Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Fehlermeldung "Sie wurden mit einem temporären Profil angemeldet"

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 09.03.2014, 15:34   #1
Highn86
 
Fehlermeldung "Sie wurden mit einem temporären Profil angemeldet" - Standard

Fehlermeldung "Sie wurden mit einem temporären Profil angemeldet"



Hallo Zusammen,

ich fahre neulich meinen Computer hoch und bekomme die auf Anhang "IMG-20140203-WA0000.jpg " dargestellte Meldung. Ich bin auch nicht auf meinem normalen Desktop gelandet sondern hatte einen anderen Hintergrund usw.

Ich hab daraufhin direkt einen Virenscan gemacht der mir die Ergebnisse, dargestellt in Anhang "IMG-20140218-WA0009.jpg" und "IMG-20140218-WA0008.jpg" brachte.

Leider passiert es immer noch, dass ich ab und zu beim hochfahren diese Fehlermeldung bekomme und auf einem "anderen Desktop" lande. Muss ich mir Gedanken machen? Ich benutzte Windows 7!
Miniaturansicht angehängter Grafiken
-img-20140218-wa0000.jpg   -img-20140218-wa0008.jpg   -img-20140218-wa0009.jpg  

Alt 09.03.2014, 18:33   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Fehlermeldung "Sie wurden mit einem temporären Profil angemeldet" - Standard

Fehlermeldung "Sie wurden mit einem temporären Profil angemeldet"



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 09.03.2014, 20:26   #3
Highn86
 
Fehlermeldung "Sie wurden mit einem temporären Profil angemeldet" - Standard

Fehlermeldung "Sie wurden mit einem temporären Profil angemeldet"




FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-03-2014
Ran by Svenja (administrator) on SVENJA-HP on 09-03-2014 20:13:47
Running from C:\Users\TEMP.Svenja-HP.003\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\STacSV64.exe
(Microsoft Corporation) C:\Windows\system32\AUDIODG.EXE
(AMD) C:\Windows\system32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Devguru Co., Ltd.) C:\Windows\SysWOW64\dgdersvc.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
() C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(AVG) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe
(Wajam) C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\loggingserver.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(AVG) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Windows\vVX1000.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Easybits) C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe
() C:\Program Files (x86)\AVG Nation toolbar\vprot.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\IELowutil.exe
(TeamViewer GmbH) c:\program files (x86)\teamviewer\version9\TeamViewer_Desktop.exe
(Farbar) C:\Users\TEMP.Svenja-HP.003\Downloads\FRST64(1).exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [VX1000] - C:\Windows\vVX1000.exe [762736 2010-05-20] (Microsoft Corporation)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [LifeCam] - C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-06] (Apple Inc.)
HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Magic Desktop for HP notification] - C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe [1258504 2013-12-27] (Easybits)
HKLM-x32\...\Run: [vProt] - C:\Program Files (x86)\AVG Nation toolbar\vprot.exe [2552856 2014-02-20] ()
HKLM-x32\...\Run: [Avira Systray] - C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [172624 2014-02-24] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-14] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\TS_KeyLodaded\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [3365176 2010-09-06] (Samsung Electronics Co., Ltd.)
HKU\TS_KeyLodaded\...\Run: [HP Officejet 4620 series (NET)] - C:\Program Files\HP\HP Officejet 4620 series\Bin\ScanToPCActivationApp.exe [2548072 2011-12-18] (Hewlett-Packard Co.)
HKU\TS_KeyLodaded\...\Run: [GoogleChromeAutoLaunch_5D72223BCA6525AD03E209A31CC77007] - C:\Users\Svenja\AppData\Local\Google\Chrome\Application\chrome.exe [866632 2014-02-02] (Google Inc.)
HKU\TS_KeyLodaded\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\TS_KeyLodaded\...\Run: [Google Update] - C:\Users\Svenja\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2012-01-16] (Google Inc.)
Startup: C:\Users\Svenja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\TEMP.Svenja-HP.003\AppData\Roaming\Dropbox\bin\Dropbox.exe (No File)
Startup: C:\Users\Svenja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Svenja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet 4620 series (Netzwerk).lnk
ShortcutTarget: Tintenwarnungen überwachen - HP Officejet 4620 series (Netzwerk).lnk -> C:\Program Files\HP\HP Officejet 4620 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT/4
HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.uk.msn.com/HPNOT/4
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT/4
SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKLM - {3BC70585-04B1-4BF3-BD1B-E829876E5EDA} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKLM-x32 - {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKLM-x32 - {3BC70585-04B1-4BF3-BD1B-E829876E5EDA} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM-x32 - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKCU - {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPNTDF
SearchScopes: HKCU - {3BC70585-04B1-4BF3-BD1B-E829876E5EDA} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKCU - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKCU - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
BHO: TrueSuite Website Log On - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll (HP)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: TrueSuite Website Log On - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass 2011\IEBHO.dll (HP)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: AVG Nation toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Nation toolbar\17.3.0.49\AVG Nation toolbar_toolbar.dll (AVG Secure Search)
BHO-x32: Wajam - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll (Wajam)
BHO-x32: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.24.6\bh\delta.dll (Delta-search.com)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
BHO-x32: Softonic Helper Object - {E87806B5-E908-45FD-AF5E-957D83E58E68} - C:\Program Files (x86)\Softonic\Softonic\1.8.8.11\bh\Softonic.dll (Softonic.com)
BHO-x32: BonanzaDeals - {fe063412-bea4-4d76-8ed3-183be6220d17} - C:\Program Files (x86)\BonanzaDeals\BonanzaDealsIE.dll (BonanzaDeals)
Toolbar: HKLM-x32 - ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
Toolbar: HKLM-x32 - Softonic Toolbar - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Program Files (x86)\Softonic\Softonic\1.8.8.11\SoftonicTlbr.dll (Softonic.com)
Toolbar: HKLM-x32 - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.24.6\deltaTlbr.dll (Delta-search.com)
Toolbar: HKLM-x32 - AVG Nation toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Nation toolbar\17.3.0.49\AVG Nation toolbar_toolbar.dll (AVG Secure Search)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.3.0\ViProtocol.dll (AVG Secure Search)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2011-07-15] (EasyBits Software Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\TEMP.Svenja-HP.003\AppData\Roaming\Mozilla\Firefox\Profiles\7pg2gwtp.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.3.0\\npsitesafety.dll (AVG Technologies)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.bdupdater.com/BonanzaDealsLive Update;version=3 - C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll (BonanzaDeals)
FF Plugin-x32: @tools.bdupdater.com/BonanzaDealsLive Update;version=9 - C:\Program Files (x86)\BonanzaDealsLive\Update\1.3.23.0\npGoogleUpdate3.dll (BonanzaDeals)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Extension: TrueSuite Website Logon - C:\Program Files (x86)\Mozilla Firefox\extensions\websitelogon@truesuite.com [2014-03-09]
FF HKLM-x32\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension
FF Extension: HP Smart Print - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2013-02-05]

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-14] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [117328 2014-02-24] (Avira Operations GmbH & Co. KG)
S2 bonanzadealslive; C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [148976 2013-09-29] (BonanzaDeals)
S3 bonanzadealslivem; C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [148976 2013-09-29] (BonanzaDeals)
R2 dgdersvc; C:\Windows\SysWOW64\dgdersvc.exe [95568 2010-09-06] (Devguru Co., Ltd.)
R2 ICQ Service; C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe [247872 2011-08-17] ()
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2102072 2013-12-18] (AVG)
R2 vToolbarUpdater17.3.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe [1770312 2014-02-20] (AVG Secure Search)
R2 WajamUpdater; C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe [109064 2013-07-10] (Wajam)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2014-02-14] (Avira Operations GmbH & Co. KG)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2014-02-18] (AVG Technologies)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2014-02-14] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-02-14] (Avira Operations GmbH & Co. KG)
R3 dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [20552 2010-09-06] (Devguru Co., Ltd)
R3 dgderdrv; C:\Windows\SysWOW64\drivers\dgderdrv.sys [18120 2010-09-06] (Devguru Co., Ltd)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [14112 2013-12-16] (TuneUp Software)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-09 19:55 - 2014-03-09 19:56 - 00038537 _____ () C:\Users\TEMP.Svenja-HP.003\Downloads\Addition.txt
2014-03-09 19:53 - 2014-03-09 20:13 - 00019299 _____ () C:\Users\TEMP.Svenja-HP.003\Downloads\FRST.txt
2014-03-09 19:52 - 2014-03-09 20:13 - 00000000 ____D () C:\FRST
2014-03-09 19:52 - 2014-03-09 19:52 - 02157056 _____ (Farbar) C:\Users\TEMP.Svenja-HP.003\Downloads\FRST64(1).exe
2014-03-09 19:51 - 2014-03-09 19:51 - 02157056 _____ (Farbar) C:\Users\TEMP.Svenja-HP.003\Downloads\FRST64.exe
2014-03-09 19:50 - 2014-03-09 19:50 - 01145856 _____ (Farbar) C:\Users\TEMP.Svenja-HP.003\Downloads\FRST.exe
2014-03-09 19:49 - 2014-03-09 19:49 - 00000000 ____D () C:\Users\TEMP.Svenja-HP.003\AppData\Roaming\Avira
2014-03-09 19:47 - 2014-03-09 19:47 - 00000000 ____D () C:\Users\TEMP.Svenja-HP.003\AppData\Roaming\AVG
2014-03-09 19:46 - 2014-03-09 19:46 - 00000000 ____D () C:\Users\TEMP.Svenja-HP.003\AppData\Roaming\Mozilla
2014-03-09 19:46 - 2014-03-09 19:46 - 00000000 ____D () C:\Users\TEMP.Svenja-HP.003\AppData\Roaming\Hewlett-Packard
2014-03-09 19:46 - 2014-03-09 19:46 - 00000000 ____D () C:\Users\TEMP.Svenja-HP.003\AppData\Local\Mozilla
2014-03-09 19:45 - 2014-03-09 19:45 - 00000000 ____D () C:\Users\TEMP.Svenja-HP.003\AppData\Roaming\TeamViewer
2014-03-09 19:44 - 2014-03-09 19:44 - 00000000 ____D () C:\Users\TEMP.Svenja-HP.003\AppData\Roaming\Apple Computer
2014-03-09 19:44 - 2014-03-09 19:44 - 00000000 ____D () C:\Users\TEMP.Svenja-HP.003\AppData\Local\AVG Nation toolbar
2014-03-09 19:43 - 2014-03-09 19:50 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{F4E2A57E-E95A-40EF-8D10-343B00B8D0E9}
2014-03-09 19:43 - 2014-03-09 19:43 - 00064936 _____ () C:\Users\TEMP.Svenja-HP.003\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-09 19:43 - 2014-03-09 19:43 - 00001421 _____ () C:\Users\TEMP.Svenja-HP.003\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-09 19:43 - 2014-03-09 19:43 - 00000000 ____D () C:\Users\TEMP.Svenja-HP.003\AppData\Roaming\Adobe
2014-03-09 19:42 - 2014-03-09 19:43 - 00000000 ___RD () C:\Users\TEMP.Svenja-HP.003\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-09 19:42 - 2014-03-09 19:43 - 00000000 ___RD () C:\Users\TEMP.Svenja-HP.003\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-09 19:41 - 2014-03-09 19:41 - 00000020 ___SH () C:\Users\TEMP.Svenja-HP.003\ntuser.ini
2014-03-09 19:41 - 2014-03-09 19:41 - 00000000 _SHDL () C:\Users\TEMP.Svenja-HP.003\Vorlagen
2014-03-09 19:41 - 2014-03-09 19:41 - 00000000 _SHDL () C:\Users\TEMP.Svenja-HP.003\Startmenü
2014-03-09 19:41 - 2014-03-09 19:41 - 00000000 _SHDL () C:\Users\TEMP.Svenja-HP.003\Netzwerkumgebung
2014-03-09 19:41 - 2014-03-09 19:41 - 00000000 _SHDL () C:\Users\TEMP.Svenja-HP.003\Lokale Einstellungen
2014-03-09 19:41 - 2014-03-09 19:41 - 00000000 _SHDL () C:\Users\TEMP.Svenja-HP.003\Eigene Dateien
2014-03-09 19:41 - 2014-03-09 19:41 - 00000000 _SHDL () C:\Users\TEMP.Svenja-HP.003\Druckumgebung
2014-03-09 19:41 - 2014-03-09 19:41 - 00000000 _SHDL () C:\Users\TEMP.Svenja-HP.003\Documents\Eigene Musik
2014-03-09 19:41 - 2014-03-09 19:41 - 00000000 _SHDL () C:\Users\TEMP.Svenja-HP.003\Documents\Eigene Bilder
2014-03-09 19:41 - 2014-03-09 19:41 - 00000000 _SHDL () C:\Users\TEMP.Svenja-HP.003\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-09 19:41 - 2014-03-09 19:41 - 00000000 _SHDL () C:\Users\TEMP.Svenja-HP.003\AppData\Local\Verlauf
2014-03-09 19:41 - 2014-03-09 19:41 - 00000000 _SHDL () C:\Users\TEMP.Svenja-HP.003\AppData\Local\Anwendungsdaten
2014-03-09 19:41 - 2014-03-09 19:41 - 00000000 _SHDL () C:\Users\TEMP.Svenja-HP.003\Anwendungsdaten
2014-03-09 19:41 - 2014-03-09 19:41 - 00000000 ____D () C:\Users\TEMP.Svenja-HP.003\AppData\Local\VirtualStore
2014-03-09 19:41 - 2009-07-14 05:54 - 00000000 ___RD () C:\Users\TEMP.Svenja-HP.003\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-03-09 19:41 - 2009-07-14 05:49 - 00000000 ___RD () C:\Users\TEMP.Svenja-HP.003\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-03-09 19:40 - 2014-03-09 19:42 - 00000000 ____D () C:\Users\TEMP.Svenja-HP.003
2014-03-09 10:53 - 2014-03-09 10:53 - 00001162 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-03-09 10:53 - 2014-03-09 10:53 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-03-09 10:44 - 2014-03-09 10:45 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{E0954281-4109-491E-BE14-D1A07962F440}
2014-02-26 15:55 - 2014-02-26 15:55 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{BCFF5E52-3E95-4D51-9037-9064A5A581F2}
2014-02-26 15:53 - 2014-02-26 18:11 - 00000000 ____D () C:\Users\TEMP.Svenja-HP.002
2014-02-26 15:22 - 2014-02-26 15:22 - 00002762 _____ () C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2014-02-26 15:11 - 2014-02-26 15:11 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-02-26 15:08 - 2014-02-26 15:08 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{13697CB5-8895-45A4-844E-679C3AE5620E}
2014-02-25 23:06 - 2014-02-25 23:06 - 00000000 ____D () C:\Users\Svenja\AppData\Roaming\Avira
2014-02-25 20:54 - 2014-02-14 11:00 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-02-25 20:54 - 2014-02-14 11:00 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-02-25 20:54 - 2014-02-14 11:00 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-02-25 20:52 - 2014-02-25 20:54 - 00000000 ____D () C:\ProgramData\Avira
2014-02-25 20:52 - 2014-02-25 20:54 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-02-25 20:52 - 2014-02-25 20:52 - 00001137 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-02-25 20:52 - 2014-02-25 20:52 - 00000000 ____D () C:\ProgramData\Package Cache
2014-02-25 20:36 - 2014-02-25 22:49 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{FF071DBF-E161-4D32-9DAF-4C9AE19AF9C8}
2014-02-25 20:35 - 2014-02-25 22:52 - 00000000 ____D () C:\Users\TEMP.Svenja-HP.001
2014-02-25 20:18 - 2014-02-25 20:18 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{4F297C27-5FA8-45FA-8529-AAC6EDE09187}
2014-02-25 20:16 - 2014-02-25 20:28 - 00000000 ____D () C:\Users\TEMP.Svenja-HP.000
2014-02-25 17:47 - 2014-02-25 20:03 - 00000000 ____D () C:\Users\TEMP.Svenja-HP
2014-02-18 23:02 - 2014-02-18 23:02 - 00000000 ____D () C:\Users\Svenja\AppData\Roaming\AVG
2014-02-18 22:59 - 2014-02-25 20:13 - 00000000 ____D () C:\Users\Svenja\AppData\Roaming\AVG2014
2014-02-18 22:59 - 2014-02-18 22:59 - 00000000 ____D () C:\Users\Svenja\AppData\Local\Avg2014
2014-02-18 22:59 - 2014-02-18 22:59 - 00000000 ____D () C:\Users\Svenja\AppData\Local\AVG Nation toolbar
2014-02-18 21:05 - 2013-12-18 09:38 - 00040248 _____ (AVG) C:\Windows\system32\TURegOpt.exe
2014-02-18 21:05 - 2013-12-18 09:38 - 00029496 _____ (AVG) C:\Windows\system32\authuitu.dll
2014-02-18 21:05 - 2013-12-18 09:38 - 00025400 _____ (AVG) C:\Windows\SysWOW64\authuitu.dll
2014-02-18 21:03 - 2014-02-18 21:07 - 00000000 ____D () C:\ProgramData\AVG
2014-02-18 20:58 - 2014-02-18 21:13 - 00000000 __SHD () C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-02-18 20:48 - 2014-02-20 20:55 - 00000000 ____D () C:\ProgramData\AVG Nation toolbar
2014-02-18 20:48 - 2014-02-20 20:55 - 00000000 ____D () C:\Program Files (x86)\AVG Nation toolbar
2014-02-18 20:48 - 2014-02-18 20:48 - 00046368 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2014-02-18 20:47 - 2014-02-25 20:26 - 00000000 ____D () C:\ProgramData\AVG2014
2014-02-18 20:47 - 2014-02-25 20:25 - 00000000 ___HD () C:\$AVG
2014-02-18 20:46 - 2014-02-25 20:26 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-02-18 20:42 - 2014-02-25 20:34 - 00000000 ____D () C:\ProgramData\MFAData
2014-02-18 20:31 - 2014-02-18 20:41 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{875AA08C-87F3-4664-B8F6-341A35A7F6E9}
2014-02-18 20:21 - 2014-02-18 20:23 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{BA350C73-61DF-46E3-9CEC-6B0CCFA16F00}
2014-02-17 13:18 - 2013-12-21 10:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-17 13:18 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-02-17 13:16 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-17 13:16 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-17 13:16 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-17 13:16 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-17 13:16 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-17 13:16 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-17 13:16 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-17 13:16 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-17 13:16 - 2014-02-06 11:52 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-17 13:16 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-17 13:16 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-17 13:16 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-17 13:16 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-17 13:16 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-17 13:16 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-17 13:16 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-02-17 13:16 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-02-17 13:16 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-17 13:16 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-17 13:16 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-17 13:16 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-02-17 13:16 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-17 13:16 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-02-17 13:16 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-02-17 13:16 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-02-17 13:16 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-17 13:16 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-17 13:16 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-17 13:16 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-17 13:15 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-17 13:15 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-17 13:15 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-17 13:15 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-17 13:15 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-17 13:15 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-17 13:15 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-02-17 13:15 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-17 13:15 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-17 13:15 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-16 19:28 - 2014-02-16 19:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-16 18:57 - 2014-02-16 18:58 - 00000000 ____D () C:\Users\Svenja\AppData\Local\{265D992F-7413-4E44-9192-8020674C157D}
2014-02-16 18:33 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-16 18:33 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-16 18:33 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-16 18:33 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-16 18:33 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-16 18:33 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-16 18:33 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-16 18:33 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-16 18:33 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-16 18:33 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-16 18:33 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-16 18:33 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-16 18:33 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-16 18:33 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-16 18:33 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-16 18:33 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-16 18:33 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-16 18:33 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-16 18:33 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-16 18:33 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-16 18:33 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-16 18:33 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-16 18:33 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-16 18:33 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-16 18:33 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-16 18:33 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-16 18:33 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-16 18:33 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-11 16:58 - 2014-02-11 16:58 - 00000000 ____D () C:\Users\Svenja\AppData\Local\{369C9D24-8CED-4121-946A-60DCBA91297F}
2014-02-11 13:39 - 2014-02-11 13:39 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-02-11 13:37 - 2014-02-11 13:39 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-11 13:37 - 2014-02-11 13:39 - 00000000 ____D () C:\Program Files\iTunes
2014-02-11 13:37 - 2014-02-11 13:39 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-02-11 13:37 - 2014-02-11 13:37 - 00000000 ____D () C:\Program Files\iPod
2014-02-10 11:57 - 2014-02-10 11:57 - 00000000 ____D () C:\Users\Svenja\AppData\Local\{B48E9787-27F9-4AB3-BE64-72E07A9AA486}
2014-02-07 16:15 - 2014-02-07 16:15 - 00000000 ____D () C:\Users\Svenja\AppData\Local\{4A1997F9-C427-4E1D-A57C-F9789023C6BC}

==================== One Month Modified Files and Folders =======

2014-03-09 20:13 - 2014-03-09 19:53 - 00019299 _____ () C:\Users\TEMP.Svenja-HP.003\Downloads\FRST.txt
2014-03-09 20:13 - 2014-03-09 19:52 - 00000000 ____D () C:\FRST
2014-03-09 20:13 - 2012-08-11 12:52 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-09 19:56 - 2014-03-09 19:55 - 00038537 _____ () C:\Users\TEMP.Svenja-HP.003\Downloads\Addition.txt
2014-03-09 19:54 - 2013-09-29 18:50 - 00000296 _____ () C:\Windows\Tasks\UpdaterEX.job
2014-03-09 19:54 - 2013-09-29 18:49 - 00000926 _____ () C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job
2014-03-09 19:54 - 2013-09-29 18:49 - 00000922 _____ () C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job
2014-03-09 19:52 - 2014-03-09 19:52 - 02157056 _____ (Farbar) C:\Users\TEMP.Svenja-HP.003\Downloads\FRST64(1).exe
2014-03-09 19:51 - 2014-03-09 19:51 - 02157056 _____ (Farbar) C:\Users\TEMP.Svenja-HP.003\Downloads\FRST64.exe
2014-03-09 19:50 - 2014-03-09 19:50 - 01145856 _____ (Farbar) C:\Users\TEMP.Svenja-HP.003\Downloads\FRST.exe
2014-03-09 19:50 - 2014-03-09 19:43 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{F4E2A57E-E95A-40EF-8D10-343B00B8D0E9}
2014-03-09 19:50 - 2009-07-14 05:45 - 00031856 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-09 19:50 - 2009-07-14 05:45 - 00031856 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-09 19:49 - 2014-03-09 19:49 - 00000000 ____D () C:\Users\TEMP.Svenja-HP.003\AppData\Roaming\Avira
2014-03-09 19:47 - 2014-03-09 19:47 - 00000000 ____D () C:\Users\TEMP.Svenja-HP.003\AppData\Roaming\AVG
2014-03-09 19:47 - 2011-09-23 00:42 - 01105543 _____ () C:\Windows\WindowsUpdate.log
2014-03-09 19:46 - 2014-03-09 19:46 - 00000000 ____D () C:\Users\TEMP.Svenja-HP.003\AppData\Roaming\Mozilla
2014-03-09 19:46 - 2014-03-09 19:46 - 00000000 ____D () C:\Users\TEMP.Svenja-HP.003\AppData\Roaming\Hewlett-Packard
2014-03-09 19:46 - 2014-03-09 19:46 - 00000000 ____D () C:\Users\TEMP.Svenja-HP.003\AppData\Local\Mozilla
2014-03-09 19:46 - 2011-07-16 05:07 - 00700134 _____ () C:\Windows\system32\perfh007.dat
2014-03-09 19:46 - 2011-07-16 05:07 - 00149984 _____ () C:\Windows\system32\perfc007.dat
2014-03-09 19:46 - 2009-07-14 06:13 - 01622236 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-09 19:45 - 2014-03-09 19:45 - 00000000 ____D () C:\Users\TEMP.Svenja-HP.003\AppData\Roaming\TeamViewer
2014-03-09 19:44 - 2014-03-09 19:44 - 00000000 ____D () C:\Users\TEMP.Svenja-HP.003\AppData\Roaming\Apple Computer
2014-03-09 19:44 - 2014-03-09 19:44 - 00000000 ____D () C:\Users\TEMP.Svenja-HP.003\AppData\Local\AVG Nation toolbar
2014-03-09 19:43 - 2014-03-09 19:43 - 00064936 _____ () C:\Users\TEMP.Svenja-HP.003\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-09 19:43 - 2014-03-09 19:43 - 00001421 _____ () C:\Users\TEMP.Svenja-HP.003\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-09 19:43 - 2014-03-09 19:43 - 00000000 ____D () C:\Users\TEMP.Svenja-HP.003\AppData\Roaming\Adobe
2014-03-09 19:43 - 2014-03-09 19:42 - 00000000 ___RD () C:\Users\TEMP.Svenja-HP.003\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-09 19:43 - 2014-03-09 19:42 - 00000000 ___RD () C:\Users\TEMP.Svenja-HP.003\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-09 19:43 - 2012-01-16 19:56 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3156497893-2868505535-831016159-1000UA.job
2014-03-09 19:42 - 2014-03-09 19:40 - 00000000 ____D () C:\Users\TEMP.Svenja-HP.003
2014-03-09 19:41 - 2014-03-09 19:41 - 00000020 ___SH () C:\Users\TEMP.Svenja-HP.003\ntuser.ini
2014-03-09 19:41 - 2014-03-09 19:41 - 00000000 _SHDL () C:\Users\TEMP.Svenja-HP.003\Vorlagen
2014-03-09 19:41 - 2014-03-09 19:41 - 00000000 _SHDL () C:\Users\TEMP.Svenja-HP.003\Startmenü
2014-03-09 19:41 - 2014-03-09 19:41 - 00000000 _SHDL () C:\Users\TEMP.Svenja-HP.003\Netzwerkumgebung
2014-03-09 19:41 - 2014-03-09 19:41 - 00000000 _SHDL () C:\Users\TEMP.Svenja-HP.003\Lokale Einstellungen
2014-03-09 19:41 - 2014-03-09 19:41 - 00000000 _SHDL () C:\Users\TEMP.Svenja-HP.003\Eigene Dateien
2014-03-09 19:41 - 2014-03-09 19:41 - 00000000 _SHDL () C:\Users\TEMP.Svenja-HP.003\Druckumgebung
2014-03-09 19:41 - 2014-03-09 19:41 - 00000000 _SHDL () C:\Users\TEMP.Svenja-HP.003\Documents\Eigene Musik
2014-03-09 19:41 - 2014-03-09 19:41 - 00000000 _SHDL () C:\Users\TEMP.Svenja-HP.003\Documents\Eigene Bilder
2014-03-09 19:41 - 2014-03-09 19:41 - 00000000 _SHDL () C:\Users\TEMP.Svenja-HP.003\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-03-09 19:41 - 2014-03-09 19:41 - 00000000 _SHDL () C:\Users\TEMP.Svenja-HP.003\AppData\Local\Verlauf
2014-03-09 19:41 - 2014-03-09 19:41 - 00000000 _SHDL () C:\Users\TEMP.Svenja-HP.003\AppData\Local\Anwendungsdaten
2014-03-09 19:41 - 2014-03-09 19:41 - 00000000 _SHDL () C:\Users\TEMP.Svenja-HP.003\Anwendungsdaten
2014-03-09 19:41 - 2014-03-09 19:41 - 00000000 ____D () C:\Users\TEMP.Svenja-HP.003\AppData\Local\VirtualStore
2014-03-09 19:40 - 2012-01-16 20:07 - 00043267 _____ () C:\Windows\setupact.log
2014-03-09 19:40 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-09 19:08 - 2013-05-20 14:27 - 00000000 ___RD () C:\Users\Svenja\Dropbox
2014-03-09 19:08 - 2013-05-20 14:25 - 00000000 ____D () C:\Users\Svenja\AppData\Roaming\Dropbox
2014-03-09 19:08 - 2012-01-17 17:00 - 00000000 ____D () C:\Users\Svenja\AppData\Roaming\Skype
2014-03-09 19:08 - 2012-01-16 19:35 - 00064936 _____ () C:\Users\Svenja\AppData\Local\GDIPFONTCACHEV1.DAT
2014-03-09 11:15 - 2009-07-14 05:45 - 04851912 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-09 10:59 - 2013-02-19 19:37 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-09 10:59 - 2012-01-17 17:00 - 00000000 ____D () C:\ProgramData\Skype
2014-03-09 10:53 - 2014-03-09 10:53 - 00001162 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-03-09 10:53 - 2014-03-09 10:53 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-03-09 10:53 - 2012-01-16 19:45 - 01596516 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-03-09 10:45 - 2014-03-09 10:44 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{E0954281-4109-491E-BE14-D1A07962F440}
2014-03-06 18:56 - 2013-10-30 22:10 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{F7C3E157-2746-45D8-B2E8-82FF66EFEBEB}
2014-03-06 18:56 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-02-26 18:11 - 2014-02-26 15:53 - 00000000 ____D () C:\Users\TEMP.Svenja-HP.002
2014-02-26 17:15 - 2014-01-21 22:08 - 00003192 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForSvenja
2014-02-26 17:15 - 2014-01-21 22:08 - 00000336 _____ () C:\Windows\Tasks\HPCeeScheduleForSvenja.job
2014-02-26 16:13 - 2012-08-11 12:52 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-26 16:13 - 2012-08-11 12:52 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-26 16:13 - 2011-07-15 19:33 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-26 15:55 - 2014-02-26 15:55 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{BCFF5E52-3E95-4D51-9037-9064A5A581F2}
2014-02-26 15:22 - 2014-02-26 15:22 - 00002762 _____ () C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2014-02-26 15:11 - 2014-02-26 15:11 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-02-26 15:08 - 2014-02-26 15:08 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{13697CB5-8895-45A4-844E-679C3AE5620E}
2014-02-25 23:06 - 2014-02-25 23:06 - 00000000 ____D () C:\Users\Svenja\AppData\Roaming\Avira
2014-02-25 22:59 - 2012-09-24 17:37 - 00115326 _____ () C:\Windows\PFRO.log
2014-02-25 22:52 - 2014-02-25 20:35 - 00000000 ____D () C:\Users\TEMP.Svenja-HP.001
2014-02-25 22:49 - 2014-02-25 20:36 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{FF071DBF-E161-4D32-9DAF-4C9AE19AF9C8}
2014-02-25 22:49 - 2012-01-16 19:56 - 00001072 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3156497893-2868505535-831016159-1000Core.job
2014-02-25 20:54 - 2014-02-25 20:52 - 00000000 ____D () C:\ProgramData\Avira
2014-02-25 20:54 - 2014-02-25 20:52 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-02-25 20:52 - 2014-02-25 20:52 - 00001137 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-02-25 20:52 - 2014-02-25 20:52 - 00000000 ____D () C:\ProgramData\Package Cache
2014-02-25 20:34 - 2014-02-18 20:42 - 00000000 ____D () C:\ProgramData\MFAData
2014-02-25 20:28 - 2014-02-25 20:16 - 00000000 ____D () C:\Users\TEMP.Svenja-HP.000
2014-02-25 20:26 - 2014-02-18 20:47 - 00000000 ____D () C:\ProgramData\AVG2014
2014-02-25 20:26 - 2014-02-18 20:46 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-02-25 20:25 - 2014-02-18 20:47 - 00000000 ___HD () C:\$AVG
2014-02-25 20:18 - 2014-02-25 20:18 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{4F297C27-5FA8-45FA-8529-AAC6EDE09187}
2014-02-25 20:15 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\servicing
2014-02-25 20:14 - 2012-01-16 19:57 - 00000000 ____D () C:\Users\Svenja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-02-25 20:14 - 2011-09-23 00:53 - 00000000 ____D () C:\Program Files (x86)\HP SimplePass 2011
2014-02-25 20:14 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\registration
2014-02-25 20:14 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-02-25 20:13 - 2014-02-18 22:59 - 00000000 ____D () C:\Users\Svenja\AppData\Roaming\AVG2014
2014-02-25 20:03 - 2014-02-25 17:47 - 00000000 ____D () C:\Users\TEMP.Svenja-HP
2014-02-20 20:55 - 2014-02-18 20:48 - 00000000 ____D () C:\ProgramData\AVG Nation toolbar
2014-02-20 20:55 - 2014-02-18 20:48 - 00000000 ____D () C:\Program Files (x86)\AVG Nation toolbar
2014-02-20 20:55 - 2013-09-29 18:49 - 00000000 ____D () C:\Program Files (x86)\Wajam
2014-02-19 13:56 - 2013-12-27 22:51 - 00000144 _____ () C:\Users\Svenja\AppData\Roaming\WB.CFG
2014-02-18 23:17 - 2013-02-05 16:04 - 00000000 ____D () C:\Users\Svenja\AppData\Roaming\HpUpdate
2014-02-18 23:17 - 2012-01-16 19:36 - 00000000 ____D () C:\Users\Svenja\AppData\Roaming\hpqlog
2014-02-18 23:02 - 2014-02-18 23:02 - 00000000 ____D () C:\Users\Svenja\AppData\Roaming\AVG
2014-02-18 22:59 - 2014-02-18 22:59 - 00000000 ____D () C:\Users\Svenja\AppData\Local\Avg2014
2014-02-18 22:59 - 2014-02-18 22:59 - 00000000 ____D () C:\Users\Svenja\AppData\Local\AVG Nation toolbar
2014-02-18 21:13 - 2014-02-18 20:58 - 00000000 __SHD () C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2014-02-18 21:13 - 2014-02-03 11:49 - 00000000 ____D () C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
2014-02-18 21:07 - 2014-02-18 21:03 - 00000000 ____D () C:\ProgramData\AVG
2014-02-18 20:48 - 2014-02-18 20:48 - 00046368 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2014-02-18 20:41 - 2014-02-18 20:31 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{875AA08C-87F3-4664-B8F6-341A35A7F6E9}
2014-02-18 20:23 - 2014-02-18 20:21 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{BA350C73-61DF-46E3-9CEC-6B0CCFA16F00}
2014-02-18 20:19 - 2013-09-29 18:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-17 13:33 - 2013-08-18 16:38 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-17 13:30 - 2012-12-03 12:14 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-16 20:08 - 2012-01-18 21:13 - 00000000 ____D () C:\Users\Svenja\AppData\Roaming\SoftGrid Client
2014-02-16 20:04 - 2014-02-06 14:39 - 00000000 ____D () C:\Users\Svenja\Desktop\Unterlagen
2014-02-16 19:29 - 2014-02-16 19:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-16 19:09 - 2012-10-29 20:17 - 00000000 ____D () C:\Users\Svenja\Desktop\FH
2014-02-16 18:58 - 2014-02-16 18:57 - 00000000 ____D () C:\Users\Svenja\AppData\Local\{265D992F-7413-4E44-9192-8020674C157D}
2014-02-16 18:54 - 2013-09-29 18:50 - 00003240 _____ () C:\Windows\System32\Tasks\UpdaterEX
2014-02-16 18:35 - 2012-02-29 15:19 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-02-14 11:00 - 2014-02-25 20:54 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-02-14 11:00 - 2014-02-25 20:54 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-02-14 11:00 - 2014-02-25 20:54 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-02-11 17:11 - 2012-02-07 20:35 - 00000000 ____D () C:\Users\Svenja\AppData\Local\Windows Live
2014-02-11 16:58 - 2014-02-11 16:58 - 00000000 ____D () C:\Users\Svenja\AppData\Local\{369C9D24-8CED-4121-946A-60DCBA91297F}
2014-02-11 13:39 - 2014-02-11 13:39 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-02-11 13:39 - 2014-02-11 13:37 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-02-11 13:39 - 2014-02-11 13:37 - 00000000 ____D () C:\Program Files\iTunes
2014-02-11 13:39 - 2014-02-11 13:37 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-02-11 13:37 - 2014-02-11 13:37 - 00000000 ____D () C:\Program Files\iPod
2014-02-11 13:32 - 2012-08-16 20:16 - 00000000 ____D () C:\ProgramData\Apple
2014-02-11 13:27 - 2012-12-12 16:12 - 00000000 ____D () C:\Users\Svenja\Documents\Youcam
2014-02-10 12:43 - 2014-01-09 00:19 - 00000000 ____D () C:\Users\Svenja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
2014-02-10 12:04 - 2012-02-07 20:35 - 00000000 ____D () C:\Users\Svenja\AppData\Local\Windows Live Writer
2014-02-10 11:57 - 2014-02-10 11:57 - 00000000 ____D () C:\Users\Svenja\AppData\Local\{B48E9787-27F9-4AB3-BE64-72E07A9AA486}
2014-02-07 16:16 - 2012-02-07 20:35 - 00000000 ____D () C:\Users\Svenja\AppData\Roaming\Windows Live Writer
2014-02-07 16:15 - 2014-02-07 16:15 - 00000000 ____D () C:\Users\Svenja\AppData\Local\{4A1997F9-C427-4E1D-A57C-F9789023C6BC}

Some content of TEMP:
====================
C:\Users\Svenja\AppData\Local\Temp\3y7xd1m0.dll
C:\Users\Svenja\AppData\Local\Temp\avgnt.exe
C:\Users\Svenja\AppData\Local\Temp\Extract.exe
C:\Users\Svenja\AppData\Local\Temp\HPHelpUpdater.exe
C:\Users\Svenja\AppData\Local\Temp\Resource.exe
C:\Users\Svenja\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Svenja\AppData\Local\Temp\SP55031.exe
C:\Users\Svenja\AppData\Local\Temp\SP56929.exe
C:\Users\Svenja\AppData\Local\Temp\sp58915.exe
C:\Users\Svenja\AppData\Local\Temp\SP60864.exe
C:\Users\Svenja\AppData\Local\Temp\SP61152.exe
C:\Users\Svenja\AppData\Local\Temp\sp64126.exe
C:\Users\Svenja\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\TEMP.Svenja-HP.003\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-06-28 21:18

==================== End Of Log ============================
         
--- --- ---



Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-03-2014
Ran by Svenja at 2014-03-09 20:14:38
Running from C:\Users\TEMP.Svenja-HP.003\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0 - Adobe Systems Incorporated)
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Reader X MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.0.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.5.9.620 - Adobe Systems, Inc.)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
Apple Application Support (HKLM-x32\...\{21FC2093-6E43-460B-B9B0-5F5AA35BBB0F}) (Version: 3.0 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FE86CB0C-FCB3-4358-B4B0-B0A41E33B3DD}) (Version: 7.1.0.32 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{B066BF95-890E-A532-A58F-D13E0805DC04}) (Version: 3.0.816.0 - ATI Technologies, Inc.)
AuthenTec TrueAPI (Version: 1.3.0.111 - AuthenTec, Inc.) Hidden
AVG Nation toolbar (HKLM-x32\...\AVG Nation toolbar) (Version: 17.3.0.49 - InfoSpace)
AVG PC TuneUp 2014 (de-DE) (x32 Version: 14.0.1001.295 - AVG) Hidden
AVG PC TuneUp 2014 (HKLM-x32\...\AVG PC TuneUp) (Version: 14.0.1001.295 - AVG)
AVG PC TuneUp 2014 (x32 Version: 14.0.1001.295 - AVG) Hidden
Avira (HKLM-x32\...\{7b05af00-d234-4cf0-8cc3-1fcb21da2374}) (Version: 1.0.5168.20630 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.0.5168.20630 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.338 - Avira)
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Bonanza Deals (remove only) (HKLM-x32\...\Bonanza Deals) (Version: 5.0.1.0 - Bonanza Deals) <==== ATTENTION
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bounce Symphony (x32 Version: 2.2.0.97 - WildTangent) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center (x32 Version: 2011.0508.224.2391 - Ihr Firmenname) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2011.0508.224.2391 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2011.0508.224.2391 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2011.0508.224.2391 - ATI) Hidden
Catalyst Control Center Profiles Mobile (x32 Version: 2011.0508.224.2391 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2011.0508.0223.2391 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2011.0508.0223.2391 - ATI) Hidden
CCC Help Czech (x32 Version: 2011.0508.0223.2391 - ATI) Hidden
CCC Help Danish (x32 Version: 2011.0508.0223.2391 - ATI) Hidden
CCC Help Dutch (x32 Version: 2011.0508.0223.2391 - ATI) Hidden
CCC Help English (x32 Version: 2011.0508.0223.2391 - ATI) Hidden
CCC Help Finnish (x32 Version: 2011.0508.0223.2391 - ATI) Hidden
CCC Help French (x32 Version: 2011.0508.0223.2391 - ATI) Hidden
CCC Help German (x32 Version: 2011.0508.0223.2391 - ATI) Hidden
CCC Help Greek (x32 Version: 2011.0508.0223.2391 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2011.0508.0223.2391 - ATI) Hidden
CCC Help Italian (x32 Version: 2011.0508.0223.2391 - ATI) Hidden
CCC Help Japanese (x32 Version: 2011.0508.0223.2391 - ATI) Hidden
CCC Help Korean (x32 Version: 2011.0508.0223.2391 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2011.0508.0223.2391 - ATI) Hidden
CCC Help Polish (x32 Version: 2011.0508.0223.2391 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2011.0508.0223.2391 - ATI) Hidden
CCC Help Russian (x32 Version: 2011.0508.0223.2391 - ATI) Hidden
CCC Help Spanish (x32 Version: 2011.0508.0223.2391 - ATI) Hidden
CCC Help Swedish (x32 Version: 2011.0508.0223.2391 - ATI) Hidden
CCC Help Thai (x32 Version: 2011.0508.0223.2391 - ATI) Hidden
CCC Help Turkish (x32 Version: 2011.0508.0223.2391 - ATI) Hidden
ccc-utility64 (Version: 2011.0508.224.2391 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.14 - Piriform)
Chronicles of Albian (x32 Version: 2.2.0.95 - WildTangent) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cradle of Rome 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.1.4119 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.5.1.4119 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Delta Chrome Toolbar (HKLM-x32\...\Delta Chrome Toolbar) (Version:  - Visual Tools) <==== ATTENTION
Delta toolbar   (HKLM-x32\...\delta) (Version: 1.8.24.6 - Delta) <==== ATTENTION
ESU for Microsoft Windows 7 SP1 (HKLM-x32\...\{E96CAA2A-0244-4A2A-8403-0C3C9534778B}) (Version: 2.1.1 - Hewlett-Packard)
Evernote v. 4.2.3 (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 4.2.3.22 - Evernote Corp.)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
Free YouTube to MP3 Converter version 3.11.32.918 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.11.32.918 - DVDVideoSoft Ltd.)
FreeMind (HKLM-x32\...\B991B020-2968-11D8-AF23-444553540000_is1) (Version: 0.9.0 - )
Google Update Helper (x32 Version: 1.3.23.0 - BonanzaDeals) Hidden <==== ATTENTION
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Auto (Version: 1.0.12935.3667 - Hewlett-Packard Company) Hidden
HP Client Services (Version: 1.1.12938.3539 - Hewlett-Packard) Hidden
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP Launch Box (HKLM\...\{9CAB2212-0732-4827-8EC4-61D8EF0AA65B}) (Version: 1.0.11 - Hewlett-Packard Company)
HP Officejet 4620 series - Grundlegende Software für das Gerät (HKLM\...\{981D96C5-41F7-43DB-90AA-F781BBD302B9}) (Version: 26.0.784.0 - Hewlett-Packard Co.)
HP Officejet 4620 series Hilfe (HKLM-x32\...\{72EDA2AC-2908-4BB3-97E5-4F9DDEBF9731}) (Version: 6.0.0 - Hewlett Packard)
HP On Screen Display (HKLM-x32\...\{9B9B8EE4-2EDB-41C2-AF2E-63E75D37CDDF}) (Version: 1.1.2 - Hewlett-Packard Company)
HP Power Manager (HKLM-x32\...\{872B1C80-38EC-4A31-A25C-980820593900}) (Version: 1.2.3 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{53B17A98-5BF0-40BC-AAFF-850A357975AC}) (Version: 2.7.2 - Hewlett-Packard Company)
HP QuickWeb (HKLM-x32\...\{8B52057C-15DB-433E-957C-E279BC7D07E3}) (Version: 3.1.0.9742 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{5036764A-435D-40C9-869C-31085A3D741D}) (Version: 8.7.4751.3798 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13476.3753 - Hewlett-Packard Company)
HP SimplePass PE 2011 (HKLM-x32\...\{31CEFF4E-B6D1-46A5-9169-7C67570E7FFA}) (Version: 5.3.0.163 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{D2462056-BA75-4B2C-8267-DFEA2B6AC4AE}) (Version: 4.6.10.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{85DF2EED-08BC-46FB-90DA-28B0D0A8E8A8}) (Version: 5.003.000.004 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
ICQ Toolbar (HKLM-x32\...\ICQToolbar) (Version: 3.0.0 - ICQ)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6341.0 - IDT)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3074 - Intel Corporation)
Intel(R) Identity Protection Technology 1.1.2.0 (HKLM-x32\...\{C01A86F5-56E7-101F-9BC9-E3F1025EB779}) (Version: 1.1.2.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.5.0.1026 - Intel Corporation)
iTunes (HKLM\...\{96B53CA8-5ABB-49D8-96F1-F6C0D73A76C6}) (Version: 11.1.4.62 - Apple Inc.)
Java Auto Updater (x32 Version: 2.0.2.4 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 22 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022FF}) (Version: 6.0.220 - Oracle)
Jewel Quest Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden
Jewel Quest: The Sleepless Star - Collector's Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kies (HKLM-x32\...\InstallShield_{D6CD26FD-CD7F-4C86-96A3-EEBFABE5FE47}) (Version: 1.4 - Ihr Firmenname)
Kies (x32 Version: 1.4 - Ihr Firmenname) Hidden
Magic Desktop (HKLM-x32\...\EasyBits Magic Desktop) (Version: 3.0 - EasyBits Software AS)
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Age of Empires (HKLM-x32\...\Age of Empires) (Version:  - )
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8402.2 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Corporation (Version: 9.1.0.0 - Microsoft Corporation) Hidden
Microsoft Corporation (x32 Version: 9.1.0.0 - Microsoft Corporation) Hidden
Microsoft LifeCam (HKLM\...\{6965A8D2-465D-4F98-9FAA-0E9E2348F329}) (Version: 3.22.270.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.5128.5002 - Microsoft Corporation)
Microsoft Security Client (Version: 4.4.0304.0 - Microsoft Corporation) Hidden
Microsoft Security Client DE-DE Language Pack (Version: 2.1.1116.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.4.304.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Mozilla Firefox 27.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 en-US)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MyFreeCodec (HKLM-x32\...\MyFreeCodec) (Version:  - )
Mystery of Mortlake Mansion (x32 Version: 2.2.0.97 - WildTangent) Hidden
Namco All-Stars: PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden
OpenOffice.org 3.3 (HKLM-x32\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
Opera 12.12 (HKLM-x32\...\Opera 12.12.1707) (Version: 12.12.1707 - Opera Software ASA)
OutlookAddInNet3Setup (HKLM-x32\...\{5B4383F2-37EE-4E97-AD81-F5FF76F286DA}) (Version: 1.0.0 - Samsung)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Ralink RT5390 802.11b/g/n WiFi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: 3.02.01.0 - Ralink)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7600.77 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 2.0.0 - Hewlett-Packard) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.950.0 - SAMSUNG Electronics Co., Ltd.)
SketchUp Pro 8 (HKLM-x32\...\{D6FC1D0B-791D-466E-B723-0F86938EFB4B}) (Version: 3.0.16944 - Trimble Navigation Limited)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Softonic toolbar  on IE and Chrome (HKLM-x32\...\Softonic) (Version: 1.8.8.11 - Softonic) <==== ATTENTION
Studie zur Verbesserung von HP Officejet 4620 series Produkten (HKLM\...\{4D9F6CAF-0610-4F90-ACF2-5E1193AF649A}) (Version: 26.0.784.0 - Hewlett-Packard Co.)
Synaptics TouchPad Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.11.0 - Synaptics Incorporated)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.26297 - TeamViewer)
TuneUp Utilities Language Pack (de-DE) (x32 Version: 13.0.4000.245 - TuneUp Software) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Vacation Quest - The Hawaiian Islands (x32 Version: 2.2.0.97 - WildTangent) Hidden
VIP Access SDK (1.0.1.2)  (HKLM-x32\...\VIP Access SDK) (Version: 1.0.1.2 - Symantec Inc.)
Virtual Villagers - The Secret City (x32 Version: 2.2.0.95 - WildTangent) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.0.1 (HKLM-x32\...\VLC media player) (Version: 2.0.1 - VideoLAN)
Wajam (HKLM-x32\...\Wajam) (Version: 1.98 - Wajam) <==== ATTENTION
WildTangent Games App (HP Games) (x32 Version: 4.0.5.2 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinRAR 4.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

==================== Restore Points  =========================

18-02-2014 21:30:56 Windows Live Essentials
18-02-2014 21:32:07 WLSetup
20-02-2014 20:15:18 Windows Update
25-02-2014 16:58:43 Windows Update
25-02-2014 19:02:46 Wiederherstellungsvorgang
25-02-2014 19:22:08 Windows Update
25-02-2014 19:22:50 Removed AVG 2014
25-02-2014 19:26:29 Removed AVG 2014
06-03-2014 18:02:59 Windows Update
09-03-2014 09:47:20 Windows Update

==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {04BF69CC-A20F-4D3E-87F1-200E5B105AB6} - System32\Tasks\BonanzaDealsUpdate => C:\Program <==== ATTENTION
Task: {0BF8DA9B-F674-4F3E-BEF7-2AE207DFEDB2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_CN291231NB05S1 => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-11-22] (Hewlett-Packard)
Task: {1C9487CA-FED7-47B9-9C27-75BDD542C30F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-11-22] (Hewlett-Packard)
Task: {1CC65EC0-808E-4586-A9D9-4A4C736BDD00} - System32\Tasks\HPCeeScheduleForSvenja => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard)
Task: {22FCC192-7823-4641-ADD1-CD4631F95B2A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3156497893-2868505535-831016159-1000Core => C:\Users\Svenja\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-16] (Google Inc.)
Task: {34EA7ACA-85A9-4EDD-912E-C213DAD3FD4E} - System32\Tasks\BonanzaDealsLiveUpdateTaskMachineUA => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [2013-09-29] (BonanzaDeals) <==== ATTENTION
Task: {37E73C3E-B173-43F9-931B-197F2DC47653} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-26] (Adobe Systems Incorporated)
Task: {54CF05B1-5723-47A1-891E-24478DCEB736} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-11-22] (Hewlett-Packard)
Task: {5D820DF2-F089-431B-B092-12AEF09F8524} - System32\Tasks\UpdaterEX => C:\Users\Svenja\AppData\Roaming\UpdaterEX\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION
Task: {646A810D-3404-46EE-B3BB-EFBF0D2AD7A4} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3156497893-2868505535-831016159-1000UA => C:\Users\Svenja\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-16] (Google Inc.)
Task: {7B7D5999-DBAE-472F-A92B-BAA4274BE5D4} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe [2013-12-18] (AVG)
Task: {821A3AA1-F08F-420E-8630-D7424AB25E29} - System32\Tasks\HPCustParticipation HP Officejet 4620 series => C:\Program Files\HP\HP Officejet 4620 series\Bin\HPCustPartic.exe [2011-12-18] (Hewlett-Packard Co.)
Task: {9B4F8A12-736F-4F09-97C5-9473B0506BA3} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-06-15] (CyberLink)
Task: {B6DF404F-73DF-40EF-BE1C-837C76317405} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {BA9B4FFC-8EC1-4376-BD18-9F282FFEC6E0} - System32\Tasks\BonanzaDealsLiveUpdateTaskMachineCore => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [2013-09-29] (BonanzaDeals) <==== ATTENTION
Task: {BCE9804A-B0D4-4AB4-BD77-328BB7FB9F5E} - System32\Tasks\Google Updater and Installer => C:\Users\Svenja\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-16] (Google Inc.)
Task: {C871161E-471D-447E-B554-D79E46AA302C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-12-12] (Hewlett-Packard Company)
Task: {CFC22CD2-0952-4B21-942D-42BB36BA7585} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2010-05-14] (Sun Microsystems, Inc.)
Task: {D05AAAF8-580D-40BB-9D2D-4EF1193D94C4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {D8B9277C-170E-4547-87BB-9A1BF19F356C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {E2E55548-B0DD-495A-8B5C-D15708BAC12D} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2011-03-24] (Hewlett-Packard)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe <==== ATTENTION
Task: C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3156497893-2868505535-831016159-1000Core.job => C:\Users\Svenja\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3156497893-2868505535-831016159-1000UA.job => C:\Users\Svenja\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForSvenja.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\UpdaterEX.job => C:\Users\Svenja\AppData\Roaming\UPDATE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2012-01-16 20:24 - 2011-08-17 11:04 - 00247872 _____ () C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
2013-12-18 09:38 - 2013-12-18 09:38 - 00742200 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\avgrepliba.dll
2014-02-20 20:55 - 2014-02-20 20:55 - 00158536 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\loggingserver.exe
2014-02-18 20:48 - 2014-02-20 20:55 - 02552856 _____ () C:\Program Files (x86)\AVG Nation toolbar\vprot.exe
2014-02-25 20:54 - 2014-02-14 11:00 - 00394808 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2014-02-06 00:52 - 2014-02-06 00:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-06 00:52 - 2014-02-06 00:52 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-02-20 20:55 - 2014-02-20 20:55 - 00518472 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\log4cplusU.dll
2014-02-24 11:29 - 2014-02-24 11:29 - 00111696 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2014-02-24 11:29 - 2014-02-24 11:29 - 00061520 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2014-03-09 19:44 - 2014-02-24 11:29 - 00049744 _____ () C:\Users\TEMPSV~1.003\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2014-02-26 17:15 - 2014-02-26 17:15 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\ae685719bd599604bdf031cdad0ba38a\IsdiInterop.ni.dll
2011-09-23 00:41 - 2011-04-29 23:28 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-02-16 19:28 - 2014-02-16 19:28 - 03578992 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: Easybits Recovery => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: HP Quick Launch => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
MSCONFIG\startupreg: HPOSD => C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
MSCONFIG\startupreg: HPQuickWebProxy => "C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: SetDefault => C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
MSCONFIG\startupreg: SysTrayApp => C:\Program Files\IDT\WDM\sttray64.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/09/2014 07:42:00 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/09/2014 07:40:39 PM) (Source: Microsoft-Windows-User Profiles Service) (User: Svenja-HP)
Description: Das lokale Benutzerprofil wurde nicht gefunden. Sie werden mit einem temporären Benutzerprofil angemeldet. Änderungen, die Sie am Benutzerprofil vornehmen, gehen bei der Abmeldung verloren.

Error: (03/09/2014 07:40:37 PM) (Source: Microsoft-Windows-User Profiles Service) (User: Svenja-HP)
Description: Dieses Benutzerprofil wurde gesichert. Bei der nächsten Anmeldung dieses Benutzers wird automatisch versucht, dieses gesicherte Profil zu verwenden.

Error: (03/09/2014 07:40:37 PM) (Source: Microsoft-Windows-User Profiles Service) (User: Svenja-HP)
Description: Das lokal gespeicherte Profil kann nicht geladen werden. Mögliche Fehlerursachen sind nicht ausreichende Sicherheitsrechte oder ein beschädigtes lokales Profil. 

 Details - Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.

Error: (03/09/2014 07:40:37 PM) (Source: Microsoft-Windows-User Profiles Service) (User: NT-AUTORITÄT)
Description: Die Registrierung konnte nicht geladen werden. Dieses Problem wird oft durch zuwenig Arbeitsspeicher oder nicht ausreichende Sicherheitsberechtigungen verursacht. 

 Details - Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
 for C:\Users\Svenja\ntuser.dat

Error: (03/09/2014 07:40:41 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: TrueSuiteService.exe, Version: 5.3.0.163, Zeitstempel: 0x4dc363f3
Name des fehlerhaften Moduls: TrueSuiteService.exe, Version: 5.3.0.163, Zeitstempel: 0x4dc363f3
Ausnahmecode: 0xc0000417
Fehleroffset: 0x0001275a
ID des fehlerhaften Prozesses: 0x318
Startzeit der fehlerhaften Anwendung: 0xTrueSuiteService.exe0
Pfad der fehlerhaften Anwendung: TrueSuiteService.exe1
Pfad des fehlerhaften Moduls: TrueSuiteService.exe2
Berichtskennung: TrueSuiteService.exe3

Error: (03/09/2014 06:17:40 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 46847

Error: (03/09/2014 06:17:40 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 46847

Error: (03/09/2014 06:17:40 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/09/2014 06:17:25 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 31184


System errors:
=============
Error: (03/09/2014 07:42:26 PM) (Source: Service Control Manager) (User: )
Description: Dienst "TrueSuiteService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (03/09/2014 07:41:20 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "TeamViewer 9" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (03/09/2014 07:41:20 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst TeamViewer 9 erreicht.

Error: (03/09/2014 07:40:27 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎09.‎03.‎2014 um 19:36:07 unerwartet heruntergefahren.

Error: (03/09/2014 07:38:54 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Multimediaklassenplaner" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (03/09/2014 07:38:54 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst MMCSS erreicht.

Error: (03/09/2014 07:38:24 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst TuneUp.UtilitiesSvc erreicht.

Error: (03/09/2014 07:38:24 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Multimediaklassenplaner" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (03/09/2014 07:38:24 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst MMCSS erreicht.

Error: (03/09/2014 07:37:54 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst iphlpsvc erreicht.


Microsoft Office Sessions:
=========================
Error: (03/09/2014 07:42:00 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/09/2014 07:40:39 PM) (Source: Microsoft-Windows-User Profiles Service)(User: Svenja-HP)
Description: 

Error: (03/09/2014 07:40:37 PM) (Source: Microsoft-Windows-User Profiles Service)(User: Svenja-HP)
Description: 

Error: (03/09/2014 07:40:37 PM) (Source: Microsoft-Windows-User Profiles Service)(User: Svenja-HP)
Description: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.

Error: (03/09/2014 07:40:37 PM) (Source: Microsoft-Windows-User Profiles Service)(User: NT-AUTORITÄT)
Description: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
C:\Users\Svenja\ntuser.dat

Error: (03/09/2014 07:40:41 PM) (Source: Application Error)(User: )
Description: TrueSuiteService.exe5.3.0.1634dc363f3TrueSuiteService.exe5.3.0.1634dc363f3c00004170001275a31801cf3bc709ab194aC:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exeC:\Program Files (x86)\HP SimplePass 2011\TrueSuiteService.exe50629e28-a7ba-11e3-a9d2-ec9a743eb1b9

Error: (03/09/2014 06:17:40 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 46847

Error: (03/09/2014 06:17:40 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 46847

Error: (03/09/2014 06:17:40 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/09/2014 06:17:25 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 31184


==================== Memory info =========================== 

Percentage of memory in use: 33%
Total physical RAM: 6091.86 MB
Available physical RAM: 4037.46 MB
Total Pagefile: 12181.9 MB
Available Pagefile: 9836.74 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:445.25 GB) (Free:324.33 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery) (Fixed) (Total:16.35 GB) (Free:1.77 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:3.96 GB) (Free:1.08 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: CF92579A)

Partition: GPT Partition Type.

==================== End Of Log ============================
         
__________________

Alt 10.03.2014, 16:59   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Fehlermeldung "Sie wurden mit einem temporären Profil angemeldet" - Standard

Fehlermeldung "Sie wurden mit einem temporären Profil angemeldet"



Hi,

neues Konto anlegen mit Adminrechten, in dieses booten, geht das?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 10.03.2014, 20:42   #5
Highn86
 
Fehlermeldung "Sie wurden mit einem temporären Profil angemeldet" - Standard

Fehlermeldung "Sie wurden mit einem temporären Profil angemeldet"



Hallo,

ich habe ein neuen Konto mit Adminrechten angelegt und mich beim Hochfahren darüber angemeldet. Hat problemlos geklappt.

Rein informativ möchte ich noch bemerken, dass das beschriebene Problem auch nur "immer wieder" auftritt und nicht bei jedem mal anmelden!

Vielen dank!


Alt 11.03.2014, 13:33   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Fehlermeldung "Sie wurden mit einem temporären Profil angemeldet" - Standard

Fehlermeldung "Sie wurden mit einem temporären Profil angemeldet"



Zieh deine Daten aus dem alten Konto, schieb sie ins neue, und arbeite nur noch mit dem neuen. Beobachte ob das Problem da auch auftaucht.
__________________
--> Fehlermeldung "Sie wurden mit einem temporären Profil angemeldet"

Antwort

Themen zu Fehlermeldung "Sie wurden mit einem temporären Profil angemeldet"
andere, anderen, angemeldet, anhang, benutzte, compu, computer, desktop, direkt, ergebnisse, fehlermeldung, gemeldet, hallo zusammen, hintergrund, hochfahren, neulich, normale, normalen, profil, scan, temporäre, virenscan, windows, windows 7, zusammen




Ähnliche Themen: Fehlermeldung "Sie wurden mit einem temporären Profil angemeldet"


  1. Diverse Malware ("CoolSaleCoupon", "ddownlloaditkeep", "omiga-plus", "SaveSense", "SaleItCoupon"); lahmer PC & viel Werbung!
    Plagegeister aller Art und deren Bekämpfung - 11.01.2015 (16)
  2. Windows 7: Umleitung auf Werbe-Webseiten ("Glückwunsch! Sie wurden ausgewählt..." etc.)
    Log-Analyse und Auswertung - 19.11.2014 (11)
  3. Fehlermeldung bei Systemstart von WINDOWS 7 64-bit: RegSvr32 "Fehler beim Laden des Moduls ""."
    Log-Analyse und Auswertung - 17.08.2014 (10)
  4. Windows 7: Fehlermeldung bei Systemstart- RegSvr32 "Fehler beim Laden des Moduls ""."
    Alles rund um Windows - 12.08.2014 (18)
  5. Windows 7: Fehlermeldung bei Systemstart- RegSvr32 "Fehler beim Laden des Moduls ""."
    Log-Analyse und Auswertung - 16.06.2014 (11)
  6. "Sie wurden mit einem temporären Profil angemeldet" alle Daten weg...
    Alles rund um Windows - 20.09.2013 (11)
  7. Notebook bootet nicht, Fehlermeldung "windows\system 32\drivers\aswRvrt.sys" "status: 0Xc0000221"
    Plagegeister aller Art und deren Bekämpfung - 18.06.2013 (17)
  8. Sie wurden mit einem temporären Profil angemeldet
    Alles rund um Windows - 16.10.2012 (3)
  9. OTL.txt ""sie haben sich mit einem windows-verschlüsselungs trojaner infiziert", ich bitte um hilfe.
    Log-Analyse und Auswertung - 10.06.2012 (3)
  10. Win XP: "Das lokal gespeicherte Profil kann nicht geladen werden."
    Plagegeister aller Art und deren Bekämpfung - 29.05.2012 (0)
  11. Fenster mit "Das Profil konnte nicht gefunden werden" bei jedem Start Virus? Trojaner?
    Log-Analyse und Auswertung - 31.01.2012 (0)
  12. Nach BKA-Trojaner bei jedem Start ein Fenster mit "Das Profil konnte nicht gefunden werden."
    Log-Analyse und Auswertung - 25.08.2011 (19)
  13. "Das Profil konnte nicht gefunden werden" - Meldung bei Systemstart
    Log-Analyse und Auswertung - 21.08.2011 (2)
  14. Fehlermeldung "Festplatte defekt", "Probleme mit IDE / SATA- Festplatten", Dateien weg
    Log-Analyse und Auswertung - 28.05.2011 (1)
  15. fehlermeldung Der Prozedureinsprungpunkt "CreatePo" wurde in der DLL "USER32.dll" nicht gefunden.
    Plagegeister aller Art und deren Bekämpfung - 14.03.2011 (3)
  16. Alle Ordner wurden in Verknüpfungen verwandelt-F:\0.vbs "F:\Gert\Dir"
    Plagegeister aller Art und deren Bekämpfung - 20.05.2010 (4)
  17. F-Secure wird ständig als "Neue Programme wurden installiert" angezeigt
    Antiviren-, Firewall- und andere Schutzprogramme - 01.05.2007 (2)

Zum Thema Fehlermeldung "Sie wurden mit einem temporären Profil angemeldet" - Hallo Zusammen, ich fahre neulich meinen Computer hoch und bekomme die auf Anhang "IMG-20140203-WA0000.jpg " dargestellte Meldung. Ich bin auch nicht auf meinem normalen Desktop gelandet sondern hatte einen anderen - Fehlermeldung "Sie wurden mit einem temporären Profil angemeldet"...
Archiv
Du betrachtest: Fehlermeldung "Sie wurden mit einem temporären Profil angemeldet" auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.