Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Wie kann ich Daten sichern da MusikTrojaner vermutet

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 01.04.2014, 10:46   #1
miasa
 
Wie kann ich Daten sichern da MusikTrojaner vermutet - Standard

Wie kann ich Daten sichern da MusikTrojaner vermutet



Hallo liebes Helferteam.

Seit einigen Tagen habe ich das folgende Problem:
Zwischen 1.00 und 4.00 nachts läuft auf einmal eine (manchmal 2) Werbungen (nur Ton) ab. Selbst wenn ich alles schließe wird diese nicht beendet.

Ich hab bereits einen Virenscan gemacht (mit avast free) - jedoch wird nichts gefunden.
Nun wollte ich folgendes tun da ich nicht sicher bin ob ich all diese Schritte die in den Foren gepostet werden auch kapiere und weil ich so gar keine Ahnung von Computern habe.

Ich wollte meine Daten (Bilder, Musik, Videos, Documente) auf eine externe Festplatte schicken und mir einen neuen Computer kaufen. Jetzt bin ich mir aber nicht sicher ob ich das einfach so machen kann oder ob ich den Virus dann 'mitziehe'.

Log Dateien und so hab ich nun nicht erstellt da ich wie gesagt mir total unsicher bin einfach irgendwas zu machen.

Kann mir jemand sagen ob meine Idee nach hinten losgehen wird?

Alt 01.04.2014, 10:54   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Wie kann ich Daten sichern da MusikTrojaner vermutet - Standard

Wie kann ich Daten sichern da MusikTrojaner vermutet



Hi,

kommt drauf welche Infektion vorliegt. Schauen wir mal:

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 01.04.2014, 12:02   #3
miasa
 
Wie kann ich Daten sichern da MusikTrojaner vermutet - Standard

Wie kann ich Daten sichern da MusikTrojaner vermutet



Hallo ^^
Super, dass Sie so schnell antworten.

Hier sind die files:
FRST

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Michaela (administrator) on MICHAELA-PC on 01-04-2014 12:51:53
Running from C:\Users\Michaela\Desktop
Windows Vista (TM) Home Premium Service Pack 2 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\STacSV64.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
() C:\Windows\System32\WLTRYSVC.EXE
(Dell Inc.) C:\Windows\System32\bcmwltry.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\AESTSr64.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(SoftThinks) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe
(Microsoft Corporation) C:\Windows\system32\msiexec.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Dell Inc.) C:\Windows\System32\WLTRAY.EXE
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
() C:\Users\Michaela\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DellDock.exe
(Dropbox, Inc.) C:\Users\Michaela\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
() C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
(CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
(SupportSoft, Inc.) C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\system32\wbem\WMIADAP.EXE
(SupportSoft, Inc.) C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidFind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apntex.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\Bluetooth Headset Helper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1584184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [Apoint] - C:\Program Files\DellTPad\Apoint.exe [305664 2009-03-31] (Alps Electric Co., Ltd.)
HKLM\...\Run: [Broadcom Wireless Manager UI] - C:\Windows\system32\WLTRAY.exe [4119552 2008-12-21] (Dell Inc.)
HKLM\...\Run: [QuickSet] - C:\Program Files\Dell\QuickSet\QuickSet.exe [2115664 2009-03-27] (Dell Inc.)
HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [178712 2008-06-15] (Intel Corporation)
HKLM\...\Run: [sroli] - rundll32.exe ",HrEditPhonebookEntry
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [462848 2009-03-31] (IDT, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Dell DataSafe Online] - C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe [1779952 2009-07-07] ()
HKLM-x32\...\Run: [Microsoft Default Manager] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [250192 2009-04-24] (Microsoft Corporation)
HKLM-x32\...\Run: [PDVDDXSrv] - C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe [128232 2009-02-05] (CyberLink Corp.)
HKLM-x32\...\Run: [Dell Webcam Central] - C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [405639 2009-01-09] (Creative Technology Ltd)
HKLM-x32\...\Run: [DellSupportCenter] - C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe [206064 2009-05-21] (SupportSoft, Inc.)
HKLM-x32\...\Run: [XSECVA] - C:\Users\Michaela\AppData\Roaming\xsecva\xsecva.exe -s
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2012-02-20] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [TkBellExe] - C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [295512 2013-09-19] (RealNetworks, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640 2014-03-29] (AVAST Software)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\RunOnce: [DSUpdateLauncher] - "c:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\runhstart.bat" [374 2009-03-09] ()
HKLM-x32\...\RunOnce: [Launcher] - "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe" [165104 2009-07-16] (Softthinks)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-2157045702-3999625576-2718192899-1000\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [138240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-2157045702-3999625576-2718192899-1000\...\Run: [UpgradeChecker] - C:\Users\Michaela\AppData\Roaming\Windows Desktop Search\{1F2553B9-2E61-41EA-9F96-0F012DF06884}\UpgradeChecker.exe
HKU\S-1-5-21-2157045702-3999625576-2718192899-1000\...\Run: [abfou.exe] - C:\Users\Michaela\AppData\Roaming\Ykety\abfou.exe
HKU\S-1-5-21-2157045702-3999625576-2718192899-1000\...\Run: [Facebook Update] - C:\Users\Michaela\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-03-11] (Facebook Inc.)
HKU\S-1-5-21-2157045702-3999625576-2718192899-1000\...\Run: [AmazonMP3DownloaderHelper] - C:\Users\Michaela\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] ()
HKU\S-1-5-21-2157045702-3999625576-2718192899-1000\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-2157045702-3999625576-2718192899-1000\...\MountPoints2: D - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RECYCLER\S-7-8-83-100027773-100016816-100018398-4245.com j:\
HKU\S-1-5-21-2157045702-3999625576-2718192899-1000\...\MountPoints2: {9429abf0-d689-11de-857b-00256461103c} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RECYCLER\S-7-8-83-100027773-100016816-100018398-4245.com j:\
HKU\S-1-5-21-2157045702-3999625576-2718192899-1000\...\MountPoints2: {e1b3dd00-cb71-11e2-9a4e-000272d6ac2c} - D:\install.exe
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Michaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Michaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Michaela\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

ProxyServer: 172.16.10.1:8080
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=97c644c5-ac6a-452e-b40f-ec9598ff936e&searchtype=ds&q={searchTerms}&installDate=02/06/2013
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USCON/8
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=97c644c5-ac6a-452e-b40f-ec9598ff936e&searchtype=ds&q={searchTerms}&installDate=02/06/2013
URLSearchHook: HKCU - YTNavAssistPlugin Class - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} -  No File
URLSearchHook: HKCU - YTNavAssistPlugin Class - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=97c644c5-ac6a-452e-b40f-ec9598ff936e&searchtype=ds&q={searchTerms}&installDate=02/06/2013
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=97c644c5-ac6a-452e-b40f-ec9598ff936e&searchtype=ds&q={searchTerms}&installDate=02/06/2013
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = 
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
BHO-x32: ProxTube - {0AA2810A-F009-4BD7-A10A-32F140A1B9F3} - C:\Users\Michaela\AppData\LocalLow\ProxTube\IE\ProxTube.dll (Malte Goetz)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU - &Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\Windows\system32\ieframe.dll (Microsoft Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\ighg0d3g.default
FF user.js: detected! => C:\Users\Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\ighg0d3g.default\user.js
FF NewTab: about:blank
FF Homepage: about:home
FF Keyword.URL: hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=97c644c5-ac6a-452e-b40f-ec9598ff936e&searchtype=ds&installDate=02/06/2013&q=
FF NetworkProxy: "autoconfig_url", "data:text/javascript,function%20FindProxyForURL(url%2C%20host)%20%7Bif%20(shExpMatch(url%2C%20'http%3A%2F%2Fwww.rdio.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fsecure.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.iheart.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20url.indexOf('discoverymedia.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fdsc.discovery.com%2F*')%20%7C%7C%20url.indexOf('southparkstudios.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Faccount.beatsmusic.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.beatsmusic.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fsongza.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fnew.songza.com*')%20%7C%7C%20url.indexOf('play.google.com')%20!%3D%20-1%20%7C%7C%20(url.indexOf('youtube.com%2Fvideoplayback')%20!%3D%20-1%20%26%26%20url.indexOf('%26gcr%3Dus')%20!%3D%20-1%20%26%26%20url.indexOf('%26ptchn')%20!%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.crunchyroll.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fgrooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fretro.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fhtml5.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Flisten.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fpreview.grooveshark.com*')%20%7C%7C%20url.indexOf('vevo.com')%20!%3D%20-1%20%7C%7C%20host%20%3D%3D%20'www.pandora.com'%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.last.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fext.last.fm*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.daisuki.net*')%20%7C%7C%20host%20%3D%3D%20's.hulu.com'%20%7C%7C%20(url.indexOf('proxmate%3Dactive')%20!%3D%20-1%20%26%26%20url.indexOf('amazonaws.com')%20%3D%3D%20-1)%20%7C%7C%20(url.indexOf('proxmate%3Dus')%20!%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.mtv.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fmedia.mtvnservices.com*'))%20%7B%20return%20'PROXY%20nq-us04.personalitycores.com%3A8000%3B%20PROXY%20nq-us05.personalitycores.com%3A8000%3B%20PROXY%20nq-us08.personalitycores.com%3A8000%3B%20PROXY%20nq-us09.personalitycores.com%3A8000%3B%20PROXY%20nq-us10.personalitycores.com%3A8000%3B%20PROXY%20nq-us11.personalitycores.com%3A8000%3B%20PROXY%20nq-us07.personalitycores.com%3A8000%3B%20PROXY%20nq-us12.personalitycores.com%3A8000%3B%20PROXY%20nq-us06.personalitycores.com%3A8000'%3B%7D%20%20else%20%7B%20return%20'DIRECT'%3B%20%7D%7D"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8051.1204 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.3.51 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Users\Michaela\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
FF Plugin HKCU: facebook.com/fbDesktopPlugin - C:\Users\Michaela\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF SearchPlugin: C:\Users\Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\ighg0d3g.default\searchplugins\Web Search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: ProxTube - C:\Users\Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\ighg0d3g.default\Extensions\maltegoetz@proxtube.com [2012-11-08]
FF Extension: ProxMate - Proxy on steroids! - C:\Users\Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\ighg0d3g.default\Extensions\jid1-QpHD8URtZWJC2A@jetpack.xpi [2013-08-17]
FF Extension: Adblock Plus - C:\Users\Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\ighg0d3g.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-12-28]
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-03-29]

Chrome: 
=======
CHR HomePage: hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=97c644c5-ac6a-452e-b40f-ec9598ff936e&searchtype=hp&installDate=02/06/2013
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll ()
CHR Plugin: (Java(TM) Platform SE 6 U13) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (Adobe Acrobat) - c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Download Plugin) - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (RealJukebox NS Plugin) - c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll No File
CHR Extension: (Boa Mistura) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\alhbnbjlmhkpfeocomgpfkffnbncjjpn [2013-08-08]
CHR Extension: (YouTube) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-10-10]
CHR Extension: (Adblock Plus) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-12-28]
CHR Extension: (Google-Suche) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-10-10]
CHR Extension: (Google+) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlppkpafhbajpcmmoheippocdidnckmm [2013-08-08]
CHR Extension: (XKit) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpfgeeomkfdefkckijiabdbogjkdaecd [2014-01-11]
CHR Extension: (Vimeo™ Download Videos) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\geeljcibkkackafmeepgadbfgmpjmdeg [2013-07-02]
CHR Extension: (avast! Online Security) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-03-29]
CHR Extension: (ProxMate - Proxy on steroids!) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjpnmnpjmabddgmjdiaggacbololbjm [2013-08-17]
CHR Extension: (Google Keep) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2013-09-20]
CHR Extension: (SeenBlock) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\hpdbfhoobgcmiffaheiedgepeipfcjpb [2013-09-20]
CHR Extension: (RealDownloader) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-09-20]
CHR Extension: (Dropbox) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2013-08-08]
CHR Extension: (Google Wallet) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-01]
CHR Extension: (Youtube Video Downloader) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\obmbipnhbnpicpechoajlkjfdiopnoki [2013-05-19]
CHR Extension: (Tumblr Savior) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\oefddkjnflmjbclpnnoegglmmdfkidip [2014-01-05]
CHR Extension: (Google Mail) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-10-10]
CHR HKLM-x32\...\Chrome\Extension: [chakodcglgpacmjpjfaoopegbglbollk] - C:\Users\Michaela\AppData\LocalLow\ProxTube\CHROME\ProxTube.crx [2010-05-25]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-03-29]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-03-29] (AVAST Software)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 wltrysvc; C:\Windows\System32\bcmwltry.exe [3051520 2008-12-21] (Dell Inc.)
R2 yksvc; RUNDLL32.EXE ykx64coinst,serviceStartProc [X]

==================== Drivers (Whitelisted) ====================

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-03-29] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [64752 2014-03-29] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-03-29] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-03-29] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-03-29] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2014-03-29] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208928 2014-03-29] ()
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [133672 2011-08-04] (Broadcom Corporation.)
R3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [89640 2011-08-04] (Broadcom Corporation.)
R3 OA009Ufd; C:\Windows\System32\DRIVERS\OA009Ufd.sys [159840 2009-03-06] (Creative Technology Ltd.)
R3 OA009Vid; C:\Windows\System32\DRIVERS\OA009Vid.sys [311296 2009-03-19] (Creative Technology Ltd.)
S3 usbbus; C:\Windows\System32\DRIVERS\lgx64bus.sys [17920 2008-09-04] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgx64diag.sys [27136 2008-09-04] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgx64modem.sys [33792 2008-09-04] (LG Electronics Inc.)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-01 12:51 - 2014-04-01 12:52 - 00031787 _____ () C:\Users\Michaela\Desktop\FRST.txt
2014-04-01 12:51 - 2014-04-01 12:51 - 00000000 ____D () C:\FRST
2014-04-01 12:33 - 2014-04-01 12:34 - 02157056 _____ (Farbar) C:\Users\Michaela\Desktop\FRST64.exe
2014-03-30 19:18 - 2014-03-30 19:18 - 00000000 ____D () C:\Users\Michaela\Downloads\Download
2014-03-29 21:36 - 2014-03-29 21:36 - 00000000 ____D () C:\Users\Michaela\Documents\Any Video Converter
2014-03-29 15:21 - 2014-03-29 15:21 - 00000296 _____ () C:\Windows\system32\spsys.log
2014-03-29 15:07 - 2014-03-29 15:08 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-29 15:03 - 2013-12-18 22:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-03-29 15:03 - 2013-12-18 22:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-03-29 15:03 - 2013-12-18 22:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-03-29 15:03 - 2013-12-18 22:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-03-29 15:02 - 2014-03-29 15:03 - 00005327 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-03-29 14:56 - 2014-03-29 14:56 - 00000000 ____D () C:\Users\Michaela\AppData\Roaming\Opera Software
2014-03-29 14:56 - 2014-03-29 14:56 - 00000000 ____D () C:\Users\Michaela\AppData\Local\Opera Software
2014-03-29 14:44 - 2014-03-29 14:45 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-03-29 14:27 - 2014-03-29 14:27 - 00000000 ____D () C:\Users\Michaela\AppData\Roaming\AVAST Software
2014-03-29 14:26 - 2014-04-01 11:12 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-03-29 14:25 - 2014-03-29 14:25 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-03-29 14:25 - 2014-03-29 14:25 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-03-29 14:25 - 2014-03-29 14:25 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-03-29 14:25 - 2014-03-29 14:25 - 00208928 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-03-29 14:25 - 2014-03-29 14:25 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-03-29 14:25 - 2014-03-29 14:25 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-03-29 14:25 - 2014-03-29 14:25 - 00065264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2014-03-29 14:25 - 2014-03-29 14:25 - 00064752 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2014-03-29 14:25 - 2014-03-29 14:25 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-03-29 14:23 - 2014-03-29 14:23 - 00000000 ____D () C:\Program Files\AVAST Software
2014-03-29 14:20 - 2014-03-29 14:20 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-03-29 00:50 - 2014-03-29 00:50 - 00000000 ____D () C:\Users\Michaela\Downloads\Doujinshi&Manga
2014-03-19 20:46 - 2014-03-27 22:55 - 00003246 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2157045702-3999625576-2718192899-1000
2014-03-19 20:45 - 2014-03-27 22:55 - 00003374 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2157045702-3999625576-2718192899-1000
2014-03-16 02:49 - 2014-03-16 02:49 - 00000000 ____D () C:\Users\Michaela\AppData\Local\Skype
2014-03-14 03:20 - 2014-03-26 01:31 - 00000000 ____D () C:\Users\Michaela\Documents\HTML Code
2014-03-13 04:01 - 2014-02-23 09:12 - 17847808 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-13 04:01 - 2014-02-23 08:54 - 02334720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-13 04:01 - 2014-02-23 08:52 - 10926592 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-13 04:01 - 2014-02-23 08:48 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-13 04:01 - 2014-02-23 08:48 - 01347072 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-13 04:01 - 2014-02-23 08:46 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-13 04:01 - 2014-02-23 08:46 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-03-13 04:01 - 2014-02-23 08:46 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-13 04:01 - 2014-02-23 08:45 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-03-13 04:01 - 2014-02-23 08:45 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-03-13 04:01 - 2014-02-23 08:45 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-13 04:01 - 2014-02-23 08:44 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-13 04:01 - 2014-02-23 08:44 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-13 04:01 - 2014-02-23 08:44 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-13 04:01 - 2014-02-23 08:44 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-03-13 04:01 - 2014-02-23 08:43 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-13 04:01 - 2014-02-23 07:50 - 12347904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-13 04:01 - 2014-02-23 07:47 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-13 04:01 - 2014-02-23 07:43 - 09739264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-13 04:01 - 2014-02-23 07:41 - 01105408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-13 04:01 - 2014-02-23 07:40 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-13 04:01 - 2014-02-23 07:39 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-13 04:01 - 2014-02-23 07:38 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-03-13 04:01 - 2014-02-23 07:38 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-13 04:01 - 2014-02-23 07:38 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-13 04:01 - 2014-02-23 07:37 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-13 04:01 - 2014-02-23 07:37 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-03-13 04:01 - 2014-02-23 07:37 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-13 04:01 - 2014-02-23 07:37 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-03-13 04:01 - 2014-02-23 07:36 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-13 04:01 - 2014-02-23 07:36 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-03-13 04:01 - 2014-02-23 07:35 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-13 00:48 - 2014-02-07 14:11 - 02776064 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-13 00:48 - 2014-02-03 15:20 - 00619008 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-13 00:48 - 2014-02-03 12:37 - 00505344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-13 00:48 - 2014-01-30 12:12 - 01111040 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-13 00:48 - 2014-01-30 09:46 - 00876032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-13 00:48 - 2013-11-13 03:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-03-13 00:48 - 2013-11-13 02:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-03-10 21:52 - 2014-03-10 21:53 - 00000000 ____D () C:\Users\Michaela\Documents\YuE
2014-03-05 21:41 - 2014-03-05 21:42 - 00274864 _____ () C:\Windows\Minidump\Mini030514-01.dmp
2014-03-04 21:52 - 2014-03-28 23:21 - 00003714 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{784B2923-D700-4DE6-920C-72A8F8621F24}
2014-03-04 12:36 - 2013-08-27 05:39 - 01268224 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2014-03-04 12:36 - 2013-08-27 05:39 - 00327680 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-03-04 12:36 - 2013-08-27 05:39 - 00287232 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2014-03-04 12:36 - 2013-08-27 05:39 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-03-04 12:36 - 2013-08-27 04:47 - 01029120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2014-03-04 12:36 - 2013-08-27 04:47 - 00219648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2014-03-04 12:36 - 2013-08-27 04:47 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2014-03-04 12:36 - 2013-08-27 04:47 - 00160768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2014-03-04 12:36 - 2013-08-27 04:32 - 02002944 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-03-04 12:36 - 2013-08-27 04:30 - 00566272 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-03-04 12:36 - 2013-08-27 04:06 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-03-04 12:36 - 2013-08-27 04:00 - 01556480 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-03-04 12:36 - 2013-08-27 04:00 - 01149952 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-03-04 12:36 - 2013-08-27 03:52 - 01172480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-03-04 12:36 - 2013-08-27 03:50 - 00486400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2014-03-04 12:36 - 2013-08-27 03:32 - 00683008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-03-04 12:36 - 2013-08-27 03:28 - 01069056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-03-04 12:36 - 2011-03-13 00:52 - 01653760 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-03-04 12:36 - 2011-03-12 23:55 - 00876032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-03-04 07:35 - 2014-03-04 07:35 - 00000000 ____D () C:\Users\Michaela\Documents\Bluetooth-Exchange-Ordner
2014-03-04 07:34 - 2014-03-04 07:34 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-03-04 07:32 - 2014-03-04 07:33 - 00000981 _____ () C:\Users\Michaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-04 07:23 - 2014-03-04 07:23 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2014-03-04 07:23 - 2014-03-04 07:23 - 00000000 ____D () C:\Program Files (x86)\Windows Portable Devices
2014-03-04 07:20 - 2014-03-04 07:20 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2014-03-04 07:20 - 2014-03-04 07:20 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_07_00.Wdf
2014-03-04 06:53 - 2009-10-01 03:02 - 02537472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2014-03-04 06:53 - 2009-10-01 03:02 - 00334848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceApi.dll
2014-03-04 06:53 - 2009-10-01 03:02 - 00087552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WPDShServiceObj.dll
2014-03-04 06:53 - 2009-10-01 03:02 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WPDShextAutoplay.exe
2014-03-04 06:53 - 2009-10-01 03:01 - 00350208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WPDSp.dll
2014-03-04 06:53 - 2009-10-01 03:01 - 00196608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceWMDRM.dll
2014-03-04 06:53 - 2009-10-01 03:01 - 00160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceTypes.dll
2014-03-04 06:53 - 2009-10-01 03:01 - 00100864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceClassExtension.dll
2014-03-04 06:53 - 2009-10-01 03:01 - 00060928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PortableDeviceConnectApi.dll
2014-03-04 06:53 - 2009-10-01 02:52 - 02727936 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2014-03-04 06:53 - 2009-10-01 02:52 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceApi.dll
2014-03-04 06:53 - 2009-10-01 02:52 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\WPDShextAutoplay.exe
2014-03-04 06:53 - 2009-10-01 02:51 - 00573440 _____ (Microsoft Corporation) C:\Windows\system32\wpd_ci.dll
2014-03-04 06:53 - 2009-10-01 02:51 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\WPDSp.dll
2014-03-04 06:53 - 2009-10-01 02:51 - 00295936 _____ (Microsoft Corporation) C:\Windows\system32\WpdMtp.dll
2014-03-04 06:53 - 2009-10-01 02:51 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceWMDRM.dll
2014-03-04 06:53 - 2009-10-01 02:51 - 00214528 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceTypes.dll
2014-03-04 06:53 - 2009-10-01 02:51 - 00113152 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceClassExtension.dll
2014-03-04 06:53 - 2009-10-01 02:51 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\WPDShServiceObj.dll
2014-03-04 06:53 - 2009-10-01 02:51 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
2014-03-04 06:53 - 2009-10-01 02:51 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\PortableDeviceConnectApi.dll
2014-03-04 06:53 - 2009-10-01 02:51 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\WpdMtpUS.dll
2014-03-04 06:53 - 2009-10-01 02:51 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WpdUsb.sys
2014-03-04 06:53 - 2009-10-01 02:51 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\BthMtpContextHandler.dll
2014-03-04 06:53 - 2009-10-01 02:51 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\WpdConns.dll
2014-03-04 06:10 - 2014-03-05 04:08 - 01521640 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-03-04 05:35 - 2012-07-26 05:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2014-03-04 05:35 - 2012-07-26 05:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-03-04 05:35 - 2012-07-26 05:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-03-04 05:35 - 2012-07-26 05:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-03-04 05:35 - 2012-07-26 05:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2014-03-04 05:35 - 2012-07-26 04:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-03-04 05:35 - 2012-07-26 04:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-03-04 05:35 - 2012-06-02 16:57 - 00000003 _____ () C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2014-03-04 05:35 - 2009-07-14 14:19 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\winusb.dll
2014-03-04 05:35 - 2009-07-14 14:12 - 00016896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winusb.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 03695416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-03-04 05:25 - 2014-03-04 05:25 - 03695416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-03-04 05:25 - 2014-03-04 05:25 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-03-04 05:25 - 2014-03-04 05:25 - 00434176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00403248 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-03-04 05:25 - 2014-03-04 05:25 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00353584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00227840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-03-04 05:25 - 2014-03-04 05:25 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-03-04 05:25 - 2014-03-04 05:25 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-03-04 05:25 - 2014-03-04 05:25 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-03-04 05:25 - 2014-03-04 05:25 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\advpack.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00130560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00123392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00118784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00114176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advpack.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00101888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-03-04 05:25 - 2014-03-04 05:25 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-03-04 05:25 - 2014-03-04 05:25 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-04 05:25 - 2014-03-04 05:25 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-03-04 05:25 - 2014-03-04 05:25 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-03-04 05:25 - 2014-03-04 05:25 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-03-04 05:25 - 2014-03-04 05:25 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2014-03-04 05:25 - 2014-03-04 05:25 - 00066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-03-04 05:25 - 2014-03-04 05:25 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-03-04 05:25 - 2014-03-04 05:25 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-03-04 05:25 - 2014-03-04 05:25 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-03-04 05:25 - 2014-03-04 05:25 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-03-04 05:22 - 2014-03-04 05:22 - 03548672 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-03-04 05:22 - 2014-03-04 05:22 - 03068416 _____ (Microsoft Corporation) C:\Windows\system32\xpsservices.dll
2014-03-04 05:22 - 2014-03-04 05:22 - 02873344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-03-04 05:22 - 2014-03-04 05:22 - 01554432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsservices.dll
2014-03-04 05:22 - 2014-03-04 05:22 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\OpcServices.dll
2014-03-04 05:22 - 2014-03-04 05:22 - 01257984 _____ (Microsoft Corporation) C:\Windows\system32\MFH264Dec.dll
2014-03-04 05:22 - 2014-03-04 05:22 - 01204224 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2014-03-04 05:22 - 2014-03-04 05:22 - 01075712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2014-03-04 05:22 - 2014-03-04 05:22 - 01032192 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelinesvc.exe
2014-03-04 05:22 - 2014-03-04 05:22 - 00979456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFH264Dec.dll
2014-03-04 05:22 - 2014-03-04 05:22 - 00847360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OpcServices.dll
2014-03-04 05:22 - 2014-03-04 05:22 - 00748544 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2014-03-04 05:22 - 2014-03-04 05:22 - 00625152 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-03-04 05:22 - 2014-03-04 05:22 - 00586240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2014-03-04 05:22 - 2014-03-04 05:22 - 00478720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-03-04 05:22 - 2014-03-04 05:22 - 00428544 _____ (Microsoft Corporation) C:\Windows\system32\MFHEAACdec.dll
2014-03-04 05:22 - 2014-03-04 05:22 - 00377344 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4src.dll
2014-03-04 05:22 - 2014-03-04 05:22 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2014-03-04 05:22 - 2014-03-04 05:22 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFHEAACdec.dll
2014-03-04 05:22 - 2014-03-04 05:22 - 00345088 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2014-03-04 05:22 - 2014-03-04 05:22 - 00302592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4src.dll
2014-03-04 05:22 - 2014-03-04 05:22 - 00278528 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-03-04 05:22 - 2014-03-04 05:22 - 00261632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2014-03-04 05:22 - 2014-03-04 05:22 - 00258048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2014-03-04 05:22 - 2014-03-04 05:22 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\XpsRasterService.dll
2014-03-04 05:22 - 2014-03-04 05:22 - 00209920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-03-04 05:22 - 2014-03-04 05:22 - 00195072 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-03-04 05:22 - 2014-03-04 05:22 - 00135680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsRasterService.dll
2014-03-04 05:22 - 2014-03-04 05:22 - 00098816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-03-04 05:22 - 2014-03-04 05:22 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelineprxy.dll
2014-03-04 05:22 - 2014-03-04 05:22 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-03-04 05:20 - 2014-03-04 05:20 - 01209856 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-04 05:20 - 2014-03-04 05:20 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-04 05:20 - 2014-03-04 05:20 - 00792576 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-03-04 05:20 - 2014-03-04 05:20 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2014-03-04 05:20 - 2014-03-04 05:20 - 00449024 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-03-04 05:20 - 2014-03-04 05:20 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
2014-03-04 05:20 - 2014-03-04 05:20 - 00369664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-03-04 05:20 - 2014-03-04 05:20 - 00328192 _____ (Microsoft Corporation) C:\Windows\system32\dxdiag.exe
2014-03-04 05:20 - 2014-03-04 05:20 - 00321024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoMetadataHandler.dll
2014-03-04 05:20 - 2014-03-04 05:20 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\dxdiagn.dll
2014-03-04 05:20 - 2014-03-04 05:20 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxdiag.exe
2014-03-04 05:20 - 2014-03-04 05:20 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-03-04 05:20 - 2014-03-04 05:20 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxdiagn.dll
2014-03-04 05:20 - 2014-03-04 05:20 - 00189440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2014-03-04 04:37 - 2009-09-10 04:07 - 03815424 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbon.dll
2014-03-04 04:37 - 2009-09-10 04:06 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\UIRibbonRes.dll
2014-03-04 04:37 - 2009-09-10 04:05 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2014-03-04 04:37 - 2009-09-10 04:01 - 03023360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbon.dll
2014-03-04 04:37 - 2009-09-10 04:00 - 01164800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIRibbonRes.dll
2014-03-04 04:37 - 2009-09-10 04:00 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2014-03-04 04:35 - 2012-02-29 17:37 - 00005632 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2014-03-04 04:35 - 2012-02-29 17:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2014-03-04 04:35 - 2012-02-29 15:52 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2014-03-03 21:19 - 2013-10-22 11:31 - 00079360 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-03-03 21:19 - 2013-10-22 09:19 - 00158208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-03-03 21:19 - 2013-10-03 17:03 - 00389632 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-03-03 21:19 - 2013-10-03 14:46 - 00304128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-03-03 21:19 - 2013-06-27 01:00 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2014-03-03 21:19 - 2013-06-27 01:00 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2014-03-03 21:19 - 2013-06-27 01:00 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2014-03-03 21:19 - 2012-11-22 06:22 - 00456192 _____ (Microsoft Corporation) C:\Windows\system32\shlwapi.dll
2014-03-03 21:19 - 2012-11-22 05:54 - 00353280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shlwapi.dll
2014-03-03 21:19 - 2012-06-29 18:20 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2014-03-03 21:19 - 2012-06-29 18:01 - 00467968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2014-03-03 21:18 - 2013-10-11 06:23 - 00781824 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-03-03 21:18 - 2013-10-11 06:23 - 00462848 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-03-03 21:18 - 2013-10-11 04:29 - 00217074 _____ () C:\Windows\system32\WFP.TMF
2014-03-03 21:18 - 2013-10-11 04:07 - 00596480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2014-03-03 21:18 - 2013-08-02 16:06 - 01706496 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-03-03 21:18 - 2013-08-02 06:09 - 01548288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2014-03-03 21:18 - 2013-07-09 14:04 - 01585256 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-03-03 21:18 - 2013-07-09 14:04 - 01168088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-03-03 21:18 - 2013-07-08 06:51 - 04691904 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-03-03 21:18 - 2013-07-08 06:20 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-03-03 21:18 - 2013-07-08 06:18 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-03-03 21:18 - 2013-07-08 06:15 - 00234496 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-03-03 21:18 - 2013-07-08 06:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-03-03 21:18 - 2013-07-08 03:39 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-03-03 21:18 - 2013-07-08 03:39 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-03-03 21:18 - 2013-07-08 03:39 - 00002560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-03-03 21:18 - 2013-03-09 06:16 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-03-03 21:18 - 2013-03-09 03:48 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-03-03 21:18 - 2012-05-01 16:29 - 00209920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-03-03 21:18 - 2011-02-22 16:47 - 00479744 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-03-03 21:18 - 2011-02-22 16:13 - 00288768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-03-03 21:17 - 2013-03-03 21:13 - 01513320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-03-03 21:17 - 2012-09-25 18:31 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2014-03-03 21:17 - 2012-09-25 18:19 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2014-03-03 21:17 - 2011-12-14 18:38 - 00621056 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2014-03-03 21:17 - 2011-12-14 18:17 - 00680448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2014-03-03 21:15 - 2013-12-05 06:48 - 01869824 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-03-03 21:15 - 2013-12-05 04:12 - 01248768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-03-03 21:15 - 2013-08-01 06:10 - 00901568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-03-03 21:15 - 2013-08-01 05:37 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-03-03 21:15 - 2013-06-15 15:27 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2014-03-03 21:15 - 2013-06-15 13:38 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-03-03 21:15 - 2013-04-24 06:09 - 00050688 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2014-03-03 21:15 - 2013-04-24 06:00 - 00041984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2014-03-03 21:15 - 2013-04-24 04:10 - 01078272 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2014-03-03 21:15 - 2013-04-24 03:46 - 00812544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2014-03-03 21:15 - 2010-05-04 21:40 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msshsq.dll
2014-03-03 21:15 - 2010-05-04 21:13 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshsq.dll
2014-03-03 21:14 - 2012-02-01 17:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2014-03-03 21:12 - 2012-11-20 06:22 - 00204288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-03-03 21:12 - 2012-11-20 06:21 - 00253952 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-03-03 21:12 - 2012-09-28 18:34 - 01210368 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-03-03 21:12 - 2012-09-28 18:13 - 00860160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-03-03 21:12 - 2011-10-25 18:13 - 00352256 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-03-03 21:12 - 2011-10-25 17:58 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-03-03 21:11 - 2013-07-10 11:47 - 00677888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-03-03 21:11 - 2013-07-10 11:42 - 01303552 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-03-03 21:11 - 2013-06-04 06:16 - 00048128 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-03-03 21:11 - 2013-06-04 06:16 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2014-03-03 21:11 - 2013-06-04 04:01 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-03-03 21:11 - 2013-06-04 03:49 - 00293376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2014-03-03 21:11 - 2013-04-17 15:04 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2014-03-03 21:11 - 2013-04-17 14:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2014-03-03 21:09 - 2013-10-03 17:02 - 01278976 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-03-03 21:09 - 2013-10-03 14:45 - 00993792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-03-03 21:09 - 2011-11-16 18:43 - 00442368 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2014-03-03 21:09 - 2011-11-16 18:23 - 00377344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2014-03-03 21:09 - 2011-10-14 19:31 - 00211968 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll
2014-03-03 21:09 - 2011-10-14 19:27 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\mcicda.dll
2014-03-03 21:09 - 2011-10-14 19:27 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\mciwave.dll
2014-03-03 21:09 - 2011-10-14 19:27 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\mciseq.dll
2014-03-03 21:09 - 2011-10-14 18:03 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll
2014-03-03 21:09 - 2011-10-14 18:00 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mciseq.dll
2014-03-03 21:09 - 2011-08-25 18:20 - 00735744 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2014-03-03 21:09 - 2011-08-25 18:19 - 00847360 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-03-03 21:09 - 2011-08-25 18:19 - 00332288 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2014-03-03 21:09 - 2011-08-25 18:15 - 00555520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2014-03-03 21:09 - 2011-08-25 18:14 - 00563712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-03-03 21:09 - 2011-08-25 18:14 - 00238080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2014-03-03 21:09 - 2011-08-25 15:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\oleaccrc.dll
2014-03-03 21:09 - 2011-08-25 15:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaccrc.dll
2014-03-03 21:09 - 2011-06-15 18:16 - 00180736 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2014-03-03 21:09 - 2011-06-15 18:12 - 00182784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2014-03-03 21:07 - 2013-07-03 04:22 - 00031616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2014-03-03 21:06 - 2013-07-05 06:45 - 01423808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-03-03 21:06 - 2012-11-02 12:45 - 00477696 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2014-03-03 21:06 - 2012-11-02 12:45 - 00068096 _____ (Microsoft Corporation) C:\Windows\system32\dpnathlp.dll
2014-03-03 21:06 - 2012-11-02 12:18 - 00376320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2014-03-03 21:06 - 2012-11-02 10:59 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\dpnsvr.exe
2014-03-03 21:06 - 2012-11-02 10:26 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnsvr.exe
2014-03-03 21:06 - 2012-08-21 13:50 - 00267648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2014-03-03 21:05 - 2011-10-14 19:30 - 00559616 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2014-03-03 21:05 - 2011-10-14 18:02 - 00429056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2014-03-03 21:04 - 2011-04-21 16:17 - 00695296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2014-03-03 21:03 - 2013-10-11 06:27 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-03-03 21:03 - 2013-10-11 06:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-03-03 21:03 - 2013-10-11 04:19 - 00166912 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-03-03 21:03 - 2013-10-11 04:19 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-03-03 21:03 - 2013-10-11 04:08 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-03-03 21:03 - 2013-10-11 04:08 - 00131072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2014-03-03 21:03 - 2013-10-11 04:08 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshcon.dll
2014-03-03 21:03 - 2013-10-11 02:35 - 00155648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2014-03-03 21:03 - 2013-10-11 02:35 - 00135168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2014-03-03 21:03 - 2013-07-20 12:45 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-03-03 21:03 - 2013-07-20 12:44 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-03-03 21:03 - 2013-07-16 11:25 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2014-03-03 21:03 - 2013-07-16 06:35 - 00615936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themeui.dll
2014-03-03 21:03 - 2013-07-08 06:20 - 00172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-03-03 21:03 - 2013-07-08 06:16 - 00133120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-03-03 21:03 - 2013-07-08 06:16 - 00098304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2014-03-03 21:03 - 2013-07-08 06:15 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-03-03 21:03 - 2013-07-08 06:12 - 00174592 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-03-03 21:03 - 2013-07-08 06:12 - 00132096 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2014-03-03 21:03 - 2013-02-12 04:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2014-03-03 21:03 - 2012-11-02 12:47 - 01794560 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-03-03 21:03 - 2012-11-02 12:19 - 01400832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-03-03 21:03 - 2012-06-04 17:29 - 00516480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-03-03 21:03 - 2012-06-02 02:22 - 00347136 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-03-03 21:03 - 2012-06-02 02:05 - 00077312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-03-03 21:03 - 2012-06-02 02:04 - 00278528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-03-03 21:03 - 2011-11-16 18:42 - 00094720 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-03-03 21:03 - 2011-11-16 18:41 - 01689600 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-03-03 21:03 - 2011-11-16 16:34 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-03-03 21:02 - 2013-09-04 04:31 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-03-03 21:02 - 2013-07-04 06:21 - 00532480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2014-03-03 21:02 - 2013-07-04 06:13 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2014-03-03 21:02 - 2013-03-08 06:18 - 00451072 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-03-03 21:02 - 2012-11-08 06:26 - 01570816 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-03-03 21:02 - 2012-11-08 05:48 - 01314816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-03-03 21:02 - 2012-05-11 18:34 - 00788480 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-03-03 21:02 - 2012-05-11 17:57 - 00623616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\localspl.dll
2014-03-03 21:01 - 2013-10-30 06:34 - 00374784 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2014-03-03 21:01 - 2013-10-30 05:55 - 00122368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-03-03 21:01 - 2013-10-30 04:33 - 00218112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-03-03 21:01 - 2013-06-29 04:22 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-03-03 21:01 - 2013-06-29 04:21 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-03-03 21:01 - 2013-06-29 04:21 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-03-03 21:01 - 2013-06-29 04:21 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-03-03 21:01 - 2013-06-29 04:21 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-03-03 21:01 - 2013-06-29 04:21 - 00007552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-03-03 21:01 - 2013-03-08 06:17 - 02425344 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-03-03 21:01 - 2013-03-08 05:52 - 02067968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-03-03 21:01 - 2012-03-21 01:34 - 00072576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2014-03-03 21:01 - 2011-11-18 20:07 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-03-03 21:01 - 2011-11-18 19:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-03-03 21:00 - 2013-05-02 06:16 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-03-03 21:00 - 2013-05-02 06:04 - 00443904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2014-03-03 21:00 - 2013-05-02 06:03 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\printcom.dll
2014-03-03 21:00 - 2012-06-08 19:59 - 12899840 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-03-03 21:00 - 2012-06-08 19:47 - 11586048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-03-03 21:00 - 2011-07-29 18:08 - 00375808 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2014-03-03 21:00 - 2011-07-29 18:08 - 00289792 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2014-03-03 21:00 - 2011-07-29 18:06 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\Mpeg2Data.ax
2014-03-03 21:00 - 2011-07-29 18:06 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\MSDvbNP.ax
2014-03-03 21:00 - 2011-07-29 18:01 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2014-03-03 21:00 - 2011-07-29 18:01 - 00217088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2014-03-03 21:00 - 2011-07-29 18:00 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mpeg2Data.ax
2014-03-03 21:00 - 2011-07-29 18:00 - 00057856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSDvbNP.ax
2014-03-03 20:19 - 2012-01-09 18:16 - 00708096 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2014-03-03 20:19 - 2012-01-09 17:54 - 00613376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpencom.dll
2014-03-03 19:44 - 2012-06-03 00:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-03-03 19:44 - 2012-06-03 00:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-03-03 19:44 - 2012-06-03 00:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-03-03 19:44 - 2012-06-03 00:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-03-03 19:42 - 2012-06-03 00:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-03-03 19:42 - 2012-06-03 00:19 - 00577048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-03-03 19:42 - 2012-06-03 00:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-03-03 19:42 - 2012-06-03 00:19 - 00035864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-03-03 19:42 - 2012-06-03 00:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-03-03 19:42 - 2012-06-03 00:12 - 00088576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-03-03 19:41 - 2012-06-02 16:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-03-03 19:41 - 2012-06-02 16:19 - 00171904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-03-03 19:41 - 2012-06-02 16:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-03-03 19:41 - 2012-06-02 16:12 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-03-03 19:28 - 2014-03-29 14:12 - 00003352 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2157045702-3999625576-2718192899-1000
2014-03-03 19:09 - 2014-03-03 19:12 - 00000000 ____D () C:\Windows\SysWOW64\vi-VN
2014-03-03 19:09 - 2014-03-03 19:12 - 00000000 ____D () C:\Windows\SysWOW64\eu-ES
2014-03-03 19:09 - 2014-03-03 19:12 - 00000000 ____D () C:\Windows\SysWOW64\ca-ES
2014-03-03 19:09 - 2014-03-03 19:11 - 00000000 ____D () C:\Windows\system32\ca-ES
2014-03-03 19:09 - 2014-03-03 19:10 - 00000000 ____D () C:\Windows\system32\vi-VN
2014-03-03 19:09 - 2014-03-03 19:10 - 00000000 ____D () C:\Windows\system32\eu-ES
2014-03-03 16:55 - 2014-03-29 14:12 - 00003224 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2157045702-3999625576-2718192899-1000

==================== One Month Modified Files and Folders =======

2014-04-01 12:52 - 2014-04-01 12:51 - 00031787 _____ () C:\Users\Michaela\Desktop\FRST.txt
2014-04-01 12:52 - 2009-09-24 22:31 - 01237673 _____ () C:\Windows\WindowsUpdate.log
2014-04-01 12:51 - 2014-04-01 12:51 - 00000000 ____D () C:\FRST
2014-04-01 12:51 - 2013-07-16 23:39 - 00000000 ___RD () C:\Users\Michaela\Dropbox
2014-04-01 12:51 - 2013-07-16 23:35 - 00000000 ____D () C:\Users\Michaela\AppData\Roaming\Dropbox
2014-04-01 12:51 - 2008-01-21 13:10 - 01566076 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-01 12:51 - 2008-01-21 13:09 - 00673932 _____ () C:\Windows\system32\perfh007.dat
2014-04-01 12:51 - 2008-01-21 13:09 - 00145912 _____ () C:\Windows\system32\perfc007.dat
2014-04-01 12:50 - 2013-03-28 23:50 - 00000000 ____D () C:\Users\Michaela\AppData\Roaming\Skype
2014-04-01 12:46 - 2012-10-10 20:49 - 00001114 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-01 12:46 - 2009-10-02 19:11 - 00000000 ____D () C:\Users\Michaela\AppData\Local\SoftThinks
2014-04-01 12:44 - 2012-10-10 20:49 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-01 12:44 - 2006-11-02 17:42 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-01 12:44 - 2006-11-02 17:22 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-01 12:44 - 2006-11-02 17:22 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-01 12:43 - 2013-02-12 05:26 - 00003549 _____ () C:\Windows\bthservsdp.dat
2014-04-01 12:43 - 2006-11-02 17:42 - 00032510 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-04-01 12:40 - 2009-09-25 04:04 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-04-01 12:34 - 2014-04-01 12:33 - 02157056 _____ (Farbar) C:\Users\Michaela\Desktop\FRST64.exe
2014-04-01 12:34 - 2012-08-15 22:10 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-01 12:28 - 2009-10-03 13:07 - 00000000 ____D () C:\Users\Michaela\AppData\Roaming\Adobe
2014-04-01 12:27 - 2009-09-25 04:05 - 00000000 ____D () C:\ProgramData\Adobe
2014-04-01 12:15 - 2009-10-02 19:12 - 00080160 _____ () C:\Users\Michaela\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-01 12:11 - 2006-11-02 17:21 - 02247192 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-01 12:07 - 2009-09-25 04:00 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-04-01 11:12 - 2014-03-29 14:26 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-04-01 11:08 - 2008-01-21 05:26 - 00783942 _____ () C:\Windows\PFRO.log
2014-04-01 04:05 - 2013-03-11 14:00 - 00000940 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2157045702-3999625576-2718192899-1000UA.job
2014-04-01 02:35 - 2013-11-04 21:01 - 00000000 ____D () C:\Users\Michaela\Documents\Togainu no chi
2014-03-31 13:05 - 2013-03-11 14:00 - 00000918 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2157045702-3999625576-2718192899-1000Core.job
2014-03-30 19:18 - 2014-03-30 19:18 - 00000000 ____D () C:\Users\Michaela\Downloads\Download
2014-03-29 21:36 - 2014-03-29 21:36 - 00000000 ____D () C:\Users\Michaela\Documents\Any Video Converter
2014-03-29 15:21 - 2014-03-29 15:21 - 00000296 _____ () C:\Windows\system32\spsys.log
2014-03-29 15:21 - 2012-10-11 19:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-29 15:18 - 2013-06-04 18:00 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-03-29 15:08 - 2014-03-29 15:07 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-29 15:03 - 2014-03-29 15:02 - 00005327 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-03-29 15:03 - 2009-09-25 03:57 - 00000000 ____D () C:\Program Files (x86)\Java
2014-03-29 14:59 - 2012-10-22 15:28 - 00000000 ____D () C:\Users\Michaela\AppData\Local\Opera
2014-03-29 14:59 - 2012-10-22 15:28 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-03-29 14:56 - 2014-03-29 14:56 - 00000000 ____D () C:\Users\Michaela\AppData\Roaming\Opera Software
2014-03-29 14:56 - 2014-03-29 14:56 - 00000000 ____D () C:\Users\Michaela\AppData\Local\Opera Software
2014-03-29 14:48 - 2013-05-29 23:42 - 00000000 ____D () C:\Users\Michaela\Downloads\00_Programme
2014-03-29 14:45 - 2014-03-29 14:44 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-03-29 14:27 - 2014-03-29 14:27 - 00000000 ____D () C:\Users\Michaela\AppData\Roaming\AVAST Software
2014-03-29 14:25 - 2014-03-29 14:25 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-03-29 14:25 - 2014-03-29 14:25 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-03-29 14:25 - 2014-03-29 14:25 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-03-29 14:25 - 2014-03-29 14:25 - 00208928 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-03-29 14:25 - 2014-03-29 14:25 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-03-29 14:25 - 2014-03-29 14:25 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-03-29 14:25 - 2014-03-29 14:25 - 00065264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2014-03-29 14:25 - 2014-03-29 14:25 - 00064752 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2014-03-29 14:25 - 2014-03-29 14:25 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-03-29 14:23 - 2014-03-29 14:23 - 00000000 ____D () C:\Program Files\AVAST Software
2014-03-29 14:20 - 2014-03-29 14:20 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-03-29 14:12 - 2014-03-03 19:28 - 00003352 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2157045702-3999625576-2718192899-1000
2014-03-29 14:12 - 2014-03-03 16:55 - 00003224 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2157045702-3999625576-2718192899-1000
2014-03-29 13:27 - 2013-05-02 22:19 - 00138184 ____H () C:\Windows\SysWOW64\mlfcache.dat
2014-03-29 00:50 - 2014-03-29 00:50 - 00000000 ____D () C:\Users\Michaela\Downloads\Doujinshi&Manga
2014-03-28 23:21 - 2014-03-04 21:52 - 00003714 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{784B2923-D700-4DE6-920C-72A8F8621F24}
2014-03-28 16:29 - 2014-01-12 03:17 - 00000000 ____D () C:\Users\Michaela\Downloads\Shimeji
2014-03-27 22:55 - 2014-03-19 20:46 - 00003246 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2157045702-3999625576-2718192899-1000
2014-03-27 22:55 - 2014-03-19 20:45 - 00003374 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2157045702-3999625576-2718192899-1000
2014-03-27 15:41 - 2012-10-10 20:49 - 00004110 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-27 15:41 - 2012-10-10 20:49 - 00003858 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-26 14:46 - 2009-09-25 04:11 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup
2014-03-26 01:31 - 2014-03-14 03:20 - 00000000 ____D () C:\Users\Michaela\Documents\HTML Code
2014-03-19 12:57 - 2013-08-15 03:02 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-19 12:54 - 2006-11-02 14:35 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-03-16 02:49 - 2014-03-16 02:49 - 00000000 ____D () C:\Users\Michaela\AppData\Local\Skype
2014-03-16 02:49 - 2013-03-28 23:50 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-16 02:49 - 2013-03-28 23:50 - 00000000 ____D () C:\ProgramData\Skype
2014-03-14 04:33 - 2013-12-21 23:24 - 00000000 ____D () C:\Users\Michaela\Downloads\Facebook
2014-03-13 11:01 - 2006-11-02 15:33 - 00000000 ____D () C:\Windows\rescache
2014-03-12 12:34 - 2012-08-15 22:10 - 00003738 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-12 12:34 - 2012-04-03 21:15 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-12 12:34 - 2011-11-06 12:37 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-10 21:53 - 2014-03-10 21:52 - 00000000 ____D () C:\Users\Michaela\Documents\YuE
2014-03-05 21:42 - 2014-03-05 21:41 - 00274864 _____ () C:\Windows\Minidump\Mini030514-01.dmp
2014-03-05 21:41 - 2012-04-11 22:46 - 00000000 ____D () C:\Windows\Minidump
2014-03-05 21:41 - 2012-04-11 22:45 - 348199467 _____ () C:\Windows\MEMORY.DMP
2014-03-05 04:08 - 2014-03-04 06:10 - 01521640 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-03-04 07:35 - 2014-03-04 07:35 - 00000000 ____D () C:\Users\Michaela\Documents\Bluetooth-Exchange-Ordner
2014-03-04 07:34 - 2014-03-04 07:34 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-03-04 07:33 - 2014-03-04 07:32 - 00000981 _____ () C:\Users\Michaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-04 07:33 - 2009-10-02 19:16 - 00000951 _____ () C:\Users\Michaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-03-04 07:23 - 2014-03-04 07:23 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2014-03-04 07:23 - 2014-03-04 07:23 - 00000000 ____D () C:\Program Files (x86)\Windows Portable Devices
2014-03-04 07:22 - 2006-11-02 17:07 - 00000000 ____D () C:\Windows\SysWOW64\XPSViewer
2014-03-04 07:22 - 2006-11-02 17:07 - 00000000 ____D () C:\Program Files\Windows Journal
2014-03-04 07:22 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2014-03-04 07:22 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\SysWOW64\uk-UA
2014-03-04 07:22 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2014-03-04 07:22 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\SysWOW64\th-TH
2014-03-04 07:22 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\SysWOW64\sr-Latn-CS
2014-03-04 07:22 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\SysWOW64\sl-SI
2014-03-04 07:22 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\SysWOW64\sk-SK
2014-03-04 07:22 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\SysWOW64\ro-RO
2014-03-04 07:22 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\SysWOW64\lv-LV
2014-03-04 07:22 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\SysWOW64\lt-LT
2014-03-04 07:22 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\SysWOW64\hr-HR
2014-03-04 07:22 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\SysWOW64\he-IL
2014-03-04 07:22 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\SysWOW64\et-EE
2014-03-04 07:22 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\SysWOW64\bg-BG
2014-03-04 07:22 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\SysWOW64\ar-SA
2014-03-04 07:22 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-03-04 07:22 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\system32\uk-UA
2014-03-04 07:22 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-03-04 07:22 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\system32\th-TH
2014-03-04 07:22 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\system32\sr-Latn-CS
2014-03-04 07:22 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\system32\sl-SI
2014-03-04 07:22 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\system32\sk-SK
2014-03-04 07:22 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\system32\ro-RO
2014-03-04 07:22 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\system32\lv-LV
2014-03-04 07:22 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\system32\lt-LT
2014-03-04 07:22 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\system32\hr-HR
2014-03-04 07:22 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\system32\he-IL
2014-03-04 07:22 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\system32\et-EE
2014-03-04 07:22 - 2006-11-02 15:33 - 00000000 ___RD () C:\Windows\Offline Web Pages
2014-03-04 07:22 - 2006-11-02 15:33 - 00000000 ____D () C:\Windows\system32\bg-BG
2014-03-04 07:22 - 2006-11-02 15:33 - 00000000 ____D () C:\Windows\system32\ar-SA
2014-03-04 07:22 - 2006-11-02 15:33 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-03-04 07:21 - 2006-11-02 15:33 - 00000000 ____D () C:\Program Files\Common Files\System
2014-03-04 07:20 - 2014-03-04 07:20 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2014-03-04 07:20 - 2014-03-04 07:20 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_07_00.Wdf
2014-03-04 07:20 - 2006-11-02 17:27 - 00288011 _____ () C:\Windows\setupact.log
2014-03-04 05:26 - 2012-08-10 23:14 - 00020462 _____ () C:\Windows\IE9_main.log
2014-03-04 05:25 - 2014-03-04 05:25 - 03695416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-03-04 05:25 - 2014-03-04 05:25 - 03695416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-03-04 05:25 - 2014-03-04 05:25 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-03-04 05:25 - 2014-03-04 05:25 - 00434176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00403248 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-03-04 05:25 - 2014-03-04 05:25 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00353584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00227840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-03-04 05:25 - 2014-03-04 05:25 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-03-04 05:25 - 2014-03-04 05:25 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-03-04 05:25 - 2014-03-04 05:25 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-03-04 05:25 - 2014-03-04 05:25 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\advpack.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00130560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00123392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00118784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00114176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advpack.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00101888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-03-04 05:25 - 2014-03-04 05:25 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-03-04 05:25 - 2014-03-04 05:25 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-04 05:25 - 2014-03-04 05:25 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-03-04 05:25 - 2014-03-04 05:25 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-03-04 05:25 - 2014-03-04 05:25 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-03-04 05:25 - 2014-03-04 05:25 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2014-03-04 05:25 - 2014-03-04 05:25 - 00066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-03-04 05:25 - 2014-03-04 05:25 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-03-04 05:25 - 2014-03-04 05:25 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-03-04 05:25 - 2014-03-04 05:25 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-03-04 05:25 - 2014-03-04 05:25 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-03-04 05:25 - 2014-03-04 05:25 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-03-04 05:25 - 2006-11-02 14:16 - 00008798 _____ () C:\Windows\SysWOW64\icrav03.rat
2014-03-04 05:25 - 2006-11-02 14:16 - 00001988 _____ () C:\Windows\SysWOW64\ticrf.rat
2014-03-04 05:25 - 2006-11-02 08:36 - 00008798 _____ () C:\Windows\system32\icrav03.rat
2014-03-04 05:25 - 2006-11-02 08:36 - 00001988 _____ () C:\Windows\system32\ticrf.rat
2014-03-04 05:22 - 2014-03-04 05:22 - 03548672 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-03-04 05:22 - 2014-03-04 05:22 - 03068416 _____ (Microsoft Corporation) C:\Windows\system32\xpsservices.dll
2014-03-04 05:22 - 2014-03-04 05:22 - 02873344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-03-04 05:22 - 2014-03-04 05:22 - 01554432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xpsservices.dll
2014-03-04 05:22 - 2014-03-04 05:22 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\OpcServices.dll
2014-03-04 05:22 - 2014-03-04 05:22 - 01257984 _____ (Microsoft Corporation) C:\Windows\system32\MFH264Dec.dll
2014-03-04 05:22 - 2014-03-04 05:22 - 01204224 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2014-03-04 05:22 - 2014-03-04 05:22 - 01075712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2014-03-04 05:22 - 2014-03-04 05:22 - 01032192 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelinesvc.exe
2014-03-04 05:22 - 2014-03-04 05:22 - 00979456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFH264Dec.dll
2014-03-04 05:22 - 2014-03-04 05:22 - 00847360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\OpcServices.dll
2014-03-04 05:22 - 2014-03-04 05:22 - 00748544 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2014-03-04 05:22 - 2014-03-04 05:22 - 00625152 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-03-04 05:22 - 2014-03-04 05:22 - 00586240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2014-03-04 05:22 - 2014-03-04 05:22 - 00478720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-03-04 05:22 - 2014-03-04 05:22 - 00428544 _____ (Microsoft Corporation) C:\Windows\system32\MFHEAACdec.dll
2014-03-04 05:22 - 2014-03-04 05:22 - 00377344 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4src.dll
2014-03-04 05:22 - 2014-03-04 05:22 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2014-03-04 05:22 - 2014-03-04 05:22 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFHEAACdec.dll
2014-03-04 05:22 - 2014-03-04 05:22 - 00345088 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2014-03-04 05:22 - 2014-03-04 05:22 - 00302592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4src.dll
2014-03-04 05:22 - 2014-03-04 05:22 - 00278528 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-03-04 05:22 - 2014-03-04 05:22 - 00261632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2014-03-04 05:22 - 2014-03-04 05:22 - 00258048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2014-03-04 05:22 - 2014-03-04 05:22 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\XpsRasterService.dll
2014-03-04 05:22 - 2014-03-04 05:22 - 00209920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-03-04 05:22 - 2014-03-04 05:22 - 00195072 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-03-04 05:22 - 2014-03-04 05:22 - 00135680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsRasterService.dll
2014-03-04 05:22 - 2014-03-04 05:22 - 00098816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-03-04 05:22 - 2014-03-04 05:22 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\printfilterpipelineprxy.dll
2014-03-04 05:22 - 2014-03-04 05:22 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-03-04 05:20 - 2014-03-04 05:20 - 01209856 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-04 05:20 - 2014-03-04 05:20 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-04 05:20 - 2014-03-04 05:20 - 00792576 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-03-04 05:20 - 2014-03-04 05:20 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2014-03-04 05:20 - 2014-03-04 05:20 - 00449024 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-03-04 05:20 - 2014-03-04 05:20 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\PhotoMetadataHandler.dll
2014-03-04 05:20 - 2014-03-04 05:20 - 00369664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-03-04 05:20 - 2014-03-04 05:20 - 00328192 _____ (Microsoft Corporation) C:\Windows\system32\dxdiag.exe
2014-03-04 05:20 - 2014-03-04 05:20 - 00321024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PhotoMetadataHandler.dll
2014-03-04 05:20 - 2014-03-04 05:20 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\dxdiagn.dll
2014-03-04 05:20 - 2014-03-04 05:20 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxdiag.exe
2014-03-04 05:20 - 2014-03-04 05:20 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-03-04 05:20 - 2014-03-04 05:20 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxdiagn.dll
2014-03-04 05:20 - 2014-03-04 05:20 - 00189440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2014-03-03 20:45 - 2013-07-27 14:39 - 00000000 ____D () C:\Users\Michaela\Documents\Sonstiges
2014-03-03 19:28 - 2009-10-02 19:16 - 00000917 _____ () C:\Users\Michaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
2014-03-03 19:14 - 2006-11-02 17:07 - 00000000 ____D () C:\Program Files\Windows Sidebar
2014-03-03 19:14 - 2006-11-02 17:07 - 00000000 ____D () C:\Program Files\Windows Photo Gallery
2014-03-03 19:14 - 2006-11-02 17:07 - 00000000 ____D () C:\Program Files\Windows Collaboration
2014-03-03 19:14 - 2006-11-02 17:07 - 00000000 ____D () C:\Program Files\Movie Maker
2014-03-03 19:13 - 2006-11-02 17:07 - 00000000 ____D () C:\Program Files\Windows Defender
2014-03-03 19:13 - 2006-11-02 17:07 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
2014-03-03 19:13 - 2006-11-02 17:07 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Gallery
2014-03-03 19:13 - 2006-11-02 17:07 - 00000000 ____D () C:\Program Files (x86)\Windows Calendar
2014-03-03 19:13 - 2006-11-02 15:33 - 00000000 ____D () C:\Windows\servicing
2014-03-03 19:12 - 2014-03-03 19:09 - 00000000 ____D () C:\Windows\SysWOW64\vi-VN
2014-03-03 19:12 - 2014-03-03 19:09 - 00000000 ____D () C:\Windows\SysWOW64\eu-ES
2014-03-03 19:12 - 2014-03-03 19:09 - 00000000 ____D () C:\Windows\SysWOW64\ca-ES
2014-03-03 19:12 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\SysWOW64\SLUI
2014-03-03 19:12 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\SysWOW64\setup
2014-03-03 19:12 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\SysWOW64\oobe
2014-03-03 19:12 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\SysWOW64\migwiz
2014-03-03 19:12 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\SysWOW64\manifeststore
2014-03-03 19:12 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\SysWOW64\AdvancedInstallers
2014-03-03 19:11 - 2014-03-03 19:09 - 00000000 ____D () C:\Windows\system32\ca-ES
2014-03-03 19:11 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\system32\oobe
2014-03-03 19:11 - 2006-11-02 15:33 - 00000000 ____D () C:\Windows\IME
2014-03-03 19:10 - 2014-03-03 19:09 - 00000000 ____D () C:\Windows\system32\vi-VN
2014-03-03 19:10 - 2014-03-03 19:09 - 00000000 ____D () C:\Windows\system32\eu-ES
2014-03-03 19:10 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\system32\SLUI
2014-03-03 19:10 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\system32\setup
2014-03-03 19:10 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\system32\migwiz
2014-03-03 19:10 - 2006-11-02 15:34 - 00000000 ____D () C:\Windows\system32\manifeststore
2014-03-03 19:10 - 2006-11-02 15:33 - 00000000 ____D () C:\Windows\system32\AdvancedInstallers

Some content of TEMP:
====================
C:\Users\Michaela\AppData\Local\Temp\AskSLib.dll
C:\Users\Michaela\AppData\Local\Temp\avgnt.exe
C:\Users\Michaela\AppData\Local\Temp\install_flashplayer11x32_mssd_aih.exe
C:\Users\Michaela\AppData\Local\Temp\jre-6u32-windows-i586-iftw.exe
C:\Users\Michaela\AppData\Local\Temp\jre-7u40-windows-i586-iftw.exe
C:\Users\Michaela\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Michaela\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Michaela\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Michaela\AppData\Local\Temp\sqlite3.exe
C:\Users\Michaela\AppData\Local\Temp\stubhelper.dll
C:\Users\Michaela\AppData\Local\Temp\uninst1.exe
C:\Users\Michaela\AppData\Local\Temp\zsvp2gl_.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-01 12:51

==================== End Of Log ============================
         
--- --- ---
__________________

Alt 01.04.2014, 12:03   #4
miasa
 
Wie kann ich Daten sichern da MusikTrojaner vermutet - Standard

Wie kann ich Daten sichern da MusikTrojaner vermutet



Addition:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Michaela at 2014-04-01 12:54:18
Running from C:\Users\Michaela\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Disabled - Out of date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Out of date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Amazon MP3-Downloader 1.0.18 (HKCU\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)
Any Video Converter 5.0.5 (HKLM-x32\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)
Apple Application Support (HKLM-x32\...\{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}) (Version: 2.1.7 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2016 - Avast Software)
Bing Bar (HKLM-x32\...\{B4089055-D468-45A4-A6BA-5A138DD715FC}) (Version: 7.0.850.0 - Microsoft Corporation)
Choice Guard (x32 Version: 1.2.87.0 - Microsoft Corporation) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{415B2719-AD3A-4944-B404-C472DB6085B3}) (Version: 2.1.6 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{83770D14-21B9-44B3-8689-F7B523F94560}) (Version: 1.0.12 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}) (Version: 1.0.13 - Cisco Systems, Inc.)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 2.25 - Dell)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.3.24 - Dell)
Dell DataSafe Online (HKLM-x32\...\{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}) (Version: 1.1.0029 - Dell, Inc.)
Dell Dock (HKLM\...\{E60B7350-EA5F-41E0-9D6F-E508781E36D2}) (Version: 2.0.0 - Dell)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Support Center (Support Software) (HKLM-x32\...\{E3BFEE55-39E2-4BE0-B966-89FE583822C1}) (Version: 2.5.09100 - Dell)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.104.115.101 - Alps Electric)
Dell Video Chat (HKLM-x32\...\Dell Video Chat) (Version: 6.1 (6751) - SightSpeed Inc.)
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 1.20.10 - Creative Technology Ltd)
Dell Wireless WLAN Card Utility (HKLM\...\Broadcom 802.11 Application) (Version: 5.10.38.30 - Dell Inc.)
Dropbox (HKCU\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)
Facebook Messenger 2.1.4814.0 (HKLM-x32\...\{7204BDEE-1A48-4D95-A964-44A9250B439E}) (Version: 2.1.4814.0 - Facebook)
Free Audio Converter version 5.0.3.1206 (HKLM-x32\...\Free Audio Converter_is1) (Version:  - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Integrated Webcam Driver (1.02.01.0320)   (HKLM\...\Creative OA009) (Version: 1.02.01.0320 - Creative Technology Ltd.)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 13 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416013FF}) (Version: 6.0.130 - Sun Microsystems, Inc.)
Java(TM) 6 Update 13 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216013FF}) (Version: 6.0.130 - Sun Microsystems, Inc.)
Junk Mail filter update (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
LG PC Suite II (HKLM-x32\...\{14DCD95A-EBA3-4BF0-B7EF-533852E99BE6}) (Version: 2.00.0000 - LG PC Suite)
LG PC Suite II (x32 Version: 2.00.0000 - LG PC Suite) Hidden
LG USB Modem driver (HKLM-x32\...\{C3ABE126-2BB2-4246-BFE1-6797679B3579}) (Version: 4.9.2 - LG Electronics)
Live! Cam Avatar Creator (HKLM-x32\...\{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}) (Version: 4.6.2303.1 - Creative Technology Ltd)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Default Manager (HKLM-x32\...\{095B1DCF-5E8B-47EC-9B18-481918A731DB}) (Version: 2.0.69.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (HKLM-x32\...\{a0fe116e-9a8a-466f-aee0-625cb7c207e3}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}) (Version: 8.0.58299 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Opera Stable 20.0.1387.82 (HKLM-x32\...\Opera 20.0.1387.82) (Version: 20.0.1387.82 - Opera Software ASA)
PowerDVD DX (HKLM-x32\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 8.2.5024 - Dell Corp.)
Quickset (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 9.2.18 - Dell Inc.)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
RealDownloader (x32 Version: 1.3.3 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Roxio Creator Audio (x32 Version: 3.7.0 - Roxio) Hidden
Roxio Creator Copy (x32 Version: 3.7.0 - Roxio) Hidden
Roxio Creator Data (x32 Version: 3.7.0 - Roxio) Hidden
Roxio Creator DE (HKLM-x32\...\{09760D42-E223-42AD-8C3E-55B47D0DDAC3}) (Version: 10.1 - Roxio)
Roxio Creator DE (x32 Version: 3.7.0 - Roxio) Hidden
Roxio Creator Tools (x32 Version: 3.7.0 - Roxio) Hidden
Roxio Express Labeler 3 (x32 Version: 3.2.1 - Roxio) Hidden
Roxio Update Manager (x32 Version: 6.0.0 - Roxio) Hidden
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Synthesia (HKLM-x32\...\Synthesia) (Version: 8.4 - Synthesia LLC)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM-x32\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
WIDCOMM Bluetooth Software (HKLM\...\{6E7F4CA3-B2DE-413C-A7A1-43AA5BE19EA1}) (Version: 6.5.0.2000 - WIDCOMM, Inc.)
Windows Live Anmelde-Assistent (HKLM-x32\...\{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}) (Version: 5.000.818.6 - Microsoft Corporation)
Windows Live Call (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8051.1204 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{8C1E2925-14F8-45AA-B999-1E2A74BF5607}) (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version:  - )
Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version:  - Yahoo! Inc.)

==================== Restore Points  =========================

21-03-2014 11:21:52 Geplanter Prüfpunkt
22-03-2014 05:17:20 Geplanter Prüfpunkt
22-03-2014 20:58:02 Geplanter Prüfpunkt
23-03-2014 16:32:27 Geplanter Prüfpunkt
24-03-2014 09:23:46 Geplanter Prüfpunkt
25-03-2014 08:58:12 Windows Update
26-03-2014 13:37:07 Geplanter Prüfpunkt
27-03-2014 08:31:28 Geplanter Prüfpunkt
28-03-2014 08:01:25 Geplanter Prüfpunkt
29-03-2014 12:23:18 avast! antivirus system restore point
29-03-2014 13:01:14 Installed Java 7 Update 51
30-03-2014 11:30:05 Geplanter Prüfpunkt
31-03-2014 08:45:44 Geplanter Prüfpunkt
01-04-2014 09:20:00 Windows Update
01-04-2014 10:06:47 削除済み 咎狗の血

==================== Hosts content: ==========================

2006-11-02 14:34 - 2006-09-18 23:37 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {0AEAFAF6-F116-4A60-AFB4-C8B755A6E975} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {192DDA2D-5815-47B8-983F-65744FEEC03A} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {19BCA020-F0B4-4C5B-A57C-CF09E3EF4781} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2157045702-3999625576-2718192899-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {254095AE-FB97-48EA-94A5-D8BF2AB79714} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {2A429D84-C847-4D6B-9502-3D35AC976676} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2157045702-3999625576-2718192899-1000UA => C:\Users\Michaela\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-11] (Facebook Inc.)
Task: {2EB14C14-2C5F-4626-BA90-D9196121F7AE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12] (Adobe Systems Incorporated)
Task: {36A56C1C-9BEA-44D8-94FD-62456F325528} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2157045702-3999625576-2718192899-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {388C0D7F-DC58-437E-812B-4BE3674FBB6D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {46CD1E8E-C415-4159-AE4E-F1ED803AFE8A} - System32\Tasks\Launch BCM WLAN Tray => C:\Windows\system32\WLTRAY.EXE [2008-12-21] (Dell Inc.)
Task: {55C81DE2-89F3-4B72-84BD-1B91CA453711} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2157045702-3999625576-2718192899-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {5ABD53F8-82CF-4CD6-93BC-810C5612C7A7} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {7133A15E-30E1-43F9-8C91-1F2CA85D8470} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2157045702-3999625576-2718192899-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {7C638E5B-ECE5-4424-A7E5-2C913CA682E9} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {87E7CBB4-22BF-4BC1-BEC9-3CF65F0B7BE3} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2157045702-3999625576-2718192899-1000Core => C:\Users\Michaela\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-11] (Facebook Inc.)
Task: {A5EC54B9-100A-4D35-9901-99A32AF722CF} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2157045702-3999625576-2718192899-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {B2E92356-AF15-46C2-9760-3E810CEBBD3A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-10] (Google Inc.)
Task: {E91D6474-70CC-42BE-80FF-8BED8AF557ED} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: {EB167214-C513-42A7-9F0B-69BE18A83294} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-03-29] (AVAST Software)
Task: {F5F46528-E855-4E3F-A3B0-5623AE50F8CB} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2157045702-3999625576-2718192899-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {F6BFCBD6-889A-48E7-9943-27C9D6B5854A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-10] (Google Inc.)
Task: {FC41EBBD-8B04-47C7-B2AD-F6C2BEC1A210} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-2157045702-3999625576-2718192899-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2013-08-14] (RealNetworks, Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2157045702-3999625576-2718192899-1000Core.job => C:\Users\Michaela\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2157045702-3999625576-2718192899-1000UA.job => C:\Users\Michaela\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2009-09-25 03:57 - 2008-12-21 20:35 - 00032768 _____ () C:\Windows\System32\WLTRYSVC.EXE
2009-09-25 03:57 - 2008-12-21 20:35 - 00057856 _____ () C:\Windows\System32\bcmwlrmt.dll
2013-08-14 15:19 - 2013-08-14 15:19 - 00039056 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2009-09-25 04:12 - 2009-04-24 21:52 - 00156912 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
2009-09-25 04:11 - 2009-07-16 18:00 - 00410864 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe
2013-05-22 20:50 - 2013-05-22 20:50 - 00400704 _____ () C:\Users\Michaela\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
2014-03-04 07:50 - 2014-03-04 07:50 - 00472576 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_64\VistaBridgeLibrary\264c91e0ec39698f61d36c00a26cc16b\VistaBridgeLibrary.ni.dll
2009-07-07 17:23 - 2009-07-07 17:23 - 01779952 _____ () C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
2014-04-01 11:09 - 2014-04-01 11:09 - 02189312 _____ () C:\Program Files\AVAST Software\Avast\defs\14040100\algo.dll
2009-09-25 04:11 - 2009-07-16 17:58 - 00115952 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\PSTVdsDisk.dll
2009-09-25 04:11 - 2009-07-16 17:59 - 00128240 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\STLog.dll
2009-09-25 04:11 - 2009-07-16 17:58 - 01123568 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\LibXml2.dll
2009-09-25 04:11 - 2009-07-16 17:59 - 00079088 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\zlib1.dll
2009-09-25 04:11 - 2009-07-16 17:59 - 00234736 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\STFiles.dll
2009-09-25 04:11 - 2009-07-16 17:59 - 00074992 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\STRegistry.dll
2009-09-25 04:11 - 2009-07-16 17:59 - 00111856 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\STPE.dll
2009-09-25 04:11 - 2009-07-16 17:59 - 00121072 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\STNLS.dll
2013-10-19 01:55 - 2013-10-19 01:55 - 25100288 _____ () C:\Users\Michaela\AppData\Roaming\Dropbox\bin\libcef.dll
2009-07-07 17:24 - 2009-07-07 17:24 - 00268528 _____ () C:\Program Files (x86)\Dell DataSafe Online\SdbShared.dll
2009-07-07 17:23 - 2009-07-07 17:23 - 00058608 _____ () C:\Program Files (x86)\Dell DataSafe Online\BalloonWindow.dll
2009-07-07 17:24 - 2009-07-07 17:24 - 00095472 _____ () C:\Program Files (x86)\Dell DataSafe Online\SdbUI.dll
2009-07-07 17:24 - 2009-07-07 17:24 - 00046320 _____ () C:\Program Files (x86)\Dell DataSafe Online\de\SdbUI.resources.dll
2009-07-07 17:24 - 2009-07-07 17:24 - 00369904 _____ () C:\Program Files (x86)\Dell DataSafe Online\de\DataSafeOnline.resources.dll
2009-07-07 17:24 - 2009-07-07 17:24 - 00140528 _____ () C:\Program Files (x86)\Dell DataSafe Online\SdbShared.XmlSerializers.dll
2009-07-07 17:23 - 2009-07-07 17:23 - 00017648 _____ () C:\Program Files (x86)\Dell DataSafe Online\cpputils.dll
2014-03-29 14:25 - 2014-03-29 14:25 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-03-15 21:47 - 2014-03-15 02:50 - 00051016 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\chrome_elf.dll
2014-03-15 21:47 - 2014-03-15 02:50 - 04061000 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll
2014-03-15 21:47 - 2014-03-15 02:50 - 00394568 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll
2014-03-15 21:47 - 2014-03-15 02:50 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/01/2014 00:48:34 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (04/01/2014 00:45:51 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/01/2014 00:43:09 PM) (Source: EventSystem) (User: )
Description: 80070005EventSystem.EventSubscription{AA44355E-6911-4447-BA5D-6720480579AF}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}

Error: (04/01/2014 00:43:03 PM) (Source: MsiInstaller) (User: Michaela-PC)
Description: Product: Adobe Setup -- Error 1719.Auf den Windows Installer-Dienst konnte nicht zugegriffen werden. Dies kann auftreten, wenn der Windows Installer nicht richtig installiert wurde. Wenden Sie sich an den Support, um weitere Unterstützung zu erhalten.

Error: (04/01/2014 00:12:16 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/01/2014 11:12:25 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (04/01/2014 11:12:25 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (04/01/2014 11:10:22 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/01/2014 02:32:26 AM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung firefox.exe, Version 28.0.0.5186, Zeitstempel 0x53240e37, fehlerhaftes Modul xul.dll, Version 28.0.0.5186, Zeitstempel 0x53240e04, Ausnahmecode 0xc0000005, Fehleroffset 0x00184729,
Prozess-ID 0xf60, Anwendungsstartzeit firefox.exe0.

Error: (03/31/2014 11:02:25 PM) (Source: Adobe Version Cue CS3) (User: )
Description: AssetServicesCS3class vcfoundation::base::VCIllegalState: IVCPipeServer already closed
Trace: (null)


System errors:
=============

Microsoft Office Sessions:
=========================
Error: (05/27/2013 11:18:45 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 12395 seconds with 6840 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2014-03-03 16:35:47.752
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-03 16:35:47.342
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-03 16:35:46.955
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-03 16:35:46.509
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-03-03 16:35:46.007
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-02-08 17:56:19.425
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-02-08 17:56:19.052
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-02-08 17:56:18.656
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-02-08 17:56:18.268
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-09-07 14:52:26.812
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 57%
Total physical RAM: 4055.45 MB
Available physical RAM: 1717.88 MB
Total Pagefile: 8288.18 MB
Available Pagefile: 5410.37 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:283.4 GB) (Free:103.28 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (RECOVERY) (Fixed) (Total:14.65 GB) (Free:6.38 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298 GB) (Disk ID: 7F8F3E8E)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=283 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
Danke

Alt 02.04.2014, 11:09   #5
schrauber
/// the machine
/// TB-Ausbilder
 

Wie kann ich Daten sichern da MusikTrojaner vermutet - Standard

Wie kann ich Daten sichern da MusikTrojaner vermutet



Wir können den Rechner bereinigen, oder aber du formatierst oder kaufst dir nen neuen. Wobei ich formatieren, und vor allem nen neuen kaufen, nicht ganz nachvollziehen kann.

Seis drum: Daten sichern, solange es keine ausführbaren sind, kannste ganze einfach auf ne Externe schieben und gut ist. Die Externe im Anschluss einmal scannen.

Wie entscheidest Du dich?

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 02.04.2014, 12:42   #6
miasa
 
Wie kann ich Daten sichern da MusikTrojaner vermutet - Standard

Wie kann ich Daten sichern da MusikTrojaner vermutet



Hallo ^^

Wenn ich die Daten nun auf die Externe ziehe - muss ich da vorher autorun blockieren?

Wenn Sie mir helfen möchten den Laptop zu bereinigen würde ich das natürlich gerne versuchen. Hoffe das ist nicht allzu kompliziert.
Wäre nämlich super wenn ich mir einen neuen Laptop erst kaufen kann wenn ich das wirklich möchte und nicht nur weil so eine dumme Sache passiert ist.

Sollte ich vor dem bereinigen meine Daten trotzdem sichern? Oder passiert da nichts?

Eine dumme Frage hab ich noch: Wie hab ich mir den Trojaner denn eingefangen? Ich bin ja eigentlich nur auf Seiten die ich kenne. Reicht es wenn ich einem Link folge? Oder kann das auch sein, dass ich den von ner CD eines Computergames hab?

Alt 03.04.2014, 08:54   #7
schrauber
/// the machine
/// TB-Ausbilder
 

Wie kann ich Daten sichern da MusikTrojaner vermutet - Standard

Wie kann ich Daten sichern da MusikTrojaner vermutet



Wo der her kommt ist nicht nachvollziehbar. Daten sichern ist immer ne gute Idee, kannst Du vorher machen. bilder, Videos, Musik udn Dokumente einfach auf ne Externe ziehen.


Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 04.04.2014, 11:13   #8
miasa
 
Wie kann ich Daten sichern da MusikTrojaner vermutet - Standard

Wie kann ich Daten sichern da MusikTrojaner vermutet



So. Ich habe jetzt den ganzen Tag mit Datensicherung verbracht.
Mit dem nächsten Schritt mache ich morgen weiter.
Nur damit Sie bescheid wissen warum ich nicht geantwortet hatte.

Gruß, miasa ^^

Meldungen gab es soweit keine. Nur mein Avast Taskleistensymbol erscheint nicht mehr und Dropbox auch nicht... Soll ich den Laptop neu starten?

Code:
ATTFilter
ComboFix 14-04-03.01 - Michaela 04.04.2014  11:42:18.1.2 - x64
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.49.1031.18.4055.2177 [GMT 2:00]
ausgeführt von:: c:\users\Michaela\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Michaela\AppData\Roaming\Help\coredb\storage
E:\Autorun.inf
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-03-04 bis 2014-04-04  ))))))))))))))))))))))))))))))
.
.
2014-04-04 09:58 . 2014-04-04 09:58	--------	d-----w-	c:\users\Michaela\AppData\Local\temp
2014-04-04 09:58 . 2014-04-04 09:58	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-04-03 22:16 . 2014-04-03 22:20	--------	d-----r-	c:\users\Michaela\Bilder nach Datensicherung vom 03.04.14
2014-04-01 10:51 . 2014-04-01 10:57	--------	d-----w-	C:\FRST
2014-04-01 09:21 . 2014-03-07 04:43	10521840	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{F3B60034-084B-4CF6-8AF3-41C0B06A6D7F}\mpengine.dll
2014-03-29 13:03 . 2013-12-18 20:09	96168	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-03-29 12:56 . 2014-03-29 12:56	--------	d-----w-	c:\users\Michaela\AppData\Local\Opera Software
2014-03-29 12:56 . 2014-03-29 12:56	--------	d-----w-	c:\users\Michaela\AppData\Roaming\Opera Software
2014-03-29 12:45 . 2014-03-29 12:45	159744	----a-w-	c:\program files (x86)\Internet Explorer\Plugins\npqtplugin5.dll
2014-03-29 12:45 . 2014-03-29 12:45	159744	----a-w-	c:\program files (x86)\Internet Explorer\Plugins\npqtplugin4.dll
2014-03-29 12:45 . 2014-03-29 12:45	159744	----a-w-	c:\program files (x86)\Internet Explorer\Plugins\npqtplugin3.dll
2014-03-29 12:45 . 2014-03-29 12:45	159744	----a-w-	c:\program files (x86)\Internet Explorer\Plugins\npqtplugin2.dll
2014-03-29 12:45 . 2014-03-29 12:45	159744	----a-w-	c:\program files (x86)\Internet Explorer\Plugins\npqtplugin.dll
2014-03-29 12:44 . 2014-03-29 12:45	--------	d-----w-	c:\program files (x86)\QuickTime
2014-03-29 12:27 . 2014-03-29 12:27	--------	d-----w-	c:\users\Michaela\AppData\Roaming\AVAST Software
2014-03-29 12:25 . 2014-03-29 12:25	65264	----a-w-	c:\windows\system32\drivers\aswTdi.sys
2014-03-29 12:25 . 2014-03-29 12:25	208928	----a-w-	c:\windows\system32\drivers\aswVmm.sys
2014-03-29 12:25 . 2014-03-29 12:25	1039096	----a-w-	c:\windows\system32\drivers\aswSnx.sys
2014-03-29 12:25 . 2014-03-29 12:25	423240	----a-w-	c:\windows\system32\drivers\aswSP.sys
2014-03-29 12:25 . 2014-03-29 12:25	79184	----a-w-	c:\windows\system32\drivers\aswMonFlt.sys
2014-03-29 12:25 . 2014-03-29 12:25	65776	----a-w-	c:\windows\system32\drivers\aswRvrt.sys
2014-03-29 12:25 . 2014-03-29 12:25	64752	----a-w-	c:\windows\system32\drivers\aswRdr.sys
2014-03-29 12:25 . 2014-03-29 12:25	334648	----a-w-	c:\windows\system32\aswBoot.exe
2014-03-29 12:25 . 2014-03-29 12:25	43152	----a-w-	c:\windows\avastSS.scr
2014-03-29 12:23 . 2014-03-29 12:23	--------	d-----w-	c:\program files\AVAST Software
2014-03-29 12:20 . 2014-03-29 12:20	--------	d-----w-	c:\programdata\AVAST Software
2014-03-16 00:49 . 2014-03-16 00:49	--------	d-----w-	c:\users\Michaela\AppData\Local\Skype
2014-03-16 00:49 . 2014-03-16 00:49	--------	d-----w-	c:\program files (x86)\Common Files\Skype
2014-03-12 22:48 . 2014-01-30 10:12	1111040	----a-w-	c:\windows\system32\wer.dll
2014-03-12 22:48 . 2014-01-30 07:46	876032	----a-w-	c:\windows\SysWow64\wer.dll
2014-03-12 22:48 . 2013-11-13 01:54	2048	----a-w-	c:\windows\system32\tzres.dll
2014-03-12 22:48 . 2013-11-13 00:30	2048	----a-w-	c:\windows\SysWow64\tzres.dll
2014-03-12 22:48 . 2014-02-03 13:20	619008	----a-w-	c:\windows\system32\qedit.dll
2014-03-12 22:48 . 2014-02-03 10:37	505344	----a-w-	c:\windows\SysWow64\qedit.dll
2014-03-12 22:48 . 2014-02-07 12:11	2776064	----a-w-	c:\windows\system32\win32k.sys
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-03-19 10:54 . 2006-11-02 12:35	90015360	----a-w-	c:\windows\system32\mrt.exe
2014-03-12 10:34 . 2012-04-03 19:15	692616	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-03-12 10:34 . 2011-11-06 10:37	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-03-04 03:25 . 2014-03-04 03:25	161792	----a-w-	c:\windows\SysWow64\msls31.dll
2014-03-04 03:25 . 2014-03-04 03:25	86528	----a-w-	c:\windows\SysWow64\iesysprep.dll
2014-03-04 03:25 . 2014-03-04 03:25	76800	----a-w-	c:\windows\SysWow64\SetIEInstalledDate.exe
2014-03-04 03:25 . 2014-03-04 03:25	74752	----a-w-	c:\windows\SysWow64\RegisterIEPKEYs.exe
2014-03-04 03:25 . 2014-03-04 03:25	63488	----a-w-	c:\windows\SysWow64\tdc.ocx
2014-03-04 03:25 . 2014-03-04 03:25	48640	----a-w-	c:\windows\SysWow64\mshtmler.dll
2014-03-04 03:25 . 2014-03-04 03:25	367104	----a-w-	c:\windows\SysWow64\html.iec
2014-03-04 03:25 . 2014-03-04 03:25	74752	----a-w-	c:\windows\SysWow64\iesetup.dll
2014-03-04 03:25 . 2014-03-04 03:25	23552	----a-w-	c:\windows\SysWow64\licmgr10.dll
2014-03-04 03:25 . 2014-03-04 03:25	152064	----a-w-	c:\windows\SysWow64\wextract.exe
2014-03-04 03:25 . 2014-03-04 03:25	150528	----a-w-	c:\windows\SysWow64\iexpress.exe
2014-03-04 03:25 . 2014-03-04 03:25	35840	----a-w-	c:\windows\SysWow64\imgutil.dll
2014-03-04 03:25 . 2014-03-04 03:25	11776	----a-w-	c:\windows\SysWow64\mshta.exe
2014-03-04 03:25 . 2014-03-04 03:25	101888	----a-w-	c:\windows\SysWow64\admparse.dll
2014-03-04 03:25 . 2014-03-04 03:25	110592	----a-w-	c:\windows\SysWow64\IEAdvpack.dll
2014-03-04 03:25 . 2014-03-04 03:25	222208	----a-w-	c:\windows\system32\msls31.dll
2014-03-04 03:25 . 2014-03-04 03:25	89088	----a-w-	c:\windows\system32\RegisterIEPKEYs.exe
2014-03-04 03:25 . 2014-03-04 03:25	197120	----a-w-	c:\windows\system32\msrating.dll
2014-03-04 03:25 . 2014-03-04 03:25	49664	----a-w-	c:\windows\system32\imgutil.dll
2014-03-04 03:25 . 2014-03-04 03:25	267776	----a-w-	c:\windows\system32\ieaksie.dll
2014-03-04 03:25 . 2014-03-04 03:25	163840	----a-w-	c:\windows\system32\ieakui.dll
2014-03-04 03:25 . 2014-03-04 03:25	145920	----a-w-	c:\windows\system32\iepeers.dll
2014-03-04 03:25 . 2014-03-04 03:25	136192	----a-w-	c:\windows\system32\advpack.dll
2014-03-04 03:25 . 2014-03-04 03:25	12288	----a-w-	c:\windows\system32\mshta.exe
2014-03-04 03:25 . 2014-03-04 03:25	114176	----a-w-	c:\windows\system32\admparse.dll
2014-03-04 03:25 . 2014-03-04 03:25	55296	----a-w-	c:\windows\system32\msfeedsbs.dll
2014-03-04 03:25 . 2014-03-04 03:25	135168	----a-w-	c:\windows\system32\IEAdvpack.dll
2014-03-04 03:25 . 2014-03-04 03:25	10752	----a-w-	c:\windows\system32\msfeedssync.exe
2014-03-04 03:25 . 2014-03-04 03:25	91648	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2014-03-04 03:25 . 2014-03-04 03:25	48640	----a-w-	c:\windows\system32\mshtmler.dll
2014-03-04 03:25 . 2014-03-04 03:25	160256	----a-w-	c:\windows\system32\ieakeng.dll
2014-03-04 03:25 . 2014-03-04 03:25	111616	----a-w-	c:\windows\system32\iesysprep.dll
2014-03-04 03:25 . 2014-03-04 03:25	76800	----a-w-	c:\windows\system32\tdc.ocx
2014-03-04 03:25 . 2014-03-04 03:25	452608	----a-w-	c:\windows\system32\dxtmsft.dll
2014-03-04 03:25 . 2014-03-04 03:25	448512	----a-w-	c:\windows\system32\html.iec
2014-03-04 03:25 . 2014-03-04 03:25	282112	----a-w-	c:\windows\system32\dxtrans.dll
2014-03-04 03:25 . 2014-03-04 03:25	89088	----a-w-	c:\windows\system32\ie4uinit.exe
2014-03-04 03:25 . 2014-03-04 03:25	85504	----a-w-	c:\windows\system32\iesetup.dll
2014-03-04 03:25 . 2014-03-04 03:25	82432	----a-w-	c:\windows\system32\icardie.dll
2014-03-04 03:25 . 2014-03-04 03:25	534528	----a-w-	c:\windows\system32\ieapfltr.dll
2014-03-04 03:25 . 2014-03-04 03:25	403248	----a-w-	c:\windows\system32\iedkcs32.dll
2014-03-04 03:25 . 2014-03-04 03:25	39936	----a-w-	c:\windows\system32\iernonce.dll
2014-03-04 03:25 . 2014-03-04 03:25	3695416	----a-w-	c:\windows\system32\ieapfltr.dat
2014-03-04 03:25 . 2014-03-04 03:25	249344	----a-w-	c:\windows\system32\webcheck.dll
2014-03-04 03:25 . 2014-03-04 03:25	30720	----a-w-	c:\windows\system32\licmgr10.dll
2014-03-04 03:25 . 2014-03-04 03:25	165888	----a-w-	c:\windows\system32\iexpress.exe
2014-03-04 03:25 . 2014-03-04 03:25	160256	----a-w-	c:\windows\system32\wextract.exe
2014-03-04 03:25 . 2014-03-04 03:25	103936	----a-w-	c:\windows\system32\inseng.dll
2014-03-04 03:25 . 2014-03-04 03:25	65024	----a-w-	c:\windows\system32\pngfilt.dll
2014-03-04 03:25 . 2014-03-04 03:25	149504	----a-w-	c:\windows\system32\occache.dll
2014-03-04 03:22 . 2014-03-04 03:22	979456	----a-w-	c:\windows\SysWow64\MFH264Dec.dll
2014-03-04 03:22 . 2014-03-04 03:22	1257984	----a-w-	c:\windows\system32\MFH264Dec.dll
2014-03-04 03:22 . 2014-03-04 03:22	428544	----a-w-	c:\windows\system32\MFHEAACdec.dll
2014-03-04 03:22 . 2014-03-04 03:22	377344	----a-w-	c:\windows\system32\mfmp4src.dll
2014-03-04 03:22 . 2014-03-04 03:22	357376	----a-w-	c:\windows\SysWow64\MFHEAACdec.dll
2014-03-04 03:22 . 2014-03-04 03:22	302592	----a-w-	c:\windows\SysWow64\mfmp4src.dll
2014-03-04 03:22 . 2014-03-04 03:22	98816	----a-w-	c:\windows\SysWow64\mfps.dll
2014-03-04 03:22 . 2014-03-04 03:22	3548672	----a-w-	c:\windows\system32\mf.dll
2014-03-04 03:22 . 2014-03-04 03:22	345088	----a-w-	c:\windows\system32\mfreadwrite.dll
2014-03-04 03:22 . 2014-03-04 03:22	34304	----a-w-	c:\windows\system32\mfpmp.exe
2014-03-04 03:22 . 2014-03-04 03:22	2873344	----a-w-	c:\windows\SysWow64\mf.dll
2014-03-04 03:22 . 2014-03-04 03:22	261632	----a-w-	c:\windows\SysWow64\mfreadwrite.dll
2014-03-04 03:22 . 2014-03-04 03:22	195072	----a-w-	c:\windows\system32\mfps.dll
2014-03-04 03:22 . 2014-03-04 03:22	278528	----a-w-	c:\windows\system32\mfplat.dll
2014-03-04 03:22 . 2014-03-04 03:22	209920	----a-w-	c:\windows\SysWow64\mfplat.dll
2014-03-04 03:22 . 2014-03-04 03:22	1204224	----a-w-	c:\windows\system32\shdocvw.dll
2014-03-04 03:22 . 2014-03-04 03:22	748544	----a-w-	c:\windows\system32\stobject.dll
2014-03-04 03:22 . 2014-03-04 03:22	586240	----a-w-	c:\windows\SysWow64\stobject.dll
2014-03-04 03:22 . 2014-03-04 03:22	231936	----a-w-	c:\windows\system32\XpsRasterService.dll
2014-03-04 03:22 . 2014-03-04 03:22	625152	----a-w-	c:\windows\system32\dxgi.dll
2014-03-04 03:22 . 2014-03-04 03:22	478720	----a-w-	c:\windows\SysWow64\dxgi.dll
2014-03-04 03:22 . 2014-03-04 03:22	366592	----a-w-	c:\windows\system32\winspool.drv
2014-03-04 03:22 . 2014-03-04 03:22	35840	----a-w-	c:\windows\system32\printfilterpipelineprxy.dll
2014-03-04 03:22 . 2014-03-04 03:22	258048	----a-w-	c:\windows\SysWow64\winspool.drv
2014-03-04 03:22 . 2014-03-04 03:22	1032192	----a-w-	c:\windows\system32\printfilterpipelinesvc.exe
2014-03-04 03:22 . 2014-03-04 03:22	847360	----a-w-	c:\windows\SysWow64\OpcServices.dll
2014-03-04 03:22 . 2014-03-04 03:22	3068416	----a-w-	c:\windows\system32\xpsservices.dll
2014-03-04 03:22 . 2014-03-04 03:22	1554432	----a-w-	c:\windows\SysWow64\xpsservices.dll
2014-03-04 03:22 . 2014-03-04 03:22	1461760	----a-w-	c:\windows\system32\OpcServices.dll
2014-03-04 03:22 . 2014-03-04 03:22	135680	----a-w-	c:\windows\SysWow64\XpsRasterService.dll
2014-03-04 03:20 . 2014-03-04 03:20	449024	----a-w-	c:\windows\system32\WMPhoto.dll
2014-03-04 03:20 . 2014-03-04 03:20	369664	----a-w-	c:\windows\SysWow64\WMPhoto.dll
2014-03-04 03:20 . 2014-03-04 03:20	328192	----a-w-	c:\windows\system32\dxdiag.exe
2014-03-04 03:20 . 2014-03-04 03:20	262656	----a-w-	c:\windows\system32\dxdiagn.dll
2014-03-04 03:20 . 2014-03-04 03:20	252928	----a-w-	c:\windows\SysWow64\dxdiag.exe
2014-03-04 03:20 . 2014-03-04 03:20	195584	----a-w-	c:\windows\SysWow64\dxdiagn.dll
2014-03-04 03:20 . 2014-03-04 03:20	792576	----a-w-	c:\windows\system32\d3d11.dll
2014-03-04 03:20 . 2014-03-04 03:20	519680	----a-w-	c:\windows\SysWow64\d3d11.dll
2014-03-04 03:20 . 2014-03-04 03:20	245248	----a-w-	c:\windows\system32\WindowsCodecsExt.dll
2014-03-04 03:20 . 2014-03-04 03:20	974848	----a-w-	c:\windows\SysWow64\WindowsCodecs.dll
2014-03-04 03:20 . 2014-03-04 03:20	411648	----a-w-	c:\windows\system32\PhotoMetadataHandler.dll
2014-03-04 03:20 . 2014-03-04 03:20	321024	----a-w-	c:\windows\SysWow64\PhotoMetadataHandler.dll
2014-03-04 03:20 . 2014-03-04 03:20	189440	----a-w-	c:\windows\SysWow64\WindowsCodecsExt.dll
2014-03-04 03:20 . 2014-03-04 03:20	1209856	----a-w-	c:\windows\system32\WindowsCodecs.dll
2014-01-31 22:24 . 2014-01-31 22:24	1409	----a-w-	c:\windows\Fonts\OpenSans-Regular.fot
2014-01-31 22:24 . 2014-01-31 22:24	1409	----a-w-	c:\windows\Fonts\OpenSans-Light.fot
2014-01-31 22:24 . 2014-01-31 22:24	1409	----a-w-	c:\windows\Fonts\OpenSans-Bold.fot
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}"= "c:\program files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll" [2013-04-01 1500440]
.
[HKEY_CLASSES_ROOT\clsid\{81017ea9-9aa8-4a6a-9734-7af40e7d593f}]
[HKEY_CLASSES_ROOT\yt.YTNavAssistPlugin.1]
[HKEY_CLASSES_ROOT\TypeLib\{003028C2-EA1C-4676-A316-B5CB50917002}]
[HKEY_CLASSES_ROOT\yt.YTNavAssistPlugin]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	131248	----a-w-	c:\users\Michaela\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	131248	----a-w-	c:\users\Michaela\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	131248	----a-w-	c:\users\Michaela\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	131248	----a-w-	c:\users\Michaela\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 138240]
"AmazonMP3DownloaderHelper"="c:\users\Michaela\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe" [2013-05-22 400704]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"Dell DataSafe Online"="c:\program files (x86)\Dell DataSafe Online\DataSafeOnline.exe" [2009-07-07 1779952]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-04-24 250192]
"PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2009-02-05 128232]
"Dell Webcam Central"="c:\program files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe" [2009-01-09 405639]
"DellSupportCenter"="c:\program files (x86)\Dell Support Center\bin\sprtcmd.exe" [2009-05-21 206064]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"TkBellExe"="c:\program files (x86)\Real\RealPlayer\update\realsched.exe" [2013-09-19 295512]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-03-29 3854640]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="c:\program files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe" [2009-07-16 165104]
.
c:\users\Michaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock.lnk - c:\program files\Dell\DellDock\DellDock.exe [2009-6-30 1316192]
Dropbox.lnk - c:\users\Michaela\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-1-3 30714328]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2011-8-3 1337632]
.
c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dell Dock First Run.lnk - c:\program files\Dell\DellDock\DellDock.exe /firstrun [2009-6-30 1316192]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages	REG_MULTI_SZ   	scecli c:\program files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
S2 AESTFilters;Andrea ST Filters Service;c:\windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\AESTSr64.exe;c:\windows\SYSNATIVE\DriverStore\FileRepository\stwrt64.inf_15f4e438\AESTSr64.exe [x]
.
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
Themes
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-03-15 19:40	1150280	----a-w-	c:\program files (x86)\Google\Chrome\Application\33.0.1750.154\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-04-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-03 10:34]
.
2014-04-01 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2157045702-3999625576-2718192899-1000Core.job
- c:\users\Michaela\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-11 12:00]
.
2014-04-03 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2157045702-3999625576-2718192899-1000UA.job
- c:\users\Michaela\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-11 12:00]
.
2014-04-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-10 18:48]
.
2014-04-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-10-10 18:48]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-03-29 12:25	290888	----a-w-	c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	164016	----a-w-	c:\users\Michaela\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	164016	----a-w-	c:\users\Michaela\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	164016	----a-w-	c:\users\Michaela\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	164016	----a-w-	c:\users\Michaela\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2009-03-31 305664]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-03-31 154648]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-03-31 227352]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-03-31 202264]
"Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2008-12-21 4119552]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-06-15 178712]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"DSUpdateLauncher"="c:\program files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\runhstart.bat" [2009-03-09 374]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyServer = 172.16.10.1:8080
uSearchAssistant = hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=97c644c5-ac6a-452e-b40f-ec9598ff936e&searchtype=ds&q={searchTerms}&installDate=02/06/2013
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\ighg0d3g.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: keyword.URL - hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=97c644c5-ac6a-452e-b40f-ec9598ff936e&searchtype=ds&installDate=02/06/2013&q=
FF - prefs.js: network.proxy.type - 2
FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://search.babylon.com/?babsrc=TB_def&mntrId=d85ff6c90000000000000c607621fe5a&q=
FF - user.js: extensions.BabylonToolbar.id - d85ff6c90000000000000c607621fe5a
FF - user.js: extensions.BabylonToolbar.appId - {BDB69379-802F-4eaf-B541-F8DE92DD98DB}
FF - user.js: extensions.BabylonToolbar.instlDay - 15652
FF - user.js: extensions.BabylonToolbar.vrsn - 1.8.3.8
FF - user.js: extensions.BabylonToolbar.vrsni - 1.8.3.8
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.8.3.820:47
FF - user.js: extensions.BabylonToolbar.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar.tlbrId - base
FF - user.js: extensions.BabylonToolbar.instlRef - sst
FF - user.js: extensions.BabylonToolbar.dfltLng - en
FF - user.js: extensions.BabylonToolbar.excTlbr - false
FF - user.js: extensions.BabylonToolbar.admin - false
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-UpgradeChecker - c:\users\Michaela\AppData\Roaming\Windows Desktop Search\{1F2553B9-2E61-41EA-9F96-0F012DF06884}\UpgradeChecker.exe
Wow6432Node-HKCU-Run-abfou.exe - c:\users\Michaela\AppData\Roaming\Ykety\abfou.exe
Wow6432Node-HKLM-Run-XSECVA - c:\users\Michaela\AppData\Roaming\xsecva\xsecva.exe
SafeBoot-WudfPf
SafeBoot-WudfRd
SafeBoot-mcmscsvc
SafeBoot-MCODS
HKLM-Run-sroli - (no file)
HKLM-Run-SysTrayApp - c:\program files (x86)\IDT\WDM\sttray64.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.12"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@="Shockwave Flash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@=""
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@="FlashBroker"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Zeit der Fertigstellung: 2014-04-04  12:03:07
ComboFix-quarantined-files.txt  2014-04-04 10:03
.
Vor Suchlauf: 15 Verzeichnis(se), 116.824.059.904 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 122.514.231.296 Bytes frei
.
- - End Of File - - C0985FF1AEBB24C56C86AEDEB0A45B44
CDB4DE4BBD714F152979DA2DCBEF57EB
         

Alt 05.04.2014, 10:31   #9
schrauber
/// the machine
/// TB-Ausbilder
 

Wie kann ich Daten sichern da MusikTrojaner vermutet - Standard

Wie kann ich Daten sichern da MusikTrojaner vermutet



Einmal neu starten.

Zitat:
Nur damit Sie bescheid wissen warum ich nicht geantwortet hatte.
nit so förmlich

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 05.04.2014, 14:27   #10
miasa
 
Wie kann ich Daten sichern da MusikTrojaner vermutet - Standard

Wie kann ich Daten sichern da MusikTrojaner vermutet



Haha, ok, dann werd ich mal zum 'du' übergehen

Kann/muss ich wenn du ein neues FRST log willst das alte FRST und die alte Addition auf meinem Desktop löschen?

Bin gerade dabei die anderen Programme runterzuladen und wollte mal nachfragen bevor ich das FRST nochmal starte. Brauchst du auch die Addition nochmal?

So, Scans sind fertig:

mbam:
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 05.04.2014
Suchlauf-Zeit: 14:29:58
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.1.1004
Malware Datenbank: v2014.04.05.02
Rootkit Datenbank: v2014.03.27.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Chameleon: Deaktiviert

Betriebssystem: Windows Vista Service Pack 2
CPU: x64
Dateisystem: NTFS
Benutzer: Michaela

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 257304
Verstrichene Zeit: 17 Min, 18 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Shuriken: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 1
PUP.Optional.DataMngr.A, HKU\S-1-5-21-2157045702-3999625576-2718192899-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DataMngr_Toolbar, In Quarantäne, [778951afcb35e61a3acc0183867dc040], 

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 4
PUP.Optional.SnapDo.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=97c644c5-ac6a-452e-b40f-ec9598ff936e&searchtype=ds&q={searchTerms}&installDate=02/06/2013, Gut: (www.google.com), Schlecht: (hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=97c644c5-ac6a-452e-b40f-ec9598ff936e&searchtype=ds&q={searchTerms}&installDate=02/06/2013),Ersetzt,[728e9b65d52b1ee25a6210fa040044bc]
PUP.Optional.Snapdo, HKU\S-1-5-21-2157045702-3999625576-2718192899-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=97c644c5-ac6a-452e-b40f-ec9598ff936e&searchtype=ds&q={searchTerms}&installDate=02/06/2013, Gut: (hxxp://www.google.com), Schlecht: (hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=97c644c5-ac6a-452e-b40f-ec9598ff936e&searchtype=ds&q={searchTerms}&installDate=02/06/2013),Ersetzt,[ba4631cfaf51af51e0471ef631d3e719]
PUP.Optional.Snapdo, HKU\S-1-5-21-2157045702-3999625576-2718192899-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=97c644c5-ac6a-452e-b40f-ec9598ff936e&searchtype=ds&q={searchTerms}&installDate=02/06/2013, Gut: (hxxp://www.google.com), Schlecht: (hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=97c644c5-ac6a-452e-b40f-ec9598ff936e&searchtype=ds&q={searchTerms}&installDate=02/06/2013),Ersetzt,[36ca10f08f719a66f038967e3cc88a76]
PUP.Optional.SnapDo.A, HKU\S-1-5-21-2157045702-3999625576-2718192899-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=97c644c5-ac6a-452e-b40f-ec9598ff936e&searchtype=ds&q={searchTerms}&installDate=02/06/2013, Gut: (www.google.com), Schlecht: (hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=97c644c5-ac6a-452e-b40f-ec9598ff936e&searchtype=ds&q={searchTerms}&installDate=02/06/2013),Ersetzt,[34ccb44c54ac0cf41ba2709a877d748c]

Ordner: 2
PUP.Optional.OpenCandy, C:\Users\Michaela\AppData\Roaming\OpenCandy, Löschen bei Neustart, [bc44fb058779f60a211682d26f93a957], 
PUP.Optional.OpenCandy, C:\Users\Michaela\AppData\Roaming\OpenCandy\261AA8E9A19C4B33BED2A99346697424, In Quarantäne, [bc44fb058779f60a211682d26f93a957], 

Dateien: 24
PUP.Optional.WebSearch.A, C:\Users\Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\ighg0d3g.default\searchplugins\Web Search.xml, In Quarantäne, [9e6217e950b00ef2dec84b18e02250b0], 
PUP.Optional.OpenCandy, C:\Users\Michaela\AppData\Roaming\OpenCandy\261AA8E9A19C4B33BED2A99346697424\3708.ico, In Quarantäne, [bc44fb058779f60a211682d26f93a957], 
PUP.Optional.OpenCandy, C:\Users\Michaela\AppData\Roaming\OpenCandy\261AA8E9A19C4B33BED2A99346697424\EBB77268-338F-4C6A-8590-AD88FED26F4A, In Quarantäne, [bc44fb058779f60a211682d26f93a957], 
PUP.Optional.OpenCandy, C:\Users\Michaela\AppData\Roaming\OpenCandy\261AA8E9A19C4B33BED2A99346697424\Installer.exe, In Quarantäne, [bc44fb058779f60a211682d26f93a957], 
PUP.Optional.OpenCandy, C:\Users\Michaela\AppData\Roaming\OpenCandy\261AA8E9A19C4B33BED2A99346697424\OCBrowserHelper_1.0.6.128.exe, In Quarantäne, [bc44fb058779f60a211682d26f93a957], 
PUP.Optional.SnapDo.A, C:\Users\Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\ighg0d3g.default\prefs.js, Gut: (), Schlecht: (user_pref("keyword.URL", "hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=97c644c5-ac6a-452e-b40f-ec9598ff936e&searchtype=ds&installDate=02/06/2013&q=");), Ersetzt,[a95733cdaa567987db37db64ea1aed13]
PUP.Optional.Babylon.A, C:\Users\Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\ighg0d3g.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.BabylonToolbar.admin", false);), Ersetzt,[5da39868639db64a1910a69933d140c0]
PUP.Optional.Babylon.A, C:\Users\Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\ighg0d3g.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.BabylonToolbar.aflt", "babsst");), Ersetzt,[33cd11efd22e57a989a056e9f90b0ef2]
PUP.Optional.Babylon.A, C:\Users\Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\ighg0d3g.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");), Ersetzt,[d32d1ee2f60ae0202efb0a35778d54ac]
PUP.Optional.Babylon.A, C:\Users\Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\ighg0d3g.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.BabylonToolbar.dfltLng", "en");), Ersetzt,[08f8ca3602fee11ff2371f20e91b9967]
PUP.Optional.Babylon.A, C:\Users\Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\ighg0d3g.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.BabylonToolbar.excTlbr", false);), Ersetzt,[03fd000023ddaa56e74276c94fb50000]
PUP.Optional.Babylon.A, C:\Users\Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\ighg0d3g.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.BabylonToolbar.id", "d85ff6c90000000000000c607621fe5a");), Ersetzt,[728e60a012ee2fd11b0eb48b9470ac54]
PUP.Optional.Babylon.A, C:\Users\Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\ighg0d3g.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.BabylonToolbar.instlDay", "15652");), Ersetzt,[d12f03fdfb05b14f33f6cf700ef644bc]
PUP.Optional.Babylon.A, C:\Users\Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\ighg0d3g.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.BabylonToolbar.instlRef", "sst");), Ersetzt,[986846ba629eb05066c30a35f2120df3]
PUP.Optional.Babylon.A, C:\Users\Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\ighg0d3g.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");), Ersetzt,[25dbb24e20e0d22e7aafdd62659f4fb1]
PUP.Optional.Babylon.A, C:\Users\Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\ighg0d3g.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.BabylonToolbar.prtnrId", "babylon");), Ersetzt,[8779b44c916fe8185dcc91aece364cb4]
PUP.Optional.Babylon.A, C:\Users\Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\ighg0d3g.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.BabylonToolbar.tlbrId", "base");), Ersetzt,[e9179967dd2300007dacd966df253ec2]
PUP.Optional.Babylon.A, C:\Users\Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\ighg0d3g.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=d85ff6c90000000000000c607621fe5a&q=");), Ersetzt,[bb45e51be7193ec248e1f34c23e13ec2]
PUP.Optional.Babylon.A, C:\Users\Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\ighg0d3g.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.BabylonToolbar.vrsn", "1.8.3.8");), Ersetzt,[e020c23e13eda957ef3ac47b4fb514ec]
PUP.Optional.Babylon.A, C:\Users\Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\ighg0d3g.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.BabylonToolbar.vrsni", "1.8.3.8");), Ersetzt,[bc443bc5a45cd52b121773cc17ed768a]
PUP.Optional.Babylon.A, C:\Users\Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\ighg0d3g.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.BabylonToolbar_i.newTab", true);), Ersetzt,[39c7f60ac73918e8a5847cc3ea1a649c]
PUP.Optional.Babylon.A, C:\Users\Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\ighg0d3g.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?affID=109958&tt=4512_7&babsrc=NT_ss&mntrId=d85ff6c90000000000000c607621fe5a");), Ersetzt,[50b0e917817fb24ea0898ab58b79ba46]
PUP.Optional.Babylon.A, C:\Users\Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\ighg0d3g.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.BabylonToolbar_i.smplGrp", "none");), Ersetzt,[db25dd23847cb14f979290afe51f0000]
PUP.Optional.Babylon.A, C:\Users\Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\ighg0d3g.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.3.820:47:09");), Ersetzt,[25dbd22ec33d857b93969ba4e81c44bc]

Physische Sektoren: 0
(No malicious items detected)


(end)
         
adwcleaner sx:
Code:
ATTFilter
# AdwCleaner v3.023 - Bericht erstellt am 05/04/2014 um 14:45:58
# Aktualisiert 01/04/2014 von Xplode
# Betriebssystem : Windows (TM) Vista Home Premium Service Pack 2 (64 bits)
# Benutzername : Michaela - MICHAELA-PC
# Gestartet von : C:\Users\Michaela\Desktop\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

[!] Ordner Gelöscht : C:\ProgramData\Babylon
[!] Ordner Gelöscht : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
[!] Ordner Gelöscht : C:\Users\Michaela\AppData\LocalLow\BabylonToolbar
[!] Ordner Gelöscht : C:\Users\Michaela\AppData\Roaming\Babylon
[!] Ordner Gelöscht : C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\hpdbfhoobgcmiffaheiedgepeipfcjpb
Datei Gelöscht : C:\Users\Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\ighg0d3g.default\user.js

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKCU\Software\fedb8fe23abf48
Schlüssel Gelöscht : HKLM\SOFTWARE\fedb8fe23abf48
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{50F7F0BE-31BA-4145-BD8B-6B0DECFED804}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}

***** [ Browser ] *****

-\\ Internet Explorer v9.0.8112.16540


-\\ Mozilla Firefox v28.0 (de)

[ Datei : C:\Users\Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\ighg0d3g.default\prefs.js ]

Zeile gelöscht : user_pref("avg.install.userHPSettings", "hxxp://search.babylon.com/?affID=109958&tt=4512_7&babsrc=HP_ss&mntrId=d85ff6c90000000000000c607621fe5a");
Zeile gelöscht : user_pref("avg.install.userSPSettings", "Search the web (Babylon)");
Zeile gelöscht : user_pref("extensions.helperbar.DockingPositionDown", false);
Zeile gelöscht : user_pref("extensions.helperbar.LastHiddenTime", 22839576);
Zeile gelöscht : user_pref("extensions.helperbar.SmartbarDisabled", true);
Zeile gelöscht : user_pref("extensions.helperbar.SmartbarStateMinimaized", true);
Zeile gelöscht : user_pref("extensions.helperbar.Visibility", true);
Zeile gelöscht : user_pref("extensions.helperbar.countryiso", "de");
Zeile gelöscht : user_pref("extensions.helperbar.downloadprovider", "snapdoocyb");
Zeile gelöscht : user_pref("extensions.helperbar.installationid", "97c644c5-ac6a-452e-b40f-ec9598ff936e");
Zeile gelöscht : user_pref("extensions.helperbar.installdate", "02/06/2013");
Zeile gelöscht : user_pref("extensions.helperbar.publisher", "snapdoocyb");

-\\ Google Chrome v33.0.1750.154

[ Datei : C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht : homepage

*************************

AdwCleaner[R0].txt - [6211 octets] - [05/04/2014 14:43:44]
AdwCleaner[S0].txt - [5840 octets] - [05/04/2014 14:45:58]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5900 octets] ##########
         
und JRT:
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows (TM) Vista Home Premium x64
Ran by Michaela on 05.04.2014 at 15:01:00,34
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\yt.ytnavassistplugin
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\yt.ytnavassistplugin.1
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2157045702-3999625576-2718192899-1000\Software\sweetim



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Michaela\AppData\Roaming\mozilla\firefox\profiles\ighg0d3g.default\minidumps [106 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 05.04.2014 at 15:19:41,14
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
Wegen FRST und Addition warte ich jetzt mal weil ich mir nicht sicher bin ob ich die alten zuerst lösche.

Eine weitere Frage hab ich noch: Die Programme die ich jetzt auf dem Laptop habe (wie Malwarebytes und AdwCleaner) darf/soll ich die drauflassen und ab und an selber prüfen lassen? Falls ich vorgreife: Ich möchte nicht ungeduldig wirken, hat mich nur interessiert.

Geändert von miasa (05.04.2014 um 14:39 Uhr)

Alt 06.04.2014, 12:17   #11
schrauber
/// the machine
/// TB-Ausbilder
 

Wie kann ich Daten sichern da MusikTrojaner vermutet - Standard

Wie kann ich Daten sichern da MusikTrojaner vermutet



ne die brauche ich nicht, die alten kannste löschen

zu den Programmen gibt es nachher noch Lesestoff. MBAM kannste behalten.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 06.04.2014, 13:23   #12
miasa
 
Wie kann ich Daten sichern da MusikTrojaner vermutet - Standard

Wie kann ich Daten sichern da MusikTrojaner vermutet



Alles klar. Hier noch die neue FRST und Addition.

FRST

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Michaela (administrator) on MICHAELA-PC on 06-04-2014 14:10:47
Running from C:\Users\Michaela\Desktop
Windows Vista (TM) Home Premium Service Pack 2 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\STacSV64.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
() C:\Windows\System32\WLTRYSVC.EXE
(Dell Inc.) C:\Windows\System32\bcmwltry.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\AESTSr64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(SoftThinks) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Dell Inc.) C:\Windows\System32\WLTRAY.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
() C:\Users\Michaela\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DellDock.exe
(CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
(SupportSoft, Inc.) C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
(Dropbox, Inc.) C:\Users\Michaela\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apntex.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidFind.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
(SupportSoft, Inc.) C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Apoint] - C:\Program Files\DellTPad\Apoint.exe [305664 2009-03-31] (Alps Electric Co., Ltd.)
HKLM\...\Run: [Broadcom Wireless Manager UI] - C:\Windows\system32\WLTRAY.exe [4119552 2008-12-21] (Dell Inc.)
HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [178712 2008-06-15] (Intel Corporation)
HKLM\...\Run: [sroli] - rundll32.exe ",HrEditPhonebookEntry
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [462848 2009-03-31] (IDT, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Dell DataSafe Online] - C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe [1779952 2009-07-07] ()
HKLM-x32\...\Run: [Microsoft Default Manager] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [250192 2009-04-24] (Microsoft Corporation)
HKLM-x32\...\Run: [PDVDDXSrv] - C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe [128232 2009-02-05] (CyberLink Corp.)
HKLM-x32\...\Run: [Dell Webcam Central] - C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [405639 2009-01-09] (Creative Technology Ltd)
HKLM-x32\...\Run: [DellSupportCenter] - C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe [206064 2009-05-21] (SupportSoft, Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2012-02-20] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [TkBellExe] - C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [295512 2013-09-19] (RealNetworks, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640 2014-03-29] (AVAST Software)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\RunOnce: [DSUpdateLauncher] - "c:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\runhstart.bat" [374 2009-03-09] ()
HKLM-x32\...\RunOnce: [Launcher] - "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe" [165104 2009-07-16] (Softthinks)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2157045702-3999625576-2718192899-1000\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [138240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-2157045702-3999625576-2718192899-1000\...\Run: [AmazonMP3DownloaderHelper] - C:\Users\Michaela\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] ()
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Michaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Michaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Michaela\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

ProxyServer: 172.16.10.1:8080
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKCU - YTNavAssistPlugin Class - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} -  No File
URLSearchHook: HKCU - YTNavAssistPlugin Class - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: ProxTube - {0AA2810A-F009-4BD7-A10A-32F140A1B9F3} - C:\Users\Michaela\AppData\LocalLow\ProxTube\IE\ProxTube.dll (Malte Goetz)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU - &Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\Windows\system32\ieframe.dll (Microsoft Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\ighg0d3g.default
FF NewTab: about:blank
FF Homepage: about:home
FF NetworkProxy: "autoconfig_url", "data:text/javascript,function%20FindProxyForURL(url%2C%20host)%20%7Bif%20(shExpMatch(url%2C%20'http%3A%2F%2Fwww.rdio.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fsecure.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.iheart.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20url.indexOf('discoverymedia.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fdsc.discovery.com%2F*')%20%7C%7C%20url.indexOf('southparkstudios.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Faccount.beatsmusic.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.beatsmusic.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fsongza.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fnew.songza.com*')%20%7C%7C%20url.indexOf('play.google.com')%20!%3D%20-1%20%7C%7C%20(url.indexOf('youtube.com%2Fvideoplayback')%20!%3D%20-1%20%26%26%20url.indexOf('%26gcr%3Dus')%20!%3D%20-1%20%26%26%20url.indexOf('%26ptchn')%20!%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.crunchyroll.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fgrooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fretro.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fhtml5.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Flisten.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fpreview.grooveshark.com*')%20%7C%7C%20url.indexOf('vevo.com')%20!%3D%20-1%20%7C%7C%20host%20%3D%3D%20'www.pandora.com'%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.last.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fext.last.fm*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.daisuki.net*')%20%7C%7C%20host%20%3D%3D%20's.hulu.com'%20%7C%7C%20(url.indexOf('proxmate%3Dactive')%20!%3D%20-1%20%26%26%20url.indexOf('amazonaws.com')%20%3D%3D%20-1)%20%7C%7C%20(url.indexOf('proxmate%3Dus')%20!%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.mtv.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fmedia.mtvnservices.com*'))%20%7B%20return%20'PROXY%20nq-us04.personalitycores.com%3A8000%3B%20PROXY%20nq-us05.personalitycores.com%3A8000%3B%20PROXY%20nq-us08.personalitycores.com%3A8000%3B%20PROXY%20nq-us09.personalitycores.com%3A8000%3B%20PROXY%20nq-us10.personalitycores.com%3A8000%3B%20PROXY%20nq-us11.personalitycores.com%3A8000%3B%20PROXY%20nq-us07.personalitycores.com%3A8000%3B%20PROXY%20nq-us12.personalitycores.com%3A8000%3B%20PROXY%20nq-us06.personalitycores.com%3A8000'%3B%7D%20%20else%20%7B%20return%20'DIRECT'%3B%20%7D%7D"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8051.1204 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.3.51 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Users\Michaela\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
FF Plugin HKCU: facebook.com/fbDesktopPlugin - C:\Users\Michaela\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: ProxTube - C:\Users\Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\ighg0d3g.default\Extensions\maltegoetz@proxtube.com [2012-11-08]
FF Extension: ProxMate - Proxy on steroids! - C:\Users\Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\ighg0d3g.default\Extensions\jid1-QpHD8URtZWJC2A@jetpack.xpi [2013-08-17]
FF Extension: Adblock Plus - C:\Users\Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\ighg0d3g.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-12-28]
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-03-29]

Chrome: 
=======
CHR HomePage: hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=97c644c5-ac6a-452e-b40f-ec9598ff936e&searchtype=hp&installDate=02/06/2013
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll ()
CHR Plugin: (Java(TM) Platform SE 6 U13) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (Adobe Acrobat) - c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Download Plugin) - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (RealJukebox NS Plugin) - c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll No File
CHR Extension: (Boa Mistura) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\alhbnbjlmhkpfeocomgpfkffnbncjjpn [2013-08-08]
CHR Extension: (YouTube) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-10-10]
CHR Extension: (Adblock Plus) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-12-28]
CHR Extension: (Google-Suche) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-10-10]
CHR Extension: (Google+) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlppkpafhbajpcmmoheippocdidnckmm [2013-08-08]
CHR Extension: (XKit) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpfgeeomkfdefkckijiabdbogjkdaecd [2014-01-11]
CHR Extension: (avast! Online Security) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-03-29]
CHR Extension: (ProxMate - Proxy on steroids!) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjpnmnpjmabddgmjdiaggacbololbjm [2013-08-17]
CHR Extension: (Google Keep) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2013-09-20]
CHR Extension: (RealDownloader) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-09-20]
CHR Extension: (Dropbox) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2013-08-08]
CHR Extension: (Google Wallet) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-01]
CHR Extension: (Youtube Video Downloader) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\obmbipnhbnpicpechoajlkjfdiopnoki [2013-05-19]
CHR Extension: (Tumblr Savior) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\oefddkjnflmjbclpnnoegglmmdfkidip [2014-01-05]
CHR Extension: (Google Mail) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-10-10]
CHR HKLM-x32\...\Chrome\Extension: [chakodcglgpacmjpjfaoopegbglbollk] - C:\Users\Michaela\AppData\LocalLow\ProxTube\CHROME\ProxTube.crx [2010-05-25]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-03-29]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-03-29] (AVAST Software)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 wltrysvc; C:\Windows\System32\bcmwltry.exe [3051520 2008-12-21] (Dell Inc.)
R2 yksvc; RUNDLL32.EXE ykx64coinst,serviceStartProc [X]

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27648 2008-01-21] (Microsoft Corporation)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-03-29] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [64752 2014-03-29] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-03-29] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-03-29] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-03-29] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2014-03-29] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208928 2014-03-29] ()
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [133672 2011-08-04] (Broadcom Corporation.)
S1 Beep; No ImagePath
R3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [89640 2011-08-04] (Broadcom Corporation.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-04-06] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)
R3 OA009Ufd; C:\Windows\System32\DRIVERS\OA009Ufd.sys [159840 2009-03-06] (Creative Technology Ltd.)
R3 OA009Vid; C:\Windows\System32\DRIVERS\OA009Vid.sys [311296 2009-03-19] (Creative Technology Ltd.)
S3 usbbus; C:\Windows\System32\DRIVERS\lgx64bus.sys [17920 2008-09-04] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgx64diag.sys [27136 2008-09-04] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgx64modem.sys [33792 2008-09-04] (LG Electronics Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-06 14:10 - 2014-04-06 14:11 - 00028176 _____ () C:\Users\Michaela\Desktop\FRST.txt
2014-04-05 15:19 - 2014-04-05 15:19 - 00001119 _____ () C:\Users\Michaela\Desktop\JRT.txt
2014-04-05 15:00 - 2014-04-05 15:00 - 00000000 ____D () C:\Windows\ERUNT
2014-04-05 14:59 - 2014-04-05 14:59 - 01038974 _____ (Thisisu) C:\Users\Michaela\Desktop\JRT.exe
2014-04-05 14:43 - 2014-04-05 14:46 - 00000000 ____D () C:\AdwCleaner
2014-04-05 14:42 - 2014-04-05 14:42 - 01426178 _____ () C:\Users\Michaela\Desktop\adwcleaner.exe
2014-04-05 14:42 - 2014-04-05 14:42 - 00009461 _____ () C:\Users\Michaela\Desktop\mbam.txt
2014-04-05 14:08 - 2014-04-06 13:50 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-05 13:51 - 2014-04-05 14:11 - 00000943 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-05 13:51 - 2014-04-05 14:11 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-05 13:51 - 2014-04-05 13:51 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-05 13:51 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-05 13:51 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-05 13:51 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-04 12:03 - 2014-04-04 12:03 - 00030914 _____ () C:\ComboFix.txt
2014-04-04 11:38 - 2014-04-04 12:03 - 00000000 ____D () C:\Qoobox
2014-04-04 11:38 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-04-04 11:38 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-04-04 11:38 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-04-04 11:38 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-04-04 11:38 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-04-04 11:38 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-04-04 11:38 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-04-04 11:38 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-04-04 11:37 - 2014-04-04 12:00 - 00000000 ____D () C:\Windows\erdnt
2014-04-04 11:34 - 2014-04-04 11:34 - 05193944 ____R (Swearware) C:\Users\Michaela\Desktop\ComboFix.exe
2014-04-04 00:16 - 2014-04-06 00:25 - 00000000 ___RD () C:\Users\Michaela\Bilder nach Datensicherung vom 03.04.14
2014-04-03 19:39 - 2014-04-03 19:39 - 00000000 ____D () C:\Users\Michaela\Documents\Bluetooth-Exchange-Ordner
2014-04-03 19:38 - 2014-04-03 19:38 - 00000000 ____D () C:\Users\Michaela\Documents\Amazon MP3
2014-04-03 15:32 - 2014-04-03 15:32 - 00000000 ____D () C:\Users\Michaela\Documents\Tumblr
2014-04-01 12:51 - 2014-04-06 14:10 - 00000000 ____D () C:\FRST
2014-04-01 12:33 - 2014-04-01 12:34 - 02157056 _____ (Farbar) C:\Users\Michaela\Desktop\FRST64.exe
2014-03-29 15:21 - 2014-04-04 11:26 - 00000808 _____ () C:\Windows\system32\spsys.log
2014-03-29 15:07 - 2014-03-29 15:08 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-29 15:03 - 2013-12-18 22:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-03-29 15:03 - 2013-12-18 22:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-03-29 15:03 - 2013-12-18 22:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-03-29 15:03 - 2013-12-18 22:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-03-29 15:02 - 2014-03-29 15:03 - 00005327 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-03-29 14:56 - 2014-03-29 14:56 - 00000000 ____D () C:\Users\Michaela\AppData\Roaming\Opera Software
2014-03-29 14:56 - 2014-03-29 14:56 - 00000000 ____D () C:\Users\Michaela\AppData\Local\Opera Software
2014-03-29 14:44 - 2014-03-29 14:45 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-03-29 14:27 - 2014-03-29 14:27 - 00000000 ____D () C:\Users\Michaela\AppData\Roaming\AVAST Software
2014-03-29 14:26 - 2014-04-05 13:24 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-03-29 14:25 - 2014-03-29 14:25 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-03-29 14:25 - 2014-03-29 14:25 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-03-29 14:25 - 2014-03-29 14:25 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-03-29 14:25 - 2014-03-29 14:25 - 00208928 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-03-29 14:25 - 2014-03-29 14:25 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-03-29 14:25 - 2014-03-29 14:25 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-03-29 14:25 - 2014-03-29 14:25 - 00065264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2014-03-29 14:25 - 2014-03-29 14:25 - 00064752 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2014-03-29 14:25 - 2014-03-29 14:25 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-03-29 14:23 - 2014-03-29 14:23 - 00000000 ____D () C:\Program Files\AVAST Software
2014-03-29 14:20 - 2014-03-29 14:20 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-03-19 20:46 - 2014-03-27 22:55 - 00003246 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2157045702-3999625576-2718192899-1000
2014-03-19 20:45 - 2014-03-27 22:55 - 00003374 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2157045702-3999625576-2718192899-1000
2014-03-16 02:49 - 2014-03-16 02:49 - 00000000 ____D () C:\Users\Michaela\AppData\Local\Skype
2014-03-14 03:20 - 2014-04-03 15:30 - 00000000 ____D () C:\Users\Michaela\Documents\HTML Code
2014-03-13 04:01 - 2014-02-23 09:12 - 17847808 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-13 04:01 - 2014-02-23 08:54 - 02334720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-13 04:01 - 2014-02-23 08:52 - 10926592 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-13 04:01 - 2014-02-23 08:48 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-13 04:01 - 2014-02-23 08:48 - 01347072 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-13 04:01 - 2014-02-23 08:46 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-13 04:01 - 2014-02-23 08:46 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-03-13 04:01 - 2014-02-23 08:46 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-13 04:01 - 2014-02-23 08:45 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-03-13 04:01 - 2014-02-23 08:45 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-03-13 04:01 - 2014-02-23 08:45 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-13 04:01 - 2014-02-23 08:44 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-13 04:01 - 2014-02-23 08:44 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-13 04:01 - 2014-02-23 08:44 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-13 04:01 - 2014-02-23 08:44 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-03-13 04:01 - 2014-02-23 08:43 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-13 04:01 - 2014-02-23 07:50 - 12347904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-13 04:01 - 2014-02-23 07:47 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-13 04:01 - 2014-02-23 07:43 - 09739264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-13 04:01 - 2014-02-23 07:41 - 01105408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-13 04:01 - 2014-02-23 07:40 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-13 04:01 - 2014-02-23 07:39 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-13 04:01 - 2014-02-23 07:38 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-03-13 04:01 - 2014-02-23 07:38 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-13 04:01 - 2014-02-23 07:38 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-13 04:01 - 2014-02-23 07:37 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-13 04:01 - 2014-02-23 07:37 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-03-13 04:01 - 2014-02-23 07:37 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-13 04:01 - 2014-02-23 07:37 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-03-13 04:01 - 2014-02-23 07:36 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-13 04:01 - 2014-02-23 07:36 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-03-13 04:01 - 2014-02-23 07:35 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-13 00:48 - 2014-02-07 14:11 - 02776064 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-13 00:48 - 2014-02-03 15:20 - 00619008 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-13 00:48 - 2014-02-03 12:37 - 00505344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-13 00:48 - 2014-01-30 12:12 - 01111040 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-13 00:48 - 2014-01-30 09:46 - 00876032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-13 00:48 - 2013-11-13 03:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-03-13 00:48 - 2013-11-13 02:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll

==================== One Month Modified Files and Folders =======

2014-04-06 14:11 - 2014-04-06 14:10 - 00028176 _____ () C:\Users\Michaela\Desktop\FRST.txt
2014-04-06 14:10 - 2014-04-01 12:51 - 00000000 ____D () C:\FRST
2014-04-06 13:58 - 2009-09-24 22:31 - 01385047 _____ () C:\Windows\WindowsUpdate.log
2014-04-06 13:53 - 2013-07-16 23:39 - 00000000 ___RD () C:\Users\Michaela\Dropbox
2014-04-06 13:53 - 2013-07-16 23:35 - 00000000 ____D () C:\Users\Michaela\AppData\Roaming\Dropbox
2014-04-06 13:50 - 2014-04-05 14:08 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-06 13:47 - 2012-10-10 20:49 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-06 13:47 - 2006-11-02 17:42 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-06 13:47 - 2006-11-02 17:22 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-06 13:47 - 2006-11-02 17:22 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-06 02:02 - 2013-03-28 23:50 - 00000000 ____D () C:\Users\Michaela\AppData\Roaming\Skype
2014-04-06 02:02 - 2013-02-12 05:26 - 00003549 _____ () C:\Windows\bthservsdp.dat
2014-04-06 02:02 - 2006-11-02 17:42 - 00032530 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-04-06 01:46 - 2012-10-10 20:49 - 00001114 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-06 01:34 - 2012-08-15 22:10 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-06 01:05 - 2013-03-11 14:00 - 00000940 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2157045702-3999625576-2718192899-1000UA.job
2014-04-06 00:25 - 2014-04-04 00:16 - 00000000 ___RD () C:\Users\Michaela\Bilder nach Datensicherung vom 03.04.14
2014-04-05 15:19 - 2014-04-05 15:19 - 00001119 _____ () C:\Users\Michaela\Desktop\JRT.txt
2014-04-05 15:00 - 2014-04-05 15:00 - 00000000 ____D () C:\Windows\ERUNT
2014-04-05 14:59 - 2014-04-05 14:59 - 01038974 _____ (Thisisu) C:\Users\Michaela\Desktop\JRT.exe
2014-04-05 14:47 - 2008-01-21 05:26 - 00787152 _____ () C:\Windows\PFRO.log
2014-04-05 14:46 - 2014-04-05 14:43 - 00000000 ____D () C:\AdwCleaner
2014-04-05 14:42 - 2014-04-05 14:42 - 01426178 _____ () C:\Users\Michaela\Desktop\adwcleaner.exe
2014-04-05 14:42 - 2014-04-05 14:42 - 00009461 _____ () C:\Users\Michaela\Desktop\mbam.txt
2014-04-05 14:35 - 2009-10-02 19:11 - 00000000 ____D () C:\Users\Michaela\AppData\Local\SoftThinks
2014-04-05 14:11 - 2014-04-05 13:51 - 00000943 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-05 14:11 - 2014-04-05 13:51 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-05 13:51 - 2014-04-05 13:51 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-05 13:24 - 2014-03-29 14:26 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-04-04 13:05 - 2013-03-11 14:00 - 00000918 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2157045702-3999625576-2718192899-1000Core.job
2014-04-04 12:03 - 2014-04-04 12:03 - 00030914 _____ () C:\ComboFix.txt
2014-04-04 12:03 - 2014-04-04 11:38 - 00000000 ____D () C:\Qoobox
2014-04-04 12:03 - 2006-11-02 15:33 - 00000000 __RHD () C:\Users\Default
2014-04-04 12:00 - 2014-04-04 11:37 - 00000000 ____D () C:\Windows\erdnt
2014-04-04 11:59 - 2006-11-02 14:34 - 00000215 _____ () C:\Windows\system.ini
2014-04-04 11:34 - 2014-04-04 11:34 - 05193944 ____R (Swearware) C:\Users\Michaela\Desktop\ComboFix.exe
2014-04-04 11:26 - 2014-03-29 15:21 - 00000808 _____ () C:\Windows\system32\spsys.log
2014-04-04 00:17 - 2009-10-02 19:11 - 00000000 ____D () C:\Users\Michaela
2014-04-04 00:03 - 2008-01-21 13:10 - 01566076 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-04 00:03 - 2008-01-21 13:09 - 00673932 _____ () C:\Windows\system32\perfh007.dat
2014-04-04 00:03 - 2008-01-21 13:09 - 00145912 _____ () C:\Windows\system32\perfc007.dat
2014-04-04 00:00 - 2009-09-25 04:11 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup
2014-04-03 23:53 - 2013-11-04 21:01 - 00000000 ____D () C:\Users\Michaela\Documents\Nitro+Chiral
2014-04-03 21:50 - 2009-10-22 16:40 - 00119808 _____ () C:\Users\Michaela\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-03 19:39 - 2014-04-03 19:39 - 00000000 ____D () C:\Users\Michaela\Documents\Bluetooth-Exchange-Ordner
2014-04-03 19:38 - 2014-04-03 19:38 - 00000000 ____D () C:\Users\Michaela\Documents\Amazon MP3
2014-04-03 15:32 - 2014-04-03 15:32 - 00000000 ____D () C:\Users\Michaela\Documents\Tumblr
2014-04-03 15:32 - 2013-11-04 21:49 - 00000000 ____D () C:\Users\Michaela\Documents\Durarara!!
2014-04-03 15:30 - 2014-03-14 03:20 - 00000000 ____D () C:\Users\Michaela\Documents\HTML Code
2014-04-03 15:30 - 2012-01-22 18:59 - 00000000 ____D () C:\Users\Michaela\Documents\Nintendo
2014-04-03 15:24 - 2009-10-07 15:42 - 00000000 ____D () C:\Users\Michaela\Documents\Dell WebCam Central
2014-04-03 15:21 - 2013-12-21 23:24 - 00000000 ____D () C:\Users\Michaela\Documents\Facebook
2014-04-03 09:51 - 2014-04-05 13:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-05 13:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-05 13:51 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-01 12:40 - 2009-09-25 04:04 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-04-01 12:34 - 2014-04-01 12:33 - 02157056 _____ (Farbar) C:\Users\Michaela\Desktop\FRST64.exe
2014-04-01 12:28 - 2009-10-03 13:07 - 00000000 ____D () C:\Users\Michaela\AppData\Roaming\Adobe
2014-04-01 12:27 - 2009-09-25 04:05 - 00000000 ____D () C:\ProgramData\Adobe
2014-04-01 12:15 - 2009-10-02 19:12 - 00080160 _____ () C:\Users\Michaela\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-01 12:11 - 2006-11-02 17:21 - 02247192 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-01 12:07 - 2009-09-25 04:00 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-03-29 15:21 - 2012-10-11 19:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-29 15:18 - 2013-06-04 18:00 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-03-29 15:08 - 2014-03-29 15:07 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-29 15:03 - 2014-03-29 15:02 - 00005327 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-03-29 15:03 - 2009-09-25 03:57 - 00000000 ____D () C:\Program Files (x86)\Java
2014-03-29 14:59 - 2012-10-22 15:28 - 00000000 ____D () C:\Users\Michaela\AppData\Local\Opera
2014-03-29 14:59 - 2012-10-22 15:28 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-03-29 14:56 - 2014-03-29 14:56 - 00000000 ____D () C:\Users\Michaela\AppData\Roaming\Opera Software
2014-03-29 14:56 - 2014-03-29 14:56 - 00000000 ____D () C:\Users\Michaela\AppData\Local\Opera Software
2014-03-29 14:45 - 2014-03-29 14:44 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-03-29 14:27 - 2014-03-29 14:27 - 00000000 ____D () C:\Users\Michaela\AppData\Roaming\AVAST Software
2014-03-29 14:25 - 2014-03-29 14:25 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-03-29 14:25 - 2014-03-29 14:25 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-03-29 14:25 - 2014-03-29 14:25 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-03-29 14:25 - 2014-03-29 14:25 - 00208928 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-03-29 14:25 - 2014-03-29 14:25 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-03-29 14:25 - 2014-03-29 14:25 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-03-29 14:25 - 2014-03-29 14:25 - 00065264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2014-03-29 14:25 - 2014-03-29 14:25 - 00064752 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2014-03-29 14:25 - 2014-03-29 14:25 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-03-29 14:23 - 2014-03-29 14:23 - 00000000 ____D () C:\Program Files\AVAST Software
2014-03-29 14:20 - 2014-03-29 14:20 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-03-29 14:12 - 2014-03-03 19:28 - 00003352 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2157045702-3999625576-2718192899-1000
2014-03-29 14:12 - 2014-03-03 16:55 - 00003224 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2157045702-3999625576-2718192899-1000
2014-03-29 13:27 - 2013-05-02 22:19 - 00138184 ____H () C:\Windows\SysWOW64\mlfcache.dat
2014-03-28 23:21 - 2014-03-04 21:52 - 00003714 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{784B2923-D700-4DE6-920C-72A8F8621F24}
2014-03-27 22:55 - 2014-03-19 20:46 - 00003246 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2157045702-3999625576-2718192899-1000
2014-03-27 22:55 - 2014-03-19 20:45 - 00003374 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2157045702-3999625576-2718192899-1000
2014-03-27 15:41 - 2012-10-10 20:49 - 00004110 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-27 15:41 - 2012-10-10 20:49 - 00003858 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-19 12:57 - 2013-08-15 03:02 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-19 12:54 - 2006-11-02 14:35 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-03-16 02:49 - 2014-03-16 02:49 - 00000000 ____D () C:\Users\Michaela\AppData\Local\Skype
2014-03-16 02:49 - 2013-03-28 23:50 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-16 02:49 - 2013-03-28 23:50 - 00000000 ____D () C:\ProgramData\Skype
2014-03-13 11:01 - 2006-11-02 15:33 - 00000000 ____D () C:\Windows\rescache
2014-03-12 12:34 - 2012-08-15 22:10 - 00003738 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-12 12:34 - 2012-04-03 21:15 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-12 12:34 - 2011-11-06 12:37 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

Some content of TEMP:
====================
C:\Users\Michaela\AppData\Local\temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-06 13:59

==================== End Of Log ============================
         
--- --- ---


Addition
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Michaela at 2014-04-06 14:11:49
Running from C:\Users\Michaela\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Disabled - Out of date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Out of date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Amazon MP3-Downloader 1.0.18 (HKCU\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)
Any Video Converter 5.0.5 (HKLM-x32\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)
Apple Application Support (HKLM-x32\...\{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}) (Version: 2.1.7 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2016 - Avast Software)
Bing Bar (HKLM-x32\...\{B4089055-D468-45A4-A6BA-5A138DD715FC}) (Version: 7.0.850.0 - Microsoft Corporation)
Choice Guard (x32 Version: 1.2.87.0 - Microsoft Corporation) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{415B2719-AD3A-4944-B404-C472DB6085B3}) (Version: 2.1.6 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{83770D14-21B9-44B3-8689-F7B523F94560}) (Version: 1.0.12 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}) (Version: 1.0.13 - Cisco Systems, Inc.)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 2.25 - Dell)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.3.24 - Dell)
Dell DataSafe Online (HKLM-x32\...\{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}) (Version: 1.1.0029 - Dell, Inc.)
Dell Dock (HKLM\...\{E60B7350-EA5F-41E0-9D6F-E508781E36D2}) (Version: 2.0.0 - Dell)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Support Center (Support Software) (HKLM-x32\...\{E3BFEE55-39E2-4BE0-B966-89FE583822C1}) (Version: 2.5.09100 - Dell)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.104.115.101 - Alps Electric)
Dell Video Chat (HKLM-x32\...\Dell Video Chat) (Version: 6.1 (6751) - SightSpeed Inc.)
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 1.20.10 - Creative Technology Ltd)
Dell Wireless WLAN Card Utility (HKLM\...\Broadcom 802.11 Application) (Version: 5.10.38.30 - Dell Inc.)
Dropbox (HKCU\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)
Facebook Messenger 2.1.4814.0 (HKLM-x32\...\{7204BDEE-1A48-4D95-A964-44A9250B439E}) (Version: 2.1.4814.0 - Facebook)
Free Audio Converter version 5.0.3.1206 (HKLM-x32\...\Free Audio Converter_is1) (Version:  - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Integrated Webcam Driver (1.02.01.0320)   (HKLM\...\Creative OA009) (Version: 1.02.01.0320 - Creative Technology Ltd.)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 13 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416013FF}) (Version: 6.0.130 - Sun Microsystems, Inc.)
Java(TM) 6 Update 13 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216013FF}) (Version: 6.0.130 - Sun Microsystems, Inc.)
Junk Mail filter update (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
LG PC Suite II (HKLM-x32\...\{14DCD95A-EBA3-4BF0-B7EF-533852E99BE6}) (Version: 2.00.0000 - LG PC Suite)
LG PC Suite II (x32 Version: 2.00.0000 - LG PC Suite) Hidden
LG USB Modem driver (HKLM-x32\...\{C3ABE126-2BB2-4246-BFE1-6797679B3579}) (Version: 4.9.2 - LG Electronics)
Live! Cam Avatar Creator (HKLM-x32\...\{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}) (Version: 4.6.2303.1 - Creative Technology Ltd)
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Default Manager (HKLM-x32\...\{095B1DCF-5E8B-47EC-9B18-481918A731DB}) (Version: 2.0.69.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (HKLM-x32\...\{a0fe116e-9a8a-466f-aee0-625cb7c207e3}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}) (Version: 8.0.58299 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Opera Stable 20.0.1387.82 (HKLM-x32\...\Opera 20.0.1387.82) (Version: 20.0.1387.82 - Opera Software ASA)
PowerDVD DX (HKLM-x32\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 8.2.5024 - Dell Corp.)
Quickset (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 9.2.18 - Dell Inc.)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
RealDownloader (x32 Version: 1.3.3 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Roxio Creator Audio (x32 Version: 3.7.0 - Roxio) Hidden
Roxio Creator Copy (x32 Version: 3.7.0 - Roxio) Hidden
Roxio Creator Data (x32 Version: 3.7.0 - Roxio) Hidden
Roxio Creator DE (HKLM-x32\...\{09760D42-E223-42AD-8C3E-55B47D0DDAC3}) (Version: 10.1 - Roxio)
Roxio Creator DE (x32 Version: 3.7.0 - Roxio) Hidden
Roxio Creator Tools (x32 Version: 3.7.0 - Roxio) Hidden
Roxio Express Labeler 3 (x32 Version: 3.2.1 - Roxio) Hidden
Roxio Update Manager (x32 Version: 6.0.0 - Roxio) Hidden
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Synthesia (HKLM-x32\...\Synthesia) (Version: 8.4 - Synthesia LLC)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM-x32\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
WIDCOMM Bluetooth Software (HKLM\...\{6E7F4CA3-B2DE-413C-A7A1-43AA5BE19EA1}) (Version: 6.5.0.2000 - WIDCOMM, Inc.)
Windows Live Anmelde-Assistent (HKLM-x32\...\{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}) (Version: 5.000.818.6 - Microsoft Corporation)
Windows Live Call (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8051.1204 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{8C1E2925-14F8-45AA-B999-1E2A74BF5607}) (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version:  - )
Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version:  - Yahoo! Inc.)

==================== Restore Points  =========================

30-03-2014 11:30:05 Geplanter Prüfpunkt
31-03-2014 08:45:44 Geplanter Prüfpunkt
01-04-2014 09:20:00 Windows Update
01-04-2014 10:06:47 削除済み 咎狗の血
02-04-2014 16:47:57 Geplanter Prüfpunkt
04-04-2014 10:54:30 Geplanter Prüfpunkt
04-04-2014 14:40:32 Windows Update
05-04-2014 14:32:27 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2006-11-02 14:34 - 2014-04-04 11:59 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {0AEAFAF6-F116-4A60-AFB4-C8B755A6E975} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {192DDA2D-5815-47B8-983F-65744FEEC03A} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {19BCA020-F0B4-4C5B-A57C-CF09E3EF4781} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2157045702-3999625576-2718192899-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {254095AE-FB97-48EA-94A5-D8BF2AB79714} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {2A429D84-C847-4D6B-9502-3D35AC976676} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2157045702-3999625576-2718192899-1000UA => C:\Users\Michaela\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-11] (Facebook Inc.)
Task: {2EB14C14-2C5F-4626-BA90-D9196121F7AE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12] (Adobe Systems Incorporated)
Task: {36A56C1C-9BEA-44D8-94FD-62456F325528} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2157045702-3999625576-2718192899-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {388C0D7F-DC58-437E-812B-4BE3674FBB6D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {46CD1E8E-C415-4159-AE4E-F1ED803AFE8A} - System32\Tasks\Launch BCM WLAN Tray => C:\Windows\system32\WLTRAY.EXE [2008-12-21] (Dell Inc.)
Task: {55C81DE2-89F3-4B72-84BD-1B91CA453711} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2157045702-3999625576-2718192899-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {5ABD53F8-82CF-4CD6-93BC-810C5612C7A7} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {7133A15E-30E1-43F9-8C91-1F2CA85D8470} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2157045702-3999625576-2718192899-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {7C638E5B-ECE5-4424-A7E5-2C913CA682E9} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {87E7CBB4-22BF-4BC1-BEC9-3CF65F0B7BE3} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2157045702-3999625576-2718192899-1000Core => C:\Users\Michaela\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-11] (Facebook Inc.)
Task: {A5EC54B9-100A-4D35-9901-99A32AF722CF} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2157045702-3999625576-2718192899-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {B2E92356-AF15-46C2-9760-3E810CEBBD3A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-10] (Google Inc.)
Task: {E91D6474-70CC-42BE-80FF-8BED8AF557ED} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: {EB167214-C513-42A7-9F0B-69BE18A83294} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-03-29] (AVAST Software)
Task: {F5F46528-E855-4E3F-A3B0-5623AE50F8CB} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2157045702-3999625576-2718192899-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {F6BFCBD6-889A-48E7-9943-27C9D6B5854A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-10] (Google Inc.)
Task: {FC41EBBD-8B04-47C7-B2AD-F6C2BEC1A210} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-2157045702-3999625576-2718192899-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2013-08-14] (RealNetworks, Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2157045702-3999625576-2718192899-1000Core.job => C:\Users\Michaela\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2157045702-3999625576-2718192899-1000UA.job => C:\Users\Michaela\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2009-09-25 03:57 - 2008-12-21 20:35 - 00032768 _____ () C:\Windows\System32\WLTRYSVC.EXE
2009-09-25 03:57 - 2008-12-21 20:35 - 00057856 _____ () C:\Windows\System32\bcmwlrmt.dll
2013-08-14 15:19 - 2013-08-14 15:19 - 00039056 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2013-05-22 20:50 - 2013-05-22 20:50 - 00400704 _____ () C:\Users\Michaela\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
2009-07-07 17:23 - 2009-07-07 17:23 - 01779952 _____ () C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
2014-03-04 07:50 - 2014-03-04 07:50 - 00472576 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_64\VistaBridgeLibrary\264c91e0ec39698f61d36c00a26cc16b\VistaBridgeLibrary.ni.dll
2014-04-06 13:48 - 2014-04-06 13:48 - 02189824 _____ () C:\Program Files\AVAST Software\Avast\defs\14040600\algo.dll
2009-09-25 04:11 - 2009-07-16 17:58 - 00115952 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\PSTVdsDisk.dll
2009-09-25 04:11 - 2009-07-16 17:59 - 00128240 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\STLog.dll
2009-07-07 17:24 - 2009-07-07 17:24 - 00268528 _____ () C:\Program Files (x86)\Dell DataSafe Online\SdbShared.dll
2009-07-07 17:23 - 2009-07-07 17:23 - 00058608 _____ () C:\Program Files (x86)\Dell DataSafe Online\BalloonWindow.dll
2009-07-07 17:24 - 2009-07-07 17:24 - 00095472 _____ () C:\Program Files (x86)\Dell DataSafe Online\SdbUI.dll
2009-07-07 17:24 - 2009-07-07 17:24 - 00046320 _____ () C:\Program Files (x86)\Dell DataSafe Online\de\SdbUI.resources.dll
2009-07-07 17:24 - 2009-07-07 17:24 - 00369904 _____ () C:\Program Files (x86)\Dell DataSafe Online\de\DataSafeOnline.resources.dll
2009-07-07 17:24 - 2009-07-07 17:24 - 00140528 _____ () C:\Program Files (x86)\Dell DataSafe Online\SdbShared.XmlSerializers.dll
2009-07-07 17:23 - 2009-07-07 17:23 - 00017648 _____ () C:\Program Files (x86)\Dell DataSafe Online\cpputils.dll
2013-10-19 01:55 - 2013-10-19 01:55 - 25100288 _____ () C:\Users\Michaela\AppData\Roaming\Dropbox\bin\libcef.dll
2014-03-29 14:25 - 2014-03-29 14:25 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-03-15 21:47 - 2014-03-15 02:50 - 00051016 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\chrome_elf.dll
2014-03-15 21:47 - 2014-03-15 02:50 - 04061000 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll
2014-03-15 21:47 - 2014-03-15 02:50 - 00394568 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll
2014-03-15 21:47 - 2014-03-15 02:50 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/06/2014 01:52:57 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (04/06/2014 01:49:00 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (04/06/2014 01:52:15 PM) (Source: Service Control Manager) (User: )
Description: 30000Microsoft .NET Framework NGEN v4.0.30319_X86

Error: (04/06/2014 01:50:19 PM) (Source: Service Control Manager) (User: )
Description: Beep

Error: (04/06/2014 01:49:44 PM) (Source: Service Control Manager) (User: )
Description: Bluetooth Service

Error: (04/06/2014 01:49:01 PM) (Source: Service Control Manager) (User: )
Description: Intel(R) PRO/1000 NDIS 6 Adapter Driver%%1058

Error: (04/06/2014 01:49:01 PM) (Source: Service Control Manager) (User: )
Description: Intel(R) PRO/1000 PCI Express-Netzwerkverbindungstreiber%%1058

Error: (04/06/2014 01:49:01 PM) (Source: Service Control Manager) (User: )
Description: Bluetooth-Gerät (PAN)%%1058


Microsoft Office Sessions:
=========================
Error: (05/27/2013 11:18:45 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 12395 seconds with 6840 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2014-04-06 14:11:43.760
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-06 14:11:43.190
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-06 14:11:42.612
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-06 14:11:42.011
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-06 14:11:41.431
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-06 14:11:40.855
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-06 14:11:40.276
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-06 14:11:39.661
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-06 13:50:30.680
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-06 00:46:13.383
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 51%
Total physical RAM: 4055.45 MB
Available physical RAM: 1979.81 MB
Total Pagefile: 8288.18 MB
Available Pagefile: 5807.87 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:283.4 GB) (Free:113.76 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (RECOVERY) (Fixed) (Total:14.65 GB) (Free:6.38 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298 GB) (Disk ID: 7F8F3E8E)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=283 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

Alt 07.04.2014, 12:32   #13
schrauber
/// the machine
/// TB-Ausbilder
 

Wie kann ich Daten sichern da MusikTrojaner vermutet - Standard

Wie kann ich Daten sichern da MusikTrojaner vermutet




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 07.04.2014, 16:41   #14
miasa
 
Wie kann ich Daten sichern da MusikTrojaner vermutet - Standard

Wie kann ich Daten sichern da MusikTrojaner vermutet



Eset Scan:
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=682c9efce0b7f340acc9dc693c7668cb
# engine=17781
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-04-07 03:10:17
# local_time=2014-04-07 05:10:17 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode=774 16777213 71 76 787467 791129 0 0
# compatibility_mode=5892 16776574 100 100 260937 234407323 0 0
# scanned=310281
# found=1
# cleaned=0
# scan_time=7782
sh=B010384F07052D334887AE50A19116A8FACE1BDF ft=0 fh=0000000000000000 vn="Java/Agent.EX trojan" ac=I fn="C:\Users\Michaela\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\350c3de2-7835edc2"
         
Mitten drin ist aber mein antivirus (avast) wieder angesprungen. Weis nicht warum das passiert ist. Muss ich den scan nochmal machen?
Deinstalliert hab ich das Eset Programm jetzt schon mal trotzdem.

Außerdem meldet avast folgendes (auch schon vor dem scan mit eset):
Wir haben auf Ihrem PC Anzeichen für Datenmüll gefunden.
13 Bloatware-Programme haben den Start dieses PC verlangsamt.
11 Optimierungen der Systemregistrierung, die die Geschindigkeit Ihres PCs erhöhen können.
1,6 GB Speicherplatz, der wieder frei wird

Nebendran ist eine Schaltfläche PC optimieren (hab ich jetzt noch nicht gemacht weil ich dich erst fragen wollte)

Außerdem dauert es wirklich lange bis der PC hochfährt. Nach dem Willkommen-Bildchrim von Windows seh ich erst mal mindestens 5 Minuten lang nur meine Maus die ich auch bewegen kann. Dann kommt so ein Fenster (schwarzer Hintergrund und weiße Pixelschrift). Was genau drinsteht weis ich nicht aber ich könnte versuchen das beim nächsten mal mit der Handykamera zu fotografieren. Vielleicht ist das aber auch normal...

Die Musik kam bisher nicht mehr aber mein PC sagt mir ständig dass meine Anzeige (die ich aber wirklich schon immer so benutzt hab, glaube das heisst irgendwas mit Aero) den PC überfordert. Das ist neu.

Security Check:
Code:
ATTFilter
 Results of screen317's Security Check version 0.99.80  
 Windows Vista Service Pack 2 x64 (UAC is enabled)  
 Internet Explorer 9  
 Internet Explorer 8  
``````````````Antivirus/Firewall Check:`````````````` 
avast! Antivirus   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 Java(TM) 6 Update 13  
 Java 7 Update 51  
 Adobe Flash Player 	12.0.0.77  
 Adobe Reader 10.1.9 Adobe Reader out of Date!  
 Mozilla Firefox (28.0) 
 Google Chrome 33.0.1750.146  
 Google Chrome 33.0.1750.154  
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 Malwarebytes Anti-Malware mbamscheduler.exe   
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast AvastUI.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````
         
FRST log:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Michaela (administrator) on MICHAELA-PC on 07-04-2014 17:37:27
Running from C:\Users\Michaela\Desktop
Windows Vista (TM) Home Premium Service Pack 2 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\STacSV64.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
() C:\Windows\System32\WLTRYSVC.EXE
(Dell Inc.) C:\Windows\System32\bcmwltry.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\AESTSr64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(SoftThinks) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
() C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Dell Inc.) C:\Windows\System32\WLTRAY.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
() C:\Users\Michaela\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DellDock.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
(CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe
(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe
(SupportSoft, Inc.) C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Dropbox, Inc.) C:\Users\Michaela\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(SupportSoft, Inc.) C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidFind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apntex.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Apoint] - C:\Program Files\DellTPad\Apoint.exe [305664 2009-03-31] (Alps Electric Co., Ltd.)
HKLM\...\Run: [Broadcom Wireless Manager UI] - C:\Windows\system32\WLTRAY.exe [4119552 2008-12-21] (Dell Inc.)
HKLM\...\Run: [IAAnotif] - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [178712 2008-06-15] (Intel Corporation)
HKLM\...\Run: [sroli] - rundll32.exe ",HrEditPhonebookEntry
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray64.exe [462848 2009-03-31] (IDT, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Dell DataSafe Online] - C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe [1779952 2009-07-07] ()
HKLM-x32\...\Run: [Microsoft Default Manager] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [250192 2009-04-24] (Microsoft Corporation)
HKLM-x32\...\Run: [PDVDDXSrv] - C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe [128232 2009-02-05] (CyberLink Corp.)
HKLM-x32\...\Run: [Dell Webcam Central] - C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [405639 2009-01-09] (Creative Technology Ltd)
HKLM-x32\...\Run: [DellSupportCenter] - C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe [206064 2009-05-21] (SupportSoft, Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59240 2012-02-20] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [TkBellExe] - C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [295512 2013-09-19] (RealNetworks, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640 2014-03-29] (AVAST Software)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\RunOnce: [DSUpdateLauncher] - "c:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\runhstart.bat" [374 2009-03-09] ()
HKLM-x32\...\RunOnce: [Launcher] - "C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe" [165104 2009-07-16] (Softthinks)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2157045702-3999625576-2718192899-1000\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [138240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-2157045702-3999625576-2718192899-1000\...\Run: [AmazonMP3DownloaderHelper] - C:\Users\Michaela\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] ()
Lsa: [Notification Packages] scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Michaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Michaela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Michaela\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

ProxyServer: 172.16.10.1:8080
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: HKCU - YTNavAssistPlugin Class - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} -  No File
URLSearchHook: HKCU - YTNavAssistPlugin Class - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files (x86)\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: ProxTube - {0AA2810A-F009-4BD7-A10A-32F140A1B9F3} - C:\Users\Michaela\AppData\LocalLow\ProxTube\IE\ProxTube.dll (Malte Goetz)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: No Name - {5C255C8A-E604-49b4-9D64-90988571CECB} -  No File
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU - &Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\Windows\system32\ieframe.dll (Microsoft Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\ighg0d3g.default
FF NewTab: about:blank
FF Homepage: about:home
FF NetworkProxy: "autoconfig_url", "data:text/javascript,function%20FindProxyForURL(url%2C%20host)%20%7Bif%20(shExpMatch(url%2C%20'http%3A%2F%2Fwww.rdio.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fsecure.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.iheart.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20url.indexOf('discoverymedia.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fdsc.discovery.com%2F*')%20%7C%7C%20url.indexOf('southparkstudios.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Faccount.beatsmusic.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.beatsmusic.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fsongza.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fnew.songza.com*')%20%7C%7C%20url.indexOf('play.google.com')%20!%3D%20-1%20%7C%7C%20(url.indexOf('youtube.com%2Fvideoplayback')%20!%3D%20-1%20%26%26%20url.indexOf('%26gcr%3Dus')%20!%3D%20-1%20%26%26%20url.indexOf('%26ptchn')%20!%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.crunchyroll.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fgrooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fretro.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fhtml5.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Flisten.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fpreview.grooveshark.com*')%20%7C%7C%20url.indexOf('vevo.com')%20!%3D%20-1%20%7C%7C%20host%20%3D%3D%20'www.pandora.com'%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.last.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fext.last.fm*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.daisuki.net*')%20%7C%7C%20host%20%3D%3D%20's.hulu.com'%20%7C%7C%20(url.indexOf('proxmate%3Dactive')%20!%3D%20-1%20%26%26%20url.indexOf('amazonaws.com')%20%3D%3D%20-1)%20%7C%7C%20(url.indexOf('proxmate%3Dus')%20!%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.mtv.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fmedia.mtvnservices.com*'))%20%7B%20return%20'PROXY%20nq-us04.personalitycores.com%3A8000%3B%20PROXY%20nq-us05.personalitycores.com%3A8000%3B%20PROXY%20nq-us08.personalitycores.com%3A8000%3B%20PROXY%20nq-us09.personalitycores.com%3A8000%3B%20PROXY%20nq-us10.personalitycores.com%3A8000%3B%20PROXY%20nq-us11.personalitycores.com%3A8000%3B%20PROXY%20nq-us07.personalitycores.com%3A8000%3B%20PROXY%20nq-us12.personalitycores.com%3A8000%3B%20PROXY%20nq-us06.personalitycores.com%3A8000'%3B%7D%20%20else%20%7B%20return%20'DIRECT'%3B%20%7D%7D"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8051.1204 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.3.51 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.4.53 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Users\Michaela\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
FF Plugin HKCU: facebook.com/fbDesktopPlugin - C:\Users\Michaela\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: ProxTube - C:\Users\Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\ighg0d3g.default\Extensions\maltegoetz@proxtube.com [2012-11-08]
FF Extension: ProxMate - Proxy on steroids! - C:\Users\Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\ighg0d3g.default\Extensions\jid1-QpHD8URtZWJC2A@jetpack.xpi [2013-08-17]
FF Extension: Adblock Plus - C:\Users\Michaela\AppData\Roaming\Mozilla\Firefox\Profiles\ighg0d3g.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-12-28]
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-03-29]

Chrome: 
=======
CHR HomePage: hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=97c644c5-ac6a-452e-b40f-ec9598ff936e&searchtype=hp&installDate=02/06/2013
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll No File
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll ()
CHR Plugin: (Java(TM) Platform SE 6 U13) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.2) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (Adobe Acrobat) - c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (Windows Live® Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (RealNetworks(tm) Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Download Plugin) - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Plugin: (RealJukebox NS Plugin) - c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll No File
CHR Extension: (Boa Mistura) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\alhbnbjlmhkpfeocomgpfkffnbncjjpn [2013-08-08]
CHR Extension: (YouTube) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-10-10]
CHR Extension: (Adblock Plus) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-12-28]
CHR Extension: (Google-Suche) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-10-10]
CHR Extension: (Google+) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlppkpafhbajpcmmoheippocdidnckmm [2013-08-08]
CHR Extension: (XKit) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpfgeeomkfdefkckijiabdbogjkdaecd [2014-01-11]
CHR Extension: (avast! Online Security) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-03-29]
CHR Extension: (ProxMate - Proxy on steroids!) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgjpnmnpjmabddgmjdiaggacbololbjm [2013-08-17]
CHR Extension: (Google Keep) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2013-09-20]
CHR Extension: (RealDownloader) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2013-09-20]
CHR Extension: (Dropbox) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2013-08-08]
CHR Extension: (Google Wallet) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-01]
CHR Extension: (Youtube Video Downloader) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\obmbipnhbnpicpechoajlkjfdiopnoki [2013-05-19]
CHR Extension: (Tumblr Savior) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\oefddkjnflmjbclpnnoegglmmdfkidip [2014-01-05]
CHR Extension: (Google Mail) - C:\Users\Michaela\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-10-10]
CHR HKLM-x32\...\Chrome\Extension: [chakodcglgpacmjpjfaoopegbglbollk] - C:\Users\Michaela\AppData\LocalLow\ProxTube\CHROME\ProxTube.crx [2010-05-25]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-03-29]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-03-29] (AVAST Software)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 wltrysvc; C:\Windows\System32\bcmwltry.exe [3051520 2008-12-21] (Dell Inc.)
R2 yksvc; RUNDLL32.EXE ykx64coinst,serviceStartProc [X]

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27648 2008-01-21] (Microsoft Corporation)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-03-29] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [64752 2014-03-29] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-03-29] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-03-29] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-03-29] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2014-03-29] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208928 2014-03-29] ()
R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [133672 2011-08-04] (Broadcom Corporation.)
S1 Beep; No ImagePath
R3 BTWDPAN; C:\Windows\System32\DRIVERS\btwdpan.sys [89640 2011-08-04] (Broadcom Corporation.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-04-07] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)
R3 OA009Ufd; C:\Windows\System32\DRIVERS\OA009Ufd.sys [159840 2009-03-06] (Creative Technology Ltd.)
R3 OA009Vid; C:\Windows\System32\DRIVERS\OA009Vid.sys [311296 2009-03-19] (Creative Technology Ltd.)
S3 usbbus; C:\Windows\System32\DRIVERS\lgx64bus.sys [17920 2008-09-04] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgx64diag.sys [27136 2008-09-04] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgx64modem.sys [33792 2008-09-04] (LG Electronics Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-07 17:37 - 2014-04-07 17:38 - 00028349 _____ () C:\Users\Michaela\Desktop\FRST.txt
2014-04-07 17:29 - 2014-04-07 17:29 - 00987442 _____ () C:\Users\Michaela\Desktop\SecurityCheck.exe
2014-04-05 15:19 - 2014-04-05 15:19 - 00001119 _____ () C:\Users\Michaela\Desktop\JRT.txt
2014-04-05 15:00 - 2014-04-05 15:00 - 00000000 ____D () C:\Windows\ERUNT
2014-04-05 14:59 - 2014-04-05 14:59 - 01038974 _____ (Thisisu) C:\Users\Michaela\Desktop\JRT.exe
2014-04-05 14:43 - 2014-04-05 14:46 - 00000000 ____D () C:\AdwCleaner
2014-04-05 14:42 - 2014-04-05 14:42 - 01426178 _____ () C:\Users\Michaela\Desktop\adwcleaner.exe
2014-04-05 14:42 - 2014-04-05 14:42 - 00009461 _____ () C:\Users\Michaela\Desktop\mbam.txt
2014-04-05 14:08 - 2014-04-07 17:33 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-05 13:51 - 2014-04-05 14:11 - 00000943 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-05 13:51 - 2014-04-05 14:11 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-05 13:51 - 2014-04-05 13:51 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-05 13:51 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-05 13:51 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-05 13:51 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-04 12:03 - 2014-04-04 12:03 - 00030914 _____ () C:\ComboFix.txt
2014-04-04 11:38 - 2014-04-04 12:03 - 00000000 ____D () C:\Qoobox
2014-04-04 11:38 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-04-04 11:38 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-04-04 11:38 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-04-04 11:38 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-04-04 11:38 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-04-04 11:38 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-04-04 11:38 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-04-04 11:38 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-04-04 11:37 - 2014-04-04 12:00 - 00000000 ____D () C:\Windows\erdnt
2014-04-04 11:34 - 2014-04-04 11:34 - 05193944 ____R (Swearware) C:\Users\Michaela\Desktop\ComboFix.exe
2014-04-04 00:16 - 2014-04-07 03:32 - 00000000 ___RD () C:\Users\Michaela\Bilder nach Datensicherung vom 03.04.14
2014-04-03 19:39 - 2014-04-03 19:39 - 00000000 ____D () C:\Users\Michaela\Documents\Bluetooth-Exchange-Ordner
2014-04-03 19:38 - 2014-04-03 19:38 - 00000000 ____D () C:\Users\Michaela\Documents\Amazon MP3
2014-04-03 15:32 - 2014-04-03 15:32 - 00000000 ____D () C:\Users\Michaela\Documents\Tumblr
2014-04-01 12:51 - 2014-04-07 17:37 - 00000000 ____D () C:\FRST
2014-04-01 12:33 - 2014-04-01 12:34 - 02157056 _____ (Farbar) C:\Users\Michaela\Desktop\FRST64.exe
2014-03-29 15:21 - 2014-04-04 11:26 - 00000808 _____ () C:\Windows\system32\spsys.log
2014-03-29 15:07 - 2014-03-29 15:08 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-29 15:03 - 2013-12-18 22:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-03-29 15:03 - 2013-12-18 22:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-03-29 15:03 - 2013-12-18 22:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-03-29 15:03 - 2013-12-18 22:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-03-29 15:02 - 2014-03-29 15:03 - 00005327 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-03-29 14:56 - 2014-03-29 14:56 - 00000000 ____D () C:\Users\Michaela\AppData\Roaming\Opera Software
2014-03-29 14:56 - 2014-03-29 14:56 - 00000000 ____D () C:\Users\Michaela\AppData\Local\Opera Software
2014-03-29 14:44 - 2014-03-29 14:45 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-03-29 14:27 - 2014-03-29 14:27 - 00000000 ____D () C:\Users\Michaela\AppData\Roaming\AVAST Software
2014-03-29 14:26 - 2014-04-05 13:24 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-03-29 14:25 - 2014-03-29 14:25 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-03-29 14:25 - 2014-03-29 14:25 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-03-29 14:25 - 2014-03-29 14:25 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-03-29 14:25 - 2014-03-29 14:25 - 00208928 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-03-29 14:25 - 2014-03-29 14:25 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-03-29 14:25 - 2014-03-29 14:25 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-03-29 14:25 - 2014-03-29 14:25 - 00065264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2014-03-29 14:25 - 2014-03-29 14:25 - 00064752 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2014-03-29 14:25 - 2014-03-29 14:25 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-03-29 14:23 - 2014-03-29 14:23 - 00000000 ____D () C:\Program Files\AVAST Software
2014-03-29 14:20 - 2014-03-29 14:20 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-03-19 20:46 - 2014-03-27 22:55 - 00003246 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2157045702-3999625576-2718192899-1000
2014-03-19 20:45 - 2014-03-27 22:55 - 00003374 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2157045702-3999625576-2718192899-1000
2014-03-16 02:49 - 2014-03-16 02:49 - 00000000 ____D () C:\Users\Michaela\AppData\Local\Skype
2014-03-14 03:20 - 2014-04-03 15:30 - 00000000 ____D () C:\Users\Michaela\Documents\HTML Code
2014-03-13 04:01 - 2014-02-23 09:12 - 17847808 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-13 04:01 - 2014-02-23 08:54 - 02334720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-13 04:01 - 2014-02-23 08:52 - 10926592 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-13 04:01 - 2014-02-23 08:48 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-13 04:01 - 2014-02-23 08:48 - 01347072 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-13 04:01 - 2014-02-23 08:46 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-13 04:01 - 2014-02-23 08:46 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-03-13 04:01 - 2014-02-23 08:46 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-13 04:01 - 2014-02-23 08:45 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-03-13 04:01 - 2014-02-23 08:45 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-03-13 04:01 - 2014-02-23 08:45 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-13 04:01 - 2014-02-23 08:44 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-13 04:01 - 2014-02-23 08:44 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-13 04:01 - 2014-02-23 08:44 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-13 04:01 - 2014-02-23 08:44 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-03-13 04:01 - 2014-02-23 08:43 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-13 04:01 - 2014-02-23 07:50 - 12347904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-13 04:01 - 2014-02-23 07:47 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-13 04:01 - 2014-02-23 07:43 - 09739264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-13 04:01 - 2014-02-23 07:41 - 01105408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-13 04:01 - 2014-02-23 07:40 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-13 04:01 - 2014-02-23 07:39 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-13 04:01 - 2014-02-23 07:38 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-03-13 04:01 - 2014-02-23 07:38 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-13 04:01 - 2014-02-23 07:38 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-13 04:01 - 2014-02-23 07:37 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-13 04:01 - 2014-02-23 07:37 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-03-13 04:01 - 2014-02-23 07:37 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-13 04:01 - 2014-02-23 07:37 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-03-13 04:01 - 2014-02-23 07:36 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-13 04:01 - 2014-02-23 07:36 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-03-13 04:01 - 2014-02-23 07:35 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-13 00:48 - 2014-02-07 14:11 - 02776064 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-13 00:48 - 2014-02-03 15:20 - 00619008 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-13 00:48 - 2014-02-03 12:37 - 00505344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-13 00:48 - 2014-01-30 12:12 - 01111040 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-13 00:48 - 2014-01-30 09:46 - 00876032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-13 00:48 - 2013-11-13 03:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-03-13 00:48 - 2013-11-13 02:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll

==================== One Month Modified Files and Folders =======

2014-04-07 17:38 - 2014-04-07 17:37 - 00028349 _____ () C:\Users\Michaela\Desktop\FRST.txt
2014-04-07 17:37 - 2014-04-01 12:51 - 00000000 ____D () C:\FRST
2014-04-07 17:34 - 2012-08-15 22:10 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-07 17:33 - 2014-04-05 14:08 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-07 17:29 - 2014-04-07 17:29 - 00987442 _____ () C:\Users\Michaela\Desktop\SecurityCheck.exe
2014-04-07 16:46 - 2012-10-10 20:49 - 00001114 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-07 16:05 - 2013-03-11 14:00 - 00000940 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2157045702-3999625576-2718192899-1000UA.job
2014-04-07 15:55 - 2006-11-02 17:22 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-07 15:55 - 2006-11-02 17:22 - 00003616 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-07 14:56 - 2008-01-21 13:10 - 01566076 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-07 14:56 - 2008-01-21 13:09 - 00673932 _____ () C:\Windows\system32\perfh007.dat
2014-04-07 14:56 - 2008-01-21 13:09 - 00145912 _____ () C:\Windows\system32\perfc007.dat
2014-04-07 14:54 - 2009-09-25 04:11 - 00000000 ____D () C:\Program Files (x86)\Dell DataSafe Local Backup
2014-04-07 14:53 - 2006-11-02 17:27 - 00288807 _____ () C:\Windows\setupact.log
2014-04-07 14:46 - 2012-10-10 20:49 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-07 14:42 - 2009-09-24 22:31 - 01403690 _____ () C:\Windows\WindowsUpdate.log
2014-04-07 14:01 - 2013-07-16 23:39 - 00000000 ___RD () C:\Users\Michaela\Dropbox
2014-04-07 14:01 - 2013-07-16 23:35 - 00000000 ____D () C:\Users\Michaela\AppData\Roaming\Dropbox
2014-04-07 13:59 - 2009-10-02 19:11 - 00000000 ____D () C:\Users\Michaela\AppData\Local\SoftThinks
2014-04-07 13:55 - 2006-11-02 17:42 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-07 03:58 - 2013-02-12 05:26 - 00003549 _____ () C:\Windows\bthservsdp.dat
2014-04-07 03:58 - 2006-11-02 17:42 - 00032530 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-04-07 03:53 - 2013-03-28 23:50 - 00000000 ____D () C:\Users\Michaela\AppData\Roaming\Skype
2014-04-07 03:32 - 2014-04-04 00:16 - 00000000 ___RD () C:\Users\Michaela\Bilder nach Datensicherung vom 03.04.14
2014-04-05 15:19 - 2014-04-05 15:19 - 00001119 _____ () C:\Users\Michaela\Desktop\JRT.txt
2014-04-05 15:00 - 2014-04-05 15:00 - 00000000 ____D () C:\Windows\ERUNT
2014-04-05 14:59 - 2014-04-05 14:59 - 01038974 _____ (Thisisu) C:\Users\Michaela\Desktop\JRT.exe
2014-04-05 14:47 - 2008-01-21 05:26 - 00787152 _____ () C:\Windows\PFRO.log
2014-04-05 14:46 - 2014-04-05 14:43 - 00000000 ____D () C:\AdwCleaner
2014-04-05 14:42 - 2014-04-05 14:42 - 01426178 _____ () C:\Users\Michaela\Desktop\adwcleaner.exe
2014-04-05 14:42 - 2014-04-05 14:42 - 00009461 _____ () C:\Users\Michaela\Desktop\mbam.txt
2014-04-05 14:11 - 2014-04-05 13:51 - 00000943 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-05 14:11 - 2014-04-05 13:51 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-05 13:51 - 2014-04-05 13:51 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-05 13:24 - 2014-03-29 14:26 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-04-04 13:05 - 2013-03-11 14:00 - 00000918 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2157045702-3999625576-2718192899-1000Core.job
2014-04-04 12:03 - 2014-04-04 12:03 - 00030914 _____ () C:\ComboFix.txt
2014-04-04 12:03 - 2014-04-04 11:38 - 00000000 ____D () C:\Qoobox
2014-04-04 12:03 - 2006-11-02 15:33 - 00000000 __RHD () C:\Users\Default
2014-04-04 12:00 - 2014-04-04 11:37 - 00000000 ____D () C:\Windows\erdnt
2014-04-04 11:59 - 2006-11-02 14:34 - 00000215 _____ () C:\Windows\system.ini
2014-04-04 11:34 - 2014-04-04 11:34 - 05193944 ____R (Swearware) C:\Users\Michaela\Desktop\ComboFix.exe
2014-04-04 11:26 - 2014-03-29 15:21 - 00000808 _____ () C:\Windows\system32\spsys.log
2014-04-04 00:17 - 2009-10-02 19:11 - 00000000 ____D () C:\Users\Michaela
2014-04-03 23:53 - 2013-11-04 21:01 - 00000000 ____D () C:\Users\Michaela\Documents\Nitro+Chiral
2014-04-03 21:50 - 2009-10-22 16:40 - 00119808 _____ () C:\Users\Michaela\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-03 19:39 - 2014-04-03 19:39 - 00000000 ____D () C:\Users\Michaela\Documents\Bluetooth-Exchange-Ordner
2014-04-03 19:38 - 2014-04-03 19:38 - 00000000 ____D () C:\Users\Michaela\Documents\Amazon MP3
2014-04-03 15:32 - 2014-04-03 15:32 - 00000000 ____D () C:\Users\Michaela\Documents\Tumblr
2014-04-03 15:32 - 2013-11-04 21:49 - 00000000 ____D () C:\Users\Michaela\Documents\Durarara!!
2014-04-03 15:30 - 2014-03-14 03:20 - 00000000 ____D () C:\Users\Michaela\Documents\HTML Code
2014-04-03 15:30 - 2012-01-22 18:59 - 00000000 ____D () C:\Users\Michaela\Documents\Nintendo
2014-04-03 15:24 - 2009-10-07 15:42 - 00000000 ____D () C:\Users\Michaela\Documents\Dell WebCam Central
2014-04-03 15:21 - 2013-12-21 23:24 - 00000000 ____D () C:\Users\Michaela\Documents\Facebook
2014-04-03 09:51 - 2014-04-05 13:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-05 13:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-05 13:51 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-01 12:40 - 2009-09-25 04:04 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-04-01 12:34 - 2014-04-01 12:33 - 02157056 _____ (Farbar) C:\Users\Michaela\Desktop\FRST64.exe
2014-04-01 12:28 - 2009-10-03 13:07 - 00000000 ____D () C:\Users\Michaela\AppData\Roaming\Adobe
2014-04-01 12:27 - 2009-09-25 04:05 - 00000000 ____D () C:\ProgramData\Adobe
2014-04-01 12:15 - 2009-10-02 19:12 - 00080160 _____ () C:\Users\Michaela\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-01 12:11 - 2006-11-02 17:21 - 02247192 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-01 12:07 - 2009-09-25 04:00 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-03-29 15:21 - 2012-10-11 19:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-29 15:18 - 2013-06-04 18:00 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-03-29 15:08 - 2014-03-29 15:07 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-29 15:03 - 2014-03-29 15:02 - 00005327 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-03-29 15:03 - 2009-09-25 03:57 - 00000000 ____D () C:\Program Files (x86)\Java
2014-03-29 14:59 - 2012-10-22 15:28 - 00000000 ____D () C:\Users\Michaela\AppData\Local\Opera
2014-03-29 14:59 - 2012-10-22 15:28 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-03-29 14:56 - 2014-03-29 14:56 - 00000000 ____D () C:\Users\Michaela\AppData\Roaming\Opera Software
2014-03-29 14:56 - 2014-03-29 14:56 - 00000000 ____D () C:\Users\Michaela\AppData\Local\Opera Software
2014-03-29 14:45 - 2014-03-29 14:44 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-03-29 14:27 - 2014-03-29 14:27 - 00000000 ____D () C:\Users\Michaela\AppData\Roaming\AVAST Software
2014-03-29 14:25 - 2014-03-29 14:25 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-03-29 14:25 - 2014-03-29 14:25 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-03-29 14:25 - 2014-03-29 14:25 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-03-29 14:25 - 2014-03-29 14:25 - 00208928 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-03-29 14:25 - 2014-03-29 14:25 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-03-29 14:25 - 2014-03-29 14:25 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-03-29 14:25 - 2014-03-29 14:25 - 00065264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2014-03-29 14:25 - 2014-03-29 14:25 - 00064752 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2014-03-29 14:25 - 2014-03-29 14:25 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-03-29 14:23 - 2014-03-29 14:23 - 00000000 ____D () C:\Program Files\AVAST Software
2014-03-29 14:20 - 2014-03-29 14:20 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-03-29 14:12 - 2014-03-03 19:28 - 00003352 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2157045702-3999625576-2718192899-1000
2014-03-29 14:12 - 2014-03-03 16:55 - 00003224 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2157045702-3999625576-2718192899-1000
2014-03-29 13:27 - 2013-05-02 22:19 - 00138184 ____H () C:\Windows\SysWOW64\mlfcache.dat
2014-03-28 23:21 - 2014-03-04 21:52 - 00003714 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{784B2923-D700-4DE6-920C-72A8F8621F24}
2014-03-27 22:55 - 2014-03-19 20:46 - 00003246 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2157045702-3999625576-2718192899-1000
2014-03-27 22:55 - 2014-03-19 20:45 - 00003374 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2157045702-3999625576-2718192899-1000
2014-03-27 15:41 - 2012-10-10 20:49 - 00004110 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-27 15:41 - 2012-10-10 20:49 - 00003858 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-19 12:57 - 2013-08-15 03:02 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-19 12:54 - 2006-11-02 14:35 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-03-16 02:49 - 2014-03-16 02:49 - 00000000 ____D () C:\Users\Michaela\AppData\Local\Skype
2014-03-16 02:49 - 2013-03-28 23:50 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-16 02:49 - 2013-03-28 23:50 - 00000000 ____D () C:\ProgramData\Skype
2014-03-13 11:01 - 2006-11-02 15:33 - 00000000 ____D () C:\Windows\rescache
2014-03-12 12:34 - 2012-08-15 22:10 - 00003738 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-12 12:34 - 2012-04-03 21:15 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-12 12:34 - 2011-11-06 12:37 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

Some content of TEMP:
====================
C:\Users\Michaela\AppData\Local\temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-07 14:15

==================== End Of Log ============================
         
--- --- ---

--- --- ---


Addition:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Michaela at 2014-04-07 17:38:32
Running from C:\Users\Michaela\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Amazon MP3-Downloader 1.0.18 (HKCU\...\Amazon MP3-Downloader) (Version: 1.0.18 - Amazon Services LLC)
Any Video Converter 5.0.5 (HKLM-x32\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)
Apple Application Support (HKLM-x32\...\{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}) (Version: 2.1.7 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2016 - Avast Software)
Bing Bar (HKLM-x32\...\{B4089055-D468-45A4-A6BA-5A138DD715FC}) (Version: 7.0.850.0 - Microsoft Corporation)
Choice Guard (x32 Version: 1.2.87.0 - Microsoft Corporation) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{415B2719-AD3A-4944-B404-C472DB6085B3}) (Version: 2.1.6 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{83770D14-21B9-44B3-8689-F7B523F94560}) (Version: 1.0.12 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}) (Version: 1.0.13 - Cisco Systems, Inc.)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 2.25 - Dell)
Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.3.24 - Dell)
Dell DataSafe Online (HKLM-x32\...\{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}) (Version: 1.1.0029 - Dell, Inc.)
Dell Dock (HKLM\...\{E60B7350-EA5F-41E0-9D6F-E508781E36D2}) (Version: 2.0.0 - Dell)
Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)
Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Support Center (Support Software) (HKLM-x32\...\{E3BFEE55-39E2-4BE0-B966-89FE583822C1}) (Version: 2.5.09100 - Dell)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.104.115.101 - Alps Electric)
Dell Video Chat (HKLM-x32\...\Dell Video Chat) (Version: 6.1 (6751) - SightSpeed Inc.)
Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 1.20.10 - Creative Technology Ltd)
Dell Wireless WLAN Card Utility (HKLM\...\Broadcom 802.11 Application) (Version: 5.10.38.30 - Dell Inc.)
Dropbox (HKCU\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)
Facebook Messenger 2.1.4814.0 (HKLM-x32\...\{7204BDEE-1A48-4D95-A964-44A9250B439E}) (Version: 2.1.4814.0 - Facebook)
Free Audio Converter version 5.0.3.1206 (HKLM-x32\...\Free Audio Converter_is1) (Version:  - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Integrated Webcam Driver (1.02.01.0320)   (HKLM\...\Creative OA009) (Version: 1.02.01.0320 - Creative Technology Ltd.)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version:  - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 13 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416013FF}) (Version: 6.0.130 - Sun Microsystems, Inc.)
Java(TM) 6 Update 13 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216013FF}) (Version: 6.0.130 - Sun Microsystems, Inc.)
Junk Mail filter update (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
LG PC Suite II (HKLM-x32\...\{14DCD95A-EBA3-4BF0-B7EF-533852E99BE6}) (Version: 2.00.0000 - LG PC Suite)
LG PC Suite II (x32 Version: 2.00.0000 - LG PC Suite) Hidden
LG USB Modem driver (HKLM-x32\...\{C3ABE126-2BB2-4246-BFE1-6797679B3579}) (Version: 4.9.2 - LG Electronics)
Live! Cam Avatar Creator (HKLM-x32\...\{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}) (Version: 4.6.2303.1 - Creative Technology Ltd)
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Default Manager (HKLM-x32\...\{095B1DCF-5E8B-47EC-9B18-481918A731DB}) (Version: 2.0.69.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (HKLM-x32\...\{a0fe116e-9a8a-466f-aee0-625cb7c207e3}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}) (Version: 8.0.58299 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Opera Stable 20.0.1387.82 (HKLM-x32\...\Opera 20.0.1387.82) (Version: 20.0.1387.82 - Opera Software ASA)
PowerDVD DX (HKLM-x32\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 8.2.5024 - Dell Corp.)
Quickset (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 9.2.18 - Dell Inc.)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
RealDownloader (x32 Version: 1.3.3 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Roxio Creator Audio (x32 Version: 3.7.0 - Roxio) Hidden
Roxio Creator Copy (x32 Version: 3.7.0 - Roxio) Hidden
Roxio Creator Data (x32 Version: 3.7.0 - Roxio) Hidden
Roxio Creator DE (HKLM-x32\...\{09760D42-E223-42AD-8C3E-55B47D0DDAC3}) (Version: 10.1 - Roxio)
Roxio Creator DE (x32 Version: 3.7.0 - Roxio) Hidden
Roxio Creator Tools (x32 Version: 3.7.0 - Roxio) Hidden
Roxio Express Labeler 3 (x32 Version: 3.2.1 - Roxio) Hidden
Roxio Update Manager (x32 Version: 6.0.0 - Roxio) Hidden
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Synthesia (HKLM-x32\...\Synthesia) (Version: 8.4 - Synthesia LLC)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM-x32\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
WIDCOMM Bluetooth Software (HKLM\...\{6E7F4CA3-B2DE-413C-A7A1-43AA5BE19EA1}) (Version: 6.5.0.2000 - WIDCOMM, Inc.)
Windows Live Anmelde-Assistent (HKLM-x32\...\{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}) (Version: 5.000.818.6 - Microsoft Corporation)
Windows Live Call (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8051.1204 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{8C1E2925-14F8-45AA-B999-1E2A74BF5607}) (Version: 14.0.8050.1202 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version:  - )
Yahoo! Toolbar (HKLM-x32\...\Yahoo! Companion) (Version:  - Yahoo! Inc.)

==================== Restore Points  =========================

31-03-2014 08:45:44 Geplanter Prüfpunkt
01-04-2014 09:20:00 Windows Update
01-04-2014 10:06:47 削除済み 咎狗の血
02-04-2014 16:47:57 Geplanter Prüfpunkt
04-04-2014 10:54:30 Geplanter Prüfpunkt
04-04-2014 14:40:32 Windows Update
05-04-2014 14:32:27 Geplanter Prüfpunkt
06-04-2014 13:04:06 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2006-11-02 14:34 - 2014-04-04 11:59 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {0AEAFAF6-F116-4A60-AFB4-C8B755A6E975} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {192DDA2D-5815-47B8-983F-65744FEEC03A} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {19BCA020-F0B4-4C5B-A57C-CF09E3EF4781} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2157045702-3999625576-2718192899-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {254095AE-FB97-48EA-94A5-D8BF2AB79714} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {2A429D84-C847-4D6B-9502-3D35AC976676} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2157045702-3999625576-2718192899-1000UA => C:\Users\Michaela\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-11] (Facebook Inc.)
Task: {2EB14C14-2C5F-4626-BA90-D9196121F7AE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12] (Adobe Systems Incorporated)
Task: {36A56C1C-9BEA-44D8-94FD-62456F325528} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2157045702-3999625576-2718192899-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {388C0D7F-DC58-437E-812B-4BE3674FBB6D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {46CD1E8E-C415-4159-AE4E-F1ED803AFE8A} - System32\Tasks\Launch BCM WLAN Tray => C:\Windows\system32\WLTRAY.EXE [2008-12-21] (Dell Inc.)
Task: {55C81DE2-89F3-4B72-84BD-1B91CA453711} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2157045702-3999625576-2718192899-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {5ABD53F8-82CF-4CD6-93BC-810C5612C7A7} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {7133A15E-30E1-43F9-8C91-1F2CA85D8470} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2157045702-3999625576-2718192899-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {7C638E5B-ECE5-4424-A7E5-2C913CA682E9} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {87E7CBB4-22BF-4BC1-BEC9-3CF65F0B7BE3} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2157045702-3999625576-2718192899-1000Core => C:\Users\Michaela\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-03-11] (Facebook Inc.)
Task: {A5EC54B9-100A-4D35-9901-99A32AF722CF} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2157045702-3999625576-2718192899-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {B2E92356-AF15-46C2-9760-3E810CEBBD3A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-10] (Google Inc.)
Task: {E91D6474-70CC-42BE-80FF-8BED8AF557ED} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: {EB167214-C513-42A7-9F0B-69BE18A83294} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-03-29] (AVAST Software)
Task: {F5F46528-E855-4E3F-A3B0-5623AE50F8CB} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2157045702-3999625576-2718192899-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {F6BFCBD6-889A-48E7-9943-27C9D6B5854A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-10] (Google Inc.)
Task: {FC41EBBD-8B04-47C7-B2AD-F6C2BEC1A210} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-2157045702-3999625576-2718192899-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2013-08-14] (RealNetworks, Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2157045702-3999625576-2718192899-1000Core.job => C:\Users\Michaela\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2157045702-3999625576-2718192899-1000UA.job => C:\Users\Michaela\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2009-09-25 03:57 - 2008-12-21 20:35 - 00032768 _____ () C:\Windows\System32\WLTRYSVC.EXE
2009-09-25 03:57 - 2008-12-21 20:35 - 00057856 _____ () C:\Windows\System32\bcmwlrmt.dll
2013-08-14 15:19 - 2013-08-14 15:19 - 00039056 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2009-09-25 04:12 - 2009-04-24 21:52 - 00156912 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe
2009-09-25 04:11 - 2009-07-16 18:00 - 00410864 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe
2013-05-22 20:50 - 2013-05-22 20:50 - 00400704 _____ () C:\Users\Michaela\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
2014-03-04 07:50 - 2014-03-04 07:50 - 00472576 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_64\VistaBridgeLibrary\264c91e0ec39698f61d36c00a26cc16b\VistaBridgeLibrary.ni.dll
2009-07-07 17:23 - 2009-07-07 17:23 - 01779952 _____ () C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe
2014-04-07 13:56 - 2014-04-07 13:56 - 02189824 _____ () C:\Program Files\AVAST Software\Avast\defs\14040700\algo.dll
2009-09-25 04:11 - 2009-07-16 17:58 - 00115952 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\PSTVdsDisk.dll
2009-09-25 04:11 - 2009-07-16 17:59 - 00128240 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\STLog.dll
2009-09-25 04:11 - 2009-07-16 17:58 - 01123568 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\LibXml2.dll
2009-09-25 04:11 - 2009-07-16 17:59 - 00079088 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\zlib1.dll
2009-09-25 04:11 - 2009-07-16 17:59 - 00234736 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\STFiles.dll
2009-09-25 04:11 - 2009-07-16 17:59 - 00074992 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\STRegistry.dll
2009-09-25 04:11 - 2009-07-16 17:59 - 00111856 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\STPE.dll
2009-09-25 04:11 - 2009-07-16 17:59 - 00121072 ____N () C:\Program Files (x86)\Dell DataSafe Local Backup\STNLS.dll
2009-07-07 17:24 - 2009-07-07 17:24 - 00268528 _____ () C:\Program Files (x86)\Dell DataSafe Online\SdbShared.dll
2009-07-07 17:23 - 2009-07-07 17:23 - 00058608 _____ () C:\Program Files (x86)\Dell DataSafe Online\BalloonWindow.dll
2009-07-07 17:24 - 2009-07-07 17:24 - 00095472 _____ () C:\Program Files (x86)\Dell DataSafe Online\SdbUI.dll
2009-07-07 17:24 - 2009-07-07 17:24 - 00046320 _____ () C:\Program Files (x86)\Dell DataSafe Online\de\SdbUI.resources.dll
2009-07-07 17:24 - 2009-07-07 17:24 - 00369904 _____ () C:\Program Files (x86)\Dell DataSafe Online\de\DataSafeOnline.resources.dll
2009-07-07 17:24 - 2009-07-07 17:24 - 00140528 _____ () C:\Program Files (x86)\Dell DataSafe Online\SdbShared.XmlSerializers.dll
2009-07-07 17:23 - 2009-07-07 17:23 - 00017648 _____ () C:\Program Files (x86)\Dell DataSafe Online\cpputils.dll
2014-03-29 14:25 - 2014-03-29 14:25 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-10-19 01:55 - 2013-10-19 01:55 - 25100288 _____ () C:\Users\Michaela\AppData\Roaming\Dropbox\bin\libcef.dll
2014-03-15 21:47 - 2014-03-15 02:50 - 00051016 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\chrome_elf.dll
2014-03-15 21:47 - 2014-03-15 02:50 - 04061000 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll
2014-03-15 21:47 - 2014-03-15 02:50 - 00394568 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll
2014-03-15 21:47 - 2014-03-15 02:50 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/07/2014 05:27:26 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die widersprüchlichen Komponenten sind:
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.

Error: (04/07/2014 05:11:48 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die widersprüchlichen Komponenten sind:
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.

Error: (04/07/2014 02:56:49 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die widersprüchlichen Komponenten sind:
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.

Error: (04/07/2014 02:56:32 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die widersprüchlichen Komponenten sind:
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.

Error: (04/07/2014 02:56:31 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die widersprüchlichen Komponenten sind:
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.

Error: (04/07/2014 02:50:59 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die widersprüchlichen Komponenten sind:
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.

Error: (04/07/2014 01:56:59 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/06/2014 01:52:57 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (04/06/2014 01:49:00 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (04/07/2014 01:59:58 PM) (Source: Service Control Manager) (User: )
Description: 30000Microsoft .NET Framework NGEN v4.0.30319_X86

Error: (04/07/2014 01:58:12 PM) (Source: Service Control Manager) (User: )
Description: Beep

Error: (04/07/2014 01:57:27 PM) (Source: Service Control Manager) (User: )
Description: Bluetooth Service

Error: (04/07/2014 01:57:00 PM) (Source: Service Control Manager) (User: )
Description: Intel(R) PRO/1000 NDIS 6 Adapter Driver%%1058

Error: (04/07/2014 01:57:00 PM) (Source: Service Control Manager) (User: )
Description: Intel(R) PRO/1000 PCI Express-Netzwerkverbindungstreiber%%1058

Error: (04/07/2014 01:57:00 PM) (Source: Service Control Manager) (User: )
Description: Bluetooth-Gerät (PAN)%%1058

Error: (04/06/2014 01:52:15 PM) (Source: Service Control Manager) (User: )
Description: 30000Microsoft .NET Framework NGEN v4.0.30319_X86

Error: (04/06/2014 01:50:19 PM) (Source: Service Control Manager) (User: )
Description: Beep

Error: (04/06/2014 01:49:44 PM) (Source: Service Control Manager) (User: )
Description: Bluetooth Service

Error: (04/06/2014 01:49:01 PM) (Source: Service Control Manager) (User: )
Description: Intel(R) PRO/1000 NDIS 6 Adapter Driver%%1058


Microsoft Office Sessions:
=========================
Error: (05/27/2013 11:18:45 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 12395 seconds with 6840 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2014-04-07 17:38:27.217
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-07 17:38:26.609
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-07 17:38:26.000
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-07 17:38:25.361
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-07 17:38:24.737
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-07 17:38:24.128
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-07 17:38:23.520
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-07 17:38:22.880
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-07 17:33:17.217
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-04-07 17:33:16.469
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 65%
Total physical RAM: 4055.45 MB
Available physical RAM: 1388.38 MB
Total Pagefile: 8286.18 MB
Available Pagefile: 5463.6 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:283.4 GB) (Free:118.51 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (RECOVERY) (Fixed) (Total:14.65 GB) (Free:6.38 GB) NTFS
Drive g: (MyDrive) (Fixed) (Total:931.51 GB) (Free:855.13 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298 GB) (Disk ID: 7F8F3E8E)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=15 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=283 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 932 GB) (Disk ID: 1B2BCA31)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

Alt 08.04.2014, 11:22   #15
schrauber
/// the machine
/// TB-Ausbilder
 

Wie kann ich Daten sichern da MusikTrojaner vermutet - Standard

Wie kann ich Daten sichern da MusikTrojaner vermutet



Kannst ja die Optimierung mal machen, auch wenn ich persönlich nix davon halte.

Adobe updaten.

Downloade Dir bitte TFC ( von Oldtimer ) und speichere die Datei auf dem Desktop.
Schließe nun alle offenen Programme und trenne Dich von dem Internet.
Doppelklick auf die TFC.exe und drücke auf Start.
Sollte TFC nicht alle Dateien löschen können wird es einen Neustart verlangen. Dies bitte zulassen.


Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
HKLM\...\Run: [sroli] - rundll32.exe ",HrEditPhonebookEntry
ProxyServer: 172.16.10.1:8080
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Wie kann ich Daten sichern da MusikTrojaner vermutet
avast, bilder, dateien, daten, datensicherung, einfach, erstellt, externe festplatte, festplatte, folge, folgendes, musik, musik im hintergrund, nichts, problem, pup.optional.babylon.a, pup.optional.datamngr.a, pup.optional.opencandy, pup.optional.snapdo, pup.optional.snapdo.a, pup.optional.websearch.a, trojaner verdacht, virenscan




Ähnliche Themen: Wie kann ich Daten sichern da MusikTrojaner vermutet


  1. GVU trojaner - Welche Art von Daten kann ich sichern?
    Plagegeister aller Art und deren Bekämpfung - 06.09.2013 (25)
  2. Daten sichern trotz Viren
    Log-Analyse und Auswertung - 17.07.2013 (2)
  3. GVU-Trojaner: Daten sichern und Windows neu aufsetzen
    Plagegeister aller Art und deren Bekämpfung - 23.03.2013 (9)
  4. Computer neu aufsetzen! Daten sichern?
    Alles rund um Windows - 01.02.2013 (1)
  5. GVU-Trojaner, Windows 7, Daten sichern?
    Plagegeister aller Art und deren Bekämpfung - 18.10.2012 (2)
  6. Daten von Festplatte mit Passwort sichern?
    Alles rund um Windows - 21.09.2012 (7)
  7. GVU-Trojaner Daten sichern
    Plagegeister aller Art und deren Bekämpfung - 05.08.2012 (2)
  8. Daten Sichern
    Plagegeister aller Art und deren Bekämpfung - 19.05.2012 (1)
  9. Windows Verschlüsselungstrojaner kann man Daten sichern ?
    Log-Analyse und Auswertung - 05.05.2012 (8)
  10. BKA Virus Daten sichern vor der Neuinstallation
    Plagegeister aller Art und deren Bekämpfung - 04.04.2012 (11)
  11. Muss formatieren kann aber keine Daten sichern?
    Diskussionsforum - 16.07.2011 (6)
  12. Frage zu: Daten sichern.
    Alles rund um Windows - 25.01.2011 (1)
  13. Daten sichern mit Parted Magic
    Anleitungen, FAQs & Links - 05.02.2010 (2)
  14. System befallen,neu aufsetzen,daten sichern?
    Plagegeister aller Art und deren Bekämpfung - 09.02.2009 (0)
  15. Daten sichern bei PC neu aufsetzen
    Überwachung, Datenschutz und Spam - 16.09.2008 (2)
  16. Daten sichern vor Neuinstallation, usw.
    Alles rund um Windows - 27.04.2008 (3)
  17. Daten sichern trotz Trojanerbefall
    Plagegeister aller Art und deren Bekämpfung - 16.11.2007 (2)

Zum Thema Wie kann ich Daten sichern da MusikTrojaner vermutet - Hallo liebes Helferteam. Seit einigen Tagen habe ich das folgende Problem: Zwischen 1.00 und 4.00 nachts läuft auf einmal eine (manchmal 2) Werbungen (nur Ton) ab. Selbst wenn ich alles - Wie kann ich Daten sichern da MusikTrojaner vermutet...
Archiv
Du betrachtest: Wie kann ich Daten sichern da MusikTrojaner vermutet auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.