Malware auf Internet Explorer und Firefox

ernstwernerk · 01.02.2014, 15:23

In den aufgerufenen Seiten werden 5 - 8 Begriffe grün hervorgehoben und doppelt unterstrichen. Sogar die Trojaner-board.de ist in meiner Darstellung infiziert; siehe Anhang.
Bei Berührung des markierten Wortes erscheint für einige Sekunden ein Fenster "iPad gewonnen", "Compae prices","losing weight, saving up..."

schrauber · 01.02.2014, 15:25

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

ernstwernerk · 01.02.2014, 15:42

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-02-2014 03
Ran by Werner (administrator) on DUCATI on 01-02-2014 15:31:20
Running from C:\Users\Werner\Downloads
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
() C:\Program Files (x86)\Video-Saver\video-saver152_wd.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Threat Expert Ltd.) C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\LVPrS64H.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(Realtek) C:\Program Files (x86)\Edimax\Edimax Wireless LAN Driver and Utility\RtlService.exe
(PC Tools) C:\Program Files (x86)\PC Tools Security\pctsAuxs.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\Edimax\Edimax Wireless LAN Driver and Utility\RtWLan.exe
(PC Tools) C:\Program Files (x86)\PC Tools Security\pctsSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
() C:\Program Files (x86)\Video-Saver\video-saver152.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(PC Tools) C:\Program Files (x86)\PC Tools Security\pctsGui.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(GenesysLogic) C:\Program Files (x86)\BackupManager\BkupMgr.exe
(PC Drivers Headquarters) C:\Program Files (x86)\Driver Manager\Driver Manager\DriverManager.exe
(PC Drivers Headquarters) C:\Program Files (x86)\Driver Whiz\Driver Whiz\DriverWhiz.exe
(Logitech Inc.) C:\Program Files (x86)\Logitech\Logitech Vid\Vid.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
() C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
() C:\Program Files (x86)\Common Files\logishrd\LQCVFX\COCIManager.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\WINWORD.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [BCSSync] - C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [CanonSolutionMenu] - C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [722256 2008-12-11] (CANON INC.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-01-20] (Apple Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] - C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [89456 2011-03-07] (Elaborate Bytes AG)
HKLM-x32\...\Run: [LogitechQuickCamRibbon] - C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2793304 2009-10-14] ()
HKLM-x32\...\Run: [mobilegeni daemon] - C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
HKLM-x32\...\Run: [ISTray] - C:\Program Files (x86)\PC Tools Security\pctsGui.exe [2673624 2012-06-22] (PC Tools)
HKLM\...\RunOnce: [Backup Manager] - C:\Program Files (x86)\BackupManager\Loader.exe [36864 2008-06-30] ()
HKLM-x32\...\RunOnce: [ISPatch] - C:\Windows\system32\ISPatch.exe [32768 2010-03-29] ()
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-4068827347-3746308592-2820867489-1000\...\Run: [Driver Manager] - C:\Program Files (x86)\Driver Manager\Driver Manager\DriverManager.exe [3986296 2013-10-27] (PC Drivers Headquarters)
HKU\S-1-5-21-4068827347-3746308592-2820867489-1000\...\Run: [Driver Whiz] - C:\Program Files (x86)\Driver Whiz\Driver Whiz\DriverWhiz.exe [3976560 2013-11-04] (PC Drivers Headquarters)
HKU\S-1-5-21-4068827347-3746308592-2820867489-1000\...\Run: [Logitech Vid] - C:\Program Files (x86)\Logitech\Logitech Vid\vid.exe [5458704 2009-07-16] (Logitech Inc.)
HKU\S-1-5-21-4068827347-3746308592-2820867489-1000\...\MountPoints2: {2430199f-8595-11e3-ac3b-6c626d763ce8} - E:\AutoRun\AutoRun.exe
AppInit_DLLs: c:\progra~2\movies~1\datamngr\x64\mgrldr.dll => File Not Found
AppInit_DLLs-x32: c:\progra~2\movies~1\datamngr\mgrldr.dll => File Not Found
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browsemngr.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browsermngr.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\bundlesweetimsetup.exe: [Debugger] tasklist.exe
IFEO\cltmngsvc.exe: [Debugger] tasklist.exe
IFEO\delta babylon.exe: [Debugger] tasklist.exe
IFEO\delta tb.exe: [Debugger] tasklist.exe
IFEO\delta2.exe: [Debugger] tasklist.exe
IFEO\deltainstaller.exe: [Debugger] tasklist.exe
IFEO\deltasetup.exe: [Debugger] tasklist.exe
IFEO\deltatb.exe: [Debugger] tasklist.exe
IFEO\deltatb_2501-c733154b.exe: [Debugger] tasklist.exe
IFEO\iminentsetup.exe: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\rjatydimofu.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\sweetimsetup.exe: [Debugger] tasklist.exe
IFEO\tbdelta.exetoolbar783881609.exe: [Debugger] tasklist.exe

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:13828
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.ch/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://ch.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-CH
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1390399222&from=smt&uid=WDCXWD20EZRX-00DC0B0_WD-WMC30021515615156&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nationzoom.com/web/?type=ds&ts=1390399222&from=smt&uid=WDCXWD20EZRX-00DC0B0_WD-WMC30021515615156&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKCU - PC Tools Browser Guard - {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1390399222&from=smt&uid=WDCXWD20EZRX-00DC0B0_WD-WMC30021515615156&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1390399222&from=smt&uid=WDCXWD20EZRX-00DC0B0_WD-WMC30021515615156&q={searchTerms}
SearchScopes: HKLM - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = 
SearchScopes: HKCU - DefaultScope {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = https://www.google.ch/search?q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = https://www.google.ch/search?q={searchTerms}
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: PC Tools Browser Guard BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM-x32 - PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
DPF: HKLM-x32 {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} hxxp://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect1262.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog9 01 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll [329688] (PC Tools Research Pty Ltd.)
Winsock: Catalog9 02 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll [329688] (PC Tools Research Pty Ltd.)
Winsock: Catalog9 03 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll [329688] (PC Tools Research Pty Ltd.)
Winsock: Catalog9 04 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll [329688] (PC Tools Research Pty Ltd.)
Winsock: Catalog9 05 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll [329688] (PC Tools Research Pty Ltd.)
Winsock: Catalog9 06 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll [329688] (PC Tools Research Pty Ltd.)
Winsock: Catalog9 17 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp.dll [329688] (PC Tools Research Pty Ltd.)
Winsock: Catalog9-x64 01 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll [448472] (PC Tools Research Pty Ltd.)
Winsock: Catalog9-x64 02 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll [448472] (PC Tools Research Pty Ltd.)
Winsock: Catalog9-x64 03 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll [448472] (PC Tools Research Pty Ltd.)
Winsock: Catalog9-x64 04 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll [448472] (PC Tools Research Pty Ltd.)
Winsock: Catalog9-x64 05 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll [448472] (PC Tools Research Pty Ltd.)
Winsock: Catalog9-x64 06 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll [448472] (PC Tools Research Pty Ltd.)
Winsock: Catalog9-x64 17 C:\Program Files (x86)\Common Files\PC Tools\Lsp\PCTLsp64.dll [448472] (PC Tools Research Pty Ltd.)
Hosts: 127.0.0.1 validation.sls.microsoft.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1E3B5899-E895-4B92-89C5-BC5EC9B8686B}: [NameServer]192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Werner\AppData\Roaming\Mozilla\Firefox\Profiles\qjfa9f46.default-1390940418510
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF - C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll (Nitro PDF)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\Ask.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\Werner\AppData\Roaming\Mozilla\Firefox\Profiles\qjfa9f46.default-1390940418510\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-29]
FF HKLM-x32\...\Firefox\Extensions: [{cb84136f-9c44-433a-9048-c5cd9df1dc16}] - C:\Program Files (x86)\PC Tools Security\BDT\Firefox\
FF Extension: Browser Guard Toolbar - C:\Program Files (x86)\PC Tools Security\BDT\Firefox\ []

Chrome: 
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-27] (Avira Operations GmbH & Co. KG)
R2 Browser Defender Update Service; C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe [575448 2012-06-22] (Threat Expert Ltd.)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [107912 2008-10-09] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2013-03-25] (Nitro PDF Software)
R2 Realtek11nSU; C:\Program Files (x86)\Edimax\Edimax Wireless LAN Driver and Utility\RtlService.exe [36864 2010-04-16] (Realtek)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [239176 2013-02-19] (Realtek Semiconductor)
R2 sdAuxService; C:\Program Files (x86)\PC Tools Security\pctsAuxs.exe [402368 2012-06-22] (PC Tools)
R2 sdCoreService; C:\Program Files (x86)\PC Tools Security\pctsSvc.exe [1118680 2012-06-22] (PC Tools)
S2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
S2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2103096 2013-12-10] (TuneUp Software)
R2 video-saver; C:\Program Files (x86)\Video-Saver\video-saver152.exe [165888 2014-01-28] ()

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-20] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-20] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-27] (Avira Operations GmbH & Co. KG)
R3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 PCTBD; C:\Windows\System32\Drivers\PCTBD64.sys [85224 2012-06-22] (PC Tools)
R0 PCTCore; C:\Windows\System32\drivers\PCTCore64.sys [426616 2012-04-23] (PC Tools)
R0 pctDS; C:\Windows\System32\drivers\pctDS64.sys [453896 2012-02-28] (PC Tools)
R0 pctEFA; C:\Windows\System32\drivers\pctEFA64.sys [1096176 2012-02-28] (PC Tools)
R1 PCTSD; C:\Windows\System32\Drivers\PCTSD64.sys [251560 2012-06-22] (PC Tools)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19032 2013-03-07] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [9584 2013-03-07] ()
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2013-11-12] (TuneUp Software)
S3 EverestDriver; \??\C:\Users\Werner\AppData\Local\Temp\EverestDriver.sys [x]
S3 USB28xxBGA; system32\DRIVERS\emBDA64.sys [x]
S3 USB28xxOEM; system32\DRIVERS\emOEM64.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-01 15:31 - 2014-02-01 15:31 - 00020616 _____ () C:\Users\Werner\Downloads\FRST.txt
2014-02-01 15:31 - 2014-02-01 15:31 - 00000000 ____D () C:\FRST
2014-02-01 15:29 - 2014-02-01 15:30 - 02080256 _____ (Farbar) C:\Users\Werner\Downloads\FRST64.exe
2014-02-01 14:52 - 2014-02-01 14:52 - 00000246 _____ () C:\Users\Werner\Downloads\defogger_enable.log
2014-02-01 14:11 - 2014-02-01 14:11 - 00000474 _____ () C:\Users\Werner\Downloads\defogger_disable.log
2014-02-01 14:05 - 2014-02-01 14:05 - 00050477 _____ () C:\Users\Werner\Downloads\Defogger.exe
2014-01-30 23:27 - 2014-01-30 23:27 - 00000000 ____D () C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
2014-01-30 20:09 - 2014-01-30 20:09 - 00002071 _____ () C:\Users\Public\Desktop\PC Tools AntiVirus kostenlos.lnk
2014-01-30 20:09 - 2014-01-30 20:09 - 00000000 ____D () C:\Users\Werner\AppData\Roaming\TestApp
2014-01-30 20:09 - 2012-06-22 15:33 - 00014808 _____ (PC Tools) C:\Windows\system32\Drivers\pctBTFix64.sys
2014-01-30 20:09 - 2012-06-22 11:39 - 00085224 _____ (PC Tools) C:\Windows\system32\Drivers\PCTBD64.sys
2014-01-30 19:31 - 2012-06-22 11:39 - 02267096 _____ (Threat Expert Ltd.) C:\Windows\PCTBDCore.dll
2014-01-30 19:31 - 2012-06-22 11:39 - 01689560 _____ (Threat Expert Ltd.) C:\Windows\PCTBDRes.dll
2014-01-30 19:31 - 2012-06-22 11:39 - 00149464 _____ (PC Tools) C:\Windows\SGDetectionTool.dll
2014-01-30 19:31 - 2012-06-22 11:38 - 00767960 _____ () C:\Windows\BDTSupport.dll
2014-01-30 19:31 - 2012-06-22 10:43 - 00003488 _____ () C:\Windows\UDB.zip
2014-01-30 19:31 - 2012-06-22 10:43 - 00000882 _____ () C:\Windows\RegSDImport.xml
2014-01-30 19:31 - 2012-06-22 10:43 - 00000879 _____ () C:\Windows\RegISSImport.xml
2014-01-30 19:31 - 2012-06-22 10:43 - 00000131 _____ () C:\Windows\IDB.zip
2014-01-30 19:31 - 2011-09-01 11:39 - 02189264 _____ (Threat Expert Ltd.) C:\Windows\PCTBDCore.dll0141.old
2014-01-30 19:31 - 2011-09-01 11:39 - 00149456 _____ (PC Tools) C:\Windows\SGDetectionTool.dll0141.old
2014-01-30 19:31 - 2011-09-01 11:38 - 00767952 _____ () C:\Windows\BDTSupport.dll0141.old
2014-01-30 19:23 - 2014-01-30 20:10 - 02096303 _____ () C:\Windows\system32\Drivers\Cat.DB
2014-01-30 19:23 - 2012-06-22 15:29 - 00341200 _____ (PC Tools) C:\Windows\system32\Drivers\pctgntdi64.sys
2014-01-30 19:23 - 2012-06-22 15:29 - 00145464 _____ (PC Tools) C:\Windows\system32\Drivers\pctwfpfilter64.sys
2014-01-30 19:23 - 2012-04-23 12:36 - 00426616 _____ (PC Tools) C:\Windows\system32\Drivers\PCTCore64.sys
2014-01-30 19:23 - 2012-02-28 11:43 - 01096176 _____ (PC Tools) C:\Windows\system32\Drivers\pctEFA64.sys
2014-01-30 19:23 - 2012-02-28 11:43 - 00453896 _____ (PC Tools) C:\Windows\system32\Drivers\pctDS64.sys
2014-01-30 19:22 - 2014-02-01 09:09 - 00000000 ____D () C:\Program Files (x86)\PC Tools Security
2014-01-30 19:22 - 2012-06-22 15:35 - 00251560 _____ (PC Tools) C:\Windows\system32\Drivers\PCTSD64.sys
2014-01-30 19:22 - 2012-06-22 15:35 - 00092928 _____ (PC Tools) C:\Windows\system32\Drivers\pctplsg64.sys
2014-01-30 19:13 - 2014-01-30 19:22 - 00000000 ____D () C:\ProgramData\PC Tools
2014-01-30 19:13 - 2014-01-30 19:13 - 00511984 _____ () C:\Users\Werner\Desktop\avinstall_8.0.exe
2014-01-29 11:29 - 2014-02-01 09:07 - 00000000 _____ () C:\Windows\system32\Drivers\lvuvc.hs
2014-01-29 11:29 - 2014-01-29 11:29 - 00000000 ____D () C:\Users\Werner\AppData\Local\LogiShrd
2014-01-29 11:28 - 2014-01-29 11:29 - 00890784 _____ () C:\Windows\Minidump\012914-24538-01.dmp
2014-01-29 11:28 - 2014-01-29 11:28 - 2140995929 _____ () C:\Windows\MEMORY.DMP
2014-01-29 11:28 - 2014-01-29 11:28 - 00000000 ____D () C:\Windows\Minidump
2014-01-29 11:14 - 2014-01-29 11:14 - 00001030 _____ () C:\Users\Public\Desktop\Logitech Vid.lnk
2014-01-29 11:14 - 2014-01-29 11:14 - 00000000 ____D () C:\Users\Werner\AppData\Roaming\Leadertech
2014-01-29 11:14 - 2014-01-29 11:14 - 00000000 ____D () C:\Program Files (x86)\Logitech
2014-01-29 11:13 - 2014-01-30 19:47 - 00000000 ____D () C:\ProgramData\LogiShrd
2014-01-29 11:13 - 2014-01-29 11:13 - 00002098 _____ () C:\Users\Public\Desktop\Logitech-Webkamera-Software.lnk
2014-01-29 11:13 - 2014-01-29 11:13 - 00000000 ____D () C:\Program Files\Logitech
2014-01-29 11:13 - 2009-10-07 09:49 - 06379288 _____ (Logitech Inc.) C:\Windows\system32\Drivers\lvuvc64.sys
2014-01-29 11:13 - 2009-10-07 09:48 - 00767000 _____ (Logitech Inc.) C:\Windows\system32\LVUI64.dll
2014-01-29 11:13 - 2009-10-07 09:48 - 00559640 _____ (Logitech Inc.) C:\Windows\system32\LVUIRC64.dll
2014-01-29 11:13 - 2009-10-07 09:48 - 00539160 _____ (Logitech Inc.) C:\Windows\SysWOW64\LVUI2RC.dll
2014-01-29 11:13 - 2009-10-07 09:48 - 00539160 _____ (Logitech Inc.) C:\Windows\SysWOW64\LVUI2.dll
2014-01-29 11:13 - 2009-10-07 09:47 - 00327704 _____ (Logitech Inc.) C:\Windows\system32\Drivers\lvrs64.sys
2014-01-29 11:13 - 2009-10-07 09:43 - 00416280 _____ (Logitech Inc.) C:\Windows\SysWOW64\lvcodec2.dll
2014-01-29 11:13 - 2009-10-07 09:43 - 00398360 _____ (Logitech Inc.) C:\Windows\system32\lvcod64.dll
2014-01-29 11:13 - 2009-10-07 09:43 - 00266776 _____ (Logitech Inc.) C:\Windows\system32\lvco12101110.dll
2014-01-29 11:13 - 2009-10-07 09:24 - 00082289 _____ () C:\Windows\system32\lvcoin64.ini
2014-01-29 11:13 - 2009-10-07 09:24 - 00034068 _____ () C:\Windows\system32\Repository.reg
2014-01-29 10:18 - 2014-01-29 11:14 - 00011227 _____ () C:\Windows\system32\lvcoinst.log
2014-01-29 10:18 - 2014-01-29 11:14 - 00000000 ____D () C:\Program Files\Common Files\logishrd
2014-01-28 21:10 - 2014-01-28 21:10 - 00283096 _____ (Mozilla) C:\Users\Werner\Downloads\Firefox Setup Stub 26.0(1).exe
2014-01-28 16:55 - 2014-01-28 16:55 - 00000000 ____D () C:\Users\Werner\AppData\Local\FreeOCR
2014-01-28 16:51 - 2014-02-01 09:07 - 00000390 _____ () C:\Windows\Tasks\Video-Saver_wd.job
2014-01-28 16:51 - 2014-01-28 16:51 - 00002980 _____ () C:\Windows\System32\Tasks\Video-Saver_wd
2014-01-28 16:51 - 2014-01-28 16:51 - 00000000 ____D () C:\Program Files (x86)\Video-Saver
2014-01-28 16:47 - 2014-01-28 16:47 - 00421136 _____ ( ) C:\Users\Werner\Downloads\freeocr.exe
2014-01-28 16:45 - 2014-01-28 17:10 - 00000000 ____D () C:\FreeOCR
2014-01-28 16:45 - 2014-01-28 16:52 - 00000595 _____ () C:\Users\Werner\Desktop\FreeOCR.lnk
2014-01-28 16:45 - 2007-03-10 09:11 - 02680320 _____ (HiComponents) C:\Windows\SysWOW64\ImageEnXLibrary.ocx
2014-01-28 16:43 - 2014-01-28 16:43 - 00414625 _____ ( ) C:\Users\Werner\Downloads\freeocr422.exe
2014-01-27 20:58 - 2014-01-27 20:58 - 00002186 _____ () C:\Users\Werner\Desktop\HP Support Assistant.lnk
2014-01-27 20:57 - 2014-01-28 22:54 - 00000000 ____D () C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
2014-01-26 22:48 - 2014-01-27 08:44 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-01-26 22:48 - 2014-01-26 22:48 - 00002517 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-01-26 13:16 - 2014-01-26 13:16 - 00001748 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-01-26 13:16 - 2014-01-26 13:16 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-26 13:16 - 2014-01-26 13:16 - 00000000 ____D () C:\Program Files\iTunes
2014-01-26 13:16 - 2014-01-26 13:16 - 00000000 ____D () C:\Program Files\iPod
2014-01-26 13:16 - 2014-01-26 13:16 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-01-26 13:10 - 2014-01-26 13:10 - 00001810 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-01-26 13:10 - 2014-01-26 13:10 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-01-25 12:08 - 2014-01-25 12:08 - 00001062 _____ () C:\Users\Public\Desktop\MAGIX Video easy HD.lnk
2014-01-25 12:08 - 2014-01-25 12:08 - 00000000 ____D () C:\Users\Public\Documents\MAGIX
2014-01-25 11:05 - 2014-01-25 11:05 - 00002770 _____ () C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2014-01-24 15:46 - 2014-01-24 15:46 - 00000000 ____D () C:\Program Files (x86)\LooksBuilderSE
2014-01-24 15:43 - 2014-01-24 16:00 - 00000000 ____D () C:\Users\Public\Documents\My Projects
2014-01-24 15:43 - 2014-01-24 15:43 - 00001159 _____ () C:\Users\Public\Desktop\Pinnacle Studio 15.lnk
2014-01-24 15:42 - 2014-01-24 15:42 - 00000000 ____D () C:\ProgramData\Studio 15
2014-01-24 15:42 - 2014-01-24 15:42 - 00000000 ____D () C:\ProgramData\Pinnacle Studio Plus
2014-01-24 15:27 - 2014-01-24 15:43 - 00000000 ____D () C:\Users\Public\Documents\Pinnacle
2014-01-24 15:20 - 2014-01-29 15:12 - 00000349 _____ () C:\Users\Public\Documents\PCLECHAL.INI
2014-01-24 14:29 - 2013-12-10 08:51 - 00043320 _____ (TuneUp Software) C:\Windows\system32\uxtuneup.dll
2014-01-24 14:29 - 2013-12-10 08:51 - 00036152 ____N (TuneUp Software) C:\Windows\SysWOW64\uxtuneup.dll
2014-01-24 14:26 - 2014-01-24 14:26 - 00002178 _____ () C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
2014-01-24 14:26 - 2014-01-24 14:26 - 00002158 _____ () C:\Users\Public\Desktop\TuneUp Utilities 2014.lnk
2014-01-24 14:26 - 2013-12-10 08:51 - 00040760 _____ (TuneUp Software) C:\Windows\system32\TURegOpt.exe
2014-01-24 14:26 - 2013-12-10 08:51 - 00029496 _____ (TuneUp Software) C:\Windows\system32\authuitu.dll
2014-01-24 14:26 - 2013-12-10 08:51 - 00025400 ____N (TuneUp Software) C:\Windows\SysWOW64\authuitu.dll
2014-01-24 14:23 - 2014-01-24 14:29 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2014
2014-01-23 15:54 - 2014-01-23 15:54 - 00001482 _____ () C:\Users\Werner\Desktop\iTools.exe - Verknüpfung.lnk
2014-01-23 15:37 - 2014-01-23 15:37 - 00000000 ____D () C:\Users\Werner\Downloads\iTools1115E
2014-01-23 15:13 - 2014-01-23 15:13 - 00003052 _____ () C:\Windows\System32\Tasks\{FCE3C9E5-590F-4D0A-BA52-A4218D24DB2B}
2014-01-23 15:13 - 2014-01-23 15:13 - 00003052 _____ () C:\Windows\System32\Tasks\{DB416C37-937C-4A2E-88E4-74BD1F27DAB9}
2014-01-23 15:13 - 2014-01-23 15:13 - 00003052 _____ () C:\Windows\System32\Tasks\{01BFEFF0-0C6A-4057-BD38-D361CC87DA5B}
2014-01-23 15:12 - 2014-01-23 15:12 - 00003052 _____ () C:\Windows\System32\Tasks\{7576762C-8606-49C0-9680-A4D879052A1D}
2014-01-23 15:12 - 2014-01-23 15:12 - 00003052 _____ () C:\Windows\System32\Tasks\{47D29043-E219-4A55-9E9D-5DCF4125F0D4}
2014-01-23 15:12 - 2014-01-23 15:12 - 00003052 _____ () C:\Windows\System32\Tasks\{35252ABB-2E3E-4223-8AB9-A3424377A348}
2014-01-23 15:09 - 2014-01-23 15:09 - 00000000 ____D () C:\Users\Werner\Downloads\C110PanelUtility_tcm3-103565
2014-01-23 15:08 - 2014-01-23 15:08 - 00003052 _____ () C:\Windows\System32\Tasks\{CEDB2D91-4AC3-4340-B5FB-E0EADA570C99}
2014-01-23 15:08 - 2014-01-23 15:08 - 00003052 _____ () C:\Windows\System32\Tasks\{B7D9733F-8530-4870-AA7D-92BA9986D888}
2014-01-23 15:07 - 2014-01-23 15:07 - 00003052 _____ () C:\Windows\System32\Tasks\{85FB6C10-0739-4120-AFD7-C62D5BDAC041}
2014-01-23 15:07 - 2014-01-23 15:07 - 00003052 _____ () C:\Windows\System32\Tasks\{6CED09A1-FD1E-4593-B870-DE47FE3F7055}
2014-01-23 15:07 - 2014-01-23 15:07 - 00003052 _____ () C:\Windows\System32\Tasks\{0942F327-27C5-4200-AF96-B08410DCCEED}
2014-01-23 14:53 - 2014-01-23 14:53 - 00003052 _____ () C:\Windows\System32\Tasks\{6BB228AD-BD87-4FD0-9960-F70BC4F4FB2F}
2014-01-23 14:51 - 2014-01-23 14:51 - 00003052 _____ () C:\Windows\System32\Tasks\{B0C94445-DB37-4149-B138-65325AABF26C}
2014-01-23 14:44 - 2014-01-23 14:44 - 00003052 _____ () C:\Windows\System32\Tasks\{8D90C5CE-CCFE-4A5A-80CB-4ABFB8CACCBF}
2014-01-23 14:43 - 2014-01-23 14:43 - 00000000 ____D () C:\Program Files (x86)\OKIDATA
2014-01-23 14:36 - 2014-01-23 14:36 - 02155520 _____ () C:\Users\Werner\Downloads\C110PanelUtility_tcm3-103565.exe
2014-01-22 16:30 - 2014-01-22 16:30 - 00000000 ____D () C:\ProgramData\RegClean
2014-01-22 16:19 - 2014-01-22 16:19 - 00001078 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-22 16:19 - 2014-01-22 16:19 - 00000000 ____D () C:\Users\Werner\AppData\Roaming\Malwarebytes
2014-01-22 16:19 - 2014-01-22 16:19 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-01-22 16:19 - 2014-01-22 16:19 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-22 16:19 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-01-22 16:18 - 2014-01-22 16:18 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Werner\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-22 15:00 - 2014-01-24 14:33 - 00000000 ____D () C:\Users\Werner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTweak Software
2014-01-22 15:00 - 2014-01-22 16:43 - 00000000 ____D () C:\Program Files (x86)\SmartTweak
2014-01-22 15:00 - 2014-01-22 15:06 - 00000000 ____D () C:\ProgramData\WPM
2014-01-21 22:24 - 2014-01-21 22:29 - 100400976 _____ (Apple Inc.) C:\Users\Werner\Downloads\iTunes64Setup.exe
2014-01-21 22:10 - 2014-01-21 22:10 - 00887796 _____ () C:\Users\Werner\Downloads\itool.pkg
2014-01-20 14:48 - 2014-01-20 14:48 - 00000000 ____D () C:\ProgramData\BrowserProtect
2014-01-20 14:48 - 2014-01-20 14:48 - 00000000 ____D () C:\ProgramData\Browser Manager
2014-01-20 14:48 - 2014-01-20 14:48 - 00000000 ____D () C:\ProgramData\BitGuard
2014-01-20 14:39 - 2014-01-20 14:39 - 00000000 ____D () C:\Program Files (x86)\Digiarty
2014-01-20 14:38 - 2014-01-20 14:39 - 08247176 _____ (Digiarty Software,Inc. ) C:\Users\Werner\Downloads\winx-vob-to-mp4_2.0.8.exe
2014-01-20 14:06 - 2014-01-20 14:08 - 37735560 _____ (Wondershare Software ) C:\Users\Werner\Downloads\video-converter-ultimate_full975.exe
2014-01-20 13:28 - 2014-01-27 14:17 - 00014336 _____ () C:\Users\Werner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-19 21:29 - 2014-01-19 21:29 - 00283096 _____ (Mozilla) C:\Users\Werner\Downloads\Firefox Setup Stub 26.0.exe
2014-01-19 20:13 - 2014-01-19 20:13 - 00659968 _____ () C:\Users\Werner\Downloads\MicrosoftFixit50195.msi
2014-01-19 19:56 - 2014-01-28 16:45 - 00000000 ____D () C:\Users\Werner\AppData\Roaming\Systweak
2014-01-19 19:56 - 2012-01-20 14:14 - 00018816 _____ (Systweak Inc., (www.systweak.com)) C:\Windows\system32\roboot64.exe
2014-01-19 15:23 - 2014-01-29 09:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-19 15:23 - 2014-01-29 09:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-01-19 15:23 - 2014-01-28 21:12 - 00001116 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-01-19 15:22 - 2014-01-19 15:21 - 18237552 _____ (Mozilla) C:\Users\Werner\Downloads\Firefox Setup 16.0.1.exe
2014-01-19 15:16 - 2014-01-19 15:08 - 02077392 _____ (Microsoft Corporation) C:\Users\Werner\Downloads\IE11-Windows6.1.exe
2014-01-19 15:16 - 2014-01-19 14:51 - 00476776 _____ (iDownloadsoft.com) C:\Users\Werner\Downloads\FirefoxDownloader.exe
2014-01-19 15:12 - 2010-06-08 02:21 - 02394216 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-01-19 15:12 - 2010-06-08 02:21 - 01987176 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2014-01-19 15:12 - 2010-06-08 02:21 - 01146984 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2014-01-19 15:12 - 2010-06-08 02:21 - 00332392 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2014-01-19 15:12 - 2010-06-08 02:21 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2014-01-19 15:12 - 2010-06-08 02:20 - 02615400 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2014-01-19 15:12 - 2010-06-08 02:20 - 01216104 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2014-01-19 15:12 - 2010-06-08 02:20 - 00476264 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2014-01-19 15:12 - 2010-06-08 02:20 - 00071272 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInst64.dll
2014-01-19 15:12 - 2010-04-26 22:50 - 00330656 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2014-01-19 15:12 - 2010-01-25 20:38 - 00168288 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2014-01-19 15:12 - 2009-12-15 03:26 - 00372936 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2014-01-19 15:12 - 2009-12-15 03:26 - 00201928 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2014-01-19 15:12 - 2009-12-15 03:26 - 00099016 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2014-01-19 15:12 - 2009-12-15 03:26 - 00076488 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2014-01-19 15:12 - 2009-12-10 18:55 - 00307920 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2014-01-19 15:12 - 2009-12-10 18:55 - 00307920 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2014-01-19 15:12 - 2009-11-17 03:12 - 00108960 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2014-01-17 09:33 - 2014-01-17 09:33 - 00007597 _____ () C:\Users\Werner\AppData\Local\Resmon.ResmonCfg
2014-01-15 19:08 - 2014-01-15 19:08 - 00000060 _____ () C:\Users\Werner\AppData\Roaming\WB.CFG
2014-01-15 18:20 - 2007-03-05 16:36 - 00070656 _____ (Pinnacle Systems) C:\Windows\system32\PCLECoInst64.dll
2014-01-15 18:10 - 2014-01-15 18:10 - 00003130 _____ () C:\Windows\System32\Tasks\{A3E61C1F-25AA-49A5-908A-BE67C3FC1572}
2014-01-15 18:07 - 2014-01-15 18:07 - 00184547 _____ () C:\Users\Werner\Downloads\amdirq_111.exe
2014-01-15 18:07 - 2014-01-15 18:07 - 00000000 ____D () C:\Users\Werner\AppData\Local\Google
2014-01-15 18:05 - 2014-01-15 18:05 - 00632152 _____ () C:\Users\Werner\Downloads\DriverGuide_Driver_Download_230843.exe
2014-01-15 16:50 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 16:50 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 16:50 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 16:50 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 16:50 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 16:50 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 16:50 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 16:48 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-15 16:47 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-08 22:23 - 2014-01-08 22:23 - 00000000 ____D () C:\Users\Werner\Documents\My Data Files
2014-01-08 22:22 - 2014-01-08 22:22 - 17634304 _____ (Wondershare Software Co.,Ltd. ) C:\Users\Werner\Downloads\data-recovery_full1018.exe
2014-01-08 22:12 - 2014-01-30 19:16 - 00000000 ____D () C:\Users\Werner\AppData\Local\genienext
2014-01-08 22:12 - 2014-01-08 22:12 - 00000000 ____D () C:\Users\Werner\.android
2014-01-05 22:20 - 2014-01-05 22:20 - 00000000 ____D () C:\ProgramData\FREEDB
2014-01-05 22:15 - 2014-01-05 22:15 - 00001150 _____ () C:\Users\Public\Desktop\MAGIX MP3 Maker 15.lnk
2014-01-05 22:15 - 2014-01-05 22:15 - 00000000 ____D () C:\Users\Werner\Documents\MAGIX_Speed2_burnR_mxcdr
2014-01-05 22:14 - 2014-01-05 22:14 - 00000000 ____D () C:\Users\Werner\Documents\MAGIX_MP3_Maker_15
2014-01-04 21:02 - 2014-01-28 09:46 - 00003816 _____ () C:\Windows\System32\Tasks\InstallShield Software-Online-Aktualisierungsprogramm
2014-01-04 21:02 - 2014-01-11 16:12 - 00003718 _____ () C:\Windows\System32\Tasks\InstallShield Software-Aktualisierungsdienst
2014-01-04 20:51 - 2013-10-30 10:45 - 00043320 _____ (TuneUp Software) C:\Windows\system32\uxt2710.tmp
2014-01-04 20:50 - 2014-01-25 11:05 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-01-04 20:50 - 2014-01-04 20:50 - 00000000 ____D () C:\Users\Werner\AppData\Roaming\TuneUp Software
2014-01-04 20:49 - 2014-01-04 21:01 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-01-04 20:42 - 2014-01-04 20:46 - 32522152 _____ (TuneUp Software) C:\Users\Werner\Downloads\TuneUpUtilities2014_de-DE.exe

==================== One Month Modified Files and Folders =======

2014-02-01 15:31 - 2014-02-01 15:31 - 00020616 _____ () C:\Users\Werner\Downloads\FRST.txt
2014-02-01 15:31 - 2014-02-01 15:31 - 00000000 ____D () C:\FRST
2014-02-01 15:30 - 2014-02-01 15:29 - 02080256 _____ (Farbar) C:\Users\Werner\Downloads\FRST64.exe
2014-02-01 15:25 - 2013-06-24 21:17 - 00003926 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{41A002A1-6D92-44EA-BEF8-2D704AA21A74}
2014-02-01 15:05 - 2013-06-20 22:28 - 00000000 ____D () C:\Users\Werner\Documents\Outlook-Dateien
2014-02-01 14:57 - 2013-06-20 19:15 - 01076547 _____ () C:\Windows\WindowsUpdate.log
2014-02-01 14:52 - 2014-02-01 14:52 - 00000246 _____ () C:\Users\Werner\Downloads\defogger_enable.log
2014-02-01 14:52 - 2013-06-20 19:21 - 00000000 ____D () C:\Users\Werner
2014-02-01 14:51 - 2013-06-22 08:11 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-01 14:11 - 2014-02-01 14:11 - 00000474 _____ () C:\Users\Werner\Downloads\defogger_disable.log
2014-02-01 14:05 - 2014-02-01 14:05 - 00050477 _____ () C:\Users\Werner\Downloads\Defogger.exe
2014-02-01 10:15 - 2013-06-29 11:26 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-02-01 09:43 - 2013-12-15 16:24 - 00000000 ____D () C:\Users\Werner\AppData\Local\Mobogenie
2014-02-01 09:43 - 2013-12-15 16:23 - 00000000 ____D () C:\Program Files (x86)\Mobogenie
2014-02-01 09:15 - 2009-07-14 05:45 - 00023872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-01 09:15 - 2009-07-14 05:45 - 00023872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-01 09:12 - 2011-04-12 08:43 - 00699416 _____ () C:\Windows\system32\perfh007.dat
2014-02-01 09:12 - 2011-04-12 08:43 - 00149556 _____ () C:\Windows\system32\perfc007.dat
2014-02-01 09:12 - 2009-07-14 06:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-01 09:09 - 2014-01-30 19:22 - 00000000 ____D () C:\Program Files (x86)\PC Tools Security
2014-02-01 09:07 - 2014-01-29 11:29 - 00000000 _____ () C:\Windows\system32\Drivers\lvuvc.hs
2014-02-01 09:07 - 2014-01-28 16:51 - 00000390 _____ () C:\Windows\Tasks\Video-Saver_wd.job
2014-02-01 09:07 - 2010-11-21 04:47 - 00448520 _____ () C:\Windows\PFRO.log
2014-02-01 09:07 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-01 09:07 - 2009-07-14 05:51 - 00080210 _____ () C:\Windows\setupact.log
2014-01-31 21:07 - 2013-06-20 19:21 - 00000000 ___RD () C:\Users\Werner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-30 23:27 - 2014-01-30 23:27 - 00000000 ____D () C:\Program Files (x86)\Microsoft CAPICOM 2.1.0.2
2014-01-30 20:10 - 2014-01-30 19:23 - 02096303 _____ () C:\Windows\system32\Drivers\Cat.DB
2014-01-30 20:09 - 2014-01-30 20:09 - 00002071 _____ () C:\Users\Public\Desktop\PC Tools AntiVirus kostenlos.lnk
2014-01-30 20:09 - 2014-01-30 20:09 - 00000000 ____D () C:\Users\Werner\AppData\Roaming\TestApp
2014-01-30 19:47 - 2014-01-29 11:13 - 00000000 ____D () C:\ProgramData\LogiShrd
2014-01-30 19:38 - 2013-06-20 20:56 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-01-30 19:22 - 2014-01-30 19:13 - 00000000 ____D () C:\ProgramData\PC Tools
2014-01-30 19:16 - 2014-01-08 22:12 - 00000000 ____D () C:\Users\Werner\AppData\Local\genienext
2014-01-30 19:13 - 2014-01-30 19:13 - 00511984 _____ () C:\Users\Werner\Desktop\avinstall_8.0.exe
2014-01-30 16:09 - 2013-06-20 19:40 - 00000000 ____D () C:\Users\Werner\AppData\Local\Microsoft Help
2014-01-30 10:14 - 2013-12-15 03:00 - 00016347 _____ () C:\Windows\IE11_main.log
2014-01-30 00:25 - 2013-06-22 09:04 - 00000000 ____D () C:\Users\Werner\AppData\Roaming\vlc
2014-01-29 15:12 - 2014-01-24 15:20 - 00000349 _____ () C:\Users\Public\Documents\PCLECHAL.INI
2014-01-29 11:29 - 2014-01-29 11:29 - 00000000 ____D () C:\Users\Werner\AppData\Local\LogiShrd
2014-01-29 11:29 - 2014-01-29 11:28 - 00890784 _____ () C:\Windows\Minidump\012914-24538-01.dmp
2014-01-29 11:28 - 2014-01-29 11:28 - 2140995929 _____ () C:\Windows\MEMORY.DMP
2014-01-29 11:28 - 2014-01-29 11:28 - 00000000 ____D () C:\Windows\Minidump
2014-01-29 11:14 - 2014-01-29 11:14 - 00001030 _____ () C:\Users\Public\Desktop\Logitech Vid.lnk
2014-01-29 11:14 - 2014-01-29 11:14 - 00000000 ____D () C:\Users\Werner\AppData\Roaming\Leadertech
2014-01-29 11:14 - 2014-01-29 11:14 - 00000000 ____D () C:\Program Files (x86)\Logitech
2014-01-29 11:14 - 2014-01-29 10:18 - 00011227 _____ () C:\Windows\system32\lvcoinst.log
2014-01-29 11:14 - 2014-01-29 10:18 - 00000000 ____D () C:\Program Files\Common Files\logishrd
2014-01-29 11:13 - 2014-01-29 11:13 - 00002098 _____ () C:\Users\Public\Desktop\Logitech-Webkamera-Software.lnk
2014-01-29 11:13 - 2014-01-29 11:13 - 00000000 ____D () C:\Program Files\Logitech
2014-01-29 11:08 - 2013-07-24 21:16 - 00000000 ____D () C:\Users\Werner\AppData\Roaming\Skype
2014-01-29 09:58 - 2014-01-19 15:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-01-29 09:58 - 2014-01-19 15:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-01-28 22:54 - 2014-01-27 20:57 - 00000000 ____D () C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
2014-01-28 22:54 - 2013-06-20 20:44 - 00000000 ____D () C:\Users\Werner\AppData\Roaming\hpqLog
2014-01-28 21:12 - 2014-01-19 15:23 - 00001116 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-01-28 21:10 - 2014-01-28 21:10 - 00283096 _____ (Mozilla) C:\Users\Werner\Downloads\Firefox Setup Stub 26.0(1).exe
2014-01-28 17:10 - 2014-01-28 16:45 - 00000000 ____D () C:\FreeOCR
2014-01-28 16:55 - 2014-01-28 16:55 - 00000000 ____D () C:\Users\Werner\AppData\Local\FreeOCR
2014-01-28 16:52 - 2014-01-28 16:45 - 00000595 _____ () C:\Users\Werner\Desktop\FreeOCR.lnk
2014-01-28 16:51 - 2014-01-28 16:51 - 00002980 _____ () C:\Windows\System32\Tasks\Video-Saver_wd
2014-01-28 16:51 - 2014-01-28 16:51 - 00000000 ____D () C:\Program Files (x86)\Video-Saver
2014-01-28 16:47 - 2014-01-28 16:47 - 00421136 _____ ( ) C:\Users\Werner\Downloads\freeocr.exe
2014-01-28 16:45 - 2014-01-19 19:56 - 00000000 ____D () C:\Users\Werner\AppData\Roaming\Systweak
2014-01-28 16:43 - 2014-01-28 16:43 - 00414625 _____ ( ) C:\Users\Werner\Downloads\freeocr422.exe
2014-01-28 09:46 - 2014-01-04 21:02 - 00003816 _____ () C:\Windows\System32\Tasks\InstallShield Software-Online-Aktualisierungsprogramm
2014-01-27 20:58 - 2014-01-27 20:58 - 00002186 _____ () C:\Users\Werner\Desktop\HP Support Assistant.lnk
2014-01-27 20:57 - 2013-06-20 20:34 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-01-27 20:56 - 2013-06-20 20:45 - 00000000 ____D () C:\Windows\System32\Tasks\Hewlett-Packard
2014-01-27 20:56 - 2013-06-20 20:44 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-01-27 20:56 - 2013-06-20 20:43 - 00000000 ____D () C:\swsetup
2014-01-27 14:17 - 2014-01-20 13:28 - 00014336 _____ () C:\Users\Werner\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-27 09:06 - 2013-06-20 19:54 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-01-27 08:59 - 2013-08-27 19:05 - 00000000 ____D () C:\Users\Werner\AppData\Local\Adobe
2014-01-27 08:58 - 2013-06-22 08:11 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-01-27 08:58 - 2013-06-22 08:11 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-27 08:58 - 2013-06-22 08:11 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-01-27 08:44 - 2014-01-26 22:48 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-01-27 08:44 - 2013-07-24 21:16 - 00000000 ____D () C:\ProgramData\Skype
2014-01-26 22:48 - 2014-01-26 22:48 - 00002517 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-01-26 13:16 - 2014-01-26 13:16 - 00001748 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-01-26 13:16 - 2014-01-26 13:16 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-01-26 13:16 - 2014-01-26 13:16 - 00000000 ____D () C:\Program Files\iTunes
2014-01-26 13:16 - 2014-01-26 13:16 - 00000000 ____D () C:\Program Files\iPod
2014-01-26 13:16 - 2014-01-26 13:16 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-01-26 13:15 - 2013-07-25 20:46 - 00000000 ____D () C:\ProgramData\Apple
2014-01-26 13:10 - 2014-01-26 13:10 - 00001810 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2014-01-26 13:10 - 2014-01-26 13:10 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-01-26 09:07 - 2013-06-20 20:53 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-01-26 09:07 - 2013-06-20 20:52 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-01-26 08:57 - 2013-06-20 20:43 - 00191440 _____ () C:\Users\Werner\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-26 08:55 - 2009-07-14 05:45 - 00602576 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-25 12:08 - 2014-01-25 12:08 - 00001062 _____ () C:\Users\Public\Desktop\MAGIX Video easy HD.lnk
2014-01-25 12:08 - 2014-01-25 12:08 - 00000000 ____D () C:\Users\Public\Documents\MAGIX
2014-01-25 12:08 - 2013-12-23 13:57 - 00000000 ___RD () C:\Users\Werner\Documents\MAGIX
2014-01-25 12:08 - 2013-12-15 19:11 - 00000000 ____D () C:\Users\Werner\AppData\Roaming\MAGIX
2014-01-25 12:08 - 2013-12-15 19:06 - 00000000 ____D () C:\ProgramData\MAGIX
2014-01-25 12:05 - 2013-12-15 19:05 - 00000000 ____D () C:\Program Files (x86)\MAGIX
2014-01-25 11:06 - 2013-06-22 11:40 - 00000000 ____D () C:\Users\Werner\AppData\Local\Downloaded Installations
2014-01-25 11:05 - 2014-01-25 11:05 - 00002770 _____ () C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2014-01-25 11:05 - 2014-01-04 20:50 - 00000000 ____D () C:\ProgramData\TuneUp Software
2014-01-24 16:00 - 2014-01-24 15:43 - 00000000 ____D () C:\Users\Public\Documents\My Projects
2014-01-24 15:46 - 2014-01-24 15:46 - 00000000 ____D () C:\Program Files (x86)\LooksBuilderSE
2014-01-24 15:46 - 2013-06-22 11:35 - 00000000 ____D () C:\Program Files (x86)\Pinnacle
2014-01-24 15:43 - 2014-01-24 15:43 - 00001159 _____ () C:\Users\Public\Desktop\Pinnacle Studio 15.lnk
2014-01-24 15:43 - 2014-01-24 15:27 - 00000000 ____D () C:\Users\Public\Documents\Pinnacle
2014-01-24 15:42 - 2014-01-24 15:42 - 00000000 ____D () C:\ProgramData\Studio 15
2014-01-24 15:42 - 2014-01-24 15:42 - 00000000 ____D () C:\ProgramData\Pinnacle Studio Plus
2014-01-24 15:42 - 2013-06-22 11:32 - 00000000 ____D () C:\ProgramData\Pinnacle
2014-01-24 14:33 - 2014-01-22 15:00 - 00000000 ____D () C:\Users\Werner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTweak Software
2014-01-24 14:29 - 2014-01-24 14:23 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2014
2014-01-24 14:26 - 2014-01-24 14:26 - 00002178 _____ () C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
2014-01-24 14:26 - 2014-01-24 14:26 - 00002158 _____ () C:\Users\Public\Desktop\TuneUp Utilities 2014.lnk
2014-01-23 15:54 - 2014-01-23 15:54 - 00001482 _____ () C:\Users\Werner\Desktop\iTools.exe - Verknüpfung.lnk
2014-01-23 15:37 - 2014-01-23 15:37 - 00000000 ____D () C:\Users\Werner\Downloads\iTools1115E
2014-01-23 15:13 - 2014-01-23 15:13 - 00003052 _____ () C:\Windows\System32\Tasks\{FCE3C9E5-590F-4D0A-BA52-A4218D24DB2B}
2014-01-23 15:13 - 2014-01-23 15:13 - 00003052 _____ () C:\Windows\System32\Tasks\{DB416C37-937C-4A2E-88E4-74BD1F27DAB9}
2014-01-23 15:13 - 2014-01-23 15:13 - 00003052 _____ () C:\Windows\System32\Tasks\{01BFEFF0-0C6A-4057-BD38-D361CC87DA5B}
2014-01-23 15:12 - 2014-01-23 15:12 - 00003052 _____ () C:\Windows\System32\Tasks\{7576762C-8606-49C0-9680-A4D879052A1D}
2014-01-23 15:12 - 2014-01-23 15:12 - 00003052 _____ () C:\Windows\System32\Tasks\{47D29043-E219-4A55-9E9D-5DCF4125F0D4}
2014-01-23 15:12 - 2014-01-23 15:12 - 00003052 _____ () C:\Windows\System32\Tasks\{35252ABB-2E3E-4223-8AB9-A3424377A348}
2014-01-23 15:09 - 2014-01-23 15:09 - 00000000 ____D () C:\Users\Werner\Downloads\C110PanelUtility_tcm3-103565
2014-01-23 15:08 - 2014-01-23 15:08 - 00003052 _____ () C:\Windows\System32\Tasks\{CEDB2D91-4AC3-4340-B5FB-E0EADA570C99}
2014-01-23 15:08 - 2014-01-23 15:08 - 00003052 _____ () C:\Windows\System32\Tasks\{B7D9733F-8530-4870-AA7D-92BA9986D888}
2014-01-23 15:07 - 2014-01-23 15:07 - 00003052 _____ () C:\Windows\System32\Tasks\{85FB6C10-0739-4120-AFD7-C62D5BDAC041}
2014-01-23 15:07 - 2014-01-23 15:07 - 00003052 _____ () C:\Windows\System32\Tasks\{6CED09A1-FD1E-4593-B870-DE47FE3F7055}
2014-01-23 15:07 - 2014-01-23 15:07 - 00003052 _____ () C:\Windows\System32\Tasks\{0942F327-27C5-4200-AF96-B08410DCCEED}
2014-01-23 14:53 - 2014-01-23 14:53 - 00003052 _____ () C:\Windows\System32\Tasks\{6BB228AD-BD87-4FD0-9960-F70BC4F4FB2F}
2014-01-23 14:51 - 2014-01-23 14:51 - 00003052 _____ () C:\Windows\System32\Tasks\{B0C94445-DB37-4149-B138-65325AABF26C}
2014-01-23 14:44 - 2014-01-23 14:44 - 00003052 _____ () C:\Windows\System32\Tasks\{8D90C5CE-CCFE-4A5A-80CB-4ABFB8CACCBF}
2014-01-23 14:43 - 2014-01-23 14:43 - 00000000 ____D () C:\Program Files (x86)\OKIDATA
2014-01-23 14:36 - 2014-01-23 14:36 - 02155520 _____ () C:\Users\Werner\Downloads\C110PanelUtility_tcm3-103565.exe
2014-01-23 14:26 - 2013-06-29 16:27 - 00000000 ____D () C:\Users\Werner\AppData\Roaming\Nitro PDF
2014-01-22 16:43 - 2014-01-22 15:00 - 00000000 ____D () C:\Program Files (x86)\SmartTweak
2014-01-22 16:30 - 2014-01-22 16:30 - 00000000 ____D () C:\ProgramData\RegClean
2014-01-22 16:19 - 2014-01-22 16:19 - 00001078 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-01-22 16:19 - 2014-01-22 16:19 - 00000000 ____D () C:\Users\Werner\AppData\Roaming\Malwarebytes
2014-01-22 16:19 - 2014-01-22 16:19 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-01-22 16:19 - 2014-01-22 16:19 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-01-22 16:18 - 2014-01-22 16:18 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Werner\Downloads\mbam-setup-1.75.0.1300.exe
2014-01-22 15:06 - 2014-01-22 15:00 - 00000000 ____D () C:\ProgramData\WPM
2014-01-22 15:06 - 2013-06-20 19:21 - 00001430 _____ () C:\Users\Werner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-01-22 14:30 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-01-22 14:17 - 2013-12-15 16:24 - 00012292 _____ () C:\Users\Werner\daemonprocess.txt
2014-01-22 14:07 - 2013-12-15 19:04 - 00000000 ____D () C:\Windows\SysWOW64\MAGIX
2014-01-21 22:45 - 2013-12-15 16:22 - 00001070 __RSH () C:\Users\Werner\ntuser.pol
2014-01-21 22:29 - 2014-01-21 22:24 - 100400976 _____ (Apple Inc.) C:\Users\Werner\Downloads\iTunes64Setup.exe
2014-01-21 22:13 - 2013-12-15 16:23 - 00000000 ____D () C:\Users\Werner\Documents\iTools
2014-01-21 22:10 - 2014-01-21 22:10 - 00887796 _____ () C:\Users\Werner\Downloads\itool.pkg
2014-01-21 10:35 - 2013-06-29 16:31 - 00000000 ____D () C:\ProgramData\CanonIJ
2014-01-20 14:48 - 2014-01-20 14:48 - 00000000 ____D () C:\ProgramData\BrowserProtect
2014-01-20 14:48 - 2014-01-20 14:48 - 00000000 ____D () C:\ProgramData\Browser Manager
2014-01-20 14:48 - 2014-01-20 14:48 - 00000000 ____D () C:\ProgramData\BitGuard
2014-01-20 14:39 - 2014-01-20 14:39 - 00000000 ____D () C:\Program Files (x86)\Digiarty
2014-01-20 14:39 - 2014-01-20 14:38 - 08247176 _____ (Digiarty Software,Inc. ) C:\Users\Werner\Downloads\winx-vob-to-mp4_2.0.8.exe
2014-01-20 14:15 - 2013-12-15 18:49 - 00000000 ____D () C:\Program Files (x86)\Wondershare
2014-01-20 14:14 - 2013-12-15 18:49 - 00000000 ____D () C:\ProgramData\Wondershare Video Converter Ultimate
2014-01-20 14:08 - 2014-01-20 14:06 - 37735560 _____ (Wondershare Software ) C:\Users\Werner\Downloads\video-converter-ultimate_full975.exe
2014-01-19 22:12 - 2013-07-25 21:50 - 00000000 ____D () C:\Users\Werner\AppData\Roaming\Apple Computer
2014-01-19 21:59 - 2013-07-26 20:15 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-01-19 21:29 - 2014-01-19 21:29 - 00283096 _____ (Mozilla) C:\Users\Werner\Downloads\Firefox Setup Stub 26.0.exe
2014-01-19 20:13 - 2014-01-19 20:13 - 00659968 _____ () C:\Users\Werner\Downloads\MicrosoftFixit50195.msi
2014-01-19 20:07 - 2013-06-20 21:31 - 00000000 ____D () C:\Program Files (x86)\Kroll Ontrack
2014-01-19 15:21 - 2014-01-19 15:22 - 18237552 _____ (Mozilla) C:\Users\Werner\Downloads\Firefox Setup 16.0.1.exe
2014-01-19 15:12 - 2013-08-27 19:36 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-01-19 15:08 - 2014-01-19 15:16 - 02077392 _____ (Microsoft Corporation) C:\Users\Werner\Downloads\IE11-Windows6.1.exe
2014-01-19 14:51 - 2014-01-19 15:16 - 00476776 _____ (iDownloadsoft.com) C:\Users\Werner\Downloads\FirefoxDownloader.exe
2014-01-19 14:44 - 2013-06-23 10:27 - 00000000 ____D () C:\Program Files (x86)\TomTom International B.V
2014-01-19 14:44 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-01-19 14:44 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-01-17 09:34 - 2013-06-23 12:00 - 00000000 ____D () C:\Users\Werner\AppData\Local\TomTom
2014-01-17 09:33 - 2014-01-17 09:33 - 00007597 _____ () C:\Users\Werner\AppData\Local\Resmon.ResmonCfg
2014-01-15 23:08 - 2013-08-28 02:00 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-15 23:07 - 2013-06-23 13:38 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-15 19:08 - 2014-01-15 19:08 - 00000060 _____ () C:\Users\Werner\AppData\Roaming\WB.CFG
2014-01-15 18:10 - 2014-01-15 18:10 - 00003130 _____ () C:\Windows\System32\Tasks\{A3E61C1F-25AA-49A5-908A-BE67C3FC1572}
2014-01-15 18:07 - 2014-01-15 18:07 - 00184547 _____ () C:\Users\Werner\Downloads\amdirq_111.exe
2014-01-15 18:07 - 2014-01-15 18:07 - 00000000 ____D () C:\Users\Werner\AppData\Local\Google
2014-01-15 18:05 - 2014-01-15 18:05 - 00632152 _____ () C:\Users\Werner\Downloads\DriverGuide_Driver_Download_230843.exe
2014-01-15 17:21 - 2013-06-22 12:03 - 00000000 ____D () C:\Users\Werner\AppData\Roaming\GetRightToGo
2014-01-12 18:42 - 2013-06-20 21:32 - 00000000 ____D () C:\Users\Werner\AppData\Roaming\Nitro
2014-01-12 11:12 - 2013-09-22 19:09 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-01-12 00:28 - 2013-06-20 19:40 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-01-12 00:25 - 2009-07-14 03:34 - 00000478 _____ () C:\Windows\win.ini
2014-01-11 16:12 - 2014-01-04 21:02 - 00003718 _____ () C:\Windows\System32\Tasks\InstallShield Software-Aktualisierungsdienst
2014-01-08 22:23 - 2014-01-08 22:23 - 00000000 ____D () C:\Users\Werner\Documents\My Data Files
2014-01-08 22:22 - 2014-01-08 22:22 - 17634304 _____ (Wondershare Software Co.,Ltd. ) C:\Users\Werner\Downloads\data-recovery_full1018.exe
2014-01-08 22:12 - 2014-01-08 22:12 - 00000000 ____D () C:\Users\Werner\.android
2014-01-06 21:47 - 2013-07-17 13:50 - 00000000 ____D () C:\Users\Werner\Documents\pstpassword
2014-01-05 22:20 - 2014-01-05 22:20 - 00000000 ____D () C:\ProgramData\FREEDB
2014-01-05 22:16 - 2013-12-15 19:04 - 00007119 _____ () C:\Windows\mgxoschk.ini
2014-01-05 22:15 - 2014-01-05 22:15 - 00001150 _____ () C:\Users\Public\Desktop\MAGIX MP3 Maker 15.lnk
2014-01-05 22:15 - 2014-01-05 22:15 - 00000000 ____D () C:\Users\Werner\Documents\MAGIX_Speed2_burnR_mxcdr
2014-01-05 22:14 - 2014-01-05 22:14 - 00000000 ____D () C:\Users\Werner\Documents\MAGIX_MP3_Maker_15
2014-01-05 21:40 - 2013-07-09 18:18 - 00000000 ____D () C:\Windows\WindowsMobile
2014-01-05 21:27 - 2013-06-20 19:21 - 00000000 ____D () C:\Users\Werner\AppData\Local\VirtualStore
2014-01-04 21:01 - 2014-01-04 20:49 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-01-04 21:01 - 2013-07-26 20:16 - 00000000 ____D () C:\ProgramData\{93E26451-CD9A-43A5-A2FA-C42392EA4001}
2014-01-04 21:01 - 2013-06-20 20:43 - 00000000 ____D () C:\ProgramData\{9BF4D58B-C6D6-467B-BC5A-FD0C1278F4AF}
2014-01-04 20:50 - 2014-01-04 20:50 - 00000000 ____D () C:\Users\Werner\AppData\Roaming\TuneUp Software
2014-01-04 20:46 - 2014-01-04 20:42 - 32522152 _____ (TuneUp Software) C:\Users\Werner\Downloads\TuneUpUtilities2014_de-DE.exe
2014-01-04 20:07 - 2009-07-14 03:34 - 75759616 _____ () C:\Windows\system32\config\software.rcbak
2014-01-04 20:07 - 2009-07-14 03:34 - 44040192 _____ () C:\Windows\system32\config\components.rcbak
2014-01-04 20:07 - 2009-07-14 03:34 - 20185088 _____ () C:\Windows\system32\config\system.rcbak
2014-01-04 20:07 - 2009-07-14 03:34 - 00524288 _____ () C:\Windows\system32\config\default.rcbak
2014-01-04 20:07 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\security.rcbak
2014-01-04 20:07 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\sam.rcbak

Some content of TEMP:
====================
C:\Users\Werner\AppData\Local\Temp\4330.exe
C:\Users\Werner\AppData\Local\Temp\9.0.0.2308SDVFree_OCU_Online_9.0.0.2308.exe
C:\Users\Werner\AppData\Local\Temp\avgnt.exe
C:\Users\Werner\AppData\Local\Temp\lws_lws.exe
C:\Users\Werner\AppData\Local\Temp\Mobogenie_Setup_2-1-37_610.exe
C:\Users\Werner\AppData\Local\Temp\PCCleanupUtility_NB.exe
C:\Users\Werner\AppData\Local\Temp\smt_nationzoom_20131128171426.exe
C:\Users\Werner\AppData\Local\Temp\sp64126.exe
C:\Users\Werner\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\Werner\AppData\Local\Temp\unwise.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-29 13:17

==================== End Of Log ============================

--- --- ---
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-02-2014 03
Ran by Werner at 2014-02-01 15:31:54
Running from C:\Users\Werner\Downloads
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: PC Tools AntiVirus Free (Enabled - Up to date) {2F668A56-D5E0-2DF1-A0AE-CB1284F42AB2}
AV: Spybot - Search and Destroy (Disabled - Out of date) {20A26C15-1AF0-7CA3-9380-FAB824A7EE0D}
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Disabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: PC Tools AntiVirus Free (Enabled - Up to date) {94076BB2-F3DA-227F-9A1E-F060FF73600F}

==================== Installed Programs ======================

7-Zip 9.20 (x64 edition) (Version: 9.20.00.0 - Igor Pavlov)
Active@ Partition Recovery (x32 Version: 7.1.2 - LSoft Technologies)
Adobe AIR (x32 Version: 1.5.3.9130 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.3.9130 - Adobe Systems Inc.) Hidden
Adobe Community Help (x32 Version: 3.2.1 - Adobe Systems Incorporated) Hidden
Adobe Community Help (x32 Version: 3.2.1.650 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 12 ActiveX (x32 Version: 12.0.0.38 - Adobe Systems Incorporated)
Adobe Photoshop Elements 9 (x32 Version: 9.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 9 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
AMD Accelerated Video Transcoding (Version: 13.15.100.30830 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.0830.1944.33589 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.80830.1925 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (x32 Version: 3.0 - Apple Inc.)
Apple Mobile Device Support (Version: 7.1.0.32 - Apple Inc.)
Apple Software Update (x32 Version: 2.1.3.127 - Apple Inc.)
Avira Free Antivirus (x32 Version: 14.0.2.286 - Avira)
Backup Manager (x32 Version: 1.00.0000 - GLi)
Bonjour (Version: 3.0.0.10 - Apple Inc.)
Browser Guard 4.0 (x32 Version: 4.0.0.1606 - PC Tools)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (x32 Version: - )
Canon MP Navigator EX 2.1 (x32 Version: - )
Canon MX320 series Benutzerregistrierung (x32 Version: - )
Canon MX320 series MP Drivers (Version: - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0830.1943.33589 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0830.1944.33589 - Advanced Micro Devices, Inc.) Hidden
Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.)
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition (Version: - Microsoft)
Driver Manager (x32 Version: 8.1 - Driver Manager)
Driver Whiz (x32 Version: 8.1 - Driver Whiz)
Dropbox (HKCU Version: 2.4.10 - Dropbox, Inc.)
Edimax Wireless LAN Driver and Utility (x32 Version: 1.00.0187.1 - Edimax Technology Co.)
Elements 9 Organizer (x32 Version: 9.0 - Ihr Firmenname) Hidden
Elements STI Installer (x32 Version: 1.0 - Adobe Systems Incorporated)
EVEREST Home Edition v2.20 (x32 Version: 2.20 - Lavalys Inc)
FastStone Capture 7.5 (x32 Version: 7.5 - FastStone Soft)
Firebird SQL Server - MAGIX Edition (x32 Version: 2.1.32.0 - MAGIX AG)
FreeOCR v4.2 (x32 Version: - )
HP Product Detection (x32 Version: 11.15.0008 - HP)
HP Support Assistant (x32 Version: 7.0.39.15 - Hewlett-Packard Company)
Intel(R) Management Engine Components (x32 Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (x32 Version: 9.6.0.1014 - Intel Corporation)
iTunes (Version: 11.1.4.62 - Apple Inc.)
Knoll Light Factory EZ Studio 15 (x32 Version: - )
Logitech Vid (x32 Version: 1.10.1009 - Logitech Inc.)
Logitech Webcam Software (Version: 12.10.1113 - Logitech Inc.)
Logitech Webcam Software-Treiberpaket (Version: 12.10.1110 - Logitech Inc.)
Magic Bullet Looks Studio 15 (x32 Version: - )
MAGIX MP3 Maker 15 10.0.0.251 (D) (x32 Version: 10.0.0.251 - MAGIX AG)
MAGIX Screenshare 4.3.6.1987 (D) (x32 Version: 4.3.6.1987 - MAGIX AG)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX AG) Hidden
MAGIX Speed burnR (MSI) (x32 Version: 7.0.2.6 - MAGIX AG)
MAGIX Video easy HD (Version: 5.0.0.99 - MAGIX AG) Hidden
MAGIX Video easy HD (x32 Version: 5.0.0.99 - MAGIX AG)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
McAfee Security Scan Plus (x32 Version: 3.0.318.3 - McAfee, Inc.)
Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (x32 Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (x32 Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0 - Mozilla)
Mozilla Maintenance Service (x32 Version: 26.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0 - Microsoft Corporation)
Mufin MusicFinder Base 1.0.1.229 (D) (x32 Version: 1.0.1.229 - MAGIX AG)
Nitro Pro 8 (Version: 8.5.2.10 - Nitro)
PC Tools AntiVirus kostenlos 9.0 (x32 Version: 9.0 - PC Tools)
Pinnacle Studio 15 (x32 Version: 15.0.0.7593 - Pinnacle Systems)
Pinnacle Studio 15 Ultimate Collection Plugins (x32 Version: 15.0.0.7593 - Pinnacle Systems)
Pinnacle Studio Bonus Content (x32 Version: 15.0.0.51 - Pinnacle Systems)
Pinnacle Video Treiber (Version: 12.1.0.030 - Pinnacle Systems)
QNAP Finder (x32 Version: 3.5.0.209 - QNAP Systems, Inc.)
QuickTime (x32 Version: 7.74.80.86 - Apple Inc.)
Realtek Ethernet Controller Driver (x32 Version: 7.72.410.2013 - Realtek)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6132 - Realtek Semiconductor Corp.)
Red Giant ToonIt Studio 15 (x32 Version: - )
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden
Skype™ 6.11 (x32 Version: 6.11.102 - Skype Technologies S.A.)
Spybot - Search & Destroy (x32 Version: 2.1.19 - Safer-Networking Ltd.)
TeamViewer 8 (x32 Version: 8.0.19045 - TeamViewer)
Trapcode 3DStroke Studio 15 (x32 Version: - )
Trapcode Particular Studio (x32 Version: - )
Trapcode Shine Studio 15 (x32 Version: - )
TuneUp Utilities 2014 (de-DE) (x32 Version: 14.0.1000.216 - TuneUp Software) Hidden
TuneUp Utilities 2014 (x32 Version: 14.0.1000.216 - TuneUp Software)
TuneUp Utilities 2014 (x32 Version: 14.0.1000.216 - TuneUp Software) Hidden
Update for Microsoft .NET Framework 4.5 (KB2750147) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4.5 (KB2805221) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4.5 (KB2805226) (x32 Version: 1 - Microsoft Corporation)
Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2826026) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2810072) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2553145) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 64-Bit Edition (Version: - Microsoft)
Update for Microsoft Word 2010 (KB2837593) 64-Bit Edition (Version: - Microsoft)
VIDBOX Driver (x32 Version: 4.0.1 - honestech)
Video-Saver (x32 Version: - Video-Saver Soft)
VirtualCloneDrive (x32 Version: - Elaborate Bytes)
Visual Studio C++ 10.0 Runtime (x32 Version: 10.0.0 - TomTom International B.V.)
VLC media player 2.1.1 (Version: 2.1.1 - VideoLAN)

==================== Restore Points =========================

27-01-2014 08:05:55 Entfernt OKI C110 Remote Panel Utility
27-01-2014 19:57:26 Installed HP Support Assistant
29-01-2014 10:13:21 Logitech Webcam Software v12.10.1110
30-01-2014 22:26:00 Windows Update
31-01-2014 06:53:06 Windows Update
01-02-2014 08:51:24 Removed Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

==================== Hosts content: ==========================

2009-07-14 03:34 - 2013-06-20 19:25 - 00000864 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 validation.sls.microsoft.com

==================== Scheduled Tasks (whitelisted) =============

Task: {002E6D67-60B9-408E-AEB0-A6E61C2A4959} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe [2013-12-10] (TuneUp Software)
Task: {00B5AA23-1315-4D76-B6AB-4439DF7EBC5C} - System32\Tasks\Driver Manager-RTMScan => C:\Program Files (x86)\Driver Manager\Driver Manager\DriverManager.exe [2013-10-27] (PC Drivers Headquarters)
Task: {07AB967E-B43D-4579-BA8A-96FC72F28617} - System32\Tasks\{B7D9733F-8530-4870-AA7D-92BA9986D888} => C:\Program Files (x86)\OKIDATA\OKI C110 Remote Panel Utility\OKI C110 Remote Panel Utility.exe
Task: {0AB214EA-0F5F-4EB9-B93D-81AEE3894766} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {192C7967-8635-4CC3-A6F3-16671121CA68} - System32\Tasks\{4D4C5F18-A0F1-4E56-8768-5A1B9B256A01} => C:\Program Files (x86)\Pinnacle\Studio 15\Programs\Studio.exe [2010-10-26] (Pinnacle Systems)
Task: {1DCD62F6-E3F1-481A-BD83-37CF1179BBE5} - System32\Tasks\{01BFEFF0-0C6A-4057-BD38-D361CC87DA5B} => C:\Program Files (x86)\OKIDATA\OKI C110 Remote Panel Utility\OKI C110 Remote Panel Utility.exe
Task: {1ED0F0A9-44EF-4BBF-9FBB-982F1228592E} - System32\Tasks\Driver Manager-RTMRules => C:\Program Files (x86)\Driver Manager\Driver Manager\DriverManager.exe [2013-10-27] (PC Drivers Headquarters)
Task: {1FC4DAC4-90ED-4F0C-81E4-1ADDE75211A4} - System32\Tasks\{6BB228AD-BD87-4FD0-9960-F70BC4F4FB2F} => C:\Program Files (x86)\OKIDATA\OKI C110 Remote Panel Utility\OKI C110 Remote Panel Utility.exe
Task: {27A82B06-D3D7-4E5A-80E7-6526BEEA80D5} - System32\Tasks\{0942F327-27C5-4200-AF96-B08410DCCEED} => C:\Program Files (x86)\OKIDATA\OKI C110 Remote Panel Utility\OKI C110 Remote Panel Utility.exe
Task: {2FD6A167-CF37-4804-BDBA-924406E6E7EE} - System32\Tasks\{6CED09A1-FD1E-4593-B870-DE47FE3F7055} => C:\Program Files (x86)\OKIDATA\OKI C110 Remote Panel Utility\OKI C110 Remote Panel Utility.exe
Task: {3170B690-08F6-41B3-ABDF-FEA908D0F321} - System32\Tasks\{CEDB2D91-4AC3-4340-B5FB-E0EADA570C99} => C:\Program Files (x86)\OKIDATA\OKI C110 Remote Panel Utility\OKI C110 Remote Panel Utility.exe
Task: {5B3AFB43-5DBD-439D-98E6-CEF2A9F7F622} - System32\Tasks\Driver Whiz-RTMUpdater => C:\Program Files (x86)\Driver Whiz\Driver Whiz\DriverWhiz.exe [2013-11-04] (PC Drivers Headquarters)
Task: {7F4C6900-A7E4-4639-A977-CF92236F4455} - System32\Tasks\{47D29043-E219-4A55-9E9D-5DCF4125F0D4} => C:\Program Files (x86)\OKIDATA\OKI C110 Remote Panel Utility\OKI C110 Remote Panel Utility.exe
Task: {80AA8CAF-496A-4296-A5A4-D04442DD9EF4} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {88BB9540-0A26-43DF-BA4B-7BD9E7956E1A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-27] (Adobe Systems Incorporated)
Task: {8B46DF1F-CA39-4D4A-BB41-8D8A44546E7D} - System32\Tasks\Video-Saver_wd => C:\Program Files (x86)\Video-Saver\video-saver152_wd.exe [2014-01-28] ()
Task: {90D5D376-4CC6-403A-9D80-882795950C73} - System32\Tasks\AdobeAAMUpdater-1.0-Ducati-Werner => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-07-29] (Adobe Systems Incorporated)
Task: {918047ED-63FA-486A-96E6-A22B7708D967} - System32\Tasks\{8D90C5CE-CCFE-4A5A-80CB-4ABFB8CACCBF} => C:\Program Files (x86)\OKIDATA\OKI C110 Remote Panel Utility\OKI C110 Remote Panel Utility.exe
Task: {93741FF4-5199-46DD-BA3B-7045FF41DEAD} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {990A4F4A-E570-4A75-ABA6-D376CCE8F82A} - System32\Tasks\{17BF3BEC-22F7-41E5-9B23-BB9781A5E8D3} => C:\Program Files (x86)\Pinnacle\Studio 15\Programs\Studio.exe [2010-10-26] (Pinnacle Systems)
Task: {9B4FF6E6-05CD-43E5-BCA0-2C7DEF54EDB7} - System32\Tasks\{85FB6C10-0739-4120-AFD7-C62D5BDAC041} => C:\Program Files (x86)\OKIDATA\OKI C110 Remote Panel Utility\OKI C110 Remote Panel Utility.exe
Task: {A61ABC69-09A3-4C5B-9295-64686C47F1C5} - System32\Tasks\{4F2AA923-CF4E-41C3-A3BF-24A1BB60A70C} => C:\Program Files (x86)\Pinnacle\Studio 15\Programs\Studio.exe [2010-10-26] (Pinnacle Systems)
Task: {A7354D6C-DB14-48F4-9A5A-F826FD605E80} - System32\Tasks\{32A2F6E1-64F7-41FF-9BBD-576D99602FB5} => C:\Program Files (x86)\Pinnacle\Studio 15\Programs\Studio.exe [2010-10-26] (Pinnacle Systems)
Task: {CC76C2EF-0BCC-40E5-8C68-CB8E8AF580E3} - System32\Tasks\{FCE3C9E5-590F-4D0A-BA52-A4218D24DB2B} => C:\Program Files (x86)\OKIDATA\OKI C110 Remote Panel Utility\OKI C110 Remote Panel Utility.exe
Task: {D04147C7-AEC3-42FE-AA9B-B612C942CE1E} - System32\Tasks\Driver Manager-RTMUpdater => C:\Program Files (x86)\Driver Manager\Driver Manager\DriverManager.exe [2013-10-27] (PC Drivers Headquarters)
Task: {D3C4C2B4-F589-40DF-8286-B8DFE796AA23} - System32\Tasks\InstallShield Software-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [2004-04-17] (InstallShield Software Corporation)
Task: {D672CB13-BFF6-4A45-B11C-727C656C9227} - System32\Tasks\InstallShield Software-Aktualisierungsdienst => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [2004-04-13] (InstallShield Software Corporation)
Task: {D6E0969A-8B2F-4F83-9CCC-0A409F344367} - System32\Tasks\{35252ABB-2E3E-4223-8AB9-A3424377A348} => C:\Program Files (x86)\OKIDATA\OKI C110 Remote Panel Utility\OKI C110 Remote Panel Utility.exe
Task: {E703FCC5-9138-4C1E-AD50-92615DC7B113} - System32\Tasks\{7576762C-8606-49C0-9680-A4D879052A1D} => C:\Program Files (x86)\OKIDATA\OKI C110 Remote Panel Utility\OKI C110 Remote Panel Utility.exe
Task: {E70766EB-8E04-405D-9C76-85FF3300634A} - System32\Tasks\Driver Whiz-RTMScan => C:\Program Files (x86)\Driver Whiz\Driver Whiz\DriverWhiz.exe [2013-11-04] (PC Drivers Headquarters)
Task: {EF82550A-2402-4585-813B-0068FB346C0A} - System32\Tasks\{B0C94445-DB37-4149-B138-65325AABF26C} => C:\Program Files (x86)\OKIDATA\OKI C110 Remote Panel Utility\OKI C110 Remote Panel Utility.exe
Task: {F13704B5-A217-4BBA-B86D-D780A982791B} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {F4136564-40CD-430E-90B0-99A94810058B} - System32\Tasks\{DB416C37-937C-4A2E-88E4-74BD1F27DAB9} => C:\Program Files (x86)\OKIDATA\OKI C110 Remote Panel Utility\OKI C110 Remote Panel Utility.exe
Task: {F42CA04A-D446-4639-8914-3D147283E321} - System32\Tasks\{16E19BDB-14E1-40C9-931A-D2ACAFD3CB52} => C:\Program Files (x86)\Pinnacle\Studio 15\Programs\Studio.exe [2010-10-26] (Pinnacle Systems)
Task: {F96DE4A7-B09A-4480-9413-7692E457532A} - System32\Tasks\{B0078F2D-860B-4C64-9F4B-757E31D2ACB8} => Firefox.exe Skype auf Ihren Computer herunterladen ? Mac, Windows, Linux*?*Skype
Task: {F9906D2A-0C40-40EE-9D4C-2B1C88FC9238} - System32\Tasks\Driver Whiz-RTMRules => C:\Program Files (x86)\Driver Whiz\Driver Whiz\DriverWhiz.exe [2013-11-04] (PC Drivers Headquarters)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Video-Saver_wd.job => C:\Program Files (x86)\Video-Saver\video-saver152_wd.exe

==================== Loaded Modules (whitelisted) =============

2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2013-07-14 18:35 - 2013-07-14 18:35 - 00208384 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_64\XPBurnComponent\856febb88835534fbd743e039324968f\XPBurnComponent.ni.dll
2013-06-25 12:13 - 2013-10-27 08:51 - 00638344 _____ () C:\Program Files (x86)\Driver Manager\Driver Manager\ThemePack.DriverManager.dll
2013-06-25 11:49 - 2013-10-27 08:51 - 00412064 _____ () C:\Program Files (x86)\Driver Manager\Driver Manager\Agent.Communication.XmlSerializers.dll
2013-06-25 12:16 - 2013-11-04 18:39 - 00684416 _____ () C:\Program Files (x86)\Driver Whiz\Driver Whiz\ThemePack.DriverWhiz.dll
2013-06-25 11:49 - 2013-11-04 18:39 - 00412064 _____ () C:\Program Files (x86)\Driver Whiz\Driver Whiz\Agent.Communication.XmlSerializers.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\office14\Cultures\office.odf
2013-02-15 03:36 - 2013-02-15 03:36 - 01554496 _____ () C:\Program Files\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
2013-06-20 21:08 - 2013-06-20 21:03 - 00397704 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 13:16 - 2014-01-20 13:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-01-30 19:31 - 2012-06-22 11:38 - 00108504 _____ () C:\Program Files (x86)\PC Tools Security\BDT\BSPatch.dll
2013-06-20 20:22 - 2009-12-09 20:20 - 00126976 _____ () C:\Program Files (x86)\Edimax\Edimax Wireless LAN Driver and Utility\EnumDevLib.dll
2014-01-30 20:09 - 2012-06-22 15:34 - 00157656 _____ () C:\Program Files (x86)\PC Tools Security\NetworkLayer\PCTCFHook.dll
2014-01-30 20:09 - 2012-06-22 15:33 - 00091608 _____ () C:\Program Files (x86)\PC Tools Security\avengine\sdkBSCtrl.dll
2013-06-23 11:57 - 2010-03-15 10:32 - 00143360 _____ () C:\Program Files (x86)\BackupManager\ustor.dll
2009-07-16 15:34 - 2009-07-16 15:34 - 02140944 _____ () C:\Program Files (x86)\Logitech\Logitech Vid\QtCore4.dll
2009-07-16 15:34 - 2009-07-16 15:34 - 07704336 _____ () C:\Program Files (x86)\Logitech\Logitech Vid\QtGui4.dll
2009-07-16 15:34 - 2009-07-16 15:34 - 00968976 _____ () C:\Program Files (x86)\Logitech\Logitech Vid\QtNetwork4.dll
2009-07-16 15:34 - 2009-07-16 15:34 - 00475408 _____ () C:\Program Files (x86)\Logitech\Logitech Vid\QtOpenGL4.dll
2009-07-16 15:35 - 2009-07-16 15:35 - 00363792 _____ () C:\Program Files (x86)\Logitech\Logitech Vid\QtXml4.dll
2009-07-16 15:34 - 2009-07-16 15:34 - 00199952 _____ () C:\Program Files (x86)\Logitech\Logitech Vid\QtSql4.dll
2009-07-16 15:35 - 2009-07-16 15:35 - 00027408 _____ () C:\Program Files (x86)\Logitech\Logitech Vid\SDL.dll
2009-07-16 15:35 - 2009-07-16 15:35 - 11311888 _____ () C:\Program Files (x86)\Logitech\Logitech Vid\QtWebKit4.dll
2009-07-16 15:34 - 2009-07-16 15:34 - 00291600 _____ () C:\Program Files (x86)\Logitech\Logitech Vid\phonon4.dll
2009-07-16 15:36 - 2009-07-16 15:36 - 00028944 _____ () C:\Program Files (x86)\Logitech\Logitech Vid\plugins\imageformats\qgif4.dll
2009-07-16 15:36 - 2009-07-16 15:36 - 00035088 _____ () C:\Program Files (x86)\Logitech\Logitech Vid\plugins\imageformats\qico4.dll
2009-07-16 15:36 - 2009-07-16 15:36 - 00138000 _____ () C:\Program Files (x86)\Logitech\Logitech Vid\plugins\imageformats\qjpeg4.dll
2009-10-14 13:36 - 2009-10-14 13:36 - 00181592 _____ () C:\Program Files (x86)\Common Files\LogiShrd\LvApi11\LvApi11.dll
2013-08-28 02:31 - 2013-08-28 02:31 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\44bfa824a3b8a6f789fda79a2e01a8db\IsdiInterop.ni.dll
2013-06-23 12:42 - 2010-03-03 19:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-01-19 15:23 - 2013-12-05 20:36 - 03559024 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2013-12-11 19:51 - 2013-12-11 19:51 - 16242056 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\ProgramData\TEMP:07BB519E
AlternateDataStreams: C:\ProgramData\TEMP:430C6D84
AlternateDataStreams: C:\ProgramData\TEMP

FC5A2B2

==================== Safe Mode (whitelisted) ===================

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: PC Tools Data Store
Description: PC Tools Data Store
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: pctDS
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

==================== Event log errors: =========================

Application errors:
==================
Error: (02/01/2014 09:56:43 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Setup.exe_Microsoft Setup Bootstrapper, Version: 14.0.7011.1000, Zeitstempel: 0x5137020a
Name des fehlerhaften Moduls: ole32.dll, Version: 6.1.7601.17514, Zeitstempel: 0x4ce7c92c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000029fa6
ID des fehlerhaften Prozesses: 0x1e80
Startzeit der fehlerhaften Anwendung: 0xSetup.exe_Microsoft Setup Bootstrapper0
Pfad der fehlerhaften Anwendung: Setup.exe_Microsoft Setup Bootstrapper1
Pfad des fehlerhaften Moduls: Setup.exe_Microsoft Setup Bootstrapper2
Berichtskennung: Setup.exe_Microsoft Setup Bootstrapper3

Error: (02/01/2014 09:07:49 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/31/2014 08:54:44 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/31/2014 07:50:41 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/31/2014 07:31:24 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/30/2014 08:11:20 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/30/2014 07:43:38 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/30/2014 07:13:30 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/30/2014 07:13:27 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (01/30/2014 07:13:22 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

System errors:
=============
Error: (02/01/2014 10:24:15 AM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.

Error: (02/01/2014 09:08:09 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (02/01/2014 09:08:09 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht.

Error: (02/01/2014 09:07:49 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Spybot-S&D 2 Updating Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (02/01/2014 09:07:49 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Updating Service erreicht.

Error: (02/01/2014 09:07:48 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (02/01/2014 09:07:48 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht.

Error: (01/31/2014 08:58:05 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "FABS - Helping agent for MAGIX media database" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (01/31/2014 08:58:05 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst FABS - Helping agent for MAGIX media database erreicht.

Error: (01/31/2014 08:55:32 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Microsoft Office Sessions:
=========================
Error: (02/01/2014 09:56:43 AM) (Source: Application Error)(User: )
Description: Setup.exe_Microsoft Setup Bootstrapper14.0.7011.10005137020aole32.dll6.1.7601.175144ce7c92cc00000050000000000029fa61e8001cf1f2b1f3186d1C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Office Setup Controller\Setup.exeC:\Windows\system32\ole32.dllc5679c14-8b1e-11e3-a841-6c626d763ce8

Error: (02/01/2014 09:07:49 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/31/2014 08:54:44 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/31/2014 07:50:41 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/31/2014 07:31:24 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/30/2014 08:11:20 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/30/2014 07:43:38 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/30/2014 07:13:30 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Werner\Downloads\SoftonicDownloader_fuer_pc-tools-antivirus.exe

Error: (01/30/2014 07:13:27 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Werner\Downloads\SoftonicDownloader_fuer_pc-tools-antivirus.exe

Error: (01/30/2014 07:13:22 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Werner\Downloads\SoftonicDownloader_fuer_pc-tools-antivirus.exe

CodeIntegrity Errors:
===================================
Date: 2013-06-20 20:45:22.806
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Werner\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

Date: 2013-06-20 20:45:22.806
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Werner\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

Date: 2013-06-20 20:45:22.572
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

Date: 2013-06-20 20:45:22.556
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

==================== Memory info ===========================

Percentage of memory in use: 41%
Total physical RAM: 8055.11 MB
Available physical RAM: 4728.93 MB
Total Pagefile: 16108.41 MB
Available Pagefile: 12358.5 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: (PC-LW) (Fixed) (Total:300 GB) (Free:168.56 GB) NTFS
Drive i: (LaCie) (Fixed) (Total:931.51 GB) (Free:275.36 GB) NTFS
Drive j: (Video) (Fixed) (Total:931.51 GB) (Free:253.76 GB) NTFS
Drive k: (Video-Bearb) (Fixed) (Total:465.75 GB) (Free:71.68 GB) NTFS
Drive l: (Volume) (Fixed) (Total:1562.92 GB) (Free:1128.24 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 534FDA80)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=300 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=-520854962176) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 932 GB) (Disk ID: 454C267B)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 932 GB) (Disk ID: E8900690)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (Size: 466 GB) (Disk ID: 8D399BC0)
Partition 1: (Not Active) - (Size=466 GB) - (Type=07 NTFS)

==================== End Of Log ============================[/CODE]

schrauber · 02.02.2014, 07:02

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1

WICHTIG - Speichere Combofix auf deinem Desktop

Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten

Zitat:

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

starte den Rechner einfach neu. Dies sollte das Problem beheben.

ernstwernerk · 02.02.2014, 14:34

[CODE][CODE]

Code:

ATTFilter

L:\Computer\2014 0201 Infizierung

schrauber · 03.02.2014, 13:28

was willste mir damit sagen?

03.02.2014, 13:28	#6
schrauber /// the machine /// TB-Ausbilder	Malware auf Internet Explorer und Firefox was willste mir damit sagen? __________________ --> Malware auf Internet Explorer und Firefox

Malware auf Internet Explorer und Firefox

Plagegeister aller Art und deren Bekämpfung: Malware auf Internet Explorer und Firefox