschehen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Win-7: Adware / Virus entfernen - Virenscanner inaktiv - Weiterleitung auf Adware Webseite |
| 32 bit, adware, aktiv, antivirus, auftrag, avg antivirus, computer, datei, entfernen, fehler, folge, google, icon, infizierte, installation, malware, mobogenie, mobogenie entfernen, programme, prozessor, security, seite, virus, weiterleitung, win32/bundled.toolbar.ask, win32/speedchecker.a, windows |
Linear-Darstellung
