PUP.Optional.SearchCertifiedTB.A / search.certified-toolbar

hope_13 · 15.02.2014, 22:15

guten abend,

ich habe heute bei meinem wöchentlichen viren scan mit Malwarebytes folgenden virus gefunden:

PUP.Optional.SearchCertifiedTB.A
search.certified-toolbar

Infizierte Dateiobjekte der Registrierung: 1

HKCU\Software\Microsoft\Internet Explorer\SearchURI|(Default) (PUP.Optional.SearchCertifiedTB.A) -> Bösartig: (hxxp://search.certified-toolbar.com?si=43169&st=bs&tid=3580&ts=1381910076033&tguid=43169-3580-1381910068841-442584&q=%s)

außer malewarebytes benutze ich regelmäßig windows defender als anti-viren-software.

ich habe das schädliche objekt entfernt, bin aber nicht sicher, ob dies ausreicht.
vorhin ließ sich das notebook nur mit mühe hochfahren.

ich wäre dankbar für eine hilfestellung & einen rat.

beste grüße & dank im voraus
hope_13

schrauber · 16.02.2014, 06:47

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

hope_13 · 16.02.2014, 09:35

hallo schrauber,

danke, dass du dich meldest & wir uns ans werk machen.

hier die frst.txt:

#
FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-02-2014 01
Ran by sylvia (administrator) on VIAN on 16-02-2014 09:30:31
Running from C:\Users\sylvia\Downloads
Windows 8.1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\WINDOWS\system32\atiesrxx.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\DllHost.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(AMD) C:\WINDOWS\system32\atieclxx.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe
(Microsoft Corporation) C:\Windows\System32\skydrive.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.EXE
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\onenote.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\outlook.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\LiveComm.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-09-12] (Realtek Semiconductor)
HKLM\...\Run: [Acronis Scheduler2 Service] - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [519408 2013-07-18] (Acronis)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2930488 2012-10-23] (Synaptics Incorporated)
HKLM-x32\...\Run: [ISBMgr.exe] - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-17] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] - C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [724576 2012-07-27] (Sony Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Intel AppUp(R) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2013-07-17] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-22] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [TrueImageMonitor.exe] - C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7843992 2013-10-24] (Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] - C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1104616 2013-10-10] (Acronis International GmbH)
HKLM-x32\...\Run: [PDFPrint] - C:\Program Files (x86)\PDF24\pdf24.exe [186408 2013-12-12] (Geek Software GmbH)
HKLM\...\Policies\Explorer\Run: [BtvStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-09-07] ( (Atheros Communications))
Startup: C:\Users\sylvia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu
SearchScopes: HKLM-x32 - URL hxxp://search.certified-toolbar.com?si=43169&st=bs&tid=3580&ts=1381910076033&tguid=43169-3580-1381910068841-442584&q={searchTerms}
SearchScopes: HKLM-x32 - SuggestionsURL_JSON hxxp://api.widdit.com/suggestions/?format=ffplugin&ua=ie&src=addon&si=43169&gid=1&dbCode=1&command={searchTerms}
SearchScopes: HKLM-x32 - TopResultURLFallback hxxp://search.certified-toolbar.com?si=43169&st=bs&tid=3580&ts=1381910076033&tguid=43169-3580-1381910068841-442584&q={searchTerms}
SearchScopes: HKCU - DefaultScope {B3B90EEF-6622-444D-B7B8-58F1A8D0AF8D} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASEJS
SearchScopes: HKCU - URL hxxp://search.certified-toolbar.com?si=43169&st=bs&tid=3580&ts=1381910076033&tguid=43169-3580-1381910068841-442584&q={searchTerms}
SearchScopes: HKCU - SuggestionsURL_JSON hxxp://api.widdit.com/suggestions/?format=ffplugin&ua=ie&src=addon&si=43169&gid=1&dbCode=1&command={searchTerms}
SearchScopes: HKCU - TopResultURLFallback hxxp://search.certified-toolbar.com?si=43169&st=bs&tid=3580&ts=1381910076033&tguid=43169-3580-1381910068841-442584&q={searchTerms}
SearchScopes: HKCU - {B3B90EEF-6622-444D-B7B8-58F1A8D0AF8D} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASEJS
SearchScopes: HKCU - {EFB12CA6-09F2-4DB3-991F-8CFF86FC9A3E} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q113&_nkw={searchTerms}
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\Sony\MSS\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\sylvia\AppData\Roaming\Mozilla\Firefox\Profiles\i0i1ms7q.default
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @java.com/DTPlugin,version=10.9.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.9.2 - C:\WINDOWS\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\Sony\MSS\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: intel.com/AppUp - C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll (Intel)
FF Plugin HKCU: intel.com/AppUpx64 - C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: vis - C:\Users\sylvia\AppData\Roaming\Mozilla\Firefox\Profiles\i0i1ms7q.default\Extensions\EFGLQA@78ETGYN-0W7FN789T87.COM [2013-10-16]
FF Extension: Web Developer - C:\Users\sylvia\AppData\Roaming\Mozilla\Firefox\Profiles\i0i1ms7q.default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2013-09-27]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome: 
=======
CHR Extension: (Google Docs) - C:\Users\sylvia\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-10]
CHR Extension: (Google Drive) - C:\Users\sylvia\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-10]
CHR Extension: (YouTube) - C:\Users\sylvia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-10]
CHR Extension: (Google-Suche) - C:\Users\sylvia\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-10]
CHR Extension: (Google Wallet) - C:\Users\sylvia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-10]
CHR Extension: (Google Mail) - C:\Users\sylvia\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-10]

==================== Services (Whitelisted) =================

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-09-07] (Windows (R) Win 7 DDK provider)
R2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [9281840 2013-10-07] (DisplayLink Corp.)
R2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-05-29] (Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostServiceSony; C:\Program Files\Sony\MSS\3.8.130\McCHSvc.exe [288776 2013-10-16] (McAfee, Inc.)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [625240 2013-09-28] (Sony Corporation)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-10-31] (Microsoft Corporation)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474208 2012-07-27] (Sony Corporation)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [266168 2013-05-29] (Intel Corporation)
S3 SXDS10; C:\Program Files (x86)\Common Files\soft Xpansion\sxds10.exe [234096 2013-09-12] (soft Xpansion)
S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-05-29] (Intel Corporation)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [964608 2012-09-28] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1368624 2013-08-01] (Sony Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-09-07] (Atheros)

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3837440 2013-09-25] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [138240 2013-09-26] (Advanced Micro Devices)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-07] (Qualcomm Atheros)
R3 BTATH_VDP; C:\Windows\system32\drivers\btath_vdp.sys [428488 2013-09-07] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 DisplayLinkUsbIo_x64; C:\Windows\system32\DRIVERS\DisplayLinkUsbIo_x64_7.4.51572.0.sys [46384 2013-10-08] ()
R3 dlcdcncm6_x64; C:\Windows\system32\DRIVERS\dlcdcncm6_x64.sys [80688 2013-10-07] (DisplayLink Corp.)
R3 dlusbaudio; C:\Windows\system32\DRIVERS\dlusbaudio_x64.sys [202128 2013-10-07] (DisplayLink Corp.)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-12-17] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-27] (Intel Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
R3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2013-11-03] ()
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-12-17] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44344 2012-10-23] (Synaptics Incorporated)
R3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-11] (Sony Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-14] (Microsoft Corporation)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2013-12-16] (Acronis International GmbH)
S0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [198432 2013-12-16] (Acronis International GmbH)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-16 09:30 - 2014-02-16 09:30 - 00019784 _____ () C:\Users\sylvia\Downloads\FRST.txt
2014-02-16 09:30 - 2014-02-16 09:30 - 00000000 ____D () C:\FRST
2014-02-16 09:29 - 2014-02-16 09:29 - 02152960 _____ (Farbar) C:\Users\sylvia\Downloads\FRST64.exe
2014-02-13 16:25 - 2014-02-13 16:25 - 00912884 _____ () C:\Users\sylvia\Downloads\Backstretch_f_Hoellen.zip
2014-02-13 08:31 - 2013-12-09 01:27 - 02152448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-02-13 08:31 - 2013-12-09 01:19 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll
2014-02-13 08:31 - 2013-12-09 00:55 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll
2014-02-13 08:31 - 2013-12-09 00:54 - 01317376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-02-13 08:30 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-02-13 08:30 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-02-13 08:30 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-02-13 08:30 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-02-13 08:30 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-02-13 08:30 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-02-13 08:30 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-02-13 08:30 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-02-13 08:30 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-02-13 08:30 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-02-13 08:30 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-02-13 08:30 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-02-13 08:30 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-02-13 08:30 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-02-13 08:30 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-02-13 08:30 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-02-13 08:30 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-02-13 08:30 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-02-13 08:30 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-02-13 08:30 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-02-13 08:30 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-02-13 08:30 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-02-13 08:30 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-02-13 08:30 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-02-13 08:30 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-02-13 08:30 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-02-13 08:30 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-02-13 08:30 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-02-13 08:30 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-02-13 08:30 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-02-13 08:30 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-02-13 08:30 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-02-13 08:30 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-02-13 08:30 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-02-13 08:30 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-02-13 08:30 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-02-13 08:30 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-02-13 08:30 - 2014-01-07 06:00 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-02-13 08:30 - 2014-01-07 05:30 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-02-13 08:30 - 2013-12-09 03:57 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-02-13 08:30 - 2013-12-09 02:51 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-02-13 08:30 - 2013-11-21 07:42 - 04604416 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2014-02-13 08:30 - 2013-11-21 06:44 - 03936256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2014-02-13 08:29 - 2014-01-09 09:25 - 02804224 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-02-13 08:29 - 2014-01-09 08:59 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-02-13 08:29 - 2014-01-09 08:59 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-02-13 08:29 - 2014-01-09 08:49 - 00919040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-02-13 08:29 - 2014-01-09 08:44 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-02-13 08:29 - 2014-01-09 08:43 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-02-13 08:29 - 2014-01-09 08:29 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-02-13 08:29 - 2014-01-09 08:28 - 04217344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-02-13 08:29 - 2014-01-09 08:28 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-02-13 08:29 - 2014-01-09 08:18 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-02-13 08:29 - 2014-01-07 08:03 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2014-02-13 08:29 - 2014-01-07 06:59 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2014-02-13 08:29 - 2014-01-04 21:50 - 01462216 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-02-13 08:29 - 2014-01-04 20:22 - 01202888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-02-13 08:29 - 2014-01-04 15:30 - 13209088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-02-13 08:29 - 2014-01-04 15:23 - 11702272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-02-13 08:29 - 2014-01-04 14:42 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-02-13 08:29 - 2014-01-04 14:40 - 07416832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-02-13 08:29 - 2014-01-04 14:36 - 00830976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-02-13 08:29 - 2014-01-04 14:28 - 04961792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-02-13 08:29 - 2013-12-21 03:10 - 00009701 _____ () C:\WINDOWS\SysWOW64\connectedsearch-results.searchconnector-ms
2014-02-13 08:29 - 2013-12-21 03:10 - 00009701 _____ () C:\WINDOWS\system32\connectedsearch-results.searchconnector-ms
2014-02-13 08:29 - 2013-12-20 11:10 - 01113040 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-02-13 08:29 - 2013-12-20 07:13 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-02-07 11:04 - 2014-02-07 11:04 - 02941731 _____ () C:\Users\sylvia\Downloads\Joomla_2.5.17_to_2.5.18-Stable-Patch_Package.zip
2014-02-07 11:04 - 2014-02-07 11:04 - 02089577 _____ () C:\Users\sylvia\Downloads\Joomla_2.5.x_to_2.5.18-Stable-Patch_Package.tar.gz
2014-02-07 11:04 - 2014-02-07 11:04 - 01571294 _____ () C:\Users\sylvia\Downloads\Joomla_2.5.x_to_2.5.18-Stable-Patch_Package.tar.bz2
2014-02-07 11:03 - 2014-02-07 11:04 - 03581681 _____ () C:\Users\sylvia\Downloads\Joomla_2.5.x_to_2.5.18-Stable-Patch_Package.zip
2014-02-06 09:59 - 2014-02-06 09:59 - 00132940 _____ () C:\Users\sylvia\Downloads\plg_sige_v2.5-2.zip
2014-01-30 14:09 - 2014-01-30 14:09 - 00050393 _____ () C:\Users\sylvia\Downloads\srobbin-jquery-pageslide-v2.0-0-gd00801f.zip
2014-01-24 15:14 - 2014-01-24 15:14 - 00046735 _____ () C:\Users\sylvia\Downloads\akeebabackup-de-DE-j25.zip
2014-01-23 13:08 - 2014-01-23 13:09 - 08412228 _____ () C:\Users\sylvia\Downloads\Joomla_3.2.1-Stable-Update_Package.zip

==================== One Month Modified Files and Folders =======

2014-02-16 09:30 - 2014-02-16 09:30 - 00019784 _____ () C:\Users\sylvia\Downloads\FRST.txt
2014-02-16 09:30 - 2014-02-16 09:30 - 00000000 ____D () C:\FRST
2014-02-16 09:29 - 2014-02-16 09:29 - 02152960 _____ (Farbar) C:\Users\sylvia\Downloads\FRST64.exe
2014-02-16 09:08 - 2013-09-09 18:09 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-02-16 09:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-02-16 08:44 - 2014-01-10 12:29 - 00001120 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-16 03:41 - 2013-12-17 18:32 - 01614419 _____ () C:\WINDOWS\WindowsUpdate.log
2014-02-16 03:41 - 2013-12-17 18:25 - 00038794 _____ () C:\WINDOWS\system32\lvcoinst.log
2014-02-15 22:56 - 2013-09-10 16:32 - 00005124 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for VIAN-sylvia vian
2014-02-15 22:26 - 2013-08-22 22:22 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-554626538-1008602864-1809198237-1001
2014-02-15 22:20 - 2013-09-05 12:16 - 00013030 _____ () C:\PDOXUSRS.NET
2014-02-15 22:20 - 2012-07-26 06:26 - 00001017 _____ () C:\WINDOWS\win.ini
2014-02-15 21:49 - 2014-01-10 12:29 - 00001116 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-15 21:49 - 2013-12-17 22:16 - 00000000 __RDO () C:\Users\sylvia\SkyDrive
2014-02-15 14:14 - 2013-12-17 22:42 - 00003918 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{34AA38E2-7825-4710-9B57-909B0B442ABD}
2014-02-14 20:42 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-02-14 20:02 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-02-14 14:39 - 2014-01-10 12:29 - 00004092 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-14 14:39 - 2014-01-10 12:29 - 00003856 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-14 14:14 - 2013-09-05 17:32 - 00000000 ____D () C:\Users\sylvia\AppData\Roaming\FileZilla
2014-02-14 00:17 - 2013-11-14 08:27 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-02-14 00:17 - 2013-11-14 08:11 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2014-02-14 00:17 - 2013-11-14 08:11 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2014-02-14 00:16 - 2013-08-22 22:14 - 00000000 ___RD () C:\Users\sylvia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-14 00:12 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-02-13 19:29 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-02-13 19:29 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-02-13 19:29 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-02-13 19:29 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-02-13 19:29 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-02-13 19:27 - 2013-09-10 10:18 - 00000000 ____D () C:\Users\sylvia\AppData\Local\CrashDumps
2014-02-13 16:25 - 2014-02-13 16:25 - 00912884 _____ () C:\Users\sylvia\Downloads\Backstretch_f_Hoellen.zip
2014-02-10 11:44 - 2013-08-22 22:13 - 00000000 ____D () C:\Users\sylvia\AppData\Local\Packages
2014-02-08 08:47 - 2013-11-13 23:18 - 00009030 _____ () C:\WINDOWS\PFRO.log
2014-02-07 22:09 - 2013-10-01 08:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-07 11:04 - 2014-02-07 11:04 - 02941731 _____ () C:\Users\sylvia\Downloads\Joomla_2.5.17_to_2.5.18-Stable-Patch_Package.zip
2014-02-07 11:04 - 2014-02-07 11:04 - 02089577 _____ () C:\Users\sylvia\Downloads\Joomla_2.5.x_to_2.5.18-Stable-Patch_Package.tar.gz
2014-02-07 11:04 - 2014-02-07 11:04 - 01571294 _____ () C:\Users\sylvia\Downloads\Joomla_2.5.x_to_2.5.18-Stable-Patch_Package.tar.bz2
2014-02-07 11:04 - 2014-02-07 11:03 - 03581681 _____ () C:\Users\sylvia\Downloads\Joomla_2.5.x_to_2.5.18-Stable-Patch_Package.zip
2014-02-06 13:16 - 2014-02-13 08:30 - 23170048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-02-06 12:30 - 2014-02-13 08:30 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-02-06 12:30 - 2014-02-13 08:30 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-02-06 12:12 - 2014-02-13 08:30 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-02-06 12:07 - 2014-02-13 08:30 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-02-06 12:06 - 2014-02-13 08:30 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-02-06 11:57 - 2014-02-13 08:30 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-02-06 11:56 - 2014-02-13 08:30 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-02-06 11:49 - 2014-02-13 08:30 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-02-06 11:48 - 2014-02-13 08:30 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-02-06 11:48 - 2014-02-13 08:30 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-02-06 11:38 - 2014-02-13 08:30 - 17103872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-02-06 11:32 - 2014-02-13 08:30 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-02-06 11:20 - 2014-02-13 08:30 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-02-06 11:17 - 2014-02-13 08:30 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-02-06 11:11 - 2014-02-13 08:30 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-02-06 11:01 - 2014-02-13 08:30 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-02-06 11:00 - 2014-02-13 08:30 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-13 08:30 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-02-06 10:57 - 2014-02-13 08:30 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-02-06 10:52 - 2014-02-13 08:30 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-02-06 10:52 - 2014-02-13 08:30 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-02-06 10:50 - 2014-02-13 08:30 - 02041856 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-02-06 10:47 - 2014-02-13 08:30 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-02-06 10:46 - 2014-02-13 08:30 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-02-06 10:25 - 2014-02-13 08:30 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-02-06 10:25 - 2014-02-13 08:30 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-02-06 10:24 - 2014-02-13 08:30 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-02-06 10:22 - 2014-02-13 08:30 - 13051392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-02-06 10:13 - 2014-02-13 08:30 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-02-06 10:09 - 2014-02-13 08:30 - 01964032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-02-06 10:03 - 2014-02-13 08:30 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-02-06 09:59 - 2014-02-06 09:59 - 00132940 _____ () C:\Users\sylvia\Downloads\plg_sige_v2.5-2.zip
2014-02-06 09:55 - 2014-02-13 08:30 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-02-06 09:41 - 2014-02-13 08:30 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-02-06 09:40 - 2014-02-13 08:30 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-02-06 09:36 - 2014-02-13 08:30 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-02-06 09:34 - 2014-02-13 08:30 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-02-05 09:08 - 2013-09-09 18:09 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-01-30 21:47 - 2013-08-22 16:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-01-30 21:47 - 2013-08-22 16:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-30 14:09 - 2014-01-30 14:09 - 00050393 _____ () C:\Users\sylvia\Downloads\srobbin-jquery-pageslide-v2.0-0-gd00801f.zip
2014-01-29 20:00 - 2013-09-06 13:15 - 00000000 ____D () C:\Users\sylvia\AppData\Local\Microsoft Help
2014-01-24 15:14 - 2014-01-24 15:14 - 00046735 _____ () C:\Users\sylvia\Downloads\akeebabackup-de-DE-j25.zip
2014-01-24 11:25 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-01-23 13:09 - 2014-01-23 13:08 - 08412228 _____ () C:\Users\sylvia\Downloads\Joomla_3.2.1-Stable-Update_Package.zip
2014-01-22 12:37 - 2013-08-22 15:46 - 00290291 _____ () C:\WINDOWS\setupact.log
2014-01-19 21:10 - 2013-09-08 14:33 - 00000000 ____D () C:\Users\sylvia\AppData\Local\Adobe
2014-01-19 10:42 - 2013-08-25 10:26 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-01-19 08:38 - 2013-09-05 10:54 - 00270496 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2014-01-18 13:43 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\WinStore

Some content of TEMP:
====================
C:\Users\sylvia\AppData\Local\Temp\917b0b87-3358-4e79-93de-3dfc2fc99ed0.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-16 03:11

==================== End Of Log ============================

--- --- ---

und die addition

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-02-2014 01
Ran by sylvia at 2014-02-16 09:31:29
Running from C:\Users\sylvia\Downloads
Boot Mode: Normal
==========================================================

==================== Security Center ========================

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

7-Zip 9.20 (x64 edition) (Version: 9.20.00.0 - Igor Pavlov)
Acronis True Image 2014 (x32 Version: 17.0.6614 - Acronis) Hidden
Acronis True Image 2014 Media Add-on (x32 Version: 17.0.6614 - Acronis)
Adobe Flash Player 12 Plugin (x32 Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Photoshop 6.0 (x32 Version: 6.0 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.06) MUI (x32 Version: 11.0.06 - Adobe Systems Incorporated)
Adobe SVG Viewer (x32 Version: 1.0 - Adobe Systems, Inc.)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
AMD Accelerated Video Transcoding (Version: 13.15.100.30822 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.938.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.0822.136.951 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Browser Updater 1.1 (x32 Version: - Browser Updater)
Build-a-lot: On Vacation (x32 Version: 2.2.0.110 - WildTangent) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0822.136.951 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0822.136.951 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0822.136.951 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0822.0135.951 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0822.0135.951 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0822.0135.951 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0822.0135.951 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0822.0135.951 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0822.0135.951 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0822.0135.951 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0822.0135.951 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0822.0135.951 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0822.0135.951 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0822.0135.951 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0822.0135.951 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0822.0135.951 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0822.0135.951 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0822.0135.951 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0822.0135.951 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0822.0135.951 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0822.0135.951 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0822.0135.951 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0822.0135.951 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0822.0135.951 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0822.0135.951 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0822.136.951 - Advanced Micro Devices, Inc.) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.110 - WildTangent) Hidden
CyberLink Power2Go 8 (x32 Version: 8.0.0.2126 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.0.2126 - CyberLink Corp.) Hidden
CyberLink PowerDVD (x32 Version: 9.0.6426.52 - CyberLink Corp.)
CyberLink PowerDVD (x32 Version: 9.0.6426.52 - CyberLink Corp.) Hidden
DisplayLink Core Software (Version: 7.4.51572.0 - DisplayLink Corp.)
DisplayLink Graphics (Version: 6.2.37116.0 - DisplayLink Corp.)
ESET Online Scanner v3 (x32 Version: - )
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
FDUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Galiastro 4.7.3 (x32 Version: 4.7.3 - Paessler Software)
Google Chrome (x32 Version: 32.0.1700.107 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
Heroes of Hellas 3: Athens (x32 Version: 3.0.2.32 - WildTangent) Hidden
HomeTab 2.7 (x32 Version: 2.7 - HomeTab)
HomeTab 4.7 (x32 Version: 4.7 - HomeTab)
Intel AppUp(R) center (x32 Version: 45233 - Intel)
Intel(R) Management Engine Components (x32 Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Rapid Storage Technology (x32 Version: 11.6.0.1030 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
JPEGmini (HKCU Version: 1.8.3.1 - ICVT Ltd)
KUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
LiveUpdate 2.0 (Symantec Corporation) (x32 Version: 2.0.39.0 - Symantec Corporation)
Luxor HD (x32 Version: 2.2.0.110 - WildTangent) Hidden
Macromedia Dreamweaver 8 (x32 Version: 8.0.0.2751 - Macromedia)
Macromedia Extension Manager (x32 Version: 1.7.270 - Ihr Firmenname)
Mahjongg Artifacts (x32 Version: 2.2.0.110 - WildTangent) Hidden
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft Office Home and Business 2013 - de-de (Version: 15.0.4551.1512 - Microsoft Corporation)
Microsoft SkyDrive (HKCU Version: 16.4.6012.0828 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (x32 Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (x32 Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Mozilla Firefox 27.0 (x86 de) (x32 Version: 27.0 - Mozilla)
Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden
Nero BackItUp (x32 Version: 12.0.3002 - Nero AG) Hidden
Nero BackItUp Help (CHM) (x32 Version: 12.0.3000 - Nero AG) Hidden
Nero Blu-ray Player (x32 Version: 12.0.14300 - Nero AG) Hidden
Nero BurnRights (x32 Version: 12.0.5000 - Nero AG) Hidden
Nero BurnRights Help (CHM) (x32 Version: 12.0.5000 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 11.0.15300 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (x32 Version: 12.0.5000 - Nero AG) Hidden
Nero Core Components (x32 Version: 11.0.18100 - Nero AG) Hidden
Nero CoverDesigner (x32 Version: 12.0.9000 - Nero AG) Hidden
Nero CoverDesigner Help (CHM) (x32 Version: 12.0.2000 - Nero AG) Hidden
Nero DiscSpeed 11 (x32 Version: 7.0.10400.2.100 - Nero AG) Hidden
Nero DiscSpeed Help (CHM) (x32 Version: 12.0.1000 - Nero AG) Hidden
Nero Express (x32 Version: 12.0.20000 - Nero AG) Hidden
Nero Express Help (CHM) (x32 Version: 12.0.5000 - Nero AG) Hidden
Nero InfoTool (x32 Version: 12.0.3000 - Nero AG) Hidden
Nero InfoTool Help (CHM) (x32 Version: 12.0.0002 - Nero AG) Hidden
Nero Kwik Media (x32 Version: 1.18.18800 - Nero AG) Hidden
Nero Kwik Media Help (CHM) (x32 Version: 12.0.4000 - Nero AG) Hidden
Nero Kwik Themes Basic (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Launcher (x32 Version: 12.2.6000 - Nero AG) Hidden
Nero SharedVideoCodecs (x32 Version: 1.0.12100.2.0 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.11800.31.0 - Nero AG) Hidden
Nero12EssTSST (x32 Version: 12.0.01100 - Nero AG)
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
Notepad++ (x32 Version: 6.4.5 - Notepad++ Team)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
PDF24 Creator 6.2.0 (x32 Version: - PDF24.org)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
PlayMemories Home (x32 Version: 6.3.02.07270 - Sony Corporation)
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Prerequisite installer (x32 Version: 12.0.0002 - Nero AG) Hidden
Qualcomm Atheros Bluetooth Suite (64) (Version: 8.0.1.305 - Qualcomm Atheros Communications)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.7037 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (x32 Version: 6.1.8400.28121 - Realtek Semiconductor Corp.)
Remote Keyboard (x32 Version: 1.2.0.09270 - Sony Corporation) Hidden
Restore (x32 Version: 1.0.0 - Sony Corporation) Hidden
Shared C Run-time for x64 (Version: 10.0.0 - McAfee)
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
Synaptics Pointing Device Driver (Version: 16.2.16.2 - Synaptics Incorporated)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Vacation Quest™ - Australia (x32 Version: 3.0.2.32 - WildTangent) Hidden
VAIO - Remote-Tastatur (x32 Version: 1.2.0.09270 - Sony Corporation)
VAIO - Xperia Link (x32 Version: 1.1.0.11020 - Sony Corporation)
VAIO Care (Version: 8.3.0.08220 - Sony Corporation)
VAIO Care Recovery (Version: 1.0.2.08020 - Sony Corporation)
VAIO Control Center (x32 Version: 6.1.0.10300 - Sony Corporation)
VAIO Data Restore Tool (x32 Version: 1.10.0.07270 - Sony Corporation)
VAIO Easy Connect (x32 Version: 8.2.0.14170 - Sony Corporation) Hidden
VAIO Gate (x32 Version: 3.0.0.08140 - Sony Corporation)
VAIO Gate Default (x32 Version: 3.1.0.10240 - Sony Corporation)
VAIO Gesture Control (x32 Version: 2.1.0.10220 - Sony Corporation)
VAIO Gesture Control (x32 Version: 2.1.0.10220 - Sony Corporation) Hidden
VAIO Image Optimizer (x32 Version: 3.0.00.08170 - Sony Corporation) Hidden
VAIO Image Optimizer (x32 Version: 3.2.00.07040 - Sony Corporation)
VAIO Improvement (x32 Version: 2.1.0.10220 - Sony Corporation)
VAIO Media Server Settings (Version: 1.0.1.10170 - Sony Corporation)
VAIO Movie Creator (x32 Version: 4.0.00.10170 - Sony Corporation) Hidden
VAIO Movie Creator (x32 Version: 4.2.00.07040 - Sony Corporation)
VAIO Movie Creator Template Data (x32 Version: 4.0.00.08170 - Sony Corporation) Hidden
VAIO Update (x32 Version: 6.3.0.08010 - Sony Corporation)
VAIO*CPU-Lüfterdiagnose (x32 Version: 1.1.0.09200 - Sony Corporation)
VAIO-Handbuch (x32 Version: 3.0.0.08100 - Sony Corporation)
VAIO-Hardwarediagnose-Plugin für VAIO Care (x32 Version: 4.7.0.11070 - Sony Corporation)
VAIO-Support für Übertragungen (x32 Version: 1.9.0.11060 - Sony Corporation)
VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VGClientX64 (Version: 1.0.0 - Sony Corporation) Hidden
VHD (x32 Version: 1.0.0 - Sony Corporation) Hidden
Virtual Villagers 5 - New Believers (x32 Version: 3.0.2.32 - WildTangent) Hidden
VIS (x32 Version: - ) <==== ATTENTION
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VMLx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.0.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VUx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VUx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
WildTangent Games App (x32 Version: 4.0.9.7 - WildTangent) Hidden
WildTangent-Spiele (x32 Version: 1.0.4.0 - WildTangent)
Windows-Treiberpaket - Qualcomm Atheros Communications Inc. (athr) Net (07/15/2013 10.0.0.260) (Version: 07/15/2013 10.0.0.260 - Qualcomm Atheros Communications Inc.)
XperiaLinkx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Youda Jewel Shop (x32 Version: 3.0.2.32 - WildTangent) Hidden

==================== Restore Points =========================

27-01-2014 07:24:54 Geplanter Prüfpunkt
04-02-2014 07:33:48 Geplanter Prüfpunkt
11-02-2014 07:56:25 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0E6CFCCE-E9F0-4C6F-8D35-F076B145BFC5} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2012-10-22] (Sony Corporation)
Task: {1E7EDD8E-BDBB-4071-9348-4F0F18F962D2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-10] (Google Inc.)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {20D5AAFE-F75F-4303-BBCF-85DEF5421B2E} - System32\Tasks\Sony Corporation\VHDInformationCheck => C:\Program Files (x86)\Sony\VAIO Recovery\plugins\InformationCheck.exe [2012-11-08] (Sony Corporation)
Task: {295CDF3E-4462-49CA-94E3-1099E40136AF} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-08-21] (Sony Corporation)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {2EDF400E-7990-4959-90BD-23E5B25FCD4E} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterUser => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2012-10-31] (Sony Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {354E385F-0108-434D-A843-AC3C61FE8696} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-10-31] (Microsoft Corporation)
Task: {378C79E2-9A2E-4DF3-B1BA-584EF38FE01A} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-01-15] (Microsoft Corporation)
Task: {3AA615B5-4CF1-4681-B40B-CFE8EB4267A5} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-08-21] (Sony Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {4396F09C-2A90-4279-8567-C431C4213969} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-08-21] (Sony Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {4A394004-DD33-4119-B9F3-FE9C71875ADE} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-07-24] (CyberLink Corp.)
Task: {4C62B999-EDAD-4D97-B53F-DF09B7CAEBFB} - System32\Tasks\USER_ESRV_SVC => Wscript.exe //B //NoLogo "C:\Program Files\Sony\VAIO Care\ESRV\task.vbs"
Task: {5C171291-D155-4638-BCD5-14279B1AC88C} - \Browser Updater\Browser Updater No Task File
Task: {5F1345F5-99A5-4FE5-8BAE-CABD3A9DC0E7} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-08-21] (Sony Corporation)
Task: {61E8B5DC-304B-4051-A279-F8F22EA212C9} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-09-06] (Sony Corporation)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {704093A3-FB93-44A4-AC88-BCCABF0D712D} - \Software Updater No Task File
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7C907D92-C9AC-42FE-BA9F-9E5E94A2A6B0} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterSystem => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2012-10-31] (Sony Corporation)
Task: {82EC626F-829E-4E44-A466-5BC53660B1C8} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-08-14] (Sony Corporation)
Task: {849AB803-91C1-481F-B694-668C53B2EB77} - System32\Tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start => C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe [2012-10-31] (Sony Corporation)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {8FD72611-65C4-4150-9F2E-ED21EF48565C} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-08-21] (Sony Corporation)
Task: {9E101F65-8B0D-40E5-9FF0-CC668886C235} - System32\Tasks\Sony Corporation\VAIO Update\Launch Application => C:\Program Files\SONY\VAIO Update\ShellExeProxy.exe [2013-08-01] (Sony Corporation)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A11B624D-23B7-4C6F-832A-A024A29FA56A} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2013-08-01] (Sony Corporation)
Task: {A422CC1B-2F01-41EA-A56C-7648C2B27C41} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-08-21] (Sony Corporation)
Task: {AA38E85F-60C6-4191-A064-0B0F37F2DF89} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-08-21] (Sony Corporation)
Task: {AC553B44-4DB8-47F9-8014-7602BF526CB8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-01-10] (Google Inc.)
Task: {C0A3A731-4437-4EBF-A46E-61A48C5D3B91} - System32\Tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask => C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe [2012-10-23] (Sony Corporation)
Task: {C2F50C5D-A3E5-4378-A7B5-4D94C35719FD} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2013-08-01] (Sony Corporation)
Task: {C365469D-4F23-44BE-8B5A-2F27541A06AF} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-08-21] (Sony Corporation)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D6DABDFD-1A73-46B6-A59A-5A9B50254C90} - System32\Tasks\Microsoft Office 15 Sync Maintenance for VIAN-sylvia vian => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-01-15] (Microsoft Corporation)
Task: {D6DC9894-DA1E-4B10-9CBF-1054CA243E1D} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-08-21] (Sony Corporation)
Task: {D83459E7-5F07-4DA2-9AF1-CF171DD72A74} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-05] (Adobe Systems Incorporated)
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DB7F4632-473C-4F4A-AC2A-6E37F532737F} - System32\Tasks\Sony Corporation\VAIO Care\CRMReminder => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2013-08-21] (Sony Corporation)
Task: {E0A09762-9941-4C9F-BDA6-6FC6F93AB5A0} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {EE665032-AE2A-46B7-B5E2-9C7039A4DDA6} - \FreeDriverScout No Task File
Task: {F20CBFB9-01BD-497D-B450-BECEA14B5155} - System32\Tasks\ProtectedSearch\Protected Search => C:\Program Files (x86)\HomeTab\ProtectedSearch.exe <==== ATTENTION
Task: {F4460AA1-CF3F-4BAF-87CE-268B7D0481FC} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-09-06] (Sony Corporation)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Loaded Modules (whitelisted) =============

2013-10-01 10:32 - 2013-10-01 10:32 - 02818216 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll
2012-06-18 16:24 - 2012-06-18 16:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2013-09-07 01:48 - 2013-09-07 01:48 - 00011264 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-09-07 01:45 - 2013-09-07 01:45 - 00086016 _____ () C:\Program Files (x86)\Bluetooth Suite\Modules\Map\MAP.dll
2013-09-07 01:52 - 2013-09-07 01:52 - 00012928 _____ () C:\Program Files (x86)\Bluetooth Suite\ActivateDesktop.exe
2013-03-26 11:44 - 2013-03-26 11:44 - 00062464 _____ () C:\Program Files\Sony\VAIO Care\listener.exe
2013-09-07 01:52 - 2013-09-07 01:52 - 00384128 _____ () C:\Program Files (x86)\Bluetooth Suite\ContactsApi.dll
2013-09-07 01:41 - 2013-09-07 01:41 - 00020992 _____ () C:\Program Files (x86)\Bluetooth Suite\L10n\de-DE\BtTray.de-DE.dll
2013-10-24 17:06 - 2013-10-24 17:06 - 00028992 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\thread_pool.dll
2013-10-24 17:09 - 2013-10-24 17:09 - 00420160 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2013-08-20 12:17 - 2012-06-25 09:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-11-13 08:54 - 2013-11-13 08:54 - 00316584 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2014-01-15 08:56 - 2014-01-15 08:56 - 00359592 _____ () C:\Program Files\Microsoft Office 15\root\office15\c2r32.dll
2013-08-20 12:27 - 2013-07-17 14:10 - 00016896 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\featureController.dll
2013-08-20 12:27 - 2013-07-17 14:10 - 00062976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\osEvents.dll
2013-08-20 12:27 - 2013-07-17 14:10 - 00322048 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\log4cplus.dll
2013-08-20 12:27 - 2013-07-17 14:10 - 00400384 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\sqlite3.dll
2013-08-20 12:27 - 2013-07-17 14:10 - 00195584 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\libgsoap.dll
2013-08-20 12:27 - 2013-07-17 14:10 - 00020480 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\eventsSender.dll
2013-08-20 12:27 - 2013-07-17 14:10 - 00062464 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\zlib1.dll
2013-08-20 12:27 - 2013-07-17 14:10 - 00446976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\deviceProfile.dll
2013-08-20 12:27 - 2013-07-17 14:10 - 00064512 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManagerStarter.dll
2013-10-24 17:06 - 2013-10-24 17:06 - 00036672 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\qt_icontray_ex.dll
2013-10-01 08:34 - 2014-02-07 22:09 - 03583600 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-02-04 08:41 - 2014-02-02 00:41 - 00715592 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\libglesv2.dll
2014-02-04 08:41 - 2014-02-02 00:41 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\libegl.dll
2013-10-01 11:00 - 2013-10-01 11:00 - 00022336 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers_proxy_stub.dll
2014-02-04 08:41 - 2014-02-02 00:42 - 04055368 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll
2014-02-04 08:41 - 2014-02-02 00:42 - 00399688 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll
2014-02-04 08:41 - 2014-02-02 00:41 - 01634632 _____ () C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\sylvia\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

==================== Disabled items from MSCONFIG ==============

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (02/16/2014 03:11:33 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifest.

Error: (02/15/2014 06:10:46 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifest.

Error: (02/15/2014 06:10:01 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifest.

Error: (02/14/2014 10:47:05 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifest.

Error: (02/14/2014 08:58:26 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifest.

Error: (02/14/2014 08:58:03 AM) (Source: Microsoft-Windows-Defrag) (User: )
Description: Das Volume "\\?\Volume{6ad4ffa3-19c3-466d-b91f-c7fa41ddfda3}\" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)

Error: (02/14/2014 08:57:45 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifest.

Error: (02/14/2014 00:32:32 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifest.

Error: (02/13/2014 07:27:53 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: notepad++.exe, Version: 6.4.5.0, Zeitstempel: 0x52050bd3
Name des fehlerhaften Moduls: notepad++.exe, Version: 6.4.5.0, Zeitstempel: 0x52050bd3
Ausnahmecode: 0xc000041d
Fehleroffset: 0x0005fdaa
ID des fehlerhaften Prozesses: 0x2650
Startzeit der fehlerhaften Anwendung: 0xnotepad++.exe0
Pfad der fehlerhaften Anwendung: notepad++.exe1
Pfad des fehlerhaften Moduls: notepad++.exe2
Berichtskennung: notepad++.exe3
Vollständiger Name des fehlerhaften Pakets: notepad++.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: notepad++.exe5

Error: (02/13/2014 07:27:52 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: notepad++.exe, Version: 6.4.5.0, Zeitstempel: 0x52050bd3
Name des fehlerhaften Moduls: notepad++.exe, Version: 6.4.5.0, Zeitstempel: 0x52050bd3
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0005fdaa
ID des fehlerhaften Prozesses: 0x2650
Startzeit der fehlerhaften Anwendung: 0xnotepad++.exe0
Pfad der fehlerhaften Anwendung: notepad++.exe1
Pfad des fehlerhaften Moduls: notepad++.exe2
Berichtskennung: notepad++.exe3
Vollständiger Name des fehlerhaften Pakets: notepad++.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: notepad++.exe5

System errors:
=============
Error: (02/15/2014 09:40:04 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst SampleCollector erreicht.

Error: (02/15/2014 10:00:01 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (02/14/2014 10:00:01 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (02/13/2014 10:00:01 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (02/12/2014 10:00:01 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (02/11/2014 10:00:01 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (02/10/2014 10:00:01 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (02/09/2014 07:12:50 PM) (Source: cdrom) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.

Error: (02/09/2014 07:12:50 PM) (Source: cdrom) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.

Error: (02/09/2014 07:12:50 PM) (Source: cdrom) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.

Microsoft Office Sessions:
=========================
Error: (02/16/2014 03:11:33 AM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (02/15/2014 06:10:46 AM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (02/15/2014 06:10:01 AM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (02/14/2014 10:47:05 AM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (02/14/2014 08:58:26 AM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (02/14/2014 08:58:03 AM) (Source: Microsoft-Windows-Defrag)(User: )
Description: \\?\Volume{6ad4ffa3-19c3-466d-b91f-c7fa41ddfda3}\Falscher Parameter. (0x80070057)

Error: (02/14/2014 08:57:45 AM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (02/14/2014 00:32:32 AM) (Source: SideBySide)(User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_62475f7becb72503.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.16384_none_a9f4965301334e09.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (02/13/2014 07:27:53 PM) (Source: Application Error)(User: )
Description: notepad++.exe6.4.5.052050bd3notepad++.exe6.4.5.052050bd3c000041d0005fdaa265001cf28c30865407fC:\Program Files (x86)\Notepad++\notepad++.exeC:\Program Files (x86)\Notepad++\notepad++.exe8ca71a55-94dc-11e3-beb2-0050b6602c46

Error: (02/13/2014 07:27:52 PM) (Source: Application Error)(User: )
Description: notepad++.exe6.4.5.052050bd3notepad++.exe6.4.5.052050bd3c00000050005fdaa265001cf28c30865407fC:\Program Files (x86)\Notepad++\notepad++.exeC:\Program Files (x86)\Notepad++\notepad++.exe8c075ab7-94dc-11e3-beb2-0050b6602c46

==================== Memory info ===========================

Percentage of memory in use: 27%
Total physical RAM: 16331.27 MB
Available physical RAM: 11880.86 MB
Total Pagefile: 18763.27 MB
Available Pagefile: 14048.79 MB
Total Virtual: 131072 MB
Available Virtual: 131071.77 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:208.75 GB) (Free:151.75 GB) NTFS
Drive d: (Volume) (Fixed) (Total:465.76 GB) (Free:350.43 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238 GB) (Disk ID: 00000000)

Partition: GPT Partition Type
========================================================
Disk: 1 (Size: 466 GB) (Disk ID: 7B7ECB33)
Partition 1: (Not Active) - (Size=466 GB) - (Type=07 NTFS)

==================== End Of Log ============================

vielen dank und bis später
hope13

schrauber · 17.02.2014, 09:01

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

hope_13 · 17.02.2014, 17:41

guten morgen schrauber,

danke für die "roadmap", ich mache mich ans werk.

malewarebyte hatte ich bereits durchlaufen lassen, bevor ich zu dir kontakt aufnahm, ob ein zweiter durchlauf nötig ist, weiß ich nicht; mache ihn jedoch mit externer sicherungsplatte inklusive.

bis später
hope13

hallo schrauber,

die scanns sind durchgelaufen, ich schicke dir dir logfiles

vielen dank für deine unterstützung!
hope13

Malwarebytes Anti-Malware (PRO) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.02.16.03

Windows 8 x64 NTFS
Internet Explorer 11.0.9600.16518
xx [Administrator]

Schutz: Aktiviert

17.02.2014 09:30:21
mbam-log-2014-02-17 (09-30-21).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|F:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 1790485
Laufzeit: 5 Stunde(n), 44 Minute(n), 49 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

AdwCleaner
AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v3.019 - Bericht erstellt am 17/02/2014 um 16:54:23
# Aktualisiert 17/02/2014 von Xplode
# Betriebssystem : Windows 8.1  (64 bits)
# Benutzername : xx
# Gestartet von : C:\Users\xx\Downloads\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Users\xx\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_729456\Extensions\{ad7ef860-f366-4be1-8d12-4363b9356947}
Ordner Gelöscht : C:\xx\sylvia\AppData\Roaming\Mozilla\Firefox\Profiles\i0i1ms7q.default\Extensions\EFGLQA@78ETGYN-0W7FN789T87.COM
Ordner Gelöscht : C:\Users\xx\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_729456\Extensions\EFGLQA@78ETGYN-0W7FN789T87.COM
Datei Gelöscht : C:\WINDOWS\System32\Tasks\Browser Updater
Datei Gelöscht : C:\WINDOWS\System32\Tasks\ProtectedSearch

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\caphyon

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16518


-\\ Mozilla Firefox v27.0.1 (de)

[ Datei : C:\Users\xx\AppData\Roaming\Mozilla\Firefox\Profiles\i0i1ms7q.default\prefs.js ]

Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.internaldb.cache/2a71b3b28494cf1854d333288ccc18ba_DE.value", "%22var%20cat_2a71b3b28494cf1854d3332[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.internaldb.cache/3518e1eac042730aa1274618984462b3_DE.value", "%22var%20cat_3518e1eac042730aa127461[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_102.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n    appAP[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_104.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n    appAP[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_119.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n    appAP[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_120.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n    appAP[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_123.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n    appAP[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_138.code", "if (typeof appAPI.internal.monetization === \"undefined\") {\n    appAP[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_16.code", "if((typeof isBackground===\"undefined\"||isBackground!==true)&&(typeof _[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_17.code", "if(typeof window!==\"undefined\"){\n/*!\n * jQuery JavaScript Library v1[...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_9.code", "appAPI.hooks.addHook(\"searchEngine\",(function(a){return function(){var [...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_91.code", "(function(h){var p=(function(){var R=0;var Z=\"\";function Q(ac){return [...]
Zeile gelöscht : user_pref("extensions.ac17236e8fd6644bcaeef1e00981cbb640a4ee0fe53564fd3b37c5cd5671a315ccom39030.39030.plugins.plugin_92.code", "if(typeof appAPI.internal.monetization===\"undefined\"){appAPI.internal.[...]
Zeile gelöscht : user_pref("iminent.versioning", "{\"CurrentVersion\":\"7.41.2.1\",\"InstallEventCTime\":1381746936043,\"InstallEvent\":\"True\"}");

[ Datei : C:\Users\xx\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_729456\prefs.js ]


-\\ Google Chrome v32.0.1700.107

[ Datei : C:\Users\xx\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [5002 octets] - [17/02/2014 16:51:01]
AdwCleaner[S0].txt - [4911 octets] - [17/02/2014 16:54:23]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [4971 octets] ##########

--- --- ---

jrt

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.1 (02.04.2014:1)
OS: Windows 8.1 x64
Ran by sylvia on 17.02.2014 at 17:10:17,02
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

~~~ Files

~~~ Folders

~~~ Event Viewer Logs were cleared

und das neue frst
FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-02-2014
Ran by xx (administrator) on VIAN on 17-02-2014 17:34:14
Running from C:\Users\xx\Downloads
Windows 8.1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\WINDOWS\system32\atiesrxx.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\DllHost.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(AMD) C:\WINDOWS\system32\atieclxx.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(Microsoft Corporation) C:\Windows\System32\skydrive.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\onenote.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Don HO don.h@free.fr) C:\Program Files (x86)\Notepad++\notepad++.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-09-12] (Realtek Semiconductor)
HKLM\...\Run: [Acronis Scheduler2 Service] - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [519408 2013-07-18] (Acronis)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2930488 2012-10-23] (Synaptics Incorporated)
HKLM-x32\...\Run: [ISBMgr.exe] - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-17] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] - C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [724576 2012-07-27] (Sony Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Intel AppUp(R) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2013-07-17] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-22] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [TrueImageMonitor.exe] - C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7843992 2013-10-24] (Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] - C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1104616 2013-10-10] (Acronis International GmbH)
HKLM-x32\...\Run: [PDFPrint] - C:\Program Files (x86)\PDF24\pdf24.exe [186408 2013-12-12] (Geek Software GmbH)
HKLM\...\Policies\Explorer\Run: [BtvStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-09-07] ( (Atheros Communications))
Startup: C:\Users\xx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu
SearchScopes: HKLM-x32 - URL hxxp://search.certified-toolbar.com?si=43169&st=bs&tid=3580&ts=1381910076033&tguid=43169-3580-1381910068841-442584&q={searchTerms}
SearchScopes: HKLM-x32 - SuggestionsURL_JSON hxxp://api.widdit.com/suggestions/?format=ffplugin&ua=ie&src=addon&si=43169&gid=1&dbCode=1&command={searchTerms}
SearchScopes: HKLM-x32 - TopResultURLFallback hxxp://search.certified-toolbar.com?si=43169&st=bs&tid=3580&ts=1381910076033&tguid=43169-3580-1381910068841-442584&q={searchTerms}
SearchScopes: HKCU - URL hxxp://search.certified-toolbar.com?si=43169&st=bs&tid=3580&ts=1381910076033&tguid=43169-3580-1381910068841-442584&q={searchTerms}
SearchScopes: HKCU - SuggestionsURL_JSON hxxp://api.widdit.com/suggestions/?format=ffplugin&ua=ie&src=addon&si=43169&gid=1&dbCode=1&command={searchTerms}
SearchScopes: HKCU - TopResultURLFallback hxxp://search.certified-toolbar.com?si=43169&st=bs&tid=3580&ts=1381910076033&tguid=43169-3580-1381910068841-442584&q={searchTerms}
SearchScopes: HKCU - {B3B90EEF-6622-444D-B7B8-58F1A8D0AF8D} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASEJS
SearchScopes: HKCU - {EFB12CA6-09F2-4DB3-991F-8CFF86FC9A3E} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q113&_nkw={searchTerms}
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\Sony\MSS\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\xx\AppData\Roaming\Mozilla\Firefox\Profiles\i0i1ms7q.default
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @java.com/DTPlugin,version=10.9.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.9.2 - C:\WINDOWS\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\Sony\MSS\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: intel.com/AppUp - C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll (Intel)
FF Plugin HKCU: intel.com/AppUpx64 - C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Web Developer - C:\Users\xx\AppData\Roaming\Mozilla\Firefox\Profiles\i0i1ms7q.default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2013-09-27]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome: 
=======
CHR Extension: (Google Docs) - C:\Users\xx\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-10]
CHR Extension: (Google Drive) - C:\Users\xx\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-10]
CHR Extension: (YouTube) - C:\Users\xx\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-10]
CHR Extension: (Google-Suche) - C:\Users\xx\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-10]
CHR Extension: (Google Wallet) - C:\Users\xx\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-10]
CHR Extension: (Google Mail) - C:\Users\xx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-10]

==================== Services (Whitelisted) =================

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-09-07] (Windows (R) Win 7 DDK provider)
R2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [9281840 2013-10-07] (DisplayLink Corp.)
R2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-05-29] (Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostServiceSony; C:\Program Files\Sony\MSS\3.8.130\McCHSvc.exe [288776 2013-10-16] (McAfee, Inc.)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [625240 2013-09-28] (Sony Corporation)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-10-31] (Microsoft Corporation)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474208 2012-07-27] (Sony Corporation)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [266168 2013-05-29] (Intel Corporation)
S3 SXDS10; C:\Program Files (x86)\Common Files\soft Xpansion\sxds10.exe [234096 2013-09-12] (soft Xpansion)
S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-05-29] (Intel Corporation)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [964608 2012-09-28] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1368624 2013-08-01] (Sony Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-09-07] (Atheros)

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3837440 2013-09-25] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [138240 2013-09-26] (Advanced Micro Devices)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-07] (Qualcomm Atheros)
R3 BTATH_VDP; C:\Windows\system32\drivers\btath_vdp.sys [428488 2013-09-07] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 DisplayLinkUsbIo_x64; C:\Windows\system32\DRIVERS\DisplayLinkUsbIo_x64_7.4.51572.0.sys [46384 2013-10-08] ()
R3 dlcdcncm6_x64; C:\Windows\system32\DRIVERS\dlcdcncm6_x64.sys [80688 2013-10-07] (DisplayLink Corp.)
R3 dlusbaudio; C:\Windows\system32\DRIVERS\dlusbaudio_x64.sys [202128 2013-10-07] (DisplayLink Corp.)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-12-17] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-27] (Intel Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
R3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2013-11-03] ()
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-12-17] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44344 2012-10-23] (Synaptics Incorporated)
R3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-11] (Sony Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-14] (Microsoft Corporation)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2013-12-16] (Acronis International GmbH)
S0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [198432 2013-12-16] (Acronis International GmbH)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-17 17:33 - 2014-02-17 17:33 - 00000000 ____D () C:\Users\xx\Downloads\FRST-OlderVersion
2014-02-17 17:02 - 2014-02-17 17:02 - 01037530 _____ (Thisisu) C:\Users\xx\Downloads\JRT.exe
2014-02-17 16:50 - 2014-02-17 16:54 - 00000000 ____D () C:\AdwCleaner
2014-02-17 16:45 - 2014-02-17 16:45 - 01241888 _____ () C:\Users\xx\Downloads\adwcleaner.exe
2014-02-17 05:01 - 2013-12-09 01:34 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-02-17 05:01 - 2013-12-09 01:04 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-02-17 05:01 - 2013-11-27 16:34 - 03210528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2014-02-17 05:01 - 2013-11-27 16:27 - 00809872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-02-17 05:01 - 2013-11-27 15:00 - 00663680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-02-17 05:01 - 2013-11-27 14:47 - 02804528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2014-02-17 05:01 - 2013-11-27 13:02 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipnat.sys
2014-02-17 05:01 - 2013-11-27 11:54 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-02-17 05:01 - 2013-11-27 11:24 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2014-02-17 05:01 - 2013-11-27 11:08 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-02-17 05:01 - 2013-11-27 10:46 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2014-02-17 05:01 - 2013-11-27 10:41 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2014-02-17 05:01 - 2013-11-27 10:17 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-02-17 05:01 - 2013-11-27 10:10 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2014-02-17 05:01 - 2013-11-27 09:58 - 01503232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-02-17 05:01 - 2013-11-27 09:56 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2014-02-17 05:01 - 2013-11-27 05:01 - 00385614 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-02-17 05:01 - 2013-11-26 14:22 - 01928144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2014-02-17 05:01 - 2013-11-26 14:20 - 02131120 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-02-17 05:01 - 2013-11-26 14:20 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-02-17 05:01 - 2013-11-26 14:20 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-02-17 05:01 - 2013-11-26 12:50 - 01371312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2014-02-17 05:01 - 2013-11-26 12:44 - 02142936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-02-17 05:01 - 2013-11-26 12:44 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-02-17 05:01 - 2013-11-26 11:13 - 04191232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-02-17 05:01 - 2013-11-26 10:21 - 18577920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-02-17 05:01 - 2013-11-26 09:28 - 13925888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-02-17 05:01 - 2013-11-25 02:45 - 00142680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-02-17 05:01 - 2013-11-25 02:32 - 01119064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-02-17 05:01 - 2013-11-25 00:30 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-02-17 05:01 - 2013-11-25 00:28 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-02-17 05:01 - 2013-11-23 13:47 - 00032088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-02-17 05:01 - 2013-11-23 12:49 - 21196664 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-02-17 05:01 - 2013-11-23 09:19 - 18642504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-02-17 05:01 - 2013-11-23 08:13 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\bi.dll
2014-02-17 05:01 - 2013-11-23 08:13 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys
2014-02-17 05:01 - 2013-11-23 08:08 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-02-17 05:01 - 2013-11-23 05:50 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-02-17 05:01 - 2013-11-23 04:57 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-02-17 05:01 - 2013-11-23 04:48 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-02-17 05:01 - 2013-11-23 04:25 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-02-17 05:01 - 2013-11-23 04:25 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-02-17 05:01 - 2013-11-23 04:19 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-02-17 05:01 - 2013-11-23 04:15 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-02-17 05:01 - 2013-11-21 07:58 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceregistration.dll
2014-02-17 05:01 - 2013-11-21 07:26 - 01415680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-02-17 05:01 - 2013-11-16 06:11 - 00764856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-02-17 05:01 - 2013-11-15 19:19 - 00669344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-02-17 05:01 - 2013-11-15 15:59 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2014-02-17 05:01 - 2013-11-15 15:25 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2014-02-17 05:01 - 2013-11-15 15:08 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-02-17 05:01 - 2013-11-15 14:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-02-17 05:01 - 2013-11-05 21:12 - 02551128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-02-17 05:01 - 2013-10-31 01:29 - 00745336 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-02-17 05:01 - 2013-10-31 00:41 - 00552624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-02-16 09:31 - 2014-02-16 09:32 - 00043696 _____ () C:\Users\xx\Downloads\Addition.txt
2014-02-16 09:30 - 2014-02-17 17:34 - 00018985 _____ () C:\Users\xx\Downloads\FRST.txt
2014-02-16 09:30 - 2014-02-17 17:33 - 00000000 ____D () C:\FRST
2014-02-16 09:29 - 2014-02-17 17:33 - 02152448 _____ (Farbar) C:\Users\xx\Downloads\FRST64.exe
2014-02-13 16:25 - 2014-02-13 16:25 - 00912884 _____ () C:\Users\xx\Downloads\Backstretch_f_Hoellen.zip
2014-02-13 08:31 - 2013-12-09 01:27 - 02152448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-02-13 08:31 - 2013-12-09 01:19 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll
2014-02-13 08:31 - 2013-12-09 00:55 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll
2014-02-13 08:31 - 2013-12-09 00:54 - 01317376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-02-13 08:30 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-02-13 08:30 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-02-13 08:30 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-02-13 08:30 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-02-13 08:30 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-02-13 08:30 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-02-13 08:30 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-02-13 08:30 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-02-13 08:30 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-02-13 08:30 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-02-13 08:30 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-02-13 08:30 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-02-13 08:30 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-02-13 08:30 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-02-13 08:30 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-02-13 08:30 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-02-13 08:30 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-02-13 08:30 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-02-13 08:30 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-02-13 08:30 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-02-13 08:30 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-02-13 08:30 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-02-13 08:30 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-02-13 08:30 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-02-13 08:30 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-02-13 08:30 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-02-13 08:30 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-02-13 08:30 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-02-13 08:30 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-02-13 08:30 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-02-13 08:30 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-02-13 08:30 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-02-13 08:30 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-02-13 08:30 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-02-13 08:30 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-02-13 08:30 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-02-13 08:30 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-02-13 08:30 - 2014-01-07 06:00 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-02-13 08:30 - 2014-01-07 05:30 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-02-13 08:30 - 2013-12-09 03:57 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-02-13 08:30 - 2013-12-09 02:51 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-02-13 08:30 - 2013-11-21 07:42 - 04604416 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2014-02-13 08:30 - 2013-11-21 06:44 - 03936256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2014-02-13 08:29 - 2014-01-09 09:25 - 02804224 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-02-13 08:29 - 2014-01-09 08:59 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-02-13 08:29 - 2014-01-09 08:59 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-02-13 08:29 - 2014-01-09 08:49 - 00919040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-02-13 08:29 - 2014-01-09 08:44 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-02-13 08:29 - 2014-01-09 08:43 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-02-13 08:29 - 2014-01-09 08:29 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-02-13 08:29 - 2014-01-09 08:28 - 04217344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-02-13 08:29 - 2014-01-09 08:28 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-02-13 08:29 - 2014-01-09 08:18 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-02-13 08:29 - 2014-01-07 08:03 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2014-02-13 08:29 - 2014-01-07 06:59 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2014-02-13 08:29 - 2014-01-04 21:50 - 01462216 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-02-13 08:29 - 2014-01-04 20:22 - 01202888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-02-13 08:29 - 2014-01-04 15:30 - 13209088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-02-13 08:29 - 2014-01-04 15:23 - 11702272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-02-13 08:29 - 2014-01-04 14:42 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-02-13 08:29 - 2014-01-04 14:40 - 07416832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-02-13 08:29 - 2014-01-04 14:36 - 00830976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-02-13 08:29 - 2014-01-04 14:28 - 04961792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-02-13 08:29 - 2013-12-21 03:10 - 00009701 _____ () C:\WINDOWS\SysWOW64\connectedsearch-results.searchconnector-ms
2014-02-13 08:29 - 2013-12-21 03:10 - 00009701 _____ () C:\WINDOWS\system32\connectedsearch-results.searchconnector-ms
2014-02-13 08:29 - 2013-12-20 11:10 - 01113040 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-02-13 08:29 - 2013-12-20 07:13 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-02-07 11:04 - 2014-02-07 11:04 - 02941731 _____ () C:\Users\xx\Downloads\Joomla_2.5.17_to_2.5.18-Stable-Patch_Package.zip
2014-02-07 11:04 - 2014-02-07 11:04 - 02089577 _____ () C:\Users\xx\Downloads\Joomla_2.5.x_to_2.5.18-Stable-Patch_Package.tar.gz
2014-02-07 11:04 - 2014-02-07 11:04 - 01571294 _____ () C:\Users\xx\Downloads\Joomla_2.5.x_to_2.5.18-Stable-Patch_Package.tar.bz2
2014-02-07 11:03 - 2014-02-07 11:04 - 03581681 _____ () C:\Users\xx\Downloads\Joomla_2.5.x_to_2.5.18-Stable-Patch_Package.zip
2014-02-06 09:59 - 2014-02-06 09:59 - 00132940 _____ () C:\Users\xx\Downloads\plg_sige_v2.5-2.zip
2014-01-30 14:09 - 2014-01-30 14:09 - 00050393 _____ () C:\Users\xx\Downloads\srobbin-jquery-pageslide-v2.0-0-gd00801f.zip
2014-01-24 15:14 - 2014-01-24 15:14 - 00046735 _____ () C:\Users\xx\Downloads\akeebabackup-de-DE-j25.zip
2014-01-23 13:08 - 2014-01-23 13:09 - 08412228 _____ () C:\Users\xx\Downloads\Joomla_3.2.1-Stable-Update_Package.zip

==================== One Month Modified Files and Folders =======

2014-02-17 17:34 - 2014-02-16 09:30 - 00018985 _____ () C:\Users\xx\Downloads\FRST.txt
2014-02-17 17:34 - 2014-02-16 09:30 - 00000000 ____D () C:\FRST
2014-02-17 17:33 - 2014-02-17 17:33 - 00000000 ____D () C:\Users\xx\Downloads\FRST-OlderVersion
2014-02-17 17:33 - 2014-02-16 09:29 - 02152448 _____ (Farbar) C:\Users\xx\Downloads\FRST64.exe
2014-02-17 17:24 - 2013-08-22 22:22 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-554626538-1008602864-1809198237-1001
2014-02-17 17:09 - 2013-09-10 16:32 - 00005124 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for VIAN-xx vian
2014-02-17 17:08 - 2013-09-09 18:09 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-02-17 17:02 - 2014-02-17 17:02 - 01037530 _____ (Thisisu) C:\Users\xx\Downloads\JRT.exe
2014-02-17 17:02 - 2013-11-14 08:27 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-02-17 17:02 - 2013-11-14 08:11 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2014-02-17 17:02 - 2013-11-14 08:11 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2014-02-17 17:01 - 2013-12-17 18:32 - 01759163 _____ () C:\WINDOWS\WindowsUpdate.log
2014-02-17 17:01 - 2013-12-17 18:25 - 00040042 _____ () C:\WINDOWS\system32\lvcoinst.log
2014-02-17 17:00 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-02-17 16:58 - 2014-01-10 12:29 - 00001116 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-17 16:58 - 2013-12-17 22:16 - 00000000 __RDO () C:\Users\xx\SkyDrive
2014-02-17 16:58 - 2013-08-22 22:14 - 00000000 ___RD () C:\Users\xx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-17 16:58 - 2013-08-22 22:14 - 00000000 ___RD () C:\Users\xx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-02-17 16:56 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-02-17 16:56 - 2013-08-22 15:44 - 00427624 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-02-17 16:55 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-02-17 16:55 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
2014-02-17 16:55 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Dism
2014-02-17 16:55 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-02-17 16:54 - 2014-02-17 16:50 - 00000000 ____D () C:\AdwCleaner
2014-02-17 16:54 - 2013-09-12 11:33 - 00000000 ____D () C:\WINDOWS\System32\Tasks\ProtectedSearch
2014-02-17 16:49 - 2013-09-05 12:16 - 00013030 _____ () C:\PDOXUSRS.NET
2014-02-17 16:49 - 2012-07-26 06:26 - 00001017 _____ () C:\WINDOWS\win.ini
2014-02-17 16:45 - 2014-02-17 16:45 - 01241888 _____ () C:\Users\xx\Downloads\adwcleaner.exe
2014-02-17 16:44 - 2014-01-10 12:29 - 00001120 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-17 16:41 - 2013-12-17 22:42 - 00003918 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{34AA38E2-7825-4710-9B57-909B0B442ABD}
2014-02-16 23:04 - 2013-08-22 22:13 - 00000000 ____D () C:\Users\xx\AppData\Local\Packages
2014-02-16 20:58 - 2013-10-01 08:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-16 18:51 - 2013-09-10 10:18 - 00000000 ____D () C:\Users\xx\AppData\Local\CrashDumps
2014-02-16 09:32 - 2014-02-16 09:31 - 00043696 _____ () C:\Users\xx\Downloads\Addition.txt
2014-02-14 20:42 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-02-14 20:02 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-02-14 14:39 - 2014-01-10 12:29 - 00004092 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-14 14:39 - 2014-01-10 12:29 - 00003856 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-14 14:14 - 2013-09-05 17:32 - 00000000 ____D () C:\Users\xx\AppData\Roaming\FileZilla
2014-02-13 19:29 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-02-13 19:29 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-02-13 19:29 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-02-13 16:25 - 2014-02-13 16:25 - 00912884 _____ () C:\Users\xx\Downloads\Backstretch_f_Hoellen.zip
2014-02-08 08:47 - 2013-11-13 23:18 - 00009030 _____ () C:\WINDOWS\PFRO.log
2014-02-07 11:04 - 2014-02-07 11:04 - 02941731 _____ () C:\Users\xx\Downloads\Joomla_2.5.17_to_2.5.18-Stable-Patch_Package.zip
2014-02-07 11:04 - 2014-02-07 11:04 - 02089577 _____ () C:\Users\xx\Downloads\Joomla_2.5.x_to_2.5.18-Stable-Patch_Package.tar.gz
2014-02-07 11:04 - 2014-02-07 11:04 - 01571294 _____ () C:\Users\xx\Downloads\Joomla_2.5.x_to_2.5.18-Stable-Patch_Package.tar.bz2
2014-02-07 11:04 - 2014-02-07 11:03 - 03581681 _____ () C:\Users\xx\Downloads\Joomla_2.5.x_to_2.5.18-Stable-Patch_Package.zip
2014-02-06 13:16 - 2014-02-13 08:30 - 23170048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-02-06 12:30 - 2014-02-13 08:30 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-02-06 12:30 - 2014-02-13 08:30 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-02-06 12:12 - 2014-02-13 08:30 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-02-06 12:07 - 2014-02-13 08:30 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-02-06 12:06 - 2014-02-13 08:30 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-02-06 11:57 - 2014-02-13 08:30 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-02-06 11:56 - 2014-02-13 08:30 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-02-06 11:49 - 2014-02-13 08:30 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-02-06 11:48 - 2014-02-13 08:30 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-02-06 11:48 - 2014-02-13 08:30 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-02-06 11:38 - 2014-02-13 08:30 - 17103872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-02-06 11:32 - 2014-02-13 08:30 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-02-06 11:20 - 2014-02-13 08:30 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-02-06 11:17 - 2014-02-13 08:30 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-02-06 11:11 - 2014-02-13 08:30 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-02-06 11:01 - 2014-02-13 08:30 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-02-06 11:00 - 2014-02-13 08:30 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-13 08:30 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-02-06 10:57 - 2014-02-13 08:30 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-02-06 10:52 - 2014-02-13 08:30 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-02-06 10:52 - 2014-02-13 08:30 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-02-06 10:50 - 2014-02-13 08:30 - 02041856 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-02-06 10:47 - 2014-02-13 08:30 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-02-06 10:46 - 2014-02-13 08:30 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-02-06 10:25 - 2014-02-13 08:30 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-02-06 10:25 - 2014-02-13 08:30 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-02-06 10:24 - 2014-02-13 08:30 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-02-06 10:22 - 2014-02-13 08:30 - 13051392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-02-06 10:13 - 2014-02-13 08:30 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-02-06 10:09 - 2014-02-13 08:30 - 01964032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-02-06 10:03 - 2014-02-13 08:30 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-02-06 09:59 - 2014-02-06 09:59 - 00132940 _____ () C:\Users\xx\Downloads\plg_sige_v2.5-2.zip
2014-02-06 09:55 - 2014-02-13 08:30 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-02-06 09:41 - 2014-02-13 08:30 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-02-06 09:40 - 2014-02-13 08:30 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-02-06 09:36 - 2014-02-13 08:30 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-02-06 09:34 - 2014-02-13 08:30 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-02-05 09:08 - 2013-09-09 18:09 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-01-30 21:47 - 2013-08-22 16:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-01-30 21:47 - 2013-08-22 16:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-30 14:09 - 2014-01-30 14:09 - 00050393 _____ () C:\Users\xx\Downloads\srobbin-jquery-pageslide-v2.0-0-gd00801f.zip
2014-01-29 20:00 - 2013-09-06 13:15 - 00000000 ____D () C:\Users\xx\AppData\Local\Microsoft Help
2014-01-24 15:14 - 2014-01-24 15:14 - 00046735 _____ () C:\Users\xx\Downloads\akeebabackup-de-DE-j25.zip
2014-01-24 11:25 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-01-23 13:09 - 2014-01-23 13:08 - 08412228 _____ () C:\Users\xx\Downloads\Joomla_3.2.1-Stable-Update_Package.zip
2014-01-22 12:37 - 2013-08-22 15:46 - 00290291 _____ () C:\WINDOWS\setupact.log
2014-01-19 21:10 - 2013-09-08 14:33 - 00000000 ____D () C:\Users\xx\AppData\Local\Adobe
2014-01-19 10:42 - 2013-08-25 10:26 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-01-19 08:38 - 2013-09-05 10:54 - 00270496 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2014-01-18 13:43 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\WinStore

Some content of TEMP:
====================
C:\Users\xx\AppData\Local\Temp\917b0b87-3358-4e79-93de-3dfc2fc99ed0.exe
C:\Users\xx\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-16 03:11

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

--- --- ---

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 17.02.2014 at 17:17:39,41
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

schrauber · 18.02.2014, 12:37

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

hope_13 · 18.02.2014, 21:36

hallo schrauber,

vielen dank für deine tipps!!!!! und hilfestellung.

wie es aussieht, hat alles geklappt.

viele grüße hope 13

hier das eset:

mit dem code-einfügen habe ich leider probleme, es tut sich nichts, wenn ich auf die raute oder das <> klicke.

ESET Online Scanner 180214

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=d419b9a452b3404db487754483d6dc54
# engine=16150
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-12-05 09:24:46
# local_time=2013-12-05 10:24:46 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.2.9200 NT
# compatibility_mode=5893 16776573 100 94 9358 13562161 0 0
# scanned=655987
# found=0
# cleaned=0
# scan_time=8081
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=d419b9a452b3404db487754483d6dc54
# engine=17114
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-02-18 07:52:45
# local_time=2014-02-18 08:52:45 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.2.9200 NT
# compatibility_mode=5893 16776573 100 94 45921 15586867 0 0
# scanned=1580225
# found=3
# cleaned=0
# scan_time=28703
sh=81C56910CB8D0D016138F335B4A8F47C95D46FA7 ft=0 fh=0000000000000000 vn="PHP/PhpSpy.A trojan" ac=I fn="D:\$RECYCLE.BIN\S-1-5-21-554626538-1008602864-1809198237-1001\$R567W67\site-www.wisspa.de-20140114-121046.zip"
sh=DE6045707CC56ADDCE550DFB0B626EDDF7F48464 ft=0 fh=0000000000000000 vn="PHP/PhpSpy.A trojan" ac=I fn="D:\$RECYCLE.BIN\S-1-5-21-554626538-1008602864-1809198237-1001\$RLRHBTF\site-www.wisspa.de-20140114-115738.zip"
sh=82ED449C818E8AFA23C79FFBDA3B3A2B9F0524E1 ft=0 fh=0000000000000000 vn="PHP/PhpSpy.A trojan" ac=I fn="D:\$RECYCLE.BIN\S-1-5-21-554626538-1008602864-1809198237-1001\$RLRHBTF\site-www.wisspa.de-20140114-115738\modules\mod_lang_temp\angel.php"

checkup.txt

Results of screen317's Security Check version 0.99.79
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Defender
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Malwarebytes Anti-Malware Version 1.75.0.1300
Adobe Flash Player 12.0.0.44
Adobe Reader XI
Mozilla Firefox (27.0.1)
Google Chrome 32.0.1700.102
Google Chrome 32.0.1700.107
````````Process Check: objlist.exe by Laurent````````
Windows Defender MSMpEng.exe
Windows Defender MSASCui.exe
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbamgui.exe
Malwarebytes' Anti-Malware mbamscheduler.exe
Windows Defender MSASCui.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````

frst
FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-02-2014
Ran by xx (administrator) on VIAN on 18-02-2014 21:29:32
Running from C:\Users\xx\Downloads
Windows 8.1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\WINDOWS\system32\atiesrxx.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\DllHost.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(AMD) C:\WINDOWS\system32\atieclxx.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe
(Microsoft Corporation) C:\Windows\System32\skydrive.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.EXE
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Acronis) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Intel Corporation) C:\Program Files\Sony\VAIO Care\ESRV\esrv.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\onenote.exe
(Don HO don.h@free.fr) C:\Program Files (x86)\Notepad++\notepad++.exe
(Adobe Systems, Inc.) C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
(Adobe Systems, Inc.) C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\outlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe\LiveComm.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1321688 2013-09-12] (Realtek Semiconductor)
HKLM\...\Run: [Acronis Scheduler2 Service] - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [519408 2013-07-18] (Acronis)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2930488 2012-10-23] (Synaptics Incorporated)
HKLM-x32\...\Run: [ISBMgr.exe] - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-17] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] - C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [724576 2012-07-27] (Sony Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Intel AppUp(R) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2013-07-17] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-08-22] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [TrueImageMonitor.exe] - C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7843992 2013-10-24] (Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] - C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1104616 2013-10-10] (Acronis International GmbH)
HKLM-x32\...\Run: [PDFPrint] - C:\Program Files (x86)\PDF24\pdf24.exe [186408 2013-12-12] (Geek Software GmbH)
HKLM\...\Policies\Explorer\Run: [BtvStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [132736 2013-09-07] ( (Atheros Communications))
Startup: C:\Users\xx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu
SearchScopes: HKLM-x32 - URL hxxp://search.certified-toolbar.com?si=43169&st=bs&tid=3580&ts=1381910076033&tguid=43169-3580-1381910068841-442584&q={searchTerms}
SearchScopes: HKLM-x32 - SuggestionsURL_JSON hxxp://api.widdit.com/suggestions/?format=ffplugin&ua=ie&src=addon&si=43169&gid=1&dbCode=1&command={searchTerms}
SearchScopes: HKLM-x32 - TopResultURLFallback hxxp://search.certified-toolbar.com?si=43169&st=bs&tid=3580&ts=1381910076033&tguid=43169-3580-1381910068841-442584&q={searchTerms}
SearchScopes: HKCU - DefaultScope {B3B90EEF-6622-444D-B7B8-58F1A8D0AF8D} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASEJS
SearchScopes: HKCU - URL hxxp://search.certified-toolbar.com?si=43169&st=bs&tid=3580&ts=1381910076033&tguid=43169-3580-1381910068841-442584&q={searchTerms}
SearchScopes: HKCU - SuggestionsURL_JSON hxxp://api.widdit.com/suggestions/?format=ffplugin&ua=ie&src=addon&si=43169&gid=1&dbCode=1&command={searchTerms}
SearchScopes: HKCU - TopResultURLFallback hxxp://search.certified-toolbar.com?si=43169&st=bs&tid=3580&ts=1381910076033&tguid=43169-3580-1381910068841-442584&q={searchTerms}
SearchScopes: HKCU - {B3B90EEF-6622-444D-B7B8-58F1A8D0AF8D} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASEJS
SearchScopes: HKCU - {EFB12CA6-09F2-4DB3-991F-8CFF86FC9A3E} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q113&_nkw={searchTerms}
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\Sony\MSS\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\xx\AppData\Roaming\Mozilla\Firefox\Profiles\i0i1ms7q.default
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_12_0_0_43.dll ()
FF Plugin: @java.com/DTPlugin,version=10.9.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.9.2 - C:\WINDOWS\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\Sony\MSS\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: intel.com/AppUp - C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll (Intel)
FF Plugin HKCU: intel.com/AppUpx64 - C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Web Developer - C:\Users\xx\AppData\Roaming\Mozilla\Firefox\Profiles\i0i1ms7q.default\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2013-09-27]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome: 
=======
CHR Extension: (Google Docs) - C:\Users\xx\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-10]
CHR Extension: (Google Drive) - C:\Users\xx\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-10]
CHR Extension: (YouTube) - C:\Users\xx\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-10]
CHR Extension: (Google-Suche) - C:\Users\xx\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-10]
CHR Extension: (Google Wallet) - C:\Users\xx\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-10]
CHR Extension: (Google Mail) - C:\Users\xx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-10]

==================== Services (Whitelisted) =================

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-09-07] (Windows (R) Win 7 DDK provider)
R2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [9281840 2013-10-07] (DisplayLink Corp.)
R2 ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-05-29] (Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostServiceSony; C:\Program Files\Sony\MSS\3.8.130\McCHSvc.exe [288776 2013-10-16] (McAfee, Inc.)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [625240 2013-09-28] (Sony Corporation)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1907896 2013-10-31] (Microsoft Corporation)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474208 2012-07-27] (Sony Corporation)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [266168 2013-05-29] (Intel Corporation)
S3 SXDS10; C:\Program Files (x86)\Common Files\soft Xpansion\sxds10.exe [234096 2013-09-12] (soft Xpansion)
S3 USER_ESRV_SVC; C:\Program Files\Sony\VAIO Care\ESRV\esrv_svc.exe [377768 2013-05-29] (Intel Corporation)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [964608 2012-09-28] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1368624 2013-08-01] (Sony Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-09-07] (Atheros)

==================== Drivers (Whitelisted) ====================

S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3837440 2013-09-25] (Qualcomm Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [138240 2013-09-26] (Advanced Micro Devices)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-07] (Qualcomm Atheros)
R3 BTATH_VDP; C:\Windows\system32\drivers\btath_vdp.sys [428488 2013-09-07] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [224768 2013-08-22] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 DisplayLinkUsbIo_x64; C:\Windows\system32\DRIVERS\DisplayLinkUsbIo_x64_7.4.51572.0.sys [46384 2013-10-08] ()
R3 dlcdcncm6_x64; C:\Windows\system32\DRIVERS\dlcdcncm6_x64.sys [80688 2013-10-07] (DisplayLink Corp.)
R3 dlusbaudio; C:\Windows\system32\DRIVERS\dlusbaudio_x64.sys [202128 2013-10-07] (DisplayLink Corp.)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-12-17] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-27] (Intel Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
R3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2013-11-03] ()
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-12-17] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44344 2012-10-23] (Synaptics Incorporated)
R3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-11] (Sony Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-14] (Microsoft Corporation)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2013-12-16] (Acronis International GmbH)
S0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [198432 2013-12-16] (Acronis International GmbH)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-18 21:10 - 2014-02-18 21:10 - 00987425 _____ () C:\Users\xx\Downloads\SecurityCheck.exe
2014-02-18 12:51 - 2014-02-18 12:51 - 02347384 _____ (ESET) C:\Users\xx\Downloads\esetsmartinstaller_enu.exe
2014-02-17 17:33 - 2014-02-17 17:33 - 00000000 ____D () C:\Users\xx\Downloads\FRST-OlderVersion
2014-02-17 17:02 - 2014-02-17 17:02 - 01037530 _____ (Thisisu) C:\Users\xx\Downloads\JRT.exe
2014-02-17 16:50 - 2014-02-17 16:54 - 00000000 ____D () C:\AdwCleaner
2014-02-17 16:45 - 2014-02-17 16:45 - 01241888 _____ () C:\Users\xx\Downloads\adwcleaner.exe
2014-02-17 05:01 - 2013-12-09 01:34 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-02-17 05:01 - 2013-12-09 01:04 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-02-17 05:01 - 2013-11-27 16:34 - 03210528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2014-02-17 05:01 - 2013-11-27 16:27 - 00809872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-02-17 05:01 - 2013-11-27 15:00 - 00663680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-02-17 05:01 - 2013-11-27 14:47 - 02804528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2014-02-17 05:01 - 2013-11-27 13:02 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipnat.sys
2014-02-17 05:01 - 2013-11-27 11:54 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-02-17 05:01 - 2013-11-27 11:24 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2014-02-17 05:01 - 2013-11-27 11:08 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-02-17 05:01 - 2013-11-27 10:46 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2014-02-17 05:01 - 2013-11-27 10:41 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2014-02-17 05:01 - 2013-11-27 10:17 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-02-17 05:01 - 2013-11-27 10:10 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2014-02-17 05:01 - 2013-11-27 09:58 - 01503232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-02-17 05:01 - 2013-11-27 09:56 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2014-02-17 05:01 - 2013-11-27 05:01 - 00385614 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-02-17 05:01 - 2013-11-26 14:22 - 01928144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2014-02-17 05:01 - 2013-11-26 14:20 - 02131120 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-02-17 05:01 - 2013-11-26 14:20 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-02-17 05:01 - 2013-11-26 14:20 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-02-17 05:01 - 2013-11-26 12:50 - 01371312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2014-02-17 05:01 - 2013-11-26 12:44 - 02142936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-02-17 05:01 - 2013-11-26 12:44 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-02-17 05:01 - 2013-11-26 11:13 - 04191232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-02-17 05:01 - 2013-11-26 10:21 - 18577920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-02-17 05:01 - 2013-11-26 09:28 - 13925888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-02-17 05:01 - 2013-11-25 02:45 - 00142680 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-02-17 05:01 - 2013-11-25 02:32 - 01119064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-02-17 05:01 - 2013-11-25 00:30 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-02-17 05:01 - 2013-11-25 00:28 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-02-17 05:01 - 2013-11-23 13:47 - 00032088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-02-17 05:01 - 2013-11-23 12:49 - 21196664 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-02-17 05:01 - 2013-11-23 09:19 - 18642504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-02-17 05:01 - 2013-11-23 08:13 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\bi.dll
2014-02-17 05:01 - 2013-11-23 08:13 - 00019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys
2014-02-17 05:01 - 2013-11-23 08:08 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-02-17 05:01 - 2013-11-23 05:50 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-02-17 05:01 - 2013-11-23 04:57 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-02-17 05:01 - 2013-11-23 04:48 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-02-17 05:01 - 2013-11-23 04:25 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-02-17 05:01 - 2013-11-23 04:25 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-02-17 05:01 - 2013-11-23 04:19 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-02-17 05:01 - 2013-11-23 04:15 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-02-17 05:01 - 2013-11-21 07:58 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceregistration.dll
2014-02-17 05:01 - 2013-11-21 07:26 - 01415680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-02-17 05:01 - 2013-11-16 06:11 - 00764856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-02-17 05:01 - 2013-11-15 19:19 - 00669344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-02-17 05:01 - 2013-11-15 15:59 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2014-02-17 05:01 - 2013-11-15 15:25 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2014-02-17 05:01 - 2013-11-15 15:08 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-02-17 05:01 - 2013-11-15 14:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-02-17 05:01 - 2013-11-05 21:12 - 02551128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-02-17 05:01 - 2013-10-31 01:29 - 00745336 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-02-17 05:01 - 2013-10-31 00:41 - 00552624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-02-16 09:31 - 2014-02-16 09:32 - 00043696 _____ () C:\Users\xx\Downloads\Addition.txt
2014-02-16 09:30 - 2014-02-18 21:29 - 00019618 _____ () C:\Users\xx\Downloads\FRST.txt
2014-02-16 09:30 - 2014-02-17 17:34 - 00000000 ____D () C:\FRST
2014-02-16 09:29 - 2014-02-17 17:33 - 02152448 _____ (Farbar) C:\Users\xx\Downloads\FRST64.exe
2014-02-13 16:25 - 2014-02-13 16:25 - 00912884 _____ () C:\Users\xx\Downloads\Backstretch_f_Hoellen.zip
2014-02-13 08:31 - 2013-12-09 01:27 - 02152448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-02-13 08:31 - 2013-12-09 01:19 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll
2014-02-13 08:31 - 2013-12-09 00:55 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll
2014-02-13 08:31 - 2013-12-09 00:54 - 01317376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-02-13 08:30 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-02-13 08:30 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-02-13 08:30 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-02-13 08:30 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-02-13 08:30 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-02-13 08:30 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-02-13 08:30 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-02-13 08:30 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-02-13 08:30 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-02-13 08:30 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-02-13 08:30 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-02-13 08:30 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-02-13 08:30 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-02-13 08:30 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-02-13 08:30 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-02-13 08:30 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-02-13 08:30 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-02-13 08:30 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-02-13 08:30 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-02-13 08:30 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-02-13 08:30 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-02-13 08:30 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-02-13 08:30 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-02-13 08:30 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-02-13 08:30 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-02-13 08:30 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-02-13 08:30 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-02-13 08:30 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-02-13 08:30 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-02-13 08:30 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-02-13 08:30 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-02-13 08:30 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-02-13 08:30 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-02-13 08:30 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-02-13 08:30 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-02-13 08:30 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-02-13 08:30 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-02-13 08:30 - 2014-01-07 06:00 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-02-13 08:30 - 2014-01-07 05:30 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-02-13 08:30 - 2013-12-09 03:57 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-02-13 08:30 - 2013-12-09 02:51 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-02-13 08:30 - 2013-11-21 07:42 - 04604416 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2014-02-13 08:30 - 2013-11-21 06:44 - 03936256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2014-02-13 08:29 - 2014-01-09 09:25 - 02804224 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-02-13 08:29 - 2014-01-09 08:59 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-02-13 08:29 - 2014-01-09 08:59 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-02-13 08:29 - 2014-01-09 08:49 - 00919040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-02-13 08:29 - 2014-01-09 08:44 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-02-13 08:29 - 2014-01-09 08:43 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-02-13 08:29 - 2014-01-09 08:29 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-02-13 08:29 - 2014-01-09 08:28 - 04217344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-02-13 08:29 - 2014-01-09 08:28 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-02-13 08:29 - 2014-01-09 08:18 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-02-13 08:29 - 2014-01-07 08:03 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2014-02-13 08:29 - 2014-01-07 06:59 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2014-02-13 08:29 - 2014-01-04 21:50 - 01462216 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-02-13 08:29 - 2014-01-04 20:22 - 01202888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-02-13 08:29 - 2014-01-04 15:30 - 13209088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-02-13 08:29 - 2014-01-04 15:23 - 11702272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-02-13 08:29 - 2014-01-04 14:42 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-02-13 08:29 - 2014-01-04 14:40 - 07416832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-02-13 08:29 - 2014-01-04 14:36 - 00830976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-02-13 08:29 - 2014-01-04 14:28 - 04961792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-02-13 08:29 - 2013-12-21 03:10 - 00009701 _____ () C:\WINDOWS\SysWOW64\connectedsearch-results.searchconnector-ms
2014-02-13 08:29 - 2013-12-21 03:10 - 00009701 _____ () C:\WINDOWS\system32\connectedsearch-results.searchconnector-ms
2014-02-13 08:29 - 2013-12-20 11:10 - 01113040 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-02-13 08:29 - 2013-12-20 07:13 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-02-07 11:04 - 2014-02-07 11:04 - 02941731 _____ () C:\Users\xx\Downloads\Joomla_2.5.17_to_2.5.18-Stable-Patch_Package.zip
2014-02-07 11:04 - 2014-02-07 11:04 - 02089577 _____ () C:\Users\xx\Downloads\Joomla_2.5.x_to_2.5.18-Stable-Patch_Package.tar.gz
2014-02-07 11:04 - 2014-02-07 11:04 - 01571294 _____ () C:\Users\xx\Downloads\Joomla_2.5.x_to_2.5.18-Stable-Patch_Package.tar.bz2
2014-02-07 11:03 - 2014-02-07 11:04 - 03581681 _____ () C:\Users\xx\Downloads\Joomla_2.5.x_to_2.5.18-Stable-Patch_Package.zip
2014-02-06 09:59 - 2014-02-06 09:59 - 00132940 _____ () C:\Users\xx\Downloads\plg_sige_v2.5-2.zip
2014-01-30 14:09 - 2014-01-30 14:09 - 00050393 _____ () C:\Users\xx\Downloads\srobbin-jquery-pageslide-v2.0-0-gd00801f.zip
2014-01-24 15:14 - 2014-01-24 15:14 - 00046735 _____ () C:\Users\xx\Downloads\akeebabackup-de-DE-j25.zip
2014-01-23 13:08 - 2014-01-23 13:09 - 08412228 _____ () C:\Users\xx\Downloads\Joomla_3.2.1-Stable-Update_Package.zip

==================== One Month Modified Files and Folders =======

2014-02-18 21:29 - 2014-02-16 09:30 - 00019618 _____ () C:\Users\xx\Downloads\FRST.txt
2014-02-18 21:29 - 2014-02-16 09:30 - 00000000 ____D () C:\FRST
2014-02-18 21:10 - 2014-02-18 21:10 - 00987425 _____ () C:\Users\xx\Downloads\SecurityCheck.exe
2014-02-18 21:09 - 2013-08-22 22:13 - 00000000 ____D () C:\Users\xx\AppData\Local\Packages
2014-02-18 21:08 - 2013-09-09 18:09 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-02-18 21:02 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-02-18 21:01 - 2013-12-17 22:42 - 00003918 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{34AA38E2-7825-4710-9B57-909B0B442ABD}
2014-02-18 20:58 - 2013-08-22 22:22 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-554626538-1008602864-1809198237-1001
2014-02-18 20:53 - 2013-12-17 18:32 - 01212834 _____ () C:\WINDOWS\WindowsUpdate.log
2014-02-18 20:44 - 2014-01-10 12:29 - 00001120 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-18 14:44 - 2014-01-10 12:29 - 00001116 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-18 12:58 - 2013-09-05 10:59 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-02-18 12:58 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-02-18 12:58 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-02-18 12:57 - 2013-09-05 10:59 - 88567024 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-02-18 12:56 - 2013-12-17 18:25 - 00041298 _____ () C:\WINDOWS\system32\lvcoinst.log
2014-02-18 12:51 - 2014-02-18 12:51 - 02347384 _____ (ESET) C:\Users\xx\Downloads\esetsmartinstaller_enu.exe
2014-02-18 09:56 - 2013-09-10 16:32 - 00005124 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for VIAN-xx vian
2014-02-18 08:53 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-02-18 07:57 - 2013-12-17 22:16 - 00000000 __RDO () C:\Users\xx\SkyDrive
2014-02-17 22:19 - 2013-09-05 12:16 - 00013030 _____ () C:\PDOXUSRS.NET
2014-02-17 22:19 - 2012-07-26 06:26 - 00001017 _____ () C:\WINDOWS\win.ini
2014-02-17 17:33 - 2014-02-17 17:33 - 00000000 ____D () C:\Users\xx\Downloads\FRST-OlderVersion
2014-02-17 17:33 - 2014-02-16 09:29 - 02152448 _____ (Farbar) C:\Users\xx\Downloads\FRST64.exe
2014-02-17 17:02 - 2014-02-17 17:02 - 01037530 _____ (Thisisu) C:\Users\xx\Downloads\JRT.exe
2014-02-17 17:02 - 2013-11-14 08:27 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-02-17 17:02 - 2013-11-14 08:11 - 00765582 _____ () C:\WINDOWS\system32\perfh007.dat
2014-02-17 17:02 - 2013-11-14 08:11 - 00159366 _____ () C:\WINDOWS\system32\perfc007.dat
2014-02-17 16:58 - 2013-08-22 22:14 - 00000000 ___RD () C:\Users\xx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-17 16:58 - 2013-08-22 22:14 - 00000000 ___RD () C:\Users\xx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-02-17 16:56 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-02-17 16:56 - 2013-08-22 15:44 - 00427624 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-02-17 16:55 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-02-17 16:55 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
2014-02-17 16:55 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Dism
2014-02-17 16:55 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-02-17 16:54 - 2014-02-17 16:50 - 00000000 ____D () C:\AdwCleaner
2014-02-17 16:54 - 2013-09-12 11:33 - 00000000 ____D () C:\WINDOWS\System32\Tasks\ProtectedSearch
2014-02-17 16:45 - 2014-02-17 16:45 - 01241888 _____ () C:\Users\xx\Downloads\adwcleaner.exe
2014-02-16 20:58 - 2013-10-01 08:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-16 18:51 - 2013-09-10 10:18 - 00000000 ____D () C:\Users\xx\AppData\Local\CrashDumps
2014-02-16 09:32 - 2014-02-16 09:31 - 00043696 _____ () C:\Users\xx\Downloads\Addition.txt
2014-02-14 14:39 - 2014-01-10 12:29 - 00004092 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-14 14:39 - 2014-01-10 12:29 - 00003856 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-14 14:14 - 2013-09-05 17:32 - 00000000 ____D () C:\Users\xx\AppData\Roaming\FileZilla
2014-02-13 19:29 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-02-13 19:29 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-02-13 19:29 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-02-13 16:25 - 2014-02-13 16:25 - 00912884 _____ () C:\Users\xx\Downloads\Backstretch_f_Hoellen.zip
2014-02-08 08:47 - 2013-11-13 23:18 - 00009030 _____ () C:\WINDOWS\PFRO.log
2014-02-07 11:04 - 2014-02-07 11:04 - 02941731 _____ () C:\Users\xx\Downloads\Joomla_2.5.17_to_2.5.18-Stable-Patch_Package.zip
2014-02-07 11:04 - 2014-02-07 11:04 - 02089577 _____ () C:\Users\xx\Downloads\Joomla_2.5.x_to_2.5.18-Stable-Patch_Package.tar.gz
2014-02-07 11:04 - 2014-02-07 11:04 - 01571294 _____ () C:\Users\xx\Downloads\Joomla_2.5.x_to_2.5.18-Stable-Patch_Package.tar.bz2
2014-02-07 11:04 - 2014-02-07 11:03 - 03581681 _____ () C:\Users\xx\Downloads\Joomla_2.5.x_to_2.5.18-Stable-Patch_Package.zip
2014-02-06 13:16 - 2014-02-13 08:30 - 23170048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-02-06 12:30 - 2014-02-13 08:30 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-02-06 12:30 - 2014-02-13 08:30 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-02-06 12:12 - 2014-02-13 08:30 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-02-06 12:07 - 2014-02-13 08:30 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-02-06 12:06 - 2014-02-13 08:30 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-02-06 11:57 - 2014-02-13 08:30 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-02-06 11:56 - 2014-02-13 08:30 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-02-06 11:49 - 2014-02-13 08:30 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-02-06 11:48 - 2014-02-13 08:30 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-02-06 11:48 - 2014-02-13 08:30 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-02-06 11:38 - 2014-02-13 08:30 - 17103872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-02-06 11:32 - 2014-02-13 08:30 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-02-06 11:20 - 2014-02-13 08:30 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-02-06 11:17 - 2014-02-13 08:30 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-02-06 11:11 - 2014-02-13 08:30 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-02-06 11:01 - 2014-02-13 08:30 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-02-06 11:00 - 2014-02-13 08:30 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-13 08:30 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-02-06 10:57 - 2014-02-13 08:30 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-02-06 10:52 - 2014-02-13 08:30 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-02-06 10:52 - 2014-02-13 08:30 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-02-06 10:50 - 2014-02-13 08:30 - 02041856 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-02-06 10:47 - 2014-02-13 08:30 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-02-06 10:46 - 2014-02-13 08:30 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-02-06 10:25 - 2014-02-13 08:30 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-02-06 10:25 - 2014-02-13 08:30 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-02-06 10:24 - 2014-02-13 08:30 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-02-06 10:22 - 2014-02-13 08:30 - 13051392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-02-06 10:13 - 2014-02-13 08:30 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-02-06 10:09 - 2014-02-13 08:30 - 01964032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-02-06 10:03 - 2014-02-13 08:30 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-02-06 09:59 - 2014-02-06 09:59 - 00132940 _____ () C:\Users\xx\Downloads\plg_sige_v2.5-2.zip
2014-02-06 09:55 - 2014-02-13 08:30 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-02-06 09:41 - 2014-02-13 08:30 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-02-06 09:40 - 2014-02-13 08:30 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-02-06 09:36 - 2014-02-13 08:30 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-02-06 09:34 - 2014-02-13 08:30 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-02-05 09:08 - 2013-09-09 18:09 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-01-30 21:47 - 2013-08-22 16:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-01-30 21:47 - 2013-08-22 16:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-01-30 14:09 - 2014-01-30 14:09 - 00050393 _____ () C:\Users\xx\Downloads\srobbin-jquery-pageslide-v2.0-0-gd00801f.zip
2014-01-29 20:00 - 2013-09-06 13:15 - 00000000 ____D () C:\Users\xx\AppData\Local\Microsoft Help
2014-01-24 15:14 - 2014-01-24 15:14 - 00046735 _____ () C:\Users\xx\Downloads\akeebabackup-de-DE-j25.zip
2014-01-24 11:25 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-01-23 13:09 - 2014-01-23 13:08 - 08412228 _____ () C:\Users\xx\Downloads\Joomla_3.2.1-Stable-Update_Package.zip
2014-01-22 12:37 - 2013-08-22 15:46 - 00290291 _____ () C:\WINDOWS\setupact.log
2014-01-19 21:10 - 2013-09-08 14:33 - 00000000 ____D () C:\Users\xx\AppData\Local\Adobe
2014-01-19 10:42 - 2013-08-25 10:26 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-01-19 08:38 - 2013-09-05 10:54 - 00270496 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe

Some content of TEMP:
====================
C:\Users\xx\AppData\Local\Temp\917b0b87-3358-4e79-93de-3dfc2fc99ed0.exe
C:\Users\xx\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-02-16 03:11

==================== End Of Log ============================

--- --- ---

schrauber · 19.02.2014, 16:35

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

D:\$RECYCLE.BIN

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

Starte nun FRST erneut und klicke den Entfernen Button.
Das Tool erstellt eine Fixlog.txt.
Poste mir deren Inhalt.

Fertig

Die Reihenfolge ist hier entscheidend.

Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
- Windowstaste + R > Combofix /Uninstall (eingeben) > OK
- Alternative: Combofix.exe in uninstall.exe umbenennen und starten
- Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
Downloade Dir bitte auf jeden Fall DelFix auf deinen Desktop:
- Schließe alle offenen Programme.
- Starte die delfix.exe mit einem Doppelklick.
- Setze vor jede Funktion ein Häkchen.
- Klicke auf Start.
- Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
- Starte deinen Rechner abschließend neu.
Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.

Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun

Hier noch ein paar Tipps zur Absicherung deines Systems.

Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.

Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
Windows Updates
- Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
- Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
Gehe sicher das die automatischen Updates aktiviert sind.
Software Updates
Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.

Anti- Viren Software

Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.

Zusätzlicher Schutz

MalwareBytes Anti Malware
Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
Ein Tutorial zur Verwendung findest Du hier.
WinPatrol
Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.

Sicheres Browsen

SpywareBlaster
Eine kurze Einführung findest du Hier
MVPs hosts file
Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
WOT (Web of trust)
Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.

Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.

Opera
Mozilla Firefox.
- Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
- NoScript
  Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
- AdblockPlus
  Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
  Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )

Don'ts

Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe

Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

hope_13 · 19.02.2014, 18:44

hallo schrauber,

vielen, vielen dank für deinen support!
http://www.trojaner-board.de/images/...s/singsing.gif

hier die fixlog.txt

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 18-02-2014
Ran by sylvia at 2014-02-19 18:31:43 Run:1
Running from C:\Users\xx\Downloads
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
D:\$RECYCLE.BIN
*****************

D:\$RECYCLE.BIN => Moved successfully.hier die fixlog:

==== End of Fixlog ====

jetzt habe ich noch eine frage:

ich habe ein zweites, altes notebook (xp), das ebenfalls befallen ist. ich muss noch herausfinden, wie ich das alte notebook aus meinem netzwerk herauswerfen kann, das ist mir leider nicht klar.

wenn ich das herausgefunden habe, würde ich es gern ebenfalls bereinigen. ein versuch, den ich kürzlich unternommen habe, hat vermutlich zur infizierung des systems geführt, das wir gerade bereinigt haben. beim scan des xp-systems stürzte malewarbytes mehrfach ab.

avira findet nichts, kann man offenbar vergessen.

was empfiehlst du mir? wie soll ich vorgehen?

mit adware-cleaner beginnen?

würdest du mich noch einmal durch diesen prozess begleiten oder soll ich es nach dem ablauf, den du beschrieben hast, selbst versuchen?

herzlichen dank und viele grüße
hope13

schrauber · 20.02.2014, 14:24

Poste einfach mal FRST Logs von dem Rechner

hope_13 · 20.02.2014, 15:23

hallo schrauber,

danke für das angebot.

leider bin ich gleichzeitig mit den rechnern von einem virus befallen & muss erstmal gesund werden. wenn ich herausgefunden habe, wie ich den alten rechner vom netzwerk trenne, schicke ich dir das frst.

nächste woche, danke & grüße
hope13

schrauber · 21.02.2014, 11:02

Gute Besserung.

was meinst DU mit "vom Netzwerk trennen"?

hope_13 · 21.02.2014, 12:26

hallo schrauber,

ich glaube, die notebooks sind als heim-netzwerk eingerichtet, ich weiß nicht, wie ich in dem windows 8 - notebook das xp notebook daraus entfernen kann.

hope13

schrauber · 22.02.2014, 13:23

Brauchst Du nit

hope_13 · 24.02.2014, 14:14

hallo schrauber,

du hast recht: die notebooks sind nicht als netzwerk eingerichtet.

hier das frst des kranken xp:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23-02-2014 02
Ran by vian (administrator) on SYLVIANOTEBOOK on 24-02-2014 14:00:56
Running from C:\Dokumente und Einstellungen\vian\Lokale Einstellungen\Temporary Internet Files\Content.IE5\FEC7RNDI
Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: German Standard
Internet Explorer Version 7
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(ATI Technologies Inc.) C:\WINDOWS\system32\Ati2evxx.exe
(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\avfwsvc.exe
(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\avguard.exe
(GEAR Software) C:\WINDOWS\System32\GEARSec.exe
(Hewlett-Packard Company) C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe
(Malwarebytes Corporation) C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
(Symantec Corporation) C:\Programme\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
() C:\Programme\1&1 Surf-Stick\AssistantServices.exe
(Hewlett-Packard Development Company, L.P.) C:\Programme\Hewlett-Packard\Shared\hpqwmiex.exe
(Malwarebytes Corporation) C:\Programme\Malwarebytes' Anti-Malware\mbamgui.exe
(ATI Technologies Inc.) C:\WINDOWS\system32\Ati2evxx.exe
(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\avmailc.exe
(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE
(ATI Technologies, Inc.) C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
(Hewlett-Packard Co.) C:\Programme\Hp\HP Software Update\HPWuSchd2.exe
(Synaptics, Inc.) C:\Programme\Synaptics\SynTP\SynTPEnh.exe
(Hewlett-Packard ) C:\Programme\HPQ\Quick Launch Buttons\EabServr.exe
(Hewlett-Packard Development Company, L.P.) C:\Programme\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
(HP) C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe
() C:\Programme\1&1 Surf-Stick\UIExec.exe
() C:\Programme\HPQ\shared\HpqToaster.exe
(Adobe Systems Incorporated) C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe
(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\avscan.exe
(Google Inc.) C:\Programme\Google\Update\1.3.22.5\GoogleCrashHandler.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Avira Operations GmbH & Co. KG) C:\Programme\Avira\AntiVir Desktop\avcenter.exe
(Microsoft Corporation) C:\Programme\Microsoft Office\OFFICE11\OUTLOOK.EXE
(Microsoft Corporation) C:\Programme\Microsoft Office\OFFICE11\WINWORD.EXE
(Microsoft Corporation) C:\Programme\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Farbar) C:\Dokumente und Einstellungen\vian\Lokale Einstellungen\Temporary Internet Files\Content.IE5\FEC7RNDI\FRST[1].exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [ATIPTA] - C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe [344064 2005-11-10] (ATI Technologies, Inc.)
HKLM\...\Run: [HP Software Update] - C:\Programme\Hp\HP Software Update\HPWuSchd2.exe [49152 2005-02-16] (Hewlett-Packard Co.)
HKLM\...\Run: [SynTPEnh] - C:\Programme\Synaptics\SynTP\SynTPEnh.exe [729178 2005-06-19] (Synaptics, Inc.)
HKLM\...\Run: [eabconfg.cpl] - C:\Programme\HPQ\Quick Launch Buttons\EabServr.exe [405504 2005-12-22] (Hewlett-Packard )
HKLM\...\Run: [Cpqset] - C:\Programme\HPQ\Default Settings\cpqset.exe [233534 2005-08-01] ()
HKLM\...\Run: [RecGuard] - C:\Windows\SMINST\RecGuard.exe [1187840 2005-10-11] ()
HKLM\...\Run: [hpWirelessAssistant] - C:\Programme\hpq\HP Wireless Assistant\HP Wireless Assistant.exe [507904 2005-12-13] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [] - [X]
HKLM\...\Run: [HPDJ Taskbar Utility] - C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb06.exe [188416 2002-06-04] (HP)
HKLM\...\Run: [UIExec] - C:\Programme\1&1 Surf-Stick\UIExec.exe [139088 2010-09-30] ()
HKLM\...\Run: [Adobe ARM] - C:\Programme\Gemeinsame Dateien\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [avgnt] - C:\Programme\Avira\AntiVir Desktop\avgnt.exe [684600 2014-02-03] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)
HKU\.DEFAULT\...\Run: [Nokia.PCSync] - C:\Programme\Nokia\Nokia PC Suite 6\PcSync2.exe [1241088 2007-06-19] (Time Information Services Ltd.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
SearchScopes: HKLM - DefaultScope value is missing.
BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.6.0_03\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programme\google\googletoolbar3.dll No File
BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar3.dll No File
Toolbar: HKCU - &Adresse - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\SHELL32.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {C4069E3A-68F1-403E-B40E-20066696354B} -  No File
Toolbar: HKCU - &Google - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\programme\google\googletoolbar3.dll No File
DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://go.microsoft.com/fwlink/?linkid=39204
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab
Handler: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Gemeinsame Dateien\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Programme\Gemeinsame Dateien\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Winsock: Catalog9 01 C:\Programme\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 02 C:\Programme\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Winsock: Catalog9 22 C:\Programme\Avira\AntiVir Desktop\avsda.dll [257608] (Avira Operations GmbH & Co. KG)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR Plugin: (Shockwave Flash) - C:\Programme\Google\Chrome\Application\33.0.1750.117\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Programme\Google\Chrome\Application\33.0.1750.117\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Programme\Google\Chrome\Application\33.0.1750.117\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Programme\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (QuickTime Plug-in 7.5.5) - C:\Programme\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Programme\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Programme\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Programme\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Programme\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Programme\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Programme\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (Microsoft® DRM) - C:\Programme\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Programme\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Microsoft® DRM) - C:\Programme\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Google Earth Plugin) - C:\Programme\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Updater) - C:\Programme\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
CHR Plugin: (Google Update) - C:\Programme\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (MetaStream 3 Plugin) - C:\Programme\Viewpoint\Viewpoint Media Player\npViewpoint.dll No File
CHR Plugin: (iTunes Application Detector) - C:\Programme\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll No File

========================== Services (Whitelisted) =================

S3 Adobe LM Service; C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe [69632 2006-06-27] (Adobe Systems)
R2 AntiVirFirewallService; C:\Programme\Avira\AntiVir Desktop\avfwsvc.exe [1012280 2014-02-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirMailService; C:\Programme\Avira\AntiVir Desktop\avmailc.exe [896056 2014-02-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Programme\Avira\AntiVir Desktop\sched.exe [440376 2014-02-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Programme\Avira\AntiVir Desktop\avguard.exe [440376 2014-02-03] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Programme\Avira\AntiVir Desktop\AVWEBGRD.EXE [1011768 2014-02-03] (Avira Operations GmbH & Co. KG)
R2 GEARSecurity; C:\WINDOWS\System32\GEARSec.exe [53248 2004-07-29] (GEAR Software)
S2 gupdate1ca2ecfa4bb1534; C:\Programme\Google\Update\GoogleUpdate.exe [133104 2009-09-06] (Google Inc.)
S3 gupdatem; C:\Programme\Google\Update\GoogleUpdate.exe [133104 2009-09-06] (Google Inc.)
S2 gusvc; C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe [194104 2011-09-12] (Google)
R2 hpqwmiex; C:\Programme\Hewlett-Packard\Shared\hpqwmiex.exe [98304 2005-12-21] (Hewlett-Packard Development Company, L.P.)
S3 IDriverT; C:\Programme\Gemeinsame Dateien\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation)
S3 iPod Service; C:\Programme\iPod\bin\iPodService.exe [820008 2010-11-11] (Apple Inc.)
R2 LightScribeService; C:\Programme\Gemeinsame Dateien\LightScribe\LSSrvc.exe [73728 2005-11-15] (Hewlett-Packard Company)
R2 MBAMScheduler; C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MDM; C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE [322120 2003-06-19] (Microsoft Corporation)
S4 NetFxUpdate_v1.1.4322; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\netfxupdate.exe [73728 2007-01-15] (Microsoft)
R2 Norton Ghost; C:\Programme\Symantec\Norton Ghost\Agent\PQV2iSvc.exe [1269760 2004-07-29] (Symantec Corporation)
S3 ose; C:\Programme\Gemeinsame Dateien\Microsoft Shared\Source Engine\OSE.EXE [89136 2003-07-28] (Microsoft Corporation)
S3 ServiceLayer; C:\Programme\PC Connectivity Solution\ServiceLayer.exe [300544 2007-06-15] (Nokia.)
S3 SNDSrvc; c:\Programme\Gemeinsame Dateien\Symantec Shared\SNDSrvc.exe [214720 2006-06-08] (Symantec Corporation)
R2 UI Assistant Service; C:\Programme\1&1 Surf-Stick\AssistantServices.exe [253264 2010-09-30] ()
S3 Ab90seccbdii; No ImagePath

==================== Drivers (Whitelisted) ====================

R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [21361 2011-02-11] (Cisco Systems, Inc.)
S3 AlcrFilt; C:\WINDOWS\System32\Drivers\AlcrFilt.sys [22860 2002-09-18] (AlcorMicro)
R1 AmdK8; C:\WINDOWS\System32\DRIVERS\AmdK8.sys [43008 2005-03-09] (Advanced Micro Devices)
R3 avfwim; C:\WINDOWS\System32\DRIVERS\avfwim.sys [92448 2013-08-05] (Avira GmbH)
R1 avfwot; C:\WINDOWS\System32\DRIVERS\avfwot.sys [113024 2013-08-05] (Avira GmbH)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [90400 2014-02-03] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\System32\DRIVERS\avipbb.sys [135648 2014-02-03] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\System32\DRIVERS\avkmgr.sys [37352 2014-02-03] (Avira Operations GmbH & Co. KG)
R3 BCM43XX; C:\WINDOWS\System32\DRIVERS\bcmwl5.sys [424320 2005-11-28] (Broadcom Corporation)
R0 BsStor; C:\WINDOWS\System32\DRIVERS\bsstor.sys [9344 2002-06-06] (B.H.A Co.,Ltd.)
R2 BsUDF; C:\WINDOWS\system32\Drivers\BsUDF.sys [459776 2002-12-12] (ahead software)
S3 BTWUSB; C:\WINDOWS\System32\Drivers\btwusb.sys [56648 2005-08-18] (Broadcom Corporation.)
R2 CB90Dev1; C:\WINDOWS\system32\Drivers\CB90Dev1.sys [13952 2008-03-29] (Microsoft Corporation)
R2 CB90Dev2; C:\WINDOWS\system32\Drivers\CB90Dev2.sys [13952 2008-03-29] (Microsoft Corporation)
R2 CB90Dev3; C:\WINDOWS\system32\Drivers\CB90Dev3.sys [13952 2008-03-29] (Microsoft Corporation)
R1 eabfiltr; C:\WINDOWS\system32\drivers\EABFiltr.sys [7936 2005-05-05] (Hewlett-Packard Development Company, L.P.)
S3 eabusb; C:\WINDOWS\system32\drivers\eabusb.sys [5760 2005-05-05] (Hewlett-Packard Development Company, L.P.)
R2 Hardlock; C:\WINDOWS\system32\drivers\HARDLOCK.SYS [27648 2008-03-29] (///FAST Software Security)
R3 HSFHWATI; C:\WINDOWS\System32\DRIVERS\HSFHWATI.sys [231424 2005-08-22] (Conexant Systems, Inc.)
R1 incdrm; C:\WINDOWS\system32\Drivers\incdrm.sys [7582 2002-10-08] (Ahead Software AG)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R1 PQIMount; C:\WINDOWS\system32\Drivers\PQIMount.sys [46779 2004-07-29] (PowerQuest Corporation)
R0 PQV2i; C:\WINDOWS\system32\Drivers\PQV2i.sys [138780 2004-07-29] (StorageCraft)
S3 Rasirda; C:\WINDOWS\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation)
S3 SMCIRDA; C:\WINDOWS\System32\DRIVERS\smcirda.sys [35913 2001-08-18] (SMC)
R1 ssmdrv; C:\WINDOWS\System32\DRIVERS\ssmdrv.sys [28520 2013-08-05] (Avira GmbH)
S3 SYMDNS; C:\WINDOWS\System32\Drivers\SYMDNS.SYS [12992 2006-06-08] (Symantec Corporation)
R3 SymEvent; C:\Programme\Symantec\SYMEVENT.SYS [107696 2006-05-16] (Symantec Corporation)
S3 SYMFW; C:\WINDOWS\System32\Drivers\SYMFW.SYS [110784 2006-06-08] (Symantec Corporation)
S3 SYMIDS; C:\WINDOWS\System32\Drivers\SYMIDS.SYS [31936 2006-06-08] (Symantec Corporation)
S3 SYMNDIS; C:\WINDOWS\System32\Drivers\SYMNDIS.SYS [28352 2006-06-08] (Symantec Corporation)
S3 SYMREDRV; C:\WINDOWS\System32\Drivers\SYMREDRV.SYS [24768 2006-06-08] (Symantec Corporation)
R1 SYMTDI; C:\WINDOWS\System32\Drivers\SYMTDI.SYS [195776 2006-06-08] (Symantec Corporation)
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-02-24 13:59 - 2014-02-24 14:00 - 00000000 ____D () C:\FRST
2014-02-24 12:52 - 2014-02-24 12:53 - 00005749 _____ () C:\WINDOWS\KB2909212.log
2014-02-24 12:52 - 2014-02-24 12:53 - 00005142 _____ () C:\WINDOWS\KB2916036.log
2014-02-24 12:51 - 2014-02-24 12:51 - 00000000 ____D () C:\WINDOWS\LastGood
2014-02-24 12:50 - 2014-02-24 12:52 - 00058682 _____ () C:\WINDOWS\KB2909921-IE7.log
2014-02-03 15:30 - 2014-02-03 15:30 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2868626$
2014-02-03 15:29 - 2014-02-03 15:30 - 00017781 _____ () C:\WINDOWS\KB2900986.log
2014-02-03 15:29 - 2014-02-03 15:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2900986$
2014-02-03 15:29 - 2014-02-03 15:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2898715$
2014-02-03 15:29 - 2014-02-03 15:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2847311$
2014-02-03 15:28 - 2014-02-03 15:28 - 00018641 _____ () C:\WINDOWS\KB2862335.log
2014-02-03 15:28 - 2014-02-03 15:28 - 00017174 _____ () C:\WINDOWS\KB2904266.log
2014-02-03 15:28 - 2014-02-03 15:28 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2904266$
2014-02-03 15:28 - 2014-02-03 15:28 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862335$
2014-02-03 15:27 - 2014-02-03 15:27 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2876217$
2014-02-03 15:27 - 2014-02-03 15:27 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2864063$
2014-02-03 15:27 - 2014-02-03 15:27 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862152$
2014-02-03 15:26 - 2014-02-03 15:26 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2876331$
2014-02-03 15:26 - 2014-02-03 15:26 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2868038$
2014-02-03 15:25 - 2014-02-03 15:26 - 00016759 _____ () C:\WINDOWS\KB2868038.log
2014-02-03 15:25 - 2014-02-03 15:25 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2893984$
2014-02-03 15:25 - 2014-02-03 15:25 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2893294$
2014-02-03 15:24 - 2014-02-03 15:24 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2892075$
2014-02-03 15:21 - 2014-02-03 15:21 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862330$
2014-02-03 15:01 - 2014-02-03 15:01 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2914368$
2014-02-03 14:51 - 2014-02-03 15:02 - 00005078 _____ () C:\WINDOWS\KB2914368.log
2014-02-03 14:43 - 2014-02-03 14:43 - 00000768 _____ () C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
2014-02-03 14:43 - 2014-02-03 14:43 - 00000000 ____D () C:\Programme\Malwarebytes' Anti-Malware
2014-02-03 14:43 - 2014-02-03 14:43 - 00000000 ____D () C:\Dokumente und Einstellungen\vian\Anwendungsdaten\Malwarebytes
2014-02-03 14:43 - 2014-02-03 14:43 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
2014-02-03 14:43 - 2014-02-03 14:43 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
2014-02-03 14:43 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-02-03 13:05 - 2014-02-03 13:05 - 00001899 _____ () C:\Dokumente und Einstellungen\All Users\Desktop\Google Earth.lnk
2014-02-03 13:05 - 2014-02-03 13:05 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Google Earth
2014-02-03 13:00 - 2014-02-03 13:00 - 17838984 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerInstaller.exe
2014-02-03 12:55 - 2014-02-03 15:30 - 00024605 _____ () C:\WINDOWS\KB2868626.log
2014-02-03 12:55 - 2014-02-03 15:29 - 00023924 _____ () C:\WINDOWS\KB2898715.log
2014-02-03 12:55 - 2014-02-03 15:29 - 00023629 _____ () C:\WINDOWS\KB2847311.log
2014-02-03 12:55 - 2014-02-03 15:28 - 00022915 _____ () C:\WINDOWS\KB2876217.log
2014-02-03 12:55 - 2014-02-03 15:27 - 00022398 _____ () C:\WINDOWS\KB2864063.log
2014-02-03 12:55 - 2014-02-03 15:27 - 00021878 _____ () C:\WINDOWS\KB2862152.log
2014-02-03 12:55 - 2014-02-03 15:26 - 00021362 _____ () C:\WINDOWS\KB2876331.log
2014-02-03 12:55 - 2014-02-03 15:25 - 00020679 _____ () C:\WINDOWS\KB2893294.log
2014-02-03 12:55 - 2013-07-17 01:58 - 00123008 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbvideo.sys
2014-02-03 12:55 - 2013-07-03 03:12 - 00025088 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hidparse.sys
2014-02-03 12:54 - 2014-02-03 15:25 - 00021093 _____ () C:\WINDOWS\KB2893984.log
2014-02-03 12:54 - 2014-02-03 15:24 - 00019802 _____ () C:\WINDOWS\KB2892075.log
2014-02-03 12:54 - 2013-08-09 01:55 - 00144128 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbport.sys
2014-02-03 12:54 - 2013-08-09 01:55 - 00005376 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbd.sys
2014-02-03 12:54 - 2009-03-18 12:02 - 00030336 ____N (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbehci.sys
2014-02-03 12:52 - 2014-02-03 15:24 - 00111866 _____ () C:\WINDOWS\KB2898785-IE7.log

==================== One Month Modified Files and Folders =======

2014-02-24 14:00 - 2014-02-24 13:59 - 00000000 ____D () C:\FRST
2014-02-24 13:59 - 2013-02-10 11:09 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-02-24 13:58 - 2004-08-07 06:32 - 01271386 _____ () C:\WINDOWS\WindowsUpdate.log
2014-02-24 13:53 - 2009-09-06 11:07 - 00001090 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-24 13:01 - 2006-06-28 09:36 - 00000000 ____D () C:\WINDOWS\system32\NtmsData
2014-02-24 12:53 - 2014-02-24 12:52 - 00005749 _____ () C:\WINDOWS\KB2909212.log
2014-02-24 12:53 - 2014-02-24 12:52 - 00005142 _____ () C:\WINDOWS\KB2916036.log
2014-02-24 12:53 - 2009-09-06 11:07 - 00001086 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-24 12:52 - 2014-02-24 12:50 - 00058682 _____ () C:\WINDOWS\KB2909921-IE7.log
2014-02-24 12:51 - 2014-02-24 12:51 - 00000000 ____D () C:\WINDOWS\LastGood
2014-02-24 12:49 - 2006-04-12 04:40 - 00000000 ___RD () C:\Programme
2014-02-24 12:49 - 2006-04-12 04:40 - 00000000 ____D () C:\WINDOWS\Registration
2014-02-24 12:46 - 2004-08-07 06:27 - 00906376 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-02-24 12:44 - 2004-08-07 06:32 - 00001158 _____ () C:\WINDOWS\system32\wpa.dbl
2014-02-24 12:41 - 2004-08-07 07:07 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2014-02-24 12:41 - 2004-08-07 07:07 - 00000050 _____ () C:\WINDOWS\wiaservc.log
2014-02-24 12:41 - 2004-08-07 06:32 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-02-04 17:27 - 2006-06-21 15:23 - 00000300 ___SH () C:\Dokumente und Einstellungen\vian\ntuser.ini
2014-02-04 17:27 - 2006-06-21 15:23 - 00000000 ____D () C:\Dokumente und Einstellungen\vian
2014-02-04 17:27 - 2004-08-07 06:32 - 00032522 _____ () C:\WINDOWS\SchedLgU.Txt
2014-02-04 14:13 - 2009-09-06 09:51 - 00001014 _____ () C:\WINDOWS\Tasks\Google Software Updater.job
2014-02-03 19:30 - 2011-06-06 19:14 - 00000000 ____D () C:\Dokumente und Einstellungen\vian\Desktop\privat
2014-02-03 19:24 - 2004-08-07 06:19 - 00245512 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-02-03 15:30 - 2014-02-03 15:30 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2868626$
2014-02-03 15:30 - 2014-02-03 15:29 - 00017781 _____ () C:\WINDOWS\KB2900986.log
2014-02-03 15:30 - 2014-02-03 12:55 - 00024605 _____ () C:\WINDOWS\KB2868626.log
2014-02-03 15:30 - 2006-04-11 20:51 - 00390284 _____ () C:\WINDOWS\updspapi.log
2014-02-03 15:30 - 2004-08-07 06:32 - 01007730 _____ () C:\WINDOWS\setupapi.log
2014-02-03 15:30 - 2004-08-07 06:31 - 01188597 _____ () C:\WINDOWS\tsoc.log
2014-02-03 15:30 - 2004-08-07 06:31 - 00493954 _____ () C:\WINDOWS\iis6.log
2014-02-03 15:30 - 2004-08-07 06:18 - 01001608 _____ () C:\WINDOWS\comsetup.log
2014-02-03 15:30 - 2004-08-07 06:18 - 00605894 _____ () C:\WINDOWS\ntdtcsetup.log
2014-02-03 15:30 - 2004-08-07 06:18 - 00165482 _____ () C:\WINDOWS\ocmsn.log
2014-02-03 15:30 - 2004-08-07 06:18 - 00001355 _____ () C:\WINDOWS\imsins.log
2014-02-03 15:30 - 2004-08-07 06:18 - 00001355 _____ () C:\WINDOWS\imsins.BAK
2014-02-03 15:30 - 2004-08-07 06:10 - 03095399 _____ () C:\WINDOWS\FaxSetup.log
2014-02-03 15:30 - 2004-08-07 06:10 - 01490981 _____ () C:\WINDOWS\ocgen.log
2014-02-03 15:30 - 2004-08-07 06:10 - 00154327 _____ () C:\WINDOWS\msgsocm.log
2014-02-03 15:29 - 2014-02-03 15:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2900986$
2014-02-03 15:29 - 2014-02-03 15:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2898715$
2014-02-03 15:29 - 2014-02-03 15:29 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2847311$
2014-02-03 15:29 - 2014-02-03 12:55 - 00023924 _____ () C:\WINDOWS\KB2898715.log
2014-02-03 15:29 - 2014-02-03 12:55 - 00023629 _____ () C:\WINDOWS\KB2847311.log
2014-02-03 15:28 - 2014-02-03 15:28 - 00018641 _____ () C:\WINDOWS\KB2862335.log
2014-02-03 15:28 - 2014-02-03 15:28 - 00017174 _____ () C:\WINDOWS\KB2904266.log
2014-02-03 15:28 - 2014-02-03 15:28 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2904266$
2014-02-03 15:28 - 2014-02-03 15:28 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862335$
2014-02-03 15:28 - 2014-02-03 12:55 - 00022915 _____ () C:\WINDOWS\KB2876217.log
2014-02-03 15:28 - 2007-03-24 16:52 - 00894454 _____ () C:\WINDOWS\system32\TZLog.log
2014-02-03 15:27 - 2014-02-03 15:27 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2876217$
2014-02-03 15:27 - 2014-02-03 15:27 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2864063$
2014-02-03 15:27 - 2014-02-03 15:27 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862152$
2014-02-03 15:27 - 2014-02-03 12:55 - 00022398 _____ () C:\WINDOWS\KB2864063.log
2014-02-03 15:27 - 2014-02-03 12:55 - 00021878 _____ () C:\WINDOWS\KB2862152.log
2014-02-03 15:26 - 2014-02-03 15:26 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2876331$
2014-02-03 15:26 - 2014-02-03 15:26 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2868038$
2014-02-03 15:26 - 2014-02-03 15:25 - 00016759 _____ () C:\WINDOWS\KB2868038.log
2014-02-03 15:26 - 2014-02-03 12:55 - 00021362 _____ () C:\WINDOWS\KB2876331.log
2014-02-03 15:25 - 2014-02-03 15:25 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2893984$
2014-02-03 15:25 - 2014-02-03 15:25 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2893294$
2014-02-03 15:25 - 2014-02-03 12:55 - 00020679 _____ () C:\WINDOWS\KB2893294.log
2014-02-03 15:25 - 2014-02-03 12:54 - 00021093 _____ () C:\WINDOWS\KB2893984.log
2014-02-03 15:24 - 2014-02-03 15:24 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2892075$
2014-02-03 15:24 - 2014-02-03 12:54 - 00019802 _____ () C:\WINDOWS\KB2892075.log
2014-02-03 15:24 - 2014-02-03 12:52 - 00111866 _____ () C:\WINDOWS\KB2898785-IE7.log
2014-02-03 15:23 - 2006-12-15 08:57 - 00000000 ____D () C:\WINDOWS\system32\de-de
2014-02-03 15:22 - 2007-02-05 09:24 - 00000000 ____D () C:\WINDOWS\ie7updates
2014-02-03 15:21 - 2014-02-03 15:21 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2862330$
2014-02-03 15:19 - 2013-08-06 07:23 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-02-03 15:02 - 2014-02-03 14:51 - 00005078 _____ () C:\WINDOWS\KB2914368.log
2014-02-03 15:01 - 2014-02-03 15:01 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB2914368$
2014-02-03 14:43 - 2014-02-03 14:43 - 00000768 _____ () C:\Dokumente und Einstellungen\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
2014-02-03 14:43 - 2014-02-03 14:43 - 00000000 ____D () C:\Programme\Malwarebytes' Anti-Malware
2014-02-03 14:43 - 2014-02-03 14:43 - 00000000 ____D () C:\Dokumente und Einstellungen\vian\Anwendungsdaten\Malwarebytes
2014-02-03 14:43 - 2014-02-03 14:43 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Malwarebytes' Anti-Malware
2014-02-03 14:43 - 2014-02-03 14:43 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Anwendungsdaten\Malwarebytes
2014-02-03 14:43 - 2006-04-12 04:40 - 00000000 ___RD () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme
2014-02-03 14:42 - 2008-03-28 12:38 - 00000000 ____D () C:\Dokumente und Einstellungen\vian\Eigene Dateien\tools
2014-02-03 14:08 - 2013-08-05 21:56 - 00135648 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2014-02-03 14:08 - 2013-08-05 21:56 - 00090400 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2014-02-03 14:08 - 2013-08-05 21:56 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2014-02-03 13:05 - 2014-02-03 13:05 - 00001899 _____ () C:\Dokumente und Einstellungen\All Users\Desktop\Google Earth.lnk
2014-02-03 13:05 - 2014-02-03 13:05 - 00000000 ____D () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Google Earth
2014-02-03 13:03 - 2009-09-06 09:51 - 00000000 ____D () C:\Programme\Google
2014-02-03 13:01 - 2013-02-10 11:09 - 00692616 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-02-03 13:01 - 2013-02-10 11:09 - 00071048 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-02-03 13:00 - 2014-02-03 13:00 - 17838984 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerInstaller.exe
2014-02-03 12:49 - 2011-09-06 12:38 - 00002347 _____ () C:\Dokumente und Einstellungen\All Users\Startmenü\Programme\Adobe Reader X.lnk

Files to move or delete:
====================
C:\Dokumente und Einstellungen\vian\db.dat


Some content of TEMP:
====================
C:\Dokumente und Einstellungen\vian\Lokale Einstellungen\Temp\avgnt.exe
C:\Dokumente und Einstellungen\vian\Lokale Einstellungen\Temp\contentDATs.exe
C:\Dokumente und Einstellungen\vian\Lokale Einstellungen\Temp\hpzmsi01.exe
C:\Dokumente und Einstellungen\vian\Lokale Einstellungen\Temp\hpzscr01.exe
C:\Dokumente und Einstellungen\vian\Lokale Einstellungen\Temp\Nokia_PC_Suite_7_1_40_1_ger.exe
C:\Dokumente und Einstellungen\vian\Lokale Einstellungen\Temp\SecurityScan_Release.exe
C:\Dokumente und Einstellungen\vian\Lokale Einstellungen\Temp\setup_wm.exe
C:\Dokumente und Einstellungen\vian\Lokale Einstellungen\Temp\SkypeSetup.exe
C:\Dokumente und Einstellungen\vian\Lokale Einstellungen\Temp\VisusClient.dll


==================== Bamital & volsnap Check =================

C:\WINDOWS\explorer.exe
[2004-08-04 09:00] - [2008-04-14 03:22] - 1036800 ____A (Microsoft Corporation) 418045a93cd87a352098ab7dabe1b53e 

C:\WINDOWS\system32\winlogon.exe
[2004-08-04 09:00] - [2008-04-14 03:23] - 0513024 ____A (Microsoft Corporation) f09a527b422e25c478e38caa0e44417a 

C:\WINDOWS\system32\svchost.exe
[2004-08-04 09:00] - [2008-04-14 03:23] - 0014336 ____A (Microsoft Corporation) 4fbc75b74479c7a6f829e0ca19df3366 

C:\WINDOWS\system32\services.exe
[2004-08-04 09:00] - [2009-02-09 12:21] - 0111104 ____A (Microsoft Corporation) a3edbe9053889fb24ab22492472b39dc 

C:\WINDOWS\system32\User32.dll
[2004-08-04 09:00] - [2008-04-14 03:22] - 0580096 ____A (Microsoft Corporation) b0050cc5340e3a0760dd8b417ff7aebd 

C:\WINDOWS\system32\userinit.exe
[2004-08-04 09:00] - [2008-04-14 03:23] - 0026624 ____A (Microsoft Corporation) 788f95312e26389d596c0fa55834e106 

C:\WINDOWS\system32\rpcss.dll
[2004-08-04 09:00] - [2009-02-09 11:51] - 0401408 ____A (Microsoft Corporation) 3127afbf2c1ed0ab14a1bbb7aaecb85b 

 ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.
C:\WINDOWS\system32\Drivers\volsnap.sys
[2004-08-04 09:00] - [2008-04-14 02:52] - 0053760 ____A (Microsoft Corporation) a5a712f4e880874a477af790b5186e1d 


==================== End Of Log ============================

--- --- ---

&

addition

HTML-Code:

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 23-02-2014 02
Ran by vian at 2014-02-24 14:02:52
Running from C:\Dokumente und Einstellungen\vian\Lokale Einstellungen\Temporary Internet Files\Content.IE5\FEC7RNDI
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Disabled - Up to date) {11638345-E4FC-4BEE-BB73-EC754659C5F6}
FW: Norton Internet Worm Protection (Disabled) {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}
FW: FireWall (Disabled) {11638345-E4FC-4BEE-BB73-EC754659C5F6}

==================== Installed Programs ======================

1&1 Surf-Stick (HKLM\...\{A9E5EDA7-2E6C-49E7-924B-A32B89C24A04}) (Version: 1.0.0.2 - )
Adobe Acrobat 7.0 Professional - English, Français, Deutsch (Version: 7.1.0 - Adobe Systems) Hidden
Adobe Acrobat 7.1.0 Professional - English, Français, Deutsch (HKLM\...\Adobe Acrobat 7.0 Professional - EFG) (Version: 7.1.0 - Adobe Systems)
Adobe Flash Player 11 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Photoshop CS (HKLM\...\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}) (Version: CS - Adobe Systems, Inc.)
Adobe Reader X (10.1.9) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Ahead InCD (HKLM\...\InCD!UninstallKey) (Version:  - )
Ahead InCD EasyWrite Reader (HKLM\...\MRW!UninstallKey) (Version:  - )
Athlon 64 Processor Driver (HKLM\...\{C151CE54-E7EA-4804-854B-F515368B0798}) (Version: 1.2.2.2 - )
ATI Display Driver (HKLM\...\ATI Display Driver) (Version: 8.193-051110a1-028580C-HP - )
ATI Systemsteuerung (HKLM\...\{0BEDBD4E-2D34-47B5-9973-57E62B29307C}) (Version: 6.14.10.5171 - )
Audacity 1.2.6 (HKLM\...\Audacity_is1) (Version:  - )
Avira Internet Security (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.2.286 - Avira)
BufferChm (Version: 60.0.155.000 - Hewlett-Packard) Hidden
Conexant AC-Link Audio (HKLM\...\CNXT_AUDIO) (Version:  - )
CP_AtenaShokunin1Config (Version: 60.0.155.000 - Hewlett-Packard) Hidden
CP_CalendarTemplates1 (Version: 60.0.155.000 - Hewlett-Packard) Hidden
cp_LightScribeConfig (Version: 60.0.155.000 - Hewlett-Packard) Hidden
cp_OnlineProjectsConfig (Version: 60.0.155.000 - Hewlett-Packard) Hidden
CP_Package_Basic1 (Version: 60.0.155.000 - Hewlett-Packard) Hidden
CP_Package_Variety1 (Version: 60.0.155.000 - Hewlett-Packard) Hidden
CP_Package_Variety2 (Version: 60.0.155.000 - Hewlett-Packard) Hidden
CP_Package_Variety3 (Version: 60.0.155.000 - Hewlett-Packard) Hidden
CP_Panorama1Config (Version: 60.0.155.000 - Hewlett-Packard) Hidden
cp_PosterPrintConfig (Version: 60.0.155.000 - Hewlett-Packard) Hidden
cp_UpdateProjectsConfig (Version: 60.0.155.000 - Hewlett-Packard) Hidden
CueTour (Version: 60.0.155.000 - Hewlett-Packard) Hidden
Destinations (Version: 60.0.155.000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
Einfache Internetanmeldung (HKLM\...\InstallShield_{8105684D-8CA6-440D-8F58-7E5FD67A499D}) (Version: FE UI-4.1.0.1680 - Hewlett-Packard)
Einfache Internetanmeldung (Version: FE UI-4.1.0.1680 - Hewlett-Packard) Hidden
EPSON TWAIN 5 (HKLM\...\{9A3EABC0-CA06-11D4-BF77-00104B130C19}) (Version:  - )
FileZilla (remove only) (HKLM\...\FileZilla) (Version:  - )
FreeMind (HKLM\...\B991B020-2968-11D8-AF23-444553540000_is1) (Version: 0.9.0_RC_10 - )
FullDPAppQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
Galiastro 4.7.3 (HKLM\...\{4AB11DC7-2FB7-4A41-82C3-1A119BF50B24}) (Version: 4.7.3 - Paessler Software)
Galileo 3 (HKLM\...\Galileo 3) (Version:  - )
Google Chrome (HKLM\...\Google Chrome) (Version: 33.0.1750.117 - Google Inc.)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version:  - )
Google Update Helper (Version: 1.3.22.5 - Google Inc.) Hidden
Google Updater (HKLM\...\Google Updater) (Version: 2.4.2432.1652 - Google Inc.)
Hotfix für Windows Internet Explorer 7 (KB947864) (HKLM\...\KB947864-IE7) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB2158563) (HKLM\...\KB2158563) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB2443685) (HKLM\...\KB2443685) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB2570791) (HKLM\...\KB2570791) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB2633952) (HKLM\...\KB2633952) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB2756822) (HKLM\...\KB2756822) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB2779562) (HKLM\...\KB2779562) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB952287) (HKLM\...\KB952287) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB970653-v3) (HKLM\...\KB970653-v3) (Version: 3 - Microsoft Corporation)
Hotfix für Windows XP (KB976098-v2) (HKLM\...\KB976098-v2) (Version: 2 - Microsoft Corporation)
Hotfix für Windows XP (KB979306) (HKLM\...\KB979306) (Version: 1 - Microsoft Corporation)
Hotfix für Windows XP (KB981793) (HKLM\...\KB981793) (Version: 1 - Microsoft Corporation)
hp deskjet 6122 (HKLM\...\{E1F4FB82-3EA6-46B6-A18A-9B3A62DA393E}) (Version: 1.00.0000 - Hewlett-Packard)
hp deskjet 6122 series (HKLM\...\hp deskjet 6122 series_Driver) (Version:  - )
HP Help and Support (HKLM\...\{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}) (Version: 4.2.0006 - HPQ)
HP Imaging Device Functions 6.0 (HKLM\...\HP Imaging Device Functions) (Version: 6.0 - HP)
HP Photosmart Premier Software 6.0 (HKLM\...\HP Photo & Imaging) (Version: 6.0 - HP)
hp print screen utility (HKLM\...\hp print screen utility) (Version:  - )
HP QuickPlay 2.0 (HKLM\...\{45D707E9-F3C4-11D9-A373-0050BAE317E1}) (Version:  - )
HP Software Update (HKLM\...\{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}) (Version: 3.0.7.006 - Hewlett-Packard)
HP User Guides 0025 (HKLM\...\{52AE81CB-B786-490E-93CF-240A9891B392}) (Version: 1.00.0000 - Hewlett-Packard)
HP User Guides--System Recovery (HKLM\...\{BC96BBA7-C634-460E-AD18-A0A994213F80}) (Version: 1.00.0001 - Hewlett-Packard)
HP Wireless Assistant 2.00 C1 (HKLM\...\{4302B2DD-D958-40E3-BAF3-B07FFE1978CE}) (Version: 2.00 C1 - Hewlett-Packard Company)
HpSdpAppCoreApp (Version: 3.00.0000 - Hewlett-Packard) Hidden
InstantShareDevices (Version: 60.0.155.000 - Hewlett-Packard) Hidden
iTunes (HKLM\...\{E8843212-F0FC-4C3B-BFF3-D51829CB4F19}) (Version: 10.1.0.54 - Apple Inc.)
J2SE Runtime Environment 5.0 Update 6 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0150060}) (Version: 1.5.0.60 - Sun Microsystems, Inc.)
Java(TM) 6 Update 2 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160020}) (Version: 1.6.0.20 - Sun Microsystems, Inc.)
Java(TM) 6 Update 3 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160030}) (Version: 1.6.0.30 - Sun Microsystems, Inc.)
LightScribe  1.4.56.1 (Version: 1.4.56.1 - Integrator) Hidden
LiveUpdate 2.0 (Symantec Corporation) (HKLM\...\LiveUpdate) (Version: 2.0.39.0 - Symantec Corporation)
Macromedia Dreamweaver 8 (HKLM\...\{44025BD7-AD10-4769-99AE-6378FD0303D6}) (Version: 8.0.0.2751 - Macromedia)
Macromedia Extension Manager (HKLM\...\{0F022A2E-7022-497D-90A5-0F46746D8275}) (Version: 1.7.270 - Ihr Firmenname)
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 (Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 1.1 German Language Pack (HKLM\...\{E78BFA60-5393-4C38-82AB-E8019E464EB4}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version:  - )
Microsoft Internationalized Domain Names Mitigation APIs (Version:  - Microsoft Corporation) Hidden
Microsoft National Language Support Downlevel APIs (Version:  - Microsoft Corporation) Hidden
Microsoft Office Professional Edition 2003 (HKLM\...\{90110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM\...\{B26E3B0D-C2FA-4370-B068-7C476766F029}) (Version: 08.04.0702 - Microsoft Corporation)
Mobile Disk V3.0 (HKLM\...\InstallShield_{A366D8D1-61BE-47C7-A0A5-E9AAC3F69622}) (Version: 1.00.0000 - Your Company Name)
Mobile Disk V3.0 (Version: 1.00.0000 - Your Company Name) Hidden
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero Suite (HKLM\...\NeroMultiInstaller!UninstallKey) (Version:  - )
Nokia PC Suite (HKLM\...\Nokia PC Suite) (Version: 6.84.10.3 - Nokia)
Nokia PC Suite (Version: 6.84.10.3 - Nokia) Hidden
Norton Ghost 9.0 (HKLM\...\{3C759736-8347-4031-BB9C-D75ADFE6B101}) (Version: 9.0.0 - Symantec)
Optimierung aufgrund von Kundenerfahrungen (HKLM\...\InstallShield_{23012310-3E05-46A5-88A9-C6CBCABCAC79}) (Version: Customer Experience Enhancement -1.0.0.1680 - Hewlett-Packard)
Optimierung aufgrund von Kundenerfahrungen (Version: Customer Experience Enhancement -1.0.0.1680 - Hewlett-Packard) Hidden
OptionalContentQFolder (Version: 1.00.0000 - Hewlett-Packard) Hidden
PC Connectivity Solution (HKLM\...\{99A40651-0BC2-4095-8F9A-A40FAB224FEF}) (Version: 7.22.7.1 - Nokia)
PHOTOfunSTUDIO -viewer- (HKLM\...\{9A9DBEBC-C800-4776-A970-D76D6AA405B1}) (Version: 1.00.000 - )
PhotoGallery (Version: 60.0.155.000 - Hewlett-Packard) Hidden
PL-2303 USB-to-Serial (HKLM\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version:  - )
Quick Launch Buttons 5.20 G1 (HKLM\...\{CEB326EC-8F40-47B2-BA22-BB092565D66F}) (Version: 5.20 G1 - Hewlett-Packard Company)
QuickTime (HKLM\...\{E7004147-2CCA-431C-AA05-2AB166B9785D}) (Version: 7.68.75.0 - Apple Inc.)
RandMap (Version: 60.0.155.000 - Hewlett-Packard) Hidden
Sicherheitsupdate für Microsoft Windows (KB2564958) (HKLM\...\KB2564958) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Step by Step Interactive Training (KB898458) (HKLM\...\KB898458) (Version: 20050502.101010 - Microsoft Corporation)
Sicherheitsupdate für Step by Step Interactive Training (KB923723) (HKLM\...\KB923723) (Version: 20050502.101010 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB2183461) (HKLM\...\KB2183461-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB2360131) (HKLM\...\KB2360131-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB2416400) (HKLM\...\KB2416400-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB2482017) (HKLM\...\KB2482017-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB2497640) (HKLM\...\KB2497640-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB2530548) (HKLM\...\KB2530548-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB2544521) (HKLM\...\KB2544521-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB2559049) (HKLM\...\KB2559049-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB2586448) (HKLM\...\KB2586448-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB2618444) (HKLM\...\KB2618444-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB2647516) (HKLM\...\KB2647516-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB2675157) (HKLM\...\KB2675157-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB2699988) (HKLM\...\KB2699988-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB2722913) (HKLM\...\KB2722913-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB2744842) (HKLM\...\KB2744842-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB2761465) (HKLM\...\KB2761465-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB2792100) (HKLM\...\KB2792100-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB2797052) (HKLM\...\KB2797052-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB2799329) (HKLM\...\KB2799329-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB2809289) (HKLM\...\KB2809289-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB2817183) (HKLM\...\KB2817183-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB2829530) (HKLM\...\KB2829530-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB2838727) (HKLM\...\KB2838727-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB2846071) (HKLM\...\KB2846071-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB2862772) (HKLM\...\KB2862772-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB2898785) (HKLM\...\KB2898785-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB928090) (HKLM\...\KB928090-IE7) (Version: 20070117.120000 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB929969) (HKLM\...\KB929969) (Version: 20061222.120000 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB931768) (HKLM\...\KB931768-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB933566) (HKLM\...\KB933566-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB937143) (HKLM\...\KB937143-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB938127) (HKLM\...\KB938127-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB939653) (HKLM\...\KB939653-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB942615) (HKLM\...\KB942615-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB944533) (HKLM\...\KB944533-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB950759) (HKLM\...\KB950759-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB953838) (HKLM\...\KB953838-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB956390) (HKLM\...\KB956390-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB958215) (HKLM\...\KB958215-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB960714) (HKLM\...\KB960714-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB961260) (HKLM\...\KB961260-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB963027) (HKLM\...\KB963027-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB969897) (HKLM\...\KB969897-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB972260) (HKLM\...\KB972260-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB974455) (HKLM\...\KB974455-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB976325) (HKLM\...\KB976325-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB978207) (HKLM\...\KB978207-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Internet Explorer 7 (KB982381) (HKLM\...\KB982381-IE7) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB2378111) (HKLM\...\KB2378111_WM9) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB2834902) (HKLM\...\KB2834902_WM10) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB2834902-v2) (HKLM\...\KB2834902-v2_WM10) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB911564) (HKLM\...\KB911564) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB952069) (HKLM\...\KB952069_WM9) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB954155) (HKLM\...\KB954155_WM9) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB968816) (HKLM\...\KB968816_WM9) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB973540) (HKLM\...\KB973540_WM9) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB975558) (HKLM\...\KB975558_WM8) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player (KB978695) (HKLM\...\KB978695_WM9) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player 10 (KB917734) (HKLM\...\KB917734_WMP10) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player 10 (KB936782) (HKLM\...\KB936782_WMP10) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player 6.4 (KB925398) (HKLM\...\KB925398_WMP64) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows Media Player 9 (KB911565) (HKLM\...\KB911565) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2079403) (HKLM\...\KB2079403) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2115168) (HKLM\...\KB2115168) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2121546) (HKLM\...\KB2121546) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2160329) (HKLM\...\KB2160329) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2229593) (HKLM\...\KB2229593) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2259922) (HKLM\...\KB2259922) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2279986) (HKLM\...\KB2279986) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2286198) (HKLM\...\KB2286198) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2296011) (HKLM\...\KB2296011) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2296199) (HKLM\...\KB2296199) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2347290) (HKLM\...\KB2347290) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2360937) (HKLM\...\KB2360937) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2387149) (HKLM\...\KB2387149) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2393802) (HKLM\...\KB2393802) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2412687) (HKLM\...\KB2412687) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2419632) (HKLM\...\KB2419632) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2423089) (HKLM\...\KB2423089) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2436673) (HKLM\...\KB2436673) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2440591) (HKLM\...\KB2440591) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2443105) (HKLM\...\KB2443105) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2476490) (HKLM\...\KB2476490) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2476687) (HKLM\...\KB2476687) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2478960) (HKLM\...\KB2478960) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2478971) (HKLM\...\KB2478971) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2479628) (HKLM\...\KB2479628) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2479943) (HKLM\...\KB2479943) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2481109) (HKLM\...\KB2481109) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2483185) (HKLM\...\KB2483185) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2485376) (HKLM\...\KB2485376) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2485663) (HKLM\...\KB2485663) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2503658) (HKLM\...\KB2503658) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2503665) (HKLM\...\KB2503665) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2506212) (HKLM\...\KB2506212) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2506223) (HKLM\...\KB2506223) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2507618) (HKLM\...\KB2507618) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2507938) (HKLM\...\KB2507938) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2508272) (HKLM\...\KB2508272) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2508429) (HKLM\...\KB2508429) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2509553) (HKLM\...\KB2509553) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2510581) (HKLM\...\KB2510581) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2511455) (HKLM\...\KB2511455) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2524375) (HKLM\...\KB2524375) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2535512) (HKLM\...\KB2535512) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2536276) (HKLM\...\KB2536276) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2536276-v2) (HKLM\...\KB2536276-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2544893) (HKLM\...\KB2544893) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2544893-v2) (HKLM\...\KB2544893-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2555917) (HKLM\...\KB2555917) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2562937) (HKLM\...\KB2562937) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2566454) (HKLM\...\KB2566454) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2567053) (HKLM\...\KB2567053) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2567680) (HKLM\...\KB2567680) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2570222) (HKLM\...\KB2570222) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2570947) (HKLM\...\KB2570947) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2584146) (HKLM\...\KB2584146) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2585542) (HKLM\...\KB2585542) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2592799) (HKLM\...\KB2592799) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2598479) (HKLM\...\KB2598479) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2603381) (HKLM\...\KB2603381) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2618451) (HKLM\...\KB2618451) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2619339) (HKLM\...\KB2619339) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2620712) (HKLM\...\KB2620712) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2621440) (HKLM\...\KB2621440) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2624667) (HKLM\...\KB2624667) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2631813) (HKLM\...\KB2631813) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2633171) (HKLM\...\KB2633171) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2639417) (HKLM\...\KB2639417) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2641653) (HKLM\...\KB2641653) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2646524) (HKLM\...\KB2646524) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2647518) (HKLM\...\KB2647518) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2653956) (HKLM\...\KB2653956) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2655992) (HKLM\...\KB2655992) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2659262) (HKLM\...\KB2659262) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2660465) (HKLM\...\KB2660465) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2661637) (HKLM\...\KB2661637) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2676562) (HKLM\...\KB2676562) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2685939) (HKLM\...\KB2685939) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2686509) (HKLM\...\KB2686509) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2691442) (HKLM\...\KB2691442) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2695962) (HKLM\...\KB2695962) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2698365) (HKLM\...\KB2698365) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2705219) (HKLM\...\KB2705219) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2707511) (HKLM\...\KB2707511) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2709162) (HKLM\...\KB2709162) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2712808) (HKLM\...\KB2712808) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2718523) (HKLM\...\KB2718523) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2719985) (HKLM\...\KB2719985) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2723135) (HKLM\...\KB2723135) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2724197) (HKLM\...\KB2724197) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2727528) (HKLM\...\KB2727528) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2731847) (HKLM\...\KB2731847) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2753842) (HKLM\...\KB2753842) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2753842-v2) (HKLM\...\KB2753842-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2757638) (HKLM\...\KB2757638) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2758857) (HKLM\...\KB2758857) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2761226) (HKLM\...\KB2761226) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2770660) (HKLM\...\KB2770660) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2778344) (HKLM\...\KB2778344) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2779030) (HKLM\...\KB2779030) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2780091) (HKLM\...\KB2780091) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2799494) (HKLM\...\KB2799494) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2802968) (HKLM\...\KB2802968) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2807986) (HKLM\...\KB2807986) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2808735) (HKLM\...\KB2808735) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2813170) (HKLM\...\KB2813170) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2813345) (HKLM\...\KB2813345) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2820197) (HKLM\...\KB2820197) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2820917) (HKLM\...\KB2820917) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2829361) (HKLM\...\KB2829361) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2834886) (HKLM\...\KB2834886) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2839229) (HKLM\...\KB2839229) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2845187) (HKLM\...\KB2845187) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2847311) (HKLM\...\KB2847311) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2849470) (HKLM\...\KB2849470) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2850851) (HKLM\...\KB2850851) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2850869) (HKLM\...\KB2850869) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2859537) (HKLM\...\KB2859537) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2862152) (HKLM\...\KB2862152) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2862330) (HKLM\...\KB2862330) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2862335) (HKLM\...\KB2862335) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2864063) (HKLM\...\KB2864063) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2868038) (HKLM\...\KB2868038) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2868626) (HKLM\...\KB2868626) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2876217) (HKLM\...\KB2876217) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2876331) (HKLM\...\KB2876331) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2892075) (HKLM\...\KB2892075) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2893294) (HKLM\...\KB2893294) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2893984) (HKLM\...\KB2893984) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2898715) (HKLM\...\KB2898715) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2900986) (HKLM\...\KB2900986) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB2914368) (HKLM\...\KB2914368) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB923561) (HKLM\...\KB923561) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB923689) (HKLM\...\KB923689) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB938464) (HKLM\...\KB938464) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB938464-v2) (HKLM\...\KB938464-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB941569) (HKLM\...\KB941569) (Version:  - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB946648) (HKLM\...\KB946648) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB950760) (HKLM\...\KB950760) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB950762) (HKLM\...\KB950762) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB950974) (HKLM\...\KB950974) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB951066) (HKLM\...\KB951066) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB951376) (HKLM\...\KB951376) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB951376-v2) (HKLM\...\KB951376-v2) (Version: 2 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB951698) (HKLM\...\KB951698) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB951748) (HKLM\...\KB951748) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB952004) (HKLM\...\KB952004) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB952954) (HKLM\...\KB952954) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB953839) (HKLM\...\KB953839) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB954211) (HKLM\...\KB954211) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB954459) (HKLM\...\KB954459) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB954600) (HKLM\...\KB954600) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB955069) (HKLM\...\KB955069) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956391) (HKLM\...\KB956391) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956572) (HKLM\...\KB956572) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956744) (HKLM\...\KB956744) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956802) (HKLM\...\KB956802) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956803) (HKLM\...\KB956803) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956841) (HKLM\...\KB956841) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB956844) (HKLM\...\KB956844) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB957095) (HKLM\...\KB957095) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB957097) (HKLM\...\KB957097) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB958644) (HKLM\...\KB958644) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB958687) (HKLM\...\KB958687) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB958690) (HKLM\...\KB958690) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB958869) (HKLM\...\KB958869) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB959426) (HKLM\...\KB959426) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB960225) (HKLM\...\KB960225) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB960715) (HKLM\...\KB960715) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB960803) (HKLM\...\KB960803) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB960859) (HKLM\...\KB960859) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB961371) (HKLM\...\KB961371) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB961373) (HKLM\...\KB961373) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB961501) (HKLM\...\KB961501) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB968537) (HKLM\...\KB968537) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB969059) (HKLM\...\KB969059) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB969898) (HKLM\...\KB969898) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB969947) (HKLM\...\KB969947) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB970238) (HKLM\...\KB970238) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB970430) (HKLM\...\KB970430) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB971468) (HKLM\...\KB971468) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB971486) (HKLM\...\KB971486) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB971557) (HKLM\...\KB971557) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB971633) (HKLM\...\KB971633) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB971657) (HKLM\...\KB971657) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB971961) (HKLM\...\KB971961) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB972270) (HKLM\...\KB972270) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB973346) (HKLM\...\KB973346) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB973354) (HKLM\...\KB973354) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB973507) (HKLM\...\KB973507) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB973525) (HKLM\...\KB973525) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB973869) (HKLM\...\KB973869) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB973904) (HKLM\...\KB973904) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB974112) (HKLM\...\KB974112) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB974318) (HKLM\...\KB974318) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB974392) (HKLM\...\KB974392) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB974571) (HKLM\...\KB974571) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975025) (HKLM\...\KB975025) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975467) (HKLM\...\KB975467) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975560) (HKLM\...\KB975560) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975561) (HKLM\...\KB975561) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975562) (HKLM\...\KB975562) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB975713) (HKLM\...\KB975713) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB977165) (HKLM\...\KB977165) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB977914) (HKLM\...\KB977914) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978037) (HKLM\...\KB978037) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978251) (HKLM\...\KB978251) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978262) (HKLM\...\KB978262) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978542) (HKLM\...\KB978542) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978601) (HKLM\...\KB978601) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB978706) (HKLM\...\KB978706) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB979309) (HKLM\...\KB979309) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB979482) (HKLM\...\KB979482) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB979559) (HKLM\...\KB979559) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB979683) (HKLM\...\KB979683) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB979687) (HKLM\...\KB979687) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB980195) (HKLM\...\KB980195) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB980218) (HKLM\...\KB980218) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB980232) (HKLM\...\KB980232) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB980436) (HKLM\...\KB980436) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB981322) (HKLM\...\KB981322) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB981349) (HKLM\...\KB981349) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB981852) (HKLM\...\KB981852) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB981957) (HKLM\...\KB981957) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB981997) (HKLM\...\KB981997) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB982132) (HKLM\...\KB982132) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB982214) (HKLM\...\KB982214) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB982665) (HKLM\...\KB982665) (Version: 1 - Microsoft Corporation)
Sicherheitsupdate für Windows XP (KB982802) (HKLM\...\KB982802) (Version: 1 - Microsoft Corporation)
SkinsHP1 (Version: 60.0.155.000 - Hewlett-Packard) Hidden
Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_PCI_VEN_1002&DEV_4378) (Version:  - )
Sonic Audio Module (HKLM\...\{AB708C9B-97C8-4AC9-899B-DBF226AC9382}) (Version: 2.0.4 - Sonic Solutions)
Sonic Copy Module (HKLM\...\{B12665F4-4E93-4AB4-B7FC-37053B524629}) (Version: 2.0.4 - Sonic Solutions)
Sonic Data Module (HKLM\...\{075473F5-846A-448B-BCB3-104AA1760205}) (Version: 2.0.4 - Sonic Solutions)
Sonic Express Labeler (HKLM\...\{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}) (Version: 2.0.0 - Sonic Solutions)
Sonic MyDVD Plus (HKLM\...\{21657574-BD54-48A2-9450-EB03B2C7FC29}) (Version: 6.2.0 - Sonic Solutions)
Sonic Update Manager (HKLM\...\{30465B6C-B53F-49A1-9EBA-A3F187AD502E}) (Version: 3.0.0 - Sonic Solutions)
Sonic_PrimoSDK (Version: 60.0.155.000 - Hewlett-Packard) Hidden
SymNet (Version: 6.0.0.99 - Symantec Corporation) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 8.0.13.0 - Synaptics)
Texas Instruments PCIxx21/x515/xx12 drivers. (HKLM\...\InstallShield_{7B6CF9EB-CB2B-4A1A-81A9-BE1A9044690A}) (Version: 1.15.0000 - Texas Instruments Inc.)
TIPCI (Version: 1.15.0000 - Texas Instruments Inc.) Hidden
Unload (Version: 6.0.0 - Hewlett-Packard) Hidden
Update für Windows Internet Explorer 7 (KB976749) (HKLM\...\KB976749-IE7) (Version: 1 - Microsoft Corporation)
Update für Windows Internet Explorer 7 (KB980182) (HKLM\...\KB980182-IE7) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2141007) (HKLM\...\KB2141007) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2345886) (HKLM\...\KB2345886) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2467659) (HKLM\...\KB2467659) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2541763) (HKLM\...\KB2541763) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2607712) (HKLM\...\KB2607712) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2616676) (HKLM\...\KB2616676) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2641690) (HKLM\...\KB2641690) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2661254-v2) (HKLM\...\KB2661254-v2) (Version: 2 - Microsoft Corporation)
Update für Windows XP (KB2718704) (HKLM\...\KB2718704) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2736233) (HKLM\...\KB2736233) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2749655) (HKLM\...\KB2749655) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2863058) (HKLM\...\KB2863058) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB2904266) (HKLM\...\KB2904266) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB951072-v2) (HKLM\...\KB951072-v2) (Version: 2 - Microsoft Corporation)
Update für Windows XP (KB951978) (HKLM\...\KB951978) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB955759) (HKLM\...\KB955759) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB955839) (HKLM\...\KB955839) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB967715) (HKLM\...\KB967715) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB968389) (HKLM\...\KB968389) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB971029) (HKLM\...\KB971029) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB971737) (HKLM\...\KB971737) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB973687) (HKLM\...\KB973687) (Version: 1 - Microsoft Corporation)
Update für Windows XP (KB973815) (HKLM\...\KB973815) (Version: 1 - Microsoft Corporation)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.5.0540.0 - Microsoft Corporation)
Windows Internet Explorer 7 (HKLM\...\ie7) (Version: 20061107.210142 - Microsoft Corporation)
Windows Media Format Runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Windows Media Player 10 (HKLM\...\Windows Media Player) (Version:  - )
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031514 - Microsoft Corporation)

==================== Restore Points  =========================

03-02-2014 13:50:58 Software Distribution Service 3.0
04-02-2014 14:02:25 Systemprüfpunkt

==================== Hosts content: ==========================

2004-08-04 09:00 - 2004-08-04 09:00 - 00000820 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\Google Software Updater.job => C:\Programme\Google\Common\Google Updater\GoogleUpdaterService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Programme\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Programme\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2009-03-08 09:30 - 2006-01-12 21:20 - 01265664 _____ () C:\Programme\Adobe\Acrobat 7.0\Distillr\adistres.DEU
2013-08-05 21:56 - 2013-08-05 19:53 - 00394824 _____ () C:\Programme\Avira\AntiVir Desktop\sqlite3.dll
2011-08-12 16:57 - 2010-09-30 13:00 - 00253264 _____ () C:\Programme\1&1 Surf-Stick\AssistantServices.exe
2013-08-05 21:56 - 2012-06-19 08:41 - 00447848 _____ () C:\Programme\Avira\AntiVir Desktop\libxml2.dll
2013-08-05 21:56 - 2012-06-19 08:41 - 00060264 _____ () C:\Programme\Avira\AntiVir Desktop\cares.dll
2011-08-12 16:57 - 2010-09-30 13:00 - 00139088 _____ () C:\Programme\1&1 Surf-Stick\UIExec.exe
2006-04-11 21:30 - 2005-12-08 12:45 - 00516182 _____ () C:\Programme\HPQ\shared\HpqToaster.exe
2009-03-08 09:29 - 2006-05-16 21:33 - 02002944 _____ () C:\Programme\Adobe\Acrobat 7.0\PDFMaker\Common\AdobePDFMakerX.dll
2009-03-08 09:29 - 2006-01-12 21:20 - 01249280 _____ () C:\Programme\Adobe\Acrobat 7.0\PDFMaker\Common\AdobePDFMakerX.DEU

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupfolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Adobe Acrobat - Schnellstart.lnk => C:\WINDOWS\pss\Adobe Acrobat - Schnellstart.lnkCommon Startup
MSCONFIG\startupfolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^Adobe Gamma Loader.lnk => C:\WINDOWS\pss\Adobe Gamma Loader.lnkCommon Startup
MSCONFIG\startupfolder: C:^Dokumente und Einstellungen^All Users^Startmenü^Programme^Autostart^HP Photosmart Premier – Schnellstart.lnk => C:\WINDOWS\pss\HP Photosmart Premier – Schnellstart.lnkCommon Startup
MSCONFIG\startupreg: Acrobat Assistant 7.0 => "C:\Programme\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
MSCONFIG\startupreg: InCD => C:\Programme\Ahead\InCD\InCD.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Programme\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: MSMSGS => "C:\Programme\Messenger\msmsgs.exe" /background
MSCONFIG\startupreg: NeroFilterCheck => C:\WINDOWS\system32\NeroCheck.exe
MSCONFIG\startupreg: Norton Ghost 9.0 => C:\Programme\Symantec\Norton Ghost\Agent\GhostTray.exe
MSCONFIG\startupreg: PCSuiteTrayApplication => C:\Programme\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
MSCONFIG\startupreg: PhotoShow Deluxe Media Manager => C:\PROGRA~1\Ahead\NEROPH~2\data\Xtras\mssysmgr.exe
MSCONFIG\startupreg: QPService => "C:\Programme\HP\QuickPlay\QPService.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Programme\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Programme\Java\jre1.6.0_03\bin\jusched.exe"
MSCONFIG\startupreg: swg => C:\Programme\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
MSCONFIG\startupreg: UFD Monitor => C:\Programme\TwinMOS\Mobile Disk V3.0\MobMon.exe
MSCONFIG\startupreg: UFD Utility => C:\Programme\TwinMOS\Mobile Disk V3.0\UsbTD.exe

==================== Faulty Device Manager Devices =============

Name: 1394-Netzwerkadapter
Description: 1394-Netzwerkadapter
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Microsoft
Service: NIC1394
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Realtek RTL8139/810x Family Fast Ethernet NIC
Description: Realtek RTL8139/810x Family Fast Ethernet NIC
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Realtek Semiconductor Corp.
Service: RTL8023xp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (02/24/2014 00:49:53 PM) (Source: COM+) (User: )
Description: Transaktionen, die zur Unterstützung von Transaktionskomponenten erforderlich sind, konnten von der Laufzeitumgebung nicht initialisiert werden. Stellen Sie sicher, dass MS DTC ausgeführt wird.(DtcGetTransactionManagerEx(): hr = 0x8004d027)

Error: (02/24/2014 00:49:53 PM) (Source: MSDTC Client) (User: )
Description: Fehler beim Initialisieren der benötigten Namensobjekte. Fehler: d:\comxp_sp3\com\com1x\dtc\dtc\msdtcprx\src\dtcinit.cpp:215, Pid: 1436
No Callstack,
 CmdLine: C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}

Error: (02/04/2014 05:26:25 PM) (Source: Application Hang) (User: )
Description: Stillstehende Anwendung OUTLOOK.EXE, Version 11.0.5510.0, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.

Error: (02/04/2014 02:43:19 PM) (Source: Application Hang) (User: )
Description: Stillstehende Anwendung mbam.exe, Version 1.75.0.1, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.

Error: (02/04/2014 02:43:18 PM) (Source: Application Hang) (User: )
Description: Stillstehende Anwendung mbam.exe, Version 1.75.0.1, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.

Error: (02/04/2014 08:22:20 AM) (Source: COM+) (User: )
Description: Transaktionen, die zur Unterstützung von Transaktionskomponenten erforderlich sind, konnten von der Laufzeitumgebung nicht initialisiert werden. Stellen Sie sicher, dass MS DTC ausgeführt wird.(DtcGetTransactionManagerEx(): hr = 0x8004d027)

Error: (02/04/2014 08:22:20 AM) (Source: MSDTC Client) (User: )
Description: Fehler beim Initialisieren der benötigten Namensobjekte. Fehler: d:\comxp_sp3\com\com1x\dtc\dtc\msdtcprx\src\dtcinit.cpp:215, Pid: 640
No Callstack,
 CmdLine: C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}

Error: (02/04/2014 08:19:43 AM) (Source: Application Hang) (User: )
Description: Stillstehende Anwendung mbam.exe, Version 1.75.0.1, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.

Error: (02/04/2014 00:02:03 AM) (Source: Application Hang) (User: )
Description: Stillstehende Anwendung mbam.exe, Version 1.75.0.1, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.

Error: (02/04/2014 00:02:03 AM) (Source: Application Hang) (User: )
Description: Stillstehende Anwendung mbam.exe, Version 1.75.0.1, Stillstandmodul hungapp, Version 0.0.0.0, Stillstandadresse 0x00000000.


System errors:
=============
Error: (02/04/2014 00:45:06 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Google Update Service (gupdate1ca2ecfa4bb1534)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (02/04/2014 00:45:06 PM) (Source: Service Control Manager) (User: )
Description: Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst Google Update Service (gupdate1ca2ecfa4bb1534).

Error: (02/04/2014 00:45:02 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: Bei DCOM ist der Fehler "%%1053" aufgetreten, als der Dienst "gupdate1ca2ecfa4bb1534" mit den Argumenten "/comsvc"
gestartet wurde, um den folgenden Server zu verwenden:
{4EB61BAC-A3B6-4760-9581-655041EF4D69}

Error: (02/03/2014 07:28:34 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Gatewaydienst auf Anwendungsebene" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (02/03/2014 07:28:34 PM) (Source: Service Control Manager) (User: )
Description: Zeitüberschreitung (30000 ms) beim Verbindungsversuch mit Dienst Gatewaydienst auf Anwendungsebene.

Error: (02/03/2014 02:12:08 PM) (Source: Service Control Manager) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Type" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (02/03/2014 02:12:08 PM) (Source: Service Control Manager) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Type" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (02/03/2014 02:12:07 PM) (Source: Service Control Manager) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Type" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (02/03/2014 02:09:41 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Avira Echtzeit-Scanner" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Starten Sie den Dienst neu..

Error: (02/03/2014 02:09:41 PM) (Source: Service Control Manager) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5


Microsoft Office Sessions:
=========================
Error: (02/24/2014 00:49:53 PM) (Source: COM+)(User: )
Description: (DtcGetTransactionManagerEx(): hr = 0x8004d027)

Error: (02/24/2014 00:49:53 PM) (Source: MSDTC Client)(User: )
Description: d:\comxp_sp3\com\com1x\dtc\dtc\msdtcprx\src\dtcinit.cpp:215, Pid: 1436
No Callstack,
 CmdLine: C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}

Error: (02/04/2014 05:26:25 PM) (Source: Application Hang)(User: )
Description: OUTLOOK.EXE11.0.5510.0hungapp0.0.0.000000000

Error: (02/04/2014 02:43:19 PM) (Source: Application Hang)(User: )
Description: mbam.exe1.75.0.1hungapp0.0.0.000000000

Error: (02/04/2014 02:43:18 PM) (Source: Application Hang)(User: )
Description: mbam.exe1.75.0.1hungapp0.0.0.000000000

Error: (02/04/2014 08:22:20 AM) (Source: COM+)(User: )
Description: (DtcGetTransactionManagerEx(): hr = 0x8004d027)

Error: (02/04/2014 08:22:20 AM) (Source: MSDTC Client)(User: )
Description: d:\comxp_sp3\com\com1x\dtc\dtc\msdtcprx\src\dtcinit.cpp:215, Pid: 640
No Callstack,
 CmdLine: C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}

Error: (02/04/2014 08:19:43 AM) (Source: Application Hang)(User: )
Description: mbam.exe1.75.0.1hungapp0.0.0.000000000

Error: (02/04/2014 00:02:03 AM) (Source: Application Hang)(User: )
Description: mbam.exe1.75.0.1hungapp0.0.0.000000000

Error: (02/04/2014 00:02:03 AM) (Source: Application Hang)(User: )
Description: mbam.exe1.75.0.1hungapp0.0.0.000000000


==================== Memory info =========================== 

Percentage of memory in use: 47%
Total physical RAM: 1022.17 MB
Available physical RAM: 535.57 MB
Total Pagefile: 2458.98 MB
Available Pagefile: 1218.37 MB
Total Virtual: 2047.88 MB
Available Virtual: 1959.77 MB

==================== Drives ================================

Drive c: (system_daten) (Fixed) (Total:104.17 GB) (Free:9.39 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: (HP_RECOVERY) (Fixed) (Total:6.6 GB) (Free:1.2 GB) FAT32 ==>[Drive with boot components (Windows XP)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 112 GB) (Disk ID: A696A696)

Partition: GPT Partition Type.

==================== End Of Log ============================

herzlichen dankk, du fällst hoffentlich nicht in ohnmacht.
hope13

20.02.2014, 14:24	#10
schrauber /// the machine /// TB-Ausbilder	PUP.Optional.SearchCertifiedTB.A / search.certified-toolbar Poste einfach mal FRST Logs von dem Rechner __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

21.02.2014, 11:02	#12
schrauber /// the machine /// TB-Ausbilder	PUP.Optional.SearchCertifiedTB.A / search.certified-toolbar Gute Besserung. was meinst DU mit "vom Netzwerk trennen"? __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

22.02.2014, 13:23	#14
schrauber /// the machine /// TB-Ausbilder	PUP.Optional.SearchCertifiedTB.A / search.certified-toolbar Brauchst Du nit __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

PUP.Optional.SearchCertifiedTB.A / search.certified-toolbar

Plagegeister aller Art und deren Bekämpfung: PUP.Optional.SearchCertifiedTB.A / search.certified-toolbar