Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
immer wieder selbsterstellender Ordner auf dem Desktop : Name = Continue Vuu PC

immer wieder selbsterstellender Ordner auf dem Desktop : Name = Continue Vuu PC


Log-Analyse und Auswertung: immer wieder selbsterstellender Ordner auf dem Desktop : Name = Continue Vuu PC

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 17.04.2014, 13:22   #1
cafee
 
immer wieder selbsterstellender Ordner auf dem Desktop : Name = Continue Vuu PC - Standard

immer wieder selbsterstellender Ordner auf dem Desktop : Name = Continue Vuu PC


Hallo , hoffe da ich noch nicht so recht hier durchblicke alles erstmal einigermaßen rüber bringe ? Ich hatte arge Probleme mit (wohl einem Virus) der mir laufend den Ordner Continue Vuu Pc auf dem Desktop erstellte . Als ich den Ordner mit der rechten Maustaste zurückvervolgte fand der Pfad sich im Windows Temp Verzeichnis . Daraufhin löschte ich ihn und beim Neustart war er wieder an der selben stelle auf dem Desktop. Das kam mir mehr qals komisch vor weil Avast nichts anzeigte ( außer das was eh im Quaratäne Container verschoben wurde) ! Daraufhin besuchte ich eure Seite las den Bericht mit dem eset scan und machte diesen . Auch lies ich noch spybot & destroy durchlaufen wie auch TuneUp 2013
und entfernte die angezeigten Pfade aus der Registry. Nun ist der Ordner weg aber ich bin mir nicht Sicher ob nun noch verbleibende Reste von dem Virus Vorhanden sind die sich evtl. selbst regenerieren ? Es wird mir auch nicht mehr dieser Windows Aufforderungsbildschirm der im Zusammenhang mit diesem Desktop Ordner immer erschien (zu einer Installation die ich nicht kannte) aufforderte. Mal sehen ob der noch mal erscheint , habe leider kein Screenprint gemacht und ihn weggeklickt. Aber der Eset scan erkannte den als 79bjm5me7g.exe (Trojan.VUPX.Gen)
Hoffe mal das hat etwas gebracht was ich hier getan habe ? Bin ja noch nicht so Firm auf Eurer Seite , aber gebe mir Mühe alles Verständlich rüber zu bringen . Ich gehe mal von aus das ich mir diesen Virus auf der Seite h..p://livetv.ru/de/ eingefangen habe als ich zum Update des Java Players (da angeblich nicht Aktuell) aufgefordert wurde und dies tat. Das war nämlich am 12.04.2014 ! Seit dem begann der Ärger.
Ich hoffe es beim besten Wissen rüber gebracht zu haben und Danke schon im Voraus für jede Hilfe. Im Augenblick läuft noch alles ok !

liebe Grüße cafee


ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=1641022ecf460c40919e8fc607148f1f
# engine=17895
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-04-15 04:33:28
# local_time=2014-04-15 06:33:28 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.2.9200 NT
# compatibility_mode=772 16777213 83 80 841838 865344 0 0
# compatibility_mode=5893 16776574 100 94 2582031 37299899 0 0
# scanned=300731
# found=4
# cleaned=0
# scan_time=10133
sh=DE0F453AD7E45914C2F6E2A6BC782AFB6DB94B9D ft=1 fh=1f461786edf5f19c vn="NSIS/StartPage.CC trojan" ac=I fn="C:\Users\Jörg\Downloads\vlc-2.0.7-win64.exe"
sh=CE7C1C3C26844395183B1B441188D7310D36DB91 ft=0 fh=0000000000000000 vn="NSIS/StartPage.CC trojan" ac=I fn="F:\JÖRGI\Backup Set 2014-01-03 173231\Backup Files 2014-01-03 173231\Backup files 7.zip"
sh=2AF29619BCA84141956AF9AC12DA190541022325 ft=0 fh=0000000000000000 vn="NSIS/StartPage.CC trojan" ac=I fn="F:\JÖRGI\Backup Set 2014-01-03 173231\Backup Files 2014-02-16 190009\Backup files 1.zip"
sh=29B9C40F23DE007075DA0257AFB7EBE6E032E5B3 ft=0 fh=0000000000000000 vn="NSIS/StartPage.CC trojan" ac=I fn="F:\JÖRGI\Backup Set 2014-02-23 190001\Backup Files 2014-02-23 190001\Backup files 14.zip"

Alt 17.04.2014, 13:30   #2
schrauber
/// the machine
/// TB-Ausbilder
 
immer wieder selbsterstellender Ordner auf dem Desktop : Name = Continue Vuu PC - Standard

immer wieder selbsterstellender Ordner auf dem Desktop : Name = Continue Vuu PC


hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________
Alt 18.04.2014, 11:13   #3
cafee
 
immer wieder selbsterstellender Ordner auf dem Desktop : Name = Continue Vuu PC - Standard

immer wieder selbsterstellender Ordner auf dem Desktop : Name = Continue Vuu PC


Danke erstmal an Dich schrauber für den Tip , ich werde das am Oster We mal tun und dann posten ! Wünsche Dir schon mal frohe gesunde Ostern wie allen anderen lesenden hier auch glg cafee
__________________
Alt 19.04.2014, 05:09   #4
schrauber
/// the machine
/// TB-Ausbilder
 
immer wieder selbsterstellender Ordner auf dem Desktop : Name = Continue Vuu PC - Standard

immer wieder selbsterstellender Ordner auf dem Desktop : Name = Continue Vuu PC


ok
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 23.04.2014, 11:02   #5
cafee
 
immer wieder selbsterstellender Ordner auf dem Desktop : Name = Continue Vuu PC - Standard

immer wieder selbsterstellender Ordner auf dem Desktop : Name = Continue Vuu PC


Hallo Schrauber
es scheint wohl nix mehr mit meinem PC ok zu sein , habe mir die eset NOD32 ANTIVIRUS Software gekauft und mal alles mehrmals gründlich durch gescannt ! Sieht nicht gut aus
Ich werde wohl nicht drum herum kommen die Festplatte zu Formatieren und Windows 8 neu zu Installieren. Nur hat eset mir schon angezeigt das der MBR beschädigt ist !
Da ja meine Festplatte in 2 Teile Partitioniert ist und auf Partion 2 das Windows Backup ist was ebenfalls schon verseucht ist kann ich nix mehr neu installieren was ich schon probiert habe.
Es wurde die alte Installation wieder hergestellt. Nun weiß ich mir auch keinen Rat mehr ?
Da scheint wohl einiges im Argen zu sein und nicht OHNE !!!
Was für Möglichkeiten bleiben noch um Sicher beide Partionen zu Löschen und wie ohne das was von dem Verseuchten Müll übrig bleibt ?

lieben Gruß cafee , bin für jede Hilfe jetzt schon Dankbar

Hallo Schrauber hier der FRXT.txt vom scan
FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-04-2014
Ran by Jörg (administrator) on JÖRGI on 23-04-2014 11:28:35
Running from D:\Büro\Sicherheit
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool 
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicShellService.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(VIA Technologies, Inc.) C:\Windows\system32\viakaraokesrv.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\LiveComm.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3933496 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5618456 2013-09-12] (ESET)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5263504 2012-08-09] (VIA)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [295512 2013-12-23] (RealNetworks, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2502406073-1232304317-553576181-1001\...\Run: [rfxsrvtray] => C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-tray.exe [1838872 2013-02-07] (Tobit.Software)
HKU\S-1-5-21-2502406073-1232304317-553576181-1001\...\Run: [PC Suite Tray] => C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [1516632 2012-06-26] (Nokia)
HKU\S-1-5-21-2502406073-1232304317-553576181-1001\...\MountPoints2: {a5919ca4-84df-11e2-be70-806e6f6e6963} - "E:\setup.exe" 
IFEO\chrome.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"

==================== Internet (Whitelisted) ====================

URLSearchHook: HKCU - (No Name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No File
SearchScopes: HKCU - DefaultScope {460C3D19-B3D4-4964-A550-77D263B0CCCB} URL = 
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
BHO: No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default
FF NewTab: Google
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.eset.com
FF Keyword.URL: https://www.google.com/search
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.3.51 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 - C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default\searchplugins\findr.xml
FF SearchPlugin: C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default\searchplugins\iminent.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\webssearches.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: MediaPlayerplus - C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default\Extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com [2014-04-12]
FF Extension: German Dictionary, extended for Austria - C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default\Extensions\de-AT@dictionaries.addons.mozilla.org [2013-03-05]
FF Extension: LavaFox V2-Blue - C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default\Extensions\djziggy@gmail.com [2014-01-29]
FF Extension: Freeven Pro 1.3 - C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default\Extensions\e20dc619-d8c4-48f1-ae07-641cefb43165@3c4d943f-ad97-4f6e-aa94-d9671175a3d0.com [2014-04-12]
FF Extension: British English Dictionary (Updated) - C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default\Extensions\en-gb@flyingtophat.co.uk [2014-01-31]
FF Extension: United States English Spellchecker - C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default\Extensions\en-US@dictionaries.addons.mozilla.org [2013-03-06]
FF Extension: Diccionario Español Argentina - C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default\Extensions\es-AR@dictionaries.addons.mozilla.org [2013-03-06]
FF Extension: Diccionario de Español/México - C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default\Extensions\es-MX@dictionaries.addons.mozilla.org [2013-03-06]
FF Extension: Diccionario en Español para Venezuela - C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default\Extensions\es-ve@dictionaries.addons.mozilla.org [2013-03-06]
FF Extension: LavaFox V2 - C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default\Extensions\info@djzig.com [2014-01-29]
FF Extension: Dizionario italiano - C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default\Extensions\it-IT@dictionaries.addons.mozilla.org [2013-03-06]
FF Extension: Brazilian Portuguese (Current Spelling) - C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default\Extensions\pt-BR@dictionaries.addons.mozilla.org [2014-02-08]
FF Extension: Corretor para Português de Portugal - C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default\Extensions\pt-PT@dictionaries.addons.mozilla.org [2014-04-05]
FF Extension: LavaFox V2-Purple - C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default\Extensions\zigboom555@aol.com [2014-01-29]
FF Extension: LavaFox V2-Green - C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default\Extensions\zigboom@ymail.com [2014-01-29]
FF Extension: Ghostery - C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default\Extensions\firefox@ghostery.com.xpi [2013-11-27]
FF Extension: YouTube HTML5 Switch - C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default\Extensions\jid0-coCUQ7NySNPcj72dA3557kKXGZU@jetpack.xpi [2013-03-13]
FF Extension: YouTube HD - C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default\Extensions\jid0-HbNL9qqBkuuKRhJ9ncTonCky1HU@jetpack.xpi [2013-10-18]
FF Extension: Traditional Chinese (zh-TW) Language Pack - C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default\Extensions\langpack-zh-TW@firefox.mozilla.org.xpi [2013-03-05]
FF Extension: Stylish - C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2013-06-08]
FF Extension: Easy Youtube Video Downloader Express - C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default\Extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi [2013-10-21]
FF Extension: Download YouTube Videos as MP4 - C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2013-10-20]
FF Extension: Adblock Plus - C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-03-12]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2014-04-22]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF Extension: No Name - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ []
FF HKLM-x32\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com\
FF Extension: Freemake Video Downloader Plugin - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com\ []
FF HKLM-x32\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\
FF Extension: Freemake Youtube Download Button - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\ []
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-12-23]
FF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2014-04-22]

Chrome: 
=======
CHR HomePage: hxxp://go.findrsearch.com
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Extension: (Freeven Pro 1.3) - C:\Users\Jörg\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj [2014-04-12]
CHR Extension: (Google Docs) - C:\Users\Jörg\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-03-02]
CHR Extension: (Google Drive) - C:\Users\Jörg\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-03-02]
CHR Extension: (YouTube) - C:\Users\Jörg\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-03-02]
CHR Extension: (Last updated at $time$ on $date$) - C:\Users\Jörg\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-03-02]
CHR Extension: (Google Search) - C:\Users\Jörg\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-03-02]
CHR Extension: (Mac OSX Font Rendering) - C:\Users\Jörg\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbokdhnlldmknaijpgikegjffnlpaamk [2013-03-02]
CHR Extension: (AdBlock) - C:\Users\Jörg\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-03-02]
CHR Extension: (Lone Tree) - C:\Users\Jörg\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfmkllfplegemejikoabfpjdaoncphip [2013-03-04]
CHR Extension: (No Name) - C:\Users\Jörg\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda [2013-03-02]
CHR Extension: (MediaPlayerplus) - C:\Users\Jörg\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd [2014-04-12]
CHR Extension: (No Name) - C:\Users\Jörg\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2013-03-16]
CHR Extension: (Gmail) - C:\Users\Jörg\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-03-02]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-07-03]
CHR HKLM-x32\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2013-11-06]
CHR HKLM-x32\...\Chrome\Extension: [ehgldbbpchgpcfagfpfjgoomddhccfgh] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx [2013-11-06]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]
CHR HKLM-x32\...\Chrome\Extension: [kiplfnciaokpcennlkldkdaeaaomamof] - C:\Users\Jörg\AppData\Local\Torch\Plugins\TorchPlugin.crx [2013-08-14]
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 ClassicShellService; C:\Program Files\Classic Shell\ClassicShellService.exe [68608 2012-12-29] (IvoSoft)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1337752 2013-09-12] (ESET)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [101888 2013-12-09] (Freemake)
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2013-11-08] (Ellora Assets Corp.)
R2 Radio.fx; C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe [3999512 2013-06-03] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2412344 2014-01-28] (TuneUp Software)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27792 2012-08-03] (VIA Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-10-25] (Microsoft Corporation)
S2 HPSLPSVC; C:\Users\JRG~1\AppData\Local\Temp\7zS1478\hpslpsvc64.dll [X]

==================== Drivers (Whitelisted) ====================

R3 camfilt2; C:\Windows\system32\DRIVERS\camfilt2.sys [139264 2007-08-29] (Guillemot Corporation)
R3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [239296 2013-09-17] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET)
R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [157432 2013-09-17] (ESET)
R3 OM0530; C:\Windows\System32\Drivers\ov530vx.sys [172928 2007-07-13] (OmniVision Technology Inc.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-11-16] (TuneUp Software)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 NPF; system32\drivers\NPF.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-23 11:08 - 2014-04-23 11:08 - 00525886 _____ () C:\Users\Jörg\Desktop\bookmarks-2014-04-23.json
2014-04-23 06:44 - 2014-04-23 06:44 - 00000000 __SHD () C:\Recovery
2014-04-23 06:21 - 2014-04-23 06:37 - 00001677 _____ () C:\Windows\setupact.log
2014-04-23 06:21 - 2014-04-23 06:21 - 00001890 _____ () C:\Windows\diagwrn.xml
2014-04-23 06:21 - 2014-04-23 06:21 - 00001890 _____ () C:\Windows\diagerr.xml
2014-04-23 06:21 - 2014-04-23 06:21 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-22 12:25 - 2014-04-22 12:25 - 00000000 ____D () C:\ProgramData\ESET
2014-04-22 12:25 - 2014-04-22 12:25 - 00000000 ____D () C:\Program Files\ESET
2014-04-21 07:51 - 2014-04-21 07:51 - 00444872 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-19 17:54 - 2014-02-04 01:56 - 00332632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-19 17:54 - 2014-02-04 01:56 - 00278872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-19 17:54 - 2014-01-31 05:55 - 00209712 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2014-04-19 17:54 - 2014-01-31 02:48 - 00564736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-04-19 17:54 - 2014-01-31 02:48 - 00485888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll
2014-04-19 17:54 - 2014-01-31 02:48 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2014-04-19 17:54 - 2014-01-31 02:48 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-19 17:54 - 2014-01-31 02:06 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-04-19 17:54 - 2014-01-31 02:06 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2014-04-19 17:54 - 2014-01-31 02:06 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-19 17:54 - 2014-01-27 05:42 - 02232664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-04-19 17:54 - 2014-01-27 05:39 - 01939288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-19 17:54 - 2014-01-27 02:52 - 17561088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-04-19 17:54 - 2014-01-27 02:31 - 19752448 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-04-19 17:54 - 2014-01-27 01:17 - 00386722 _____ () C:\Windows\system32\ApnDatabase.xml
2014-04-19 17:54 - 2014-01-16 01:42 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2014-04-19 17:54 - 2014-01-11 08:48 - 05979648 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-04-19 17:54 - 2014-01-11 07:06 - 05092352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-04-19 17:54 - 2014-01-03 01:35 - 00365568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-04-19 17:54 - 2014-01-03 01:32 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-04-19 17:52 - 2014-03-07 02:48 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-19 17:52 - 2014-03-07 02:48 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-19 17:52 - 2014-03-07 02:47 - 14357504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-19 17:52 - 2014-03-07 02:47 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-19 17:52 - 2014-03-07 02:47 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-19 17:52 - 2014-03-07 02:47 - 02049536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-19 17:52 - 2014-03-07 02:47 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-04-19 17:52 - 2014-03-07 02:47 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-19 17:52 - 2014-03-07 02:47 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-19 17:52 - 2014-03-07 02:08 - 19273216 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-19 17:52 - 2014-03-07 02:08 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-19 17:52 - 2014-03-07 02:08 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-19 17:52 - 2014-03-07 02:08 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-19 17:52 - 2014-03-07 02:08 - 02240000 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-19 17:52 - 2014-03-07 02:08 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-19 17:52 - 2014-03-07 02:08 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-04-19 17:52 - 2014-03-07 02:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-04-19 17:52 - 2014-03-07 02:08 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-19 17:52 - 2014-03-07 02:08 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-19 17:52 - 2014-02-08 06:34 - 04036608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-04-19 17:52 - 2014-02-06 01:41 - 01257984 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-19 17:52 - 2014-02-06 01:41 - 00978432 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-04-19 17:52 - 2014-02-06 01:26 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-04-19 17:52 - 2014-02-06 01:19 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-19 17:52 - 2013-10-25 09:34 - 00035856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-04-19 17:52 - 2013-10-25 00:34 - 00248240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-04-19 17:52 - 2013-05-16 00:37 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-04-19 17:52 - 2013-05-16 00:35 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-04-19 17:52 - 2013-05-14 15:14 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-19 17:52 - 2013-05-14 11:23 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-19 17:52 - 2013-02-21 12:29 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-04-19 17:52 - 2013-02-21 12:29 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-19 17:52 - 2013-02-21 12:29 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-19 17:52 - 2013-02-21 12:29 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-19 17:52 - 2013-02-21 12:14 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-04-19 17:52 - 2013-02-21 12:14 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-19 17:52 - 2013-02-19 11:53 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-04-19 17:52 - 2012-11-08 06:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-19 17:52 - 2012-11-08 06:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-19 17:52 - 2012-07-26 05:06 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-19 17:51 - 2014-02-06 01:41 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-04-19 17:51 - 2014-02-06 01:37 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-04-19 17:51 - 2014-01-31 02:48 - 01339392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-04-19 17:51 - 2014-01-31 02:06 - 01628160 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-04-19 17:44 - 2014-04-19 17:44 - 00000000 ____D () C:\Users\Jörg\AppData\Local\ESET
2014-04-19 07:57 - 2014-04-19 07:58 - 00029977 _____ () C:\Users\Jörg\Downloads\Addition.txt
2014-04-19 07:56 - 2014-04-23 11:28 - 00000000 ____D () C:\FRST
2014-04-19 07:56 - 2014-04-19 07:58 - 00044162 _____ () C:\Users\Jörg\Downloads\FRST.txt
2014-04-15 22:49 - 2014-04-15 22:49 - 00000000 ____D () C:\Users\Jörg\AppData\Roaming\SpeedMaxPc
2014-04-15 22:49 - 2014-04-15 22:49 - 00000000 ____D () C:\Users\Jörg\AppData\Roaming\DriverCure
2014-04-15 22:48 - 2014-04-15 23:08 - 00000000 ____D () C:\ProgramData\SpeedMaxPc
2014-04-15 22:36 - 2014-04-19 14:27 - 01001716 _____ () C:\Windows\PFRO.log
2014-04-12 16:54 - 2014-04-19 13:56 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-04-12 16:50 - 2014-04-13 01:47 - 00000000 ____D () C:\Users\Jörg\AppData\Local\Lollipop

==================== One Month Modified Files and Folders =======

2014-04-23 11:28 - 2014-04-19 07:56 - 00000000 ____D () C:\FRST
2014-04-23 11:24 - 2014-01-02 14:59 - 00000348 _____ () C:\Windows\Tasks\HP Photo Creations Communicator.job
2014-04-23 11:16 - 2013-03-02 14:00 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-23 11:08 - 2014-04-23 11:08 - 00525886 _____ () C:\Users\Jörg\Desktop\bookmarks-2014-04-23.json
2014-04-23 10:00 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-04-23 08:26 - 2013-03-02 12:28 - 01418546 _____ () C:\Windows\WindowsUpdate.log
2014-04-23 08:24 - 2012-07-26 12:27 - 00752930 _____ () C:\Windows\system32\perfh007.dat
2014-04-23 08:24 - 2012-07-26 12:27 - 00156156 _____ () C:\Windows\system32\perfc007.dat
2014-04-23 08:24 - 2012-07-26 09:28 - 01748838 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-23 07:51 - 2013-03-02 15:01 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-04-23 07:51 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-23 07:38 - 2012-07-26 07:26 - 00000000 ___HD () C:\$WINDOWS.~BT
2014-04-23 06:44 - 2014-04-23 06:44 - 00000000 __SHD () C:\Recovery
2014-04-23 06:37 - 2014-04-23 06:21 - 00001677 _____ () C:\Windows\setupact.log
2014-04-23 06:21 - 2014-04-23 06:21 - 00001890 _____ () C:\Windows\diagwrn.xml
2014-04-23 06:21 - 2014-04-23 06:21 - 00001890 _____ () C:\Windows\diagerr.xml
2014-04-23 06:21 - 2014-04-23 06:21 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-22 20:10 - 2013-03-05 10:34 - 00000000 ____D () C:\Users\Jörg\AppData\Roaming\OpenCandy
2014-04-22 12:25 - 2014-04-22 12:25 - 00000000 ____D () C:\ProgramData\ESET
2014-04-22 12:25 - 2014-04-22 12:25 - 00000000 ____D () C:\Program Files\ESET
2014-04-21 18:13 - 2013-03-28 11:08 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-04-21 17:53 - 2013-10-27 13:01 - 00000000 ____D () C:\Users\Jörg\AppData\Roaming\SpeedTestAnalysis
2014-04-21 11:47 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\rescache
2014-04-21 08:16 - 2013-03-02 14:00 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-21 08:03 - 2013-06-26 20:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-21 07:51 - 2014-04-21 07:51 - 00444872 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-19 18:02 - 2013-03-02 12:29 - 00000000 ___RD () C:\Users\Jörg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-19 18:02 - 2013-03-02 12:29 - 00000000 ___RD () C:\Users\Jörg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-19 17:59 - 2012-07-26 10:12 - 00000000 ___RD () C:\Windows\ToastData
2014-04-19 17:59 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-04-19 17:59 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-04-19 17:59 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\WinStore
2014-04-19 17:59 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-04-19 17:59 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-04-19 17:57 - 2013-09-10 09:37 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-19 17:55 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-04-19 17:44 - 2014-04-19 17:44 - 00000000 ____D () C:\Users\Jörg\AppData\Local\ESET
2014-04-19 17:15 - 2013-03-02 12:35 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2502406073-1232304317-553576181-1001
2014-04-19 15:08 - 2013-03-02 14:03 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-04-19 15:07 - 2014-02-14 15:02 - 00000000 ____D () C:\Program Files (x86)\Two Worlds Pinball
2014-04-19 15:01 - 2013-03-02 12:28 - 00000000 ____D () C:\Users\Jörg
2014-04-19 14:27 - 2014-04-15 22:36 - 01001716 _____ () C:\Windows\PFRO.log
2014-04-19 14:22 - 2013-03-02 14:06 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-04-19 13:59 - 2013-03-07 11:47 - 00000000 ____D () C:\Users\I-Net
2014-04-19 13:58 - 2013-12-15 05:11 - 00000000 ____D () C:\Users\Jörg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-04-19 13:58 - 2013-10-27 13:00 - 00000000 ____D () C:\Users\Jörg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Paragon Partition Manager™ 2013 Free
2014-04-19 13:58 - 2013-07-24 16:26 - 00000000 ____D () C:\Users\Jörg\AppData\Roaming\IrfanView
2014-04-19 13:58 - 2013-05-12 16:11 - 00000000 ____D () C:\ProgramData\TechSmith
2014-04-19 13:58 - 2013-04-27 13:56 - 00000000 ____D () C:\Users\Jörg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PlayLogic
2014-04-19 13:58 - 2013-04-01 10:28 - 00000000 ____D () C:\Users\Jörg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
2014-04-19 13:58 - 2013-03-15 21:16 - 00000000 ____D () C:\Users\Jörg\AppData\Roaming\dvdcss
2014-04-19 13:58 - 2013-03-07 11:48 - 00000000 ___RD () C:\Users\I-Net\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-19 13:58 - 2013-03-07 11:48 - 00000000 ___RD () C:\Users\I-Net\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-19 13:58 - 2013-03-05 01:57 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-04-19 13:58 - 2013-03-04 21:01 - 00000000 ____D () C:\Users\Jörg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Nachschlagewerke
2014-04-19 13:58 - 2013-03-04 21:01 - 00000000 ____D () C:\Users\Jörg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Autostart
2014-04-19 13:58 - 2013-03-02 12:28 - 00000000 ___RD () C:\Users\Jörg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-04-19 13:58 - 2013-03-02 12:28 - 00000000 ___RD () C:\Users\Jörg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-04-19 13:58 - 2013-03-02 12:28 - 00000000 ___RD () C:\Users\Jörg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-04-19 13:58 - 2013-03-02 12:28 - 00000000 ____D () C:\Users\Jörg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-04-19 13:58 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\Macromed
2014-04-19 13:58 - 2012-07-26 07:38 - 00000000 ____D () C:\Windows\system32\Sysprep
2014-04-19 13:58 - 2012-07-26 07:37 - 00000000 ____D () C:\Windows\servicing
2014-04-19 13:56 - 2014-04-12 16:54 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-04-19 13:56 - 2013-05-12 16:11 - 00000000 ____D () C:\Program Files (x86)\TechSmith
2014-04-19 13:56 - 2013-03-02 14:05 - 00000000 ____D () C:\Program Files\CDBurnerXP
2014-04-19 13:56 - 2013-03-02 14:01 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-19 13:56 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-04-19 13:53 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\registration
2014-04-19 13:50 - 2013-05-06 18:53 - 00000000 ____D () C:\ProgramData\Real
2014-04-19 13:49 - 2013-07-09 18:49 - 00000000 ____D () C:\Program Files\Java
2014-04-19 08:24 - 2013-03-05 20:01 - 00019697 _____ () C:\ProgramData\hpzinstall.log
2014-04-19 07:58 - 2014-04-19 07:57 - 00029977 _____ () C:\Users\Jörg\Downloads\Addition.txt
2014-04-19 07:58 - 2014-04-19 07:56 - 00044162 _____ () C:\Users\Jörg\Downloads\FRST.txt
2014-04-18 02:26 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-04-15 23:08 - 2014-04-15 22:48 - 00000000 ____D () C:\ProgramData\SpeedMaxPc
2014-04-15 22:49 - 2014-04-15 22:49 - 00000000 ____D () C:\Users\Jörg\AppData\Roaming\SpeedMaxPc
2014-04-15 22:49 - 2014-04-15 22:49 - 00000000 ____D () C:\Users\Jörg\AppData\Roaming\DriverCure
2014-04-13 01:47 - 2014-04-12 16:50 - 00000000 ____D () C:\Users\Jörg\AppData\Local\Lollipop
2014-04-06 17:35 - 2013-05-30 16:15 - 00000000 ____D () C:\Users\Jörg\AppData\Local\CrashDumps
2014-04-03 11:59 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-03-31 23:18 - 2012-07-26 10:14 - 00694232 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-31 23:18 - 2012-07-26 10:14 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-31 03:51 - 2013-03-02 12:45 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-28 10:30 - 2013-08-16 18:43 - 00000000 ____D () C:\Users\Jörg\Downloads\Bilder

Some content of TEMP:
====================
C:\Users\Jörg\AppData\Local\Temp\InstHelper.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-17 12:45

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---

--- --- ---

Addition.txtFRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-04-2014 01
Ran by Jörg at 2014-04-19 07:57:21
Running from C:\Users\Jörg\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Internet Security (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: avast! Internet Security (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Internet Security (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
AIO_CDB_ToolboxIni64 (Version: 82.0.242.000 - Hewlett-Packard) Hidden
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.1.3868 - CDBurnerXP)
Classic Shell (HKLM\...\{CB00799C-0E4F-4FD1-A046-BD24321BCDFF}) (Version: 3.6.5 - IvoSoft)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart Officejet and Deskjet All-In-One Driver Software (HKLM\...\{6F5B70F0-EA6C-4A5B-BB16-8390BD66B251}) (Version: 14.0 - HP)
HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B (HKLM\...\{C916D86C-AB76-49c7-B0E4-A946E0FD9BC2}) (Version: 8.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
K-Lite Codec Pack 9.7.5 (64-bit) (HKLM\...\KLiteCodecPack64_is1) (Version: 9.7.5 - )
Logitech Unifying-Software 2.10 (HKLM\...\Logitech Unifying) (Version: 2.10.37 - Logitech)
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
Network64 (Version: 140.0.306.000 - Hewlett-Packard) Hidden
NVIDIA 3D Vision Treiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.65 - NVIDIA Corporation)
NVIDIA Grafiktreiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 331.65 (Version: 331.65 - NVIDIA Corporation) Hidden
NVIDIA Update 1.15.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.15.2 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.15.2 - NVIDIA Corporation) Hidden
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
PeaZip 4.8.1 (WIN64) (HKLM\...\{5A2BC38A-406C-4A5B-BF45-6991F9A05325}_is1) (Version:  - Giorgio Tani)
Stellarium 0.12.0 (HKLM\...\Stellarium_is1) (Version: 0.12.0 - Stellarium team)
VLC media player 2.1.1 (HKLM\...\VLC media player) (Version: 2.1.1 - VideoLAN)
Windows-Treiberpaket - Nokia Modem  (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia)
Windows-Treiberpaket - Nokia Modem  (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 - Nokia)
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)

==================== Restore Points  =========================

13-04-2014 17:00:19 Windows-Sicherung
14-04-2014 15:46:39 Windows-Sicherung
15-04-2014 19:14:01 Removed Java 8 (64-bit)

==================== Hosts content: ==========================

2012-07-26 07:26 - 2014-04-06 19:33 - 00450639 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	www.032439.com
127.0.0.1	032439.com
127.0.0.1	0Scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	²©²Êͨ,²©²ÊÍø,½ð±¦²©188,²©²ÊͨÆÀ¼¶,°Ù¼ÒÀÖ,°ÂÃî°Ù¼ÒÀÖ
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	Gadgets And More
127.0.0.1	10sek.com
127.0.0.1	www.1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	www.123fporn.info
127.0.0.1	123fporn.info
127.0.0.1	123haustiereundmehr.com
127.0.0.1	www.123haustiereundmehr.com
127.0.0.1	123moviedownload.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

Task: {05CFA7CA-BF05-41AB-856F-44893CE0BA51} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12] (Adobe Systems Incorporated)
Task: {09EC757E-839C-44BC-AA2C-D886E9D8884E} - System32\Tasks\Real Player-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [2013-12-23] (RealNetworks, Inc.)
Task: {160ABBDF-40C9-46FD-8618-84BDB8C0C0EA} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2014-01-31] (Microsoft Corporation)
Task: {166C6F55-3CC8-4182-ACC5-E8A37B829A1B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-02] (Google Inc.)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {1C0457F1-486E-4F5B-819F-8EC2D500BF34} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2502406073-1232304317-553576181-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {1F2602B0-D1C7-4967-858E-1846F7527E09} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {23C79B54-CCA0-4912-9391-BBAD10DB095A} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2502406073-1232304317-553576181-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {70D27CF5-CD25-4EB0-9FCA-64227D8996CB} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {74096BB9-CE73-41BD-B2E0-2DFC9446D806} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2502406073-1232304317-553576181-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {7C906787-F4A2-4645-950A-7561888C806D} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
Task: {8367C11D-BAAB-40B6-A64C-B3F392EC5F9B} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe [2014-01-28] (TuneUp Software)
Task: {8E7E0702-2851-4DC2-9484-321D3204C6A5} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-2502406073-1232304317-553576181-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2013-08-14] (RealNetworks, Inc.)
Task: {9541B63D-C604-475C-8255-746756404574} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {980D554F-9C0E-4CCC-960F-6CB2BBA9737C} - System32\Tasks\HP Photo Creations Communicator => C:\ProgramData\HP Photo Creations\Communicator.exe [2011-09-20] ()
Task: {A35DB7B2-E473-40DB-A0DF-66554079B6E7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-02] (Google Inc.)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {B48256EB-4050-49BF-B398-0C67868E274E} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {D6FEEA11-2D8D-48A0-897A-A7C02BEAAC63} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2502406073-1232304317-553576181-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {E872139C-651C-4CA8-931F-D780A5ED0D96} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
Task: {EAD45328-BB32-46DA-ACA5-D94691A229DE} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {F436C26F-358F-46DA-8933-A5B608DA948D} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-04-05] (AVAST Software)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HP Photo Creations Communicator.job => C:\ProgramData\HP Photo Creations\Communicator.exe

==================== Loaded Modules (whitelisted) =============

2013-03-02 15:00 - 2013-10-23 10:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-03-04 21:06 - 2013-06-03 13:06 - 03999512 _____ () C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe
2013-08-14 16:19 - 2013-08-14 16:19 - 00039056 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2014-01-28 10:37 - 2014-01-28 10:37 - 00741176 _____ () C:\Program Files (x86)\TuneUp Utilities 2013\avgrepliba.dll
2013-03-02 13:57 - 2013-03-02 13:57 - 00175008 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2013-03-02 14:47 - 2012-08-09 12:55 - 00078480 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2013-03-02 14:47 - 2012-08-09 12:55 - 00386192 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2014-04-19 07:31 - 2014-04-19 07:31 - 02215424 _____ () C:\Program Files\AVAST Software\Avast\defs\14041802\algo.dll
2013-03-05 01:56 - 2012-11-13 15:06 - 00108960 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2013-03-05 01:56 - 2012-11-13 15:06 - 00158624 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2013-03-05 01:56 - 2012-11-13 15:06 - 00416160 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2013-03-05 01:56 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2013-03-05 01:56 - 2012-11-13 15:06 - 00528288 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\JSDialogPack150.bpl
2013-03-05 01:56 - 2012-11-13 15:06 - 00554400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\VirtualTreesDXE150.bpl
2013-12-07 10:55 - 2013-12-07 10:55 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-02-18 00:19 - 2014-02-18 00:19 - 00017920 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\PSIClient\b7497ee745bead9869f53a314470edeb\PSIClient.ni.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: avast! Firewall NDIS Filter Miniport
Description: avast! Firewall NDIS Filter Miniport
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: ALWIL Software
Service: aswNdis
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.

Name: Standardtastatur (PS/2)
Description: Standardtastatur (PS/2)
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardtastaturen)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: WAN-Miniport (Netzwerkmonitor)
Description: WAN-Miniport (Netzwerkmonitor)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/19/2014 07:54:37 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (04/19/2014 07:54:33 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"1".
Die abhängige Assemblierung "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (04/19/2014 06:45:22 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (04/19/2014 06:45:19 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"1".
Die abhängige Assemblierung "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (04/18/2014 09:10:17 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (04/18/2014 09:10:13 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"1".
Die abhängige Assemblierung "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (04/17/2014 01:06:13 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.

Error: (04/17/2014 01:06:13 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (04/17/2014 00:51:37 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (04/17/2014 00:51:37 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"1".
Die abhängige Assemblierung "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".


System errors:
=============
Error: (04/19/2014 07:56:00 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "HP Network Devices Support" wurde mit folgendem Fehler beendet: 
%%126

Error: (04/19/2014 07:56:00 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "HP Network Devices Support" wurde mit folgendem Fehler beendet: 
%%126

Error: (04/19/2014 07:56:00 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: {10DA4F3C-CC99-4190-BE4D-58330754E882}

Error: (04/19/2014 07:54:00 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "WinPcap Packet Driver (NPF)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (04/19/2014 07:54:00 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "WinPcap Packet Driver (NPF)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (04/19/2014 07:54:00 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "WinPcap Packet Driver (NPF)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (04/19/2014 07:54:00 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "WinPcap Packet Driver (NPF)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (04/19/2014 07:54:00 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "WinPcap Packet Driver (NPF)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (04/19/2014 07:54:00 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "WinPcap Packet Driver (NPF)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (04/19/2014 07:54:00 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "WinPcap Packet Driver (NPF)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2


Microsoft Office Sessions:
=========================
Error: (04/19/2014 07:54:37 AM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"C:\Windows\Installer\{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}\recordingmanager.exe

Error: (04/19/2014 07:54:33 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"C:\Program Files (x86)\Hercules\Webcam Station Evolution SE\StationEvSE.exe

Error: (04/19/2014 06:45:22 AM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"C:\Windows\Installer\{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}\recordingmanager.exe

Error: (04/19/2014 06:45:19 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"C:\Program Files (x86)\Hercules\Webcam Station Evolution SE\StationEvSE.exe

Error: (04/18/2014 09:10:17 AM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"C:\Windows\Installer\{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}\recordingmanager.exe

Error: (04/18/2014 09:10:13 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"C:\Program Files (x86)\Hercules\Webcam Station Evolution SE\StationEvSE.exe

Error: (04/17/2014 01:06:13 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Users\Jörg\Downloads\SoftonicDownloader_for_earthquake-3d.exe

Error: (04/17/2014 01:06:13 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Users\Jörg\Downloads\SoftonicDownloader_fuer_paragon-partition-manager.exe

Error: (04/17/2014 00:51:37 PM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"C:\Windows\Installer\{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}\recordingmanager.exe

Error: (04/17/2014 00:51:37 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"C:\Program Files (x86)\Hercules\Webcam Station Evolution SE\StationEvSE.exe


CodeIntegrity Errors:
===================================
  Date: 2013-03-27 21:18:36.379
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-03-27 21:18:12.566
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-03-27 21:02:16.637
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-03-27 20:46:14.027
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-03-27 18:40:53.134
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-03-27 18:24:09.056
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-03-27 10:23:04.848
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-03-27 09:29:59.001
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\JRG~1\AppData\Local\Temp\OnlineScanner\Anti-Virus\fsgk.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-03-27 08:43:44.819
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\JRG~1\AppData\Local\Temp\OnlineScanner\Anti-Virus\fsgk.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2013-03-27 08:18:18.577
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\JRG~1\AppData\Local\Temp\OnlineScanner\Anti-Virus\fsgk.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info =========================== 

Percentage of memory in use: 31%
Total physical RAM: 4054.54 MB
Available physical RAM: 2769.3 MB
Total Pagefile: 8150.54 MB
Available Pagefile: 6758.12 MB
Total Virtual: 8192 MB
Available Virtual: 8191.76 MB

==================== Drives ================================

Drive c: (Win8) (Fixed) (Total:465.42 GB) (Free:337.48 GB) NTFS
Drive d: (WD-1) (Fixed) (Total:326.04 GB) (Free:24.7 GB) NTFS
Drive e: (FARCRY2) (CDROM) (Total:3.67 GB) (Free:0 GB) UDF
Drive f: (WD-2) (Fixed) (Total:436.08 GB) (Free:115.03 GB) NTFS
Drive g: (Neues Laufwerk) (Fixed) (Total:169.37 GB) (Free:169.05 GB) NTFS
Drive l: (Volume) (Fixed) (Total:931.51 GB) (Free:549.33 GB) NTFS
Drive n: () (Removable) (Total:7.42 GB) (Free:2.03 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 9A96E11F)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 932 GB) (Disk ID: 00000001)
Partition 1: (Not Active) - (Size=436 GB) - (Type=OF Extended)
Partition 2: (Active) - (Size=326 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=169 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 932 GB) (Disk ID: D1278E23)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)

========================================================
Disk: 8 (Size: 7 GB) (Disk ID: 4416DB50)
Partition 1: (Not Active) - (Size=7 GB) - (Type=0B)

==================== End Of Log ============================
--- --- ---

Zitat:
Zitat von schrauber Beitrag anzeigen
hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)
ist durchgeführt und gepostet die FRST.txt und die Addition.txt !
glg cafee


Alt 24.04.2014, 07:16   #6
schrauber
/// the machine
/// TB-Ausbilder
 
immer wieder selbsterstellender Ordner auf dem Desktop : Name = Continue Vuu PC - Standard

immer wieder selbsterstellender Ordner auf dem Desktop : Name = Continue Vuu PC


Poste bitte mal das Log von ESET, was da so alles angeblich böses gefunden wird.
__________________
--> immer wieder selbsterstellender Ordner auf dem Desktop : Name = Continue Vuu PC

Alt 24.04.2014, 09:00   #7
cafee
 
immer wieder selbsterstellender Ordner auf dem Desktop : Name = Continue Vuu PC - Standard

immer wieder selbsterstellender Ordner auf dem Desktop : Name = Continue Vuu PC


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-04-2014
Ran by Jörg (administrator) on JÖRGI on 24-04-2014 09:39:41
Running from C:\Users\Jörg\Desktop
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicShellService.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(VIA Technologies, Inc.) C:\Windows\system32\viakaraokesrv.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\LiveComm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(RealNetworks, Inc.) C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3933496 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5618456 2013-09-12] (ESET)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [285240 2012-09-01] (Intel Corporation)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5263504 2012-08-09] (VIA)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [295512 2013-12-23] (RealNetworks, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2502406073-1232304317-553576181-1001\...\Run: [rfxsrvtray] => C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-tray.exe [1838872 2013-02-07] (Tobit.Software)
HKU\S-1-5-21-2502406073-1232304317-553576181-1001\...\Run: [PC Suite Tray] => C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe [1516632 2012-06-26] (Nokia)
HKU\S-1-5-21-2502406073-1232304317-553576181-1001\...\MountPoints2: {a5919ca4-84df-11e2-be70-806e6f6e6963} - "E:\setup.exe" 
IFEO\chrome.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe"
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

URLSearchHook: HKCU - (No Name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No File
SearchScopes: HKCU - DefaultScope {460C3D19-B3D4-4964-A550-77D263B0CCCB} URL = 
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
BHO: No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft WebPageAdjuster Class - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default
FF NewTab: www.google.com
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.eset.com
FF Keyword.URL: https://www.google.com/search
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.0.8 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.3.51 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 - C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 - C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll (RocketLife, LLP)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default\searchplugins\findr.xml
FF SearchPlugin: C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default\searchplugins\iminent.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\webssearches.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: MediaPlayerplus - C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default\Extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com [2014-04-12]
FF Extension: German Dictionary, extended for Austria - C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default\Extensions\de-AT@dictionaries.addons.mozilla.org [2013-03-05]
FF Extension: LavaFox V2-Blue - C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default\Extensions\djziggy@gmail.com [2014-01-29]
FF Extension: Freeven Pro 1.3 - C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default\Extensions\e20dc619-d8c4-48f1-ae07-641cefb43165@3c4d943f-ad97-4f6e-aa94-d9671175a3d0.com [2014-04-12]
FF Extension: British English Dictionary (Updated) - C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default\Extensions\en-gb@flyingtophat.co.uk [2014-01-31]
FF Extension: United States English Spellchecker - C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default\Extensions\en-US@dictionaries.addons.mozilla.org [2013-03-06]
FF Extension: Diccionario Español Argentina - C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default\Extensions\es-AR@dictionaries.addons.mozilla.org [2013-03-06]
FF Extension: Diccionario de Español/México - C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default\Extensions\es-MX@dictionaries.addons.mozilla.org [2013-03-06]
FF Extension: Diccionario en Español para Venezuela - C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default\Extensions\es-ve@dictionaries.addons.mozilla.org [2013-03-06]
FF Extension: LavaFox V2 - C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default\Extensions\info@djzig.com [2014-01-29]
FF Extension: Dizionario italiano - C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default\Extensions\it-IT@dictionaries.addons.mozilla.org [2013-03-06]
FF Extension: Brazilian Portuguese (Current Spelling) - C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default\Extensions\pt-BR@dictionaries.addons.mozilla.org [2014-02-08]
FF Extension: Corretor para Português de Portugal - C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default\Extensions\pt-PT@dictionaries.addons.mozilla.org [2014-04-05]
FF Extension: LavaFox V2-Purple - C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default\Extensions\zigboom555@aol.com [2014-01-29]
FF Extension: LavaFox V2-Green - C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default\Extensions\zigboom@ymail.com [2014-01-29]
FF Extension: Ghostery - C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default\Extensions\firefox@ghostery.com.xpi [2013-11-27]
FF Extension: YouTube HTML5 Switch - C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default\Extensions\jid0-coCUQ7NySNPcj72dA3557kKXGZU@jetpack.xpi [2013-03-13]
FF Extension: YouTube HD - C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default\Extensions\jid0-HbNL9qqBkuuKRhJ9ncTonCky1HU@jetpack.xpi [2013-10-18]
FF Extension: Traditional Chinese (zh-TW) Language Pack - C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default\Extensions\langpack-zh-TW@firefox.mozilla.org.xpi [2013-03-05]
FF Extension: Stylish - C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2013-06-08]
FF Extension: Easy Youtube Video Downloader Express - C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default\Extensions\{b9acf540-acba-11e1-8ccb-001fd0e08bd4}.xpi [2013-10-21]
FF Extension: Download YouTube Videos as MP4 - C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2013-10-20]
FF Extension: Adblock Plus - C:\Users\Jörg\AppData\Roaming\Mozilla\Firefox\Profiles\9syqvn1j.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-03-12]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2014-04-22]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\
FF Extension: No Name - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff\ []
FF HKLM-x32\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com\
FF Extension: Freemake Video Downloader Plugin - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com\ []
FF HKLM-x32\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\
FF Extension: Freemake Youtube Download Button - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\ []
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-12-23]
FF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2014-04-22]

Chrome: 
=======
CHR HomePage: hxxp://go.findrsearch.com
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.63\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Extension: (Freeven Pro 1.3) - C:\Users\Jörg\AppData\Local\Google\Chrome\User Data\Default\Extensions\adbpopomabpienjnifocifondadaogpj [2014-04-12]
CHR Extension: (Google Docs) - C:\Users\Jörg\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-03-02]
CHR Extension: (Google Drive) - C:\Users\Jörg\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-03-02]
CHR Extension: (YouTube) - C:\Users\Jörg\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-03-02]
CHR Extension: (Last updated at $time$ on $date$) - C:\Users\Jörg\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-03-02]
CHR Extension: (Google Search) - C:\Users\Jörg\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-03-02]
CHR Extension: (Mac OSX Font Rendering) - C:\Users\Jörg\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbokdhnlldmknaijpgikegjffnlpaamk [2013-03-02]
CHR Extension: (AdBlock) - C:\Users\Jörg\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-03-02]
CHR Extension: (Lone Tree) - C:\Users\Jörg\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfmkllfplegemejikoabfpjdaoncphip [2013-03-04]
CHR Extension: (No Name) - C:\Users\Jörg\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda [2013-03-02]
CHR Extension: (MediaPlayerplus) - C:\Users\Jörg\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd [2014-04-12]
CHR Extension: (No Name) - C:\Users\Jörg\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2013-03-16]
CHR Extension: (Gmail) - C:\Users\Jörg\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-03-02]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-07-03]
CHR HKLM-x32\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2013-11-06]
CHR HKLM-x32\...\Chrome\Extension: [ehgldbbpchgpcfagfpfjgoomddhccfgh] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx [2013-11-06]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]
CHR HKLM-x32\...\Chrome\Extension: [kiplfnciaokpcennlkldkdaeaaomamof] - C:\Users\Jörg\AppData\Local\Torch\Plugins\TorchPlugin.crx [2013-08-14]
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 ClassicShellService; C:\Program Files\Classic Shell\ClassicShellService.exe [68608 2012-12-29] (IvoSoft)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1337752 2013-09-12] (ESET)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [101888 2013-12-09] (Freemake)
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2013-11-08] (Ellora Assets Corp.)
R2 Radio.fx; C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe [3999512 2013-06-03] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2412344 2014-01-28] (TuneUp Software)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27792 2012-08-03] (VIA Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-10-25] (Microsoft Corporation)
S2 HPSLPSVC; C:\Users\JRG~1\AppData\Local\Temp\7zS1478\hpslpsvc64.dll [X]

==================== Drivers (Whitelisted) ====================

S3 camfilt2; C:\Windows\system32\DRIVERS\camfilt2.sys [139264 2007-08-29] (Guillemot Corporation)
R3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [239296 2013-09-17] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET)
R2 epfwwfpr; C:\Windows\system32\DRIVERS\epfwwfpr.sys [157432 2013-09-17] (ESET)
S3 OM0530; C:\Windows\System32\Drivers\ov530vx.sys [172928 2007-07-13] (OmniVision Technology Inc.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-11-16] (TuneUp Software)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 NPF; system32\drivers\NPF.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-24 09:39 - 2014-04-24 09:39 - 00022959 _____ () C:\Users\Jörg\Desktop\FRST.txt
2014-04-24 09:34 - 2014-04-24 09:34 - 02061824 _____ (Farbar) C:\Users\Jörg\Desktop\FRST64.exe
2014-04-23 06:44 - 2014-04-23 06:44 - 00000000 __SHD () C:\Recovery
2014-04-23 06:21 - 2014-04-23 06:37 - 00001677 _____ () C:\Windows\setupact.log
2014-04-23 06:21 - 2014-04-23 06:21 - 00001890 _____ () C:\Windows\diagwrn.xml
2014-04-23 06:21 - 2014-04-23 06:21 - 00001890 _____ () C:\Windows\diagerr.xml
2014-04-23 06:21 - 2014-04-23 06:21 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-22 12:25 - 2014-04-22 12:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2014-04-22 12:25 - 2014-04-22 12:25 - 00000000 ____D () C:\ProgramData\ESET
2014-04-22 12:25 - 2014-04-22 12:25 - 00000000 ____D () C:\Program Files\ESET
2014-04-21 07:51 - 2014-04-21 07:51 - 00444872 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-19 17:54 - 2014-02-04 01:56 - 00332632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-19 17:54 - 2014-02-04 01:56 - 00278872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-19 17:54 - 2014-01-31 05:55 - 00209712 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2014-04-19 17:54 - 2014-01-31 02:48 - 00564736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-04-19 17:54 - 2014-01-31 02:48 - 00485888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll
2014-04-19 17:54 - 2014-01-31 02:48 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2014-04-19 17:54 - 2014-01-31 02:48 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-19 17:54 - 2014-01-31 02:06 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-04-19 17:54 - 2014-01-31 02:06 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2014-04-19 17:54 - 2014-01-31 02:06 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-19 17:54 - 2014-01-27 05:42 - 02232664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-04-19 17:54 - 2014-01-27 05:39 - 01939288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-19 17:54 - 2014-01-27 02:52 - 17561088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-04-19 17:54 - 2014-01-27 02:31 - 19752448 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-04-19 17:54 - 2014-01-27 01:17 - 00386722 _____ () C:\Windows\system32\ApnDatabase.xml
2014-04-19 17:54 - 2014-01-16 01:42 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2014-04-19 17:54 - 2014-01-11 08:48 - 05979648 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-04-19 17:54 - 2014-01-11 07:06 - 05092352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-04-19 17:54 - 2014-01-03 01:35 - 00365568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-04-19 17:54 - 2014-01-03 01:32 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-04-19 17:52 - 2014-03-07 02:48 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-19 17:52 - 2014-03-07 02:48 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-19 17:52 - 2014-03-07 02:47 - 14357504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-19 17:52 - 2014-03-07 02:47 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-19 17:52 - 2014-03-07 02:47 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-19 17:52 - 2014-03-07 02:47 - 02049536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-19 17:52 - 2014-03-07 02:47 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-04-19 17:52 - 2014-03-07 02:47 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-19 17:52 - 2014-03-07 02:47 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-19 17:52 - 2014-03-07 02:08 - 19273216 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-19 17:52 - 2014-03-07 02:08 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-19 17:52 - 2014-03-07 02:08 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-19 17:52 - 2014-03-07 02:08 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-19 17:52 - 2014-03-07 02:08 - 02240000 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-19 17:52 - 2014-03-07 02:08 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-19 17:52 - 2014-03-07 02:08 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-04-19 17:52 - 2014-03-07 02:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-04-19 17:52 - 2014-03-07 02:08 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-19 17:52 - 2014-03-07 02:08 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-19 17:52 - 2014-02-08 06:34 - 04036608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-04-19 17:52 - 2014-02-06 01:41 - 01257984 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-19 17:52 - 2014-02-06 01:41 - 00978432 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-04-19 17:52 - 2014-02-06 01:26 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-04-19 17:52 - 2014-02-06 01:19 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-19 17:52 - 2013-10-25 09:34 - 00035856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-04-19 17:52 - 2013-10-25 00:34 - 00248240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-04-19 17:52 - 2013-05-16 00:37 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-04-19 17:52 - 2013-05-16 00:35 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-04-19 17:52 - 2013-05-14 15:14 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-19 17:52 - 2013-05-14 11:23 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-19 17:52 - 2013-02-21 12:29 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-04-19 17:52 - 2013-02-21 12:29 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-19 17:52 - 2013-02-21 12:29 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-19 17:52 - 2013-02-21 12:29 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-19 17:52 - 2013-02-21 12:14 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-04-19 17:52 - 2013-02-21 12:14 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-19 17:52 - 2013-02-19 11:53 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-04-19 17:52 - 2012-11-08 06:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-19 17:52 - 2012-11-08 06:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-19 17:52 - 2012-07-26 05:06 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-19 17:51 - 2014-02-06 01:41 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-04-19 17:51 - 2014-02-06 01:37 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-04-19 17:51 - 2014-01-31 02:48 - 01339392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-04-19 17:51 - 2014-01-31 02:06 - 01628160 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-04-19 17:44 - 2014-04-19 17:44 - 00000000 ____D () C:\Users\Jörg\AppData\Local\ESET
2014-04-19 07:57 - 2014-04-19 07:58 - 00029977 _____ () C:\Users\Jörg\Downloads\Addition.txt
2014-04-19 07:56 - 2014-04-24 09:39 - 00000000 ____D () C:\FRST
2014-04-19 07:56 - 2014-04-19 07:58 - 00044162 _____ () C:\Users\Jörg\Downloads\FRST.txt
2014-04-15 22:49 - 2014-04-15 22:49 - 00000000 ____D () C:\Users\Jörg\AppData\Roaming\SpeedMaxPc
2014-04-15 22:49 - 2014-04-15 22:49 - 00000000 ____D () C:\Users\Jörg\AppData\Roaming\DriverCure
2014-04-15 22:48 - 2014-04-15 23:08 - 00000000 ____D () C:\ProgramData\SpeedMaxPc
2014-04-15 22:36 - 2014-04-19 14:27 - 01001716 _____ () C:\Windows\PFRO.log
2014-04-12 16:54 - 2014-04-19 13:56 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-04-12 16:50 - 2014-04-13 01:47 - 00000000 ____D () C:\Users\Jörg\AppData\Local\Lollipop

==================== One Month Modified Files and Folders =======

2014-04-24 09:39 - 2014-04-24 09:39 - 00022959 _____ () C:\Users\Jörg\Desktop\FRST.txt
2014-04-24 09:39 - 2014-04-19 07:56 - 00000000 ____D () C:\FRST
2014-04-24 09:34 - 2014-04-24 09:34 - 02061824 _____ (Farbar) C:\Users\Jörg\Desktop\FRST64.exe
2014-04-24 09:24 - 2014-01-02 14:59 - 00000348 _____ () C:\Windows\Tasks\HP Photo Creations Communicator.job
2014-04-24 09:16 - 2013-03-02 14:00 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-24 09:01 - 2012-07-26 12:27 - 00752930 _____ () C:\Windows\system32\perfh007.dat
2014-04-24 09:01 - 2012-07-26 12:27 - 00156156 _____ () C:\Windows\system32\perfc007.dat
2014-04-24 09:01 - 2012-07-26 09:28 - 01748838 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-24 09:00 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-04-24 08:57 - 2013-03-02 15:01 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-04-24 08:57 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-23 11:51 - 2014-02-15 14:11 - 00000000 ____D () C:\Users\Jörg\Desktop\Mozilla Bookmarks
2014-04-23 08:26 - 2013-03-02 12:28 - 01418546 _____ () C:\Windows\WindowsUpdate.log
2014-04-23 07:38 - 2012-07-26 07:26 - 00000000 ___HD () C:\$WINDOWS.~BT
2014-04-23 06:44 - 2014-04-23 06:44 - 00000000 __SHD () C:\Recovery
2014-04-23 06:37 - 2014-04-23 06:21 - 00001677 _____ () C:\Windows\setupact.log
2014-04-23 06:21 - 2014-04-23 06:21 - 00001890 _____ () C:\Windows\diagwrn.xml
2014-04-23 06:21 - 2014-04-23 06:21 - 00001890 _____ () C:\Windows\diagerr.xml
2014-04-23 06:21 - 2014-04-23 06:21 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-22 20:10 - 2013-03-05 10:34 - 00000000 ____D () C:\Users\Jörg\AppData\Roaming\OpenCandy
2014-04-22 12:25 - 2014-04-22 12:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2014-04-22 12:25 - 2014-04-22 12:25 - 00000000 ____D () C:\ProgramData\ESET
2014-04-22 12:25 - 2014-04-22 12:25 - 00000000 ____D () C:\Program Files\ESET
2014-04-21 18:13 - 2013-03-28 11:08 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-04-21 17:53 - 2013-10-27 13:01 - 00000000 ____D () C:\Users\Jörg\AppData\Roaming\SpeedTestAnalysis
2014-04-21 11:47 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\rescache
2014-04-21 08:16 - 2013-03-02 14:00 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-21 08:03 - 2013-06-26 20:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-21 07:51 - 2014-04-21 07:51 - 00444872 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-19 18:02 - 2013-03-02 12:29 - 00000000 ___RD () C:\Users\Jörg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-19 18:02 - 2013-03-02 12:29 - 00000000 ___RD () C:\Users\Jörg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-19 17:59 - 2012-07-26 10:12 - 00000000 ___RD () C:\Windows\ToastData
2014-04-19 17:59 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-04-19 17:59 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-04-19 17:59 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\WinStore
2014-04-19 17:59 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-04-19 17:59 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-04-19 17:57 - 2013-09-10 09:37 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-19 17:55 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-04-19 17:44 - 2014-04-19 17:44 - 00000000 ____D () C:\Users\Jörg\AppData\Local\ESET
2014-04-19 17:15 - 2013-03-02 12:35 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2502406073-1232304317-553576181-1001
2014-04-19 15:08 - 2013-03-02 14:03 - 00000000 ____D () C:\Program Files (x86)\VideoLAN
2014-04-19 15:07 - 2014-02-14 15:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Two Worlds Pinball
2014-04-19 15:07 - 2014-02-14 15:02 - 00000000 ____D () C:\Program Files (x86)\Two Worlds Pinball
2014-04-19 15:01 - 2013-03-02 12:28 - 00000000 ____D () C:\Users\Jörg
2014-04-19 14:27 - 2014-04-15 22:36 - 01001716 _____ () C:\Windows\PFRO.log
2014-04-19 14:22 - 2013-03-02 14:06 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-04-19 13:59 - 2013-03-07 11:47 - 00000000 ____D () C:\Users\I-Net
2014-04-19 13:59 - 2012-07-26 10:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-04-19 13:58 - 2013-12-15 05:11 - 00000000 ____D () C:\Users\Jörg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-04-19 13:58 - 2013-10-27 13:00 - 00000000 ____D () C:\Users\Jörg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Paragon Partition Manager™ 2013 Free
2014-04-19 13:58 - 2013-10-18 01:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-04-19 13:58 - 2013-07-24 16:26 - 00000000 ____D () C:\Users\Jörg\AppData\Roaming\IrfanView
2014-04-19 13:58 - 2013-05-12 16:11 - 00000000 ____D () C:\ProgramData\TechSmith
2014-04-19 13:58 - 2013-05-12 16:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
2014-04-19 13:58 - 2013-04-27 13:56 - 00000000 ____D () C:\Users\Jörg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PlayLogic
2014-04-19 13:58 - 2013-04-01 10:28 - 00000000 ____D () C:\Users\Jörg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
2014-04-19 13:58 - 2013-03-15 21:16 - 00000000 ____D () C:\Users\Jörg\AppData\Roaming\dvdcss
2014-04-19 13:58 - 2013-03-07 11:48 - 00000000 ___RD () C:\Users\I-Net\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-19 13:58 - 2013-03-07 11:48 - 00000000 ___RD () C:\Users\I-Net\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-19 13:58 - 2013-03-05 01:57 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-04-19 13:58 - 2013-03-04 21:01 - 00000000 ____D () C:\Users\Jörg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Nachschlagewerke
2014-04-19 13:58 - 2013-03-04 21:01 - 00000000 ____D () C:\Users\Jörg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Autostart
2014-04-19 13:58 - 2013-03-02 13:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-04-19 13:58 - 2013-03-02 12:28 - 00000000 ___RD () C:\Users\Jörg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-04-19 13:58 - 2013-03-02 12:28 - 00000000 ___RD () C:\Users\Jörg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-04-19 13:58 - 2013-03-02 12:28 - 00000000 ___RD () C:\Users\Jörg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-04-19 13:58 - 2013-03-02 12:28 - 00000000 ____D () C:\Users\Jörg\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-04-19 13:58 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\Macromed
2014-04-19 13:58 - 2012-07-26 07:38 - 00000000 ____D () C:\Windows\system32\Sysprep
2014-04-19 13:58 - 2012-07-26 07:37 - 00000000 ____D () C:\Windows\servicing
2014-04-19 13:56 - 2014-04-12 16:54 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-04-19 13:56 - 2013-05-12 16:11 - 00000000 ____D () C:\Program Files (x86)\TechSmith
2014-04-19 13:56 - 2013-03-02 14:05 - 00000000 ____D () C:\Program Files\CDBurnerXP
2014-04-19 13:56 - 2013-03-02 14:01 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-19 13:56 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-04-19 13:53 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\registration
2014-04-19 13:50 - 2013-05-06 18:53 - 00000000 ____D () C:\ProgramData\Real
2014-04-19 13:49 - 2013-07-09 18:49 - 00000000 ____D () C:\Program Files\Java
2014-04-19 08:24 - 2013-03-05 20:01 - 00019697 _____ () C:\ProgramData\hpzinstall.log
2014-04-19 07:58 - 2014-04-19 07:57 - 00029977 _____ () C:\Users\Jörg\Downloads\Addition.txt
2014-04-19 07:58 - 2014-04-19 07:56 - 00044162 _____ () C:\Users\Jörg\Downloads\FRST.txt
2014-04-18 02:26 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-04-15 23:08 - 2014-04-15 22:48 - 00000000 ____D () C:\ProgramData\SpeedMaxPc
2014-04-15 22:49 - 2014-04-15 22:49 - 00000000 ____D () C:\Users\Jörg\AppData\Roaming\SpeedMaxPc
2014-04-15 22:49 - 2014-04-15 22:49 - 00000000 ____D () C:\Users\Jörg\AppData\Roaming\DriverCure
2014-04-13 01:47 - 2014-04-12 16:50 - 00000000 ____D () C:\Users\Jörg\AppData\Local\Lollipop
2014-04-12 17:43 - 2013-11-15 14:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
2014-04-06 17:35 - 2013-05-30 16:15 - 00000000 ____D () C:\Users\Jörg\AppData\Local\CrashDumps
2014-04-03 11:59 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-03-31 23:18 - 2012-07-26 10:14 - 00694232 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-31 23:18 - 2012-07-26 10:14 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-31 03:51 - 2013-03-02 12:45 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-28 10:30 - 2013-08-16 18:43 - 00000000 ____D () C:\Users\Jörg\Downloads\Bilder

Some content of TEMP:
====================
C:\Users\Jörg\AppData\Local\Temp\InstHelper.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-17 12:45

==================== End Of Log ============================
--- --- ---

--- --- ---


FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-04-2014
Ran by Jörg at 2014-04-24 09:58:23
Running from C:\Users\Jörg\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: ESET NOD32 Antivirus 7.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 7.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}

==================== Installed Programs ======================

64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.9.0.1030 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.9.0.1030 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
AIO_CDB_ProductContext (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
AIO_CDB_ToolboxIni64 (Version: 82.0.242.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden
Ancient Wars - Sparta (HKLM-x32\...\{554532CE-43E2-4B4F-BBDE-27742A32C236}) (Version: 1.00.0000 - PlayLogic)
Apple Application Support (HKLM-x32\...\{F5266D28-E0B2-4130-BFC5-EE155AD514DC}) (Version: 2.3 - Apple Inc.)
Ashampoo Burning Studio 9.24 (HKLM-x32\...\Ashampoo Burning Studio 9_is1) (Version: 9.2.4 - ashampoo GmbH & Co. KG)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Camtasia Studio 8 (HKLM-x32\...\{DB93E2C2-851F-44B2-B09C-351D2C624AE1}) (Version: 8.0.4.1060 - TechSmith Corporation)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.1.3868 - CDBurnerXP)
Classic Link Drivers (HKLM-x32\...\{B1549CC1-EB81-4E7C-9C7C-8B97CD9FD37A}) (Version: 3.2.2.1 - Hercules)
Classic Shell (HKLM\...\{CB00799C-0E4F-4FD1-A046-BD24321BCDFF}) (Version: 3.6.5 - IvoSoft)
Copy (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden
DocProcQFolder (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
DVS Video Downloader Addon for Mozilla Firefox version 4.3.3.15 (HKLM-x32\...\DVS Video Downloader Addon for Mozilla Firefox_is1) (Version: 4.3.3.15 - DVDVideoSoft Ltd.)
eJay Dance 6 Reloaded (HKLM-x32\...\YelsieJayDance6Reloaded_is1) (Version:  - Yelsi AG)
ESET NOD32 Antivirus (HKLM\...\{7EE0D9E8-299E-4E7A-8BDE-B1D295E30077}) (Version: 7.0.302.26 - ESET, spol s r. o.)
eSupportQFolder (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
F300 (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
F300_Help (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
F300Trb (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
Far Cry (HKLM-x32\...\InstallShield_{D6DBDC2A-E72C-4284-B6AD-6B3B61B4DABC}) (Version: 1.00.0000 - Ihr Firmenname)
Far Cry (x32 Version: 1.00.0000 - Ihr Firmenname) Hidden
Far Cry 2 (HKLM-x32\...\{F2835483-37F2-4123-B4FE-0E77D58447F2}) (Version: 1.03.00 - Ubisoft)
Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.05 - Ubisoft)
Fax (x32 Version: 140.0.307.000 - Hewlett-Packard) Hidden
Free Studio version 2013 (HKLM-x32\...\Free Studio_is1) (Version: 6.1.4.628 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.1.320 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.1.320 - DVDVideoSoft Ltd.)
Freemake Video Converter Version 4.1.2 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.2 - Ellora Assets Corporation)
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.6.1 - Ellora Assets Corporation)
GEAR driver installer (HKLM-x32\...\{0590062B-1E79-4717-B1AC-45B6DCA43B36}) (Version: 4.001.7 - GEAR Software)
GMX SMS-Manager (HKLM-x32\...\com.unitedinternet.ums.sms-mms-manager) (Version: 2.7.2.6 - 1 und 1 Internet AG)
GMX SMS-Manager (x32 Version: 2.7.2 - 1 und 1 Internet AG) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 31.0.1650.63 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Hercules Classic Webcam Drivers (HKLM-x32\...\{5F0EE12C-44B1-4FCB-87E3-4686C888774A}) (Version: 1.00.0000 - Hercules)
Hercules Webcam Station Evolution SE (HKLM-x32\...\{C3C44248-B8F7-4B20-A5C7-994870B60F55}) (Version: 3.2.2.1 - Hercules)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.12412 - HP)
HP Photosmart Officejet and Deskjet All-In-One Driver Software (HKLM\...\{6F5B70F0-EA6C-4A5B-BB16-8390BD66B251}) (Version: 14.0 - HP)
HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B (HKLM\...\{C916D86C-AB76-49c7-B0E4-A946E0FD9BC2}) (Version: 8.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2932 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.36 - Irfan Skiljan)
Java 7 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417025FF}) (Version: 7.0.250 - Oracle)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
K-Lite Codec Pack 9.7.5 (64-bit) (HKLM\...\KLiteCodecPack64_is1) (Version: 9.7.5 - )
K-Lite Codec Pack 9.7.5 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.7.5 - )
LibreOffice 4.0.0.3 (HKLM-x32\...\{8EA569F1-97AF-4C3E-A0CB-4846C2D35A81}) (Version: 4.0.0.3 - The Document Foundation)
Logitech Unifying-Software 2.10 (HKLM\...\Logitech Unifying) (Version: 2.10.37 - Logitech)
MAGIX Foto Manager 10 (HKLM-x32\...\MAGIX_MSI_Foto_Manager_10) (Version: 8.0.1.136 - MAGIX AG)
MAGIX Foto Manager 10 (x32 Version: 8.0.1.136 - MAGIX AG) Hidden
MAGIX Music Maker Rock Edition 4 (HKLM-x32\...\MAGIX_MSI_mm17_rock_edition_4) (Version: 6.0.0.6 - MAGIX AG)
MAGIX Music Maker Rock Edition 4 (x32 Version: 6.0.0.6 - MAGIX AG) Hidden
MAGIX Online Druck Service (HKLM-x32\...\de.magix-fotos.fotobuch.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1) (Version: 1.1.0-478 - myphotobook GmbH)
MAGIX Online Druck Service (x32 Version: 1.1.0 - myphotobook GmbH) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\{D8771580-3651-410C-82CF-EFE11FAD5D81}) (Version: 7.0.2.6 - MAGIX AG)
MarketResearch (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Microsoft Office 97, Professional Edition (HKLM-x32\...\Office8.0) (Version:  - )
Microsoft Text-to-Speech Engine 4.0 (English) (HKLM-x32\...\MSTTS) (Version:  - )
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
Network64 (Version: 140.0.306.000 - Hewlett-Packard) Hidden
Nokia Connectivity Cable Driver (HKLM-x32\...\{A57025CC-5F2E-4D01-B387-06DB10500D43}) (Version: 7.1.78.0 - Nokia)
Nokia PC Suite (HKLM-x32\...\Nokia PC Suite) (Version: 7.1.180.94 - Nokia)
Nokia PC Suite (x32 Version: 7.1.180.94 - Nokia) Hidden
NVIDIA 3D Vision Treiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.65 - NVIDIA Corporation)
NVIDIA Grafiktreiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3165 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 331.65 (Version: 331.65 - NVIDIA Corporation) Hidden
NVIDIA Update 1.15.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.15.2 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.15.2 - NVIDIA Corporation) Hidden
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
Opera Stable 19.0.1326.56 (HKLM-x32\...\Opera 19.0.1326.56) (Version: 19.0.1326.56 - Opera Software ASA)
Opera Stable 20.0.1387.91 (HKLM-x32\...\Opera 20.0.1387.91) (Version: 20.0.1387.91 - Opera Software ASA)
Paragon Partition Manager™ 2013 Free (HKLM-x32\...\{47E5588F-C3A0-11DE-9857-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PC Connectivity Solution (HKLM-x32\...\{644F4910-E812-49AD-93EC-86828CB81A0D}) (Version: 12.0.27.0 - Nokia)
PeaZip 4.8.1 (WIN64) (HKLM\...\{5A2BC38A-406C-4A5B-BF45-6991F9A05325}_is1) (Version:  - Giorgio Tani)
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
Radio.fx (HKLM-x32\...\Tobit Radio.fx Server) (Version:  - Tobit.Software)
RealDownloader (x32 Version: 1.3.3 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Sid Meier's Civilization 4 (HKLM-x32\...\{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}) (Version: 1.61 - Firaxis Games)
Sid Meier's Civilization 4 (x32 Version: 1.61 - Firaxis Games) Hidden
Skype™ 6.2 (HKLM-x32\...\{1845470B-EB14-4ABC-835B-E36C693DC07D}) (Version: 6.2.106 - Skype Technologies S.A.)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
Stellarium 0.12.0 (HKLM\...\Stellarium_is1) (Version: 0.12.0 - Stellarium team)
Tom Clancy's Rainbow Six: Lockdown (HKLM-x32\...\{3BB33584-3860-4772-AEE9-D8E61F552896}) (Version: 1.02.000 - )
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
Toolbox (x32 Version: 82.0.173.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
TuneUp Utilities 2013 (HKLM-x32\...\TuneUp Utilities 2013) (Version: 13.0.4000.245 - TuneUp Software)
TuneUp Utilities 2013 (x32 Version: 13.0.4000.245 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 13.0.4000.245 - TuneUp Software) Hidden
UnloadSupport (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
VLC media player 2.1.1 (HKLM\...\VLC media player) (Version: 2.1.1 - VideoLAN)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
Windows-Treiberpaket - Nokia Modem  (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia)
Windows-Treiberpaket - Nokia Modem  (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 - Nokia)
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)

==================== Restore Points  =========================

15-04-2014 19:14:01 Removed Java 8 (64-bit)
19-04-2014 11:46:02 Wiederherstellungsvorgang
20-04-2014 17:00:24 Windows-Sicherung
22-04-2014 10:24:11 ESET NOD32 Antivirus wurde installiert

==================== Hosts content: ==========================

2012-07-26 07:26 - 2013-11-26 11:49 - 00450639 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	[¹ã³¡ÎèÀÏÆÅ×î´óÇ¡Ç¡,¹ã³¡ÎèÃñ×åÎè,ÔÆÉѹ㳡ÎèÌÒ»¨ÔËÇ¡Ç¡],2014Ê×Ò³
127.0.0.1	032439.com
127.0.0.1	0Scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	²©²Êͨ,²©²ÊÍø,½ð±¦²©188,²©²ÊͨÆÀ¼¶,°Ù¼ÒÀÖ,°ÂÃî°Ù¼ÒÀÖ
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	Gadgets And More
127.0.0.1	10sek.com
127.0.0.1	1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	www.123fporn.info
127.0.0.1	123fporn.info
127.0.0.1	123haustiereundmehr.com
127.0.0.1	www.123haustiereundmehr.com
127.0.0.1	123moviedownload.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

Task: {05CFA7CA-BF05-41AB-856F-44893CE0BA51} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-21] (Adobe Systems Incorporated)
Task: {09EC757E-839C-44BC-AA2C-D886E9D8884E} - System32\Tasks\Real Player-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [2013-12-23] (RealNetworks, Inc.)
Task: {141097DB-C12F-445C-8FC2-698BD3793A01} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2502406073-1232304317-553576181-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {166C6F55-3CC8-4182-ACC5-E8A37B829A1B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-02] (Google Inc.)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {35834043-4FDA-47E5-AF39-F8FFAF189D4E} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2502406073-1232304317-553576181-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {5A4BF9C9-7222-4C66-AAB6-DE6A8F413F17} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2014-01-31] (Microsoft Corporation)
Task: {70D27CF5-CD25-4EB0-9FCA-64227D8996CB} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {7AEFA786-4A6A-4F2C-91C5-E25ACD7D202C} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2502406073-1232304317-553576181-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {7C906787-F4A2-4645-950A-7561888C806D} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {8367C11D-BAAB-40B6-A64C-B3F392EC5F9B} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe [2014-01-28] (TuneUp Software)
Task: {8E7E0702-2851-4DC2-9484-321D3204C6A5} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-2502406073-1232304317-553576181-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2013-08-14] (RealNetworks, Inc.)
Task: {9541B63D-C604-475C-8255-746756404574} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {980D554F-9C0E-4CCC-960F-6CB2BBA9737C} - System32\Tasks\HP Photo Creations Communicator => C:\ProgramData\HP Photo Creations\Communicator.exe [2011-09-20] ()
Task: {A35DB7B2-E473-40DB-A0DF-66554079B6E7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-02] (Google Inc.)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {E872139C-651C-4CA8-931F-D780A5ED0D96} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {F1C674C6-0FC9-4D0C-B9DA-F7769BDAF654} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2502406073-1232304317-553576181-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HP Photo Creations Communicator.job => C:\ProgramData\HP Photo Creations\Communicator.exe

==================== Loaded Modules (whitelisted) =============

2013-03-02 15:00 - 2013-10-23 10:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-03-04 21:06 - 2013-06-03 13:06 - 03999512 _____ () C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe
2013-08-14 16:19 - 2013-08-14 16:19 - 00039056 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2014-01-28 10:37 - 2014-01-28 10:37 - 00741176 _____ () C:\Program Files (x86)\TuneUp Utilities 2013\avgrepliba.dll
2013-03-02 13:57 - 2013-03-02 13:57 - 00175008 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2013-03-02 14:47 - 2012-08-09 12:55 - 00078480 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2013-03-02 14:47 - 2012-08-09 12:55 - 00386192 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2014-02-18 00:19 - 2014-02-18 00:19 - 00017920 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\PSIClient\b7497ee745bead9869f53a314470edeb\PSIClient.ni.dll
2013-06-26 20:12 - 2014-02-16 13:39 - 03578992 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: avast! Firewall NDIS Filter Miniport
Description: avast! Firewall NDIS Filter Miniport
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: ALWIL Software
Service: aswNdis
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.

Name: Standardtastatur (PS/2)
Description: Standardtastatur (PS/2)
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardtastaturen)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: WAN-Miniport (Netzwerkmonitor)
Description: WAN-Miniport (Netzwerkmonitor)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/24/2014 09:13:29 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (04/24/2014 09:13:21 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"1".
Die abhängige Assemblierung "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (04/24/2014 08:58:44 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (04/24/2014 08:58:38 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"1".
Die abhängige Assemblierung "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (04/23/2014 03:10:04 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (04/23/2014 11:43:19 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (04/23/2014 11:43:19 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (04/23/2014 11:43:17 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (04/23/2014 09:56:15 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (04/23/2014 09:29:06 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"1".
Die abhängige Assemblierung "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".


System errors:
=============
Error: (04/24/2014 09:22:43 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: {10DA4F3C-CC99-4190-BE4D-58330754E882}

Error: (04/24/2014 09:20:43 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "HP Network Devices Support" wurde mit folgendem Fehler beendet: 
%%126

Error: (04/24/2014 09:20:43 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: {10DA4F3C-CC99-4190-BE4D-58330754E882}

Error: (04/24/2014 09:18:43 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "HP Network Devices Support" wurde mit folgendem Fehler beendet: 
%%126

Error: (04/24/2014 09:01:36 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: {10DA4F3C-CC99-4190-BE4D-58330754E882}

Error: (04/24/2014 08:59:36 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "HP Network Devices Support" wurde mit folgendem Fehler beendet: 
%%126

Error: (04/24/2014 08:59:36 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "HP Network Devices Support" wurde mit folgendem Fehler beendet: 
%%126

Error: (04/24/2014 08:59:36 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: {10DA4F3C-CC99-4190-BE4D-58330754E882}

Error: (04/24/2014 08:57:36 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "WinPcap Packet Driver (NPF)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (04/24/2014 08:57:36 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "WinPcap Packet Driver (NPF)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2


Microsoft Office Sessions:
=========================
Error: (04/24/2014 09:13:29 AM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}\recordingmanager.exe

Error: (04/24/2014 09:13:21 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"C:\Program Files (x86)\Hercules\Webcam Station Evolution SE\StationEvSE.exe

Error: (04/24/2014 08:58:44 AM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}\recordingmanager.exe

Error: (04/24/2014 08:58:38 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"C:\Program Files (x86)\Hercules\Webcam Station Evolution SE\StationEvSE.exe

Error: (04/23/2014 03:10:04 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (04/23/2014 11:43:19 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestN:\Sicherheit\esetsmartinstaller_enu.exe

Error: (04/23/2014 11:43:19 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestN:\Sicherheit\esetsmartinstaller_enu.exe

Error: (04/23/2014 11:43:17 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestN:\Sicherheit\esetsmartinstaller_enu.exe

Error: (04/23/2014 09:56:15 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestN:\Sicherheit\esetsmartinstaller_enu.exe

Error: (04/23/2014 09:29:06 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"C:\Program Files (x86)\Hercules\Webcam Station Evolution SE\StationEvSE.exe


CodeIntegrity Errors:
===================================
  Date: 2014-04-19 17:46:30.884
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\kernel32.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-19 17:45:23.265
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\kernel32.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-19 17:45:23.234
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\kernel32.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-19 17:45:23.202
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\kernel32.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-19 17:38:25.096
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\kernel32.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-19 17:27:50.729
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\kernel32.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-19 16:27:55.212
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\kernel32.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-19 15:35:24.653
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\kernel32.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-19 15:28:06.701
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\kernel32.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-19 15:22:34.881
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\kernel32.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info =========================== 

Percentage of memory in use: 51%
Total physical RAM: 4054.54 MB
Available physical RAM: 1984.7 MB
Total Pagefile: 4758.54 MB
Available Pagefile: 2572.97 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (Win8) (Fixed) (Total:465.42 GB) (Free:323.58 GB) NTFS
Drive d: (WD-1) (Fixed) (Total:326.04 GB) (Free:22.83 GB) NTFS
Drive f: (WD-2) (Fixed) (Total:436.08 GB) (Free:40.56 GB) NTFS
Drive g: (Neues Laufwerk) (Fixed) (Total:169.37 GB) (Free:169.05 GB) NTFS
Drive l: (Volume) (Fixed) (Total:931.51 GB) (Free:549.67 GB) NTFS
Drive n: () (Removable) (Total:7.42 GB) (Free:2.03 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 9A96E11F)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 932 GB) (Disk ID: 00000001)
Partition 1: (Not Active) - (Size=436 GB) - (Type=OF Extended)
Partition 2: (Active) - (Size=326 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=169 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 932 GB) (Disk ID: D1278E23)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)

========================================================
Disk: 8 (Size: 7 GB) (Disk ID: 4416DB50)
Partition 1: (Not Active) - (Size=7 GB) - (Type=0B)

==================== End Of Log ============================
--- --- ---

Alt 24.04.2014, 18:49   #8
cafee
 
immer wieder selbsterstellender Ordner auf dem Desktop : Name = Continue Vuu PC - Standard

immer wieder selbsterstellender Ordner auf dem Desktop : Name = Continue Vuu PC


FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-04-2014
Ran by Jörg at 2014-04-24 09:58:23
Running from C:\Users\Jörg\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: ESET NOD32 Antivirus 7.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET NOD32 Antivirus 7.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}

==================== Installed Programs ======================

64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.9.0.1030 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.9.0.1030 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
AIO_CDB_ProductContext (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
AIO_CDB_ToolboxIni64 (Version: 82.0.242.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden
Ancient Wars - Sparta (HKLM-x32\...\{554532CE-43E2-4B4F-BBDE-27742A32C236}) (Version: 1.00.0000 - PlayLogic)
Apple Application Support (HKLM-x32\...\{F5266D28-E0B2-4130-BFC5-EE155AD514DC}) (Version: 2.3 - Apple Inc.)
Ashampoo Burning Studio 9.24 (HKLM-x32\...\Ashampoo Burning Studio 9_is1) (Version: 9.2.4 - ashampoo GmbH & Co. KG)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Camtasia Studio 8 (HKLM-x32\...\{DB93E2C2-851F-44B2-B09C-351D2C624AE1}) (Version: 8.0.4.1060 - TechSmith Corporation)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.1.3868 - CDBurnerXP)
Classic Link Drivers (HKLM-x32\...\{B1549CC1-EB81-4E7C-9C7C-8B97CD9FD37A}) (Version: 3.2.2.1 - Hercules)
Classic Shell (HKLM\...\{CB00799C-0E4F-4FD1-A046-BD24321BCDFF}) (Version: 3.6.5 - IvoSoft)
Copy (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden
DocProcQFolder (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
DVS Video Downloader Addon for Mozilla Firefox version 4.3.3.15 (HKLM-x32\...\DVS Video Downloader Addon for Mozilla Firefox_is1) (Version: 4.3.3.15 - DVDVideoSoft Ltd.)
eJay Dance 6 Reloaded (HKLM-x32\...\YelsieJayDance6Reloaded_is1) (Version:  - Yelsi AG)
ESET NOD32 Antivirus (HKLM\...\{7EE0D9E8-299E-4E7A-8BDE-B1D295E30077}) (Version: 7.0.302.26 - ESET, spol s r. o.)
eSupportQFolder (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
F300 (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
F300_Help (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
F300Trb (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
Far Cry (HKLM-x32\...\InstallShield_{D6DBDC2A-E72C-4284-B6AD-6B3B61B4DABC}) (Version: 1.00.0000 - Ihr Firmenname)
Far Cry (x32 Version: 1.00.0000 - Ihr Firmenname) Hidden
Far Cry 2 (HKLM-x32\...\{F2835483-37F2-4123-B4FE-0E77D58447F2}) (Version: 1.03.00 - Ubisoft)
Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.05 - Ubisoft)
Fax (x32 Version: 140.0.307.000 - Hewlett-Packard) Hidden
Free Studio version 2013 (HKLM-x32\...\Free Studio_is1) (Version: 6.1.4.628 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.1.320 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.1.320 - DVDVideoSoft Ltd.)
Freemake Video Converter Version 4.1.2 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.2 - Ellora Assets Corporation)
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.6.1 - Ellora Assets Corporation)
GEAR driver installer (HKLM-x32\...\{0590062B-1E79-4717-B1AC-45B6DCA43B36}) (Version: 4.001.7 - GEAR Software)
GMX SMS-Manager (HKLM-x32\...\com.unitedinternet.ums.sms-mms-manager) (Version: 2.7.2.6 - 1 und 1 Internet AG)
GMX SMS-Manager (x32 Version: 2.7.2 - 1 und 1 Internet AG) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 31.0.1650.63 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Hercules Classic Webcam Drivers (HKLM-x32\...\{5F0EE12C-44B1-4FCB-87E3-4686C888774A}) (Version: 1.00.0000 - Hercules)
Hercules Webcam Station Evolution SE (HKLM-x32\...\{C3C44248-B8F7-4B20-A5C7-994870B60F55}) (Version: 3.2.2.1 - Hercules)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.12412 - HP)
HP Photosmart Officejet and Deskjet All-In-One Driver Software (HKLM\...\{6F5B70F0-EA6C-4A5B-BB16-8390BD66B251}) (Version: 14.0 - HP)
HP Photosmart, Officejet, PSC and Deskjet All-In-One Driver Software 8.0.B (HKLM\...\{C916D86C-AB76-49c7-B0E4-A946E0FD9BC2}) (Version: 8.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2932 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.36 - Irfan Skiljan)
Java 7 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417025FF}) (Version: 7.0.250 - Oracle)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
K-Lite Codec Pack 9.7.5 (64-bit) (HKLM\...\KLiteCodecPack64_is1) (Version: 9.7.5 - )
K-Lite Codec Pack 9.7.5 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.7.5 - )
LibreOffice 4.0.0.3 (HKLM-x32\...\{8EA569F1-97AF-4C3E-A0CB-4846C2D35A81}) (Version: 4.0.0.3 - The Document Foundation)
Logitech Unifying-Software 2.10 (HKLM\...\Logitech Unifying) (Version: 2.10.37 - Logitech)
MAGIX Foto Manager 10 (HKLM-x32\...\MAGIX_MSI_Foto_Manager_10) (Version: 8.0.1.136 - MAGIX AG)
MAGIX Foto Manager 10 (x32 Version: 8.0.1.136 - MAGIX AG) Hidden
MAGIX Music Maker Rock Edition 4 (HKLM-x32\...\MAGIX_MSI_mm17_rock_edition_4) (Version: 6.0.0.6 - MAGIX AG)
MAGIX Music Maker Rock Edition 4 (x32 Version: 6.0.0.6 - MAGIX AG) Hidden
MAGIX Online Druck Service (HKLM-x32\...\de.magix-fotos.fotobuch.001F9DF2D0BAABEB11F42CCEE43224607B61109C.1) (Version: 1.1.0-478 - myphotobook GmbH)
MAGIX Online Druck Service (x32 Version: 1.1.0 - myphotobook GmbH) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\{D8771580-3651-410C-82CF-EFE11FAD5D81}) (Version: 7.0.2.6 - MAGIX AG)
MarketResearch (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Microsoft Office 97, Professional Edition (HKLM-x32\...\Office8.0) (Version:  - )
Microsoft Text-to-Speech Engine 4.0 (English) (HKLM-x32\...\MSTTS) (Version:  - )
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
Network64 (Version: 140.0.306.000 - Hewlett-Packard) Hidden
Nokia Connectivity Cable Driver (HKLM-x32\...\{A57025CC-5F2E-4D01-B387-06DB10500D43}) (Version: 7.1.78.0 - Nokia)
Nokia PC Suite (HKLM-x32\...\Nokia PC Suite) (Version: 7.1.180.94 - Nokia)
Nokia PC Suite (x32 Version: 7.1.180.94 - Nokia) Hidden
NVIDIA 3D Vision Treiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.65 - NVIDIA Corporation)
NVIDIA Grafiktreiber 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3165 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 331.65 (Version: 331.65 - NVIDIA Corporation) Hidden
NVIDIA Update 1.15.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.15.2 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.15.2 - NVIDIA Corporation) Hidden
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
Opera Stable 19.0.1326.56 (HKLM-x32\...\Opera 19.0.1326.56) (Version: 19.0.1326.56 - Opera Software ASA)
Opera Stable 20.0.1387.91 (HKLM-x32\...\Opera 20.0.1387.91) (Version: 20.0.1387.91 - Opera Software ASA)
Paragon Partition Manager™ 2013 Free (HKLM-x32\...\{47E5588F-C3A0-11DE-9857-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PC Connectivity Solution (HKLM-x32\...\{644F4910-E812-49AD-93EC-86828CB81A0D}) (Version: 12.0.27.0 - Nokia)
PeaZip 4.8.1 (WIN64) (HKLM\...\{5A2BC38A-406C-4A5B-BF45-6991F9A05325}_is1) (Version:  - Giorgio Tani)
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
Radio.fx (HKLM-x32\...\Tobit Radio.fx Server) (Version:  - Tobit.Software)
RealDownloader (x32 Version: 1.3.3 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Sid Meier's Civilization 4 (HKLM-x32\...\{CFBCE791-2D53-4FCE-B3FB-D6E01F4112E8}) (Version: 1.61 - Firaxis Games)
Sid Meier's Civilization 4 (x32 Version: 1.61 - Firaxis Games) Hidden
Skype™ 6.2 (HKLM-x32\...\{1845470B-EB14-4ABC-835B-E36C693DC07D}) (Version: 6.2.106 - Skype Technologies S.A.)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
Stellarium 0.12.0 (HKLM\...\Stellarium_is1) (Version: 0.12.0 - Stellarium team)
Tom Clancy's Rainbow Six: Lockdown (HKLM-x32\...\{3BB33584-3860-4772-AEE9-D8E61F552896}) (Version: 1.02.000 - )
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
Toolbox (x32 Version: 82.0.173.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
TuneUp Utilities 2013 (HKLM-x32\...\TuneUp Utilities 2013) (Version: 13.0.4000.245 - TuneUp Software)
TuneUp Utilities 2013 (x32 Version: 13.0.4000.245 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (x32 Version: 13.0.4000.245 - TuneUp Software) Hidden
UnloadSupport (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
VLC media player 2.1.1 (HKLM\...\VLC media player) (Version: 2.1.1 - VideoLAN)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
Windows-Treiberpaket - Nokia Modem  (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia)
Windows-Treiberpaket - Nokia Modem  (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 - Nokia)
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver  (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)

==================== Restore Points  =========================

15-04-2014 19:14:01 Removed Java 8 (64-bit)
19-04-2014 11:46:02 Wiederherstellungsvorgang
20-04-2014 17:00:24 Windows-Sicherung
22-04-2014 10:24:11 ESET NOD32 Antivirus wurde installiert

==================== Hosts content: ==========================

2012-07-26 07:26 - 2013-11-26 11:49 - 00450639 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1	www.007guard.com
127.0.0.1	007guard.com
127.0.0.1	008i.com
127.0.0.1	www.008k.com
127.0.0.1	008k.com
127.0.0.1	www.00hq.com
127.0.0.1	00hq.com
127.0.0.1	010402.com
127.0.0.1	[¹ã³¡ÎèÀÏÆÅ×î´óÇ¡Ç¡,¹ã³¡ÎèÃñ×åÎè,ÔÆÉѹ㳡ÎèÌÒ»¨ÔËÇ¡Ç¡],2014Ê×Ò³
127.0.0.1	032439.com
127.0.0.1	0Scan.com
127.0.0.1	0scan.com
127.0.0.1	1000gratisproben.com
127.0.0.1	1000gratisproben.com
127.0.0.1	1001namen.com
127.0.0.1	1001namen.com
127.0.0.1	100888290cs.com
127.0.0.1	²©²Êͨ,²©²ÊÍø,½ð±¦²©188,²©²ÊͨÆÀ¼¶,°Ù¼ÒÀÖ,°ÂÃî°Ù¼ÒÀÖ
127.0.0.1	www.100sexlinks.com
127.0.0.1	100sexlinks.com
127.0.0.1	Gadgets And More
127.0.0.1	10sek.com
127.0.0.1	1-2005-search.com
127.0.0.1	1-2005-search.com
127.0.0.1	www.123fporn.info
127.0.0.1	123fporn.info
127.0.0.1	123haustiereundmehr.com
127.0.0.1	www.123haustiereundmehr.com
127.0.0.1	123moviedownload.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

Task: {05CFA7CA-BF05-41AB-856F-44893CE0BA51} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-21] (Adobe Systems Incorporated)
Task: {09EC757E-839C-44BC-AA2C-D886E9D8884E} - System32\Tasks\Real Player-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [2013-12-23] (RealNetworks, Inc.)
Task: {141097DB-C12F-445C-8FC2-698BD3793A01} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2502406073-1232304317-553576181-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {166C6F55-3CC8-4182-ACC5-E8A37B829A1B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-02] (Google Inc.)
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {35834043-4FDA-47E5-AF39-F8FFAF189D4E} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2502406073-1232304317-553576181-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {5A4BF9C9-7222-4C66-AAB6-DE6A8F413F17} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2014-01-31] (Microsoft Corporation)
Task: {70D27CF5-CD25-4EB0-9FCA-64227D8996CB} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {7AEFA786-4A6A-4F2C-91C5-E25ACD7D202C} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2502406073-1232304317-553576181-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {7C906787-F4A2-4645-950A-7561888C806D} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {8367C11D-BAAB-40B6-A64C-B3F392EC5F9B} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe [2014-01-28] (TuneUp Software)
Task: {8E7E0702-2851-4DC2-9484-321D3204C6A5} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-2502406073-1232304317-553576181-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2013-08-14] (RealNetworks, Inc.)
Task: {9541B63D-C604-475C-8255-746756404574} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {980D554F-9C0E-4CCC-960F-6CB2BBA9737C} - System32\Tasks\HP Photo Creations Communicator => C:\ProgramData\HP Photo Creations\Communicator.exe [2011-09-20] ()
Task: {A35DB7B2-E473-40DB-A0DF-66554079B6E7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-02] (Google Inc.)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {E872139C-651C-4CA8-931F-D780A5ED0D96} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {F1C674C6-0FC9-4D0C-B9DA-F7769BDAF654} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2502406073-1232304317-553576181-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HP Photo Creations Communicator.job => C:\ProgramData\HP Photo Creations\Communicator.exe

==================== Loaded Modules (whitelisted) =============

2013-03-02 15:00 - 2013-10-23 10:20 - 00102176 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-03-04 21:06 - 2013-06-03 13:06 - 03999512 _____ () C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe
2013-08-14 16:19 - 2013-08-14 16:19 - 00039056 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2014-01-28 10:37 - 2014-01-28 10:37 - 00741176 _____ () C:\Program Files (x86)\TuneUp Utilities 2013\avgrepliba.dll
2013-03-02 13:57 - 2013-03-02 13:57 - 00175008 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2013-03-02 14:47 - 2012-08-09 12:55 - 00078480 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\QsApoApi64.dll
2013-03-02 14:47 - 2012-08-09 12:55 - 00386192 _____ () C:\Program Files (x86)\VIA\VIAudioi\VDeck\Dts2ApoApi64.dll
2014-02-18 00:19 - 2014-02-18 00:19 - 00017920 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\PSIClient\b7497ee745bead9869f53a314470edeb\PSIClient.ni.dll
2013-06-26 20:12 - 2014-02-16 13:39 - 03578992 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: avast! Firewall NDIS Filter Miniport
Description: avast! Firewall NDIS Filter Miniport
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: ALWIL Software
Service: aswNdis
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.

Name: Standardtastatur (PS/2)
Description: Standardtastatur (PS/2)
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardtastaturen)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: WAN-Miniport (Netzwerkmonitor)
Description: WAN-Miniport (Netzwerkmonitor)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/24/2014 09:13:29 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (04/24/2014 09:13:21 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"1".
Die abhängige Assemblierung "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (04/24/2014 08:58:44 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (04/24/2014 08:58:38 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"1".
Die abhängige Assemblierung "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (04/23/2014 03:10:04 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (04/23/2014 11:43:19 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (04/23/2014 11:43:19 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (04/23/2014 11:43:17 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (04/23/2014 09:56:15 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifest.

Error: (04/23/2014 09:29:06 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"1".
Die abhängige Assemblierung "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".


System errors:
=============
Error: (04/24/2014 09:22:43 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: {10DA4F3C-CC99-4190-BE4D-58330754E882}

Error: (04/24/2014 09:20:43 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "HP Network Devices Support" wurde mit folgendem Fehler beendet: 
%%126

Error: (04/24/2014 09:20:43 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: {10DA4F3C-CC99-4190-BE4D-58330754E882}

Error: (04/24/2014 09:18:43 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "HP Network Devices Support" wurde mit folgendem Fehler beendet: 
%%126

Error: (04/24/2014 09:01:36 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: {10DA4F3C-CC99-4190-BE4D-58330754E882}

Error: (04/24/2014 08:59:36 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "HP Network Devices Support" wurde mit folgendem Fehler beendet: 
%%126

Error: (04/24/2014 08:59:36 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "HP Network Devices Support" wurde mit folgendem Fehler beendet: 
%%126

Error: (04/24/2014 08:59:36 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: {10DA4F3C-CC99-4190-BE4D-58330754E882}

Error: (04/24/2014 08:57:36 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "WinPcap Packet Driver (NPF)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (04/24/2014 08:57:36 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "WinPcap Packet Driver (NPF)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2


Microsoft Office Sessions:
=========================
Error: (04/24/2014 09:13:29 AM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"C:\Windows\Installer\{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}\recordingmanager.exe

Error: (04/24/2014 09:13:21 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"C:\Program Files (x86)\Hercules\Webcam Station Evolution SE\StationEvSE.exe

Error: (04/24/2014 08:58:44 AM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="&#x2a;",type="win32",version="1.0.0.0"C:\Windows\Installer\{C8E8D2E3-EF6A-4B1D-A09E-7B27EBE2F3CE}\recordingmanager.exe

Error: (04/24/2014 08:58:38 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"C:\Program Files (x86)\Hercules\Webcam Station Evolution SE\StationEvSE.exe

Error: (04/23/2014 03:10:04 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (04/23/2014 11:43:19 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestN:\Sicherheit\esetsmartinstaller_enu.exe

Error: (04/23/2014 11:43:19 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestN:\Sicherheit\esetsmartinstaller_enu.exe

Error: (04/23/2014 11:43:17 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestN:\Sicherheit\esetsmartinstaller_enu.exe

Error: (04/23/2014 09:56:15 AM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_418ab7ef718b27ef.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9200.16579_none_8937eec6860750f5.manifestN:\Sicherheit\esetsmartinstaller_enu.exe

Error: (04/23/2014 09:29:06 AM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"C:\Program Files (x86)\Hercules\Webcam Station Evolution SE\StationEvSE.exe


CodeIntegrity Errors:
===================================
  Date: 2014-04-19 17:46:30.884
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\kernel32.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-19 17:45:23.265
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\kernel32.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-19 17:45:23.234
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\kernel32.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-19 17:45:23.202
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\kernel32.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-19 17:38:25.096
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\kernel32.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-19 17:27:50.729
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\kernel32.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-19 16:27:55.212
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\kernel32.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-19 15:35:24.653
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\kernel32.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-19 15:28:06.701
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\kernel32.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-04-19 15:22:34.881
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\kernel32.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info =========================== 

Percentage of memory in use: 51%
Total physical RAM: 4054.54 MB
Available physical RAM: 1984.7 MB
Total Pagefile: 4758.54 MB
Available Pagefile: 2572.97 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (Win8) (Fixed) (Total:465.42 GB) (Free:323.58 GB) NTFS
Drive d: (WD-1) (Fixed) (Total:326.04 GB) (Free:22.83 GB) NTFS
Drive f: (WD-2) (Fixed) (Total:436.08 GB) (Free:40.56 GB) NTFS
Drive g: (Neues Laufwerk) (Fixed) (Total:169.37 GB) (Free:169.05 GB) NTFS
Drive l: (Volume) (Fixed) (Total:931.51 GB) (Free:549.67 GB) NTFS
Drive n: () (Removable) (Total:7.42 GB) (Free:2.03 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 9A96E11F)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 932 GB) (Disk ID: 00000001)
Partition 1: (Not Active) - (Size=436 GB) - (Type=OF Extended)
Partition 2: (Active) - (Size=326 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=169 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 932 GB) (Disk ID: D1278E23)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)

========================================================
Disk: 8 (Size: 7 GB) (Disk ID: 4416DB50)
Partition 1: (Not Active) - (Size=7 GB) - (Type=0B)

==================== End Of Log ============================
--- --- ---


Guten morgen Schrauber , habe eben noch mal den FRST.txt und Addition.txt gepostet und poste gleich noch mal den letzten Log.txt von Eset !
Ich Unternehme erst mal nichts weiter
glg cafee

Hier der letzte Log von Eset =
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=d19d6d2f410c8242aedb530bcc321260
# engine=17988
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-04-23 12:45:48
# local_time=2014-04-23 02:45:48 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.2.9200 NT
# compatibility_mode=5893 16776574 100 94 333967 37977439 0 0
# scanned=309371
# found=0
# cleaned=0
# scan_time=9498
# nod_component=V3 Build:0x30000000

Vorhin als hier online war und in meinem GMX Account wo ich nach mails schaute stürzte der Mozilla Firefox ab und nix mehr ging mehr weder Maus oder Tastaturbefehle ! Es blieb bloß noch den Pc vom Netz trennen und Pc ausschalten.
Fuhr ihn danach hoch ohne Netz und ging eben online bei GMX wo ich dann diese mail fand =

Liebes GMX Mitglied,

eine an Sie adressierte E-Mail wurde von unserem Virenscanner
als gefährlich eingestuft.


Um weiteren Schaden für Sie auszuschließen, wurde die E-Mail gelöscht.

Es folgen Details zu der betroffenen E-Mail:

Von: "Juliana Gold" <randomizedos205@altria.com>
An: <w.ilyan@gmx.de>
Datum: Thu, 24 Apr 2014 12:32:34 +0000
Betreff: Payment notice #107880

Falls Ihnen der Absender persönlich bekannt ist, sollten Sie sich mit
ihm in Verbindung setzen und ihn darauf hinweisen, dass sein PC
wahrscheinlich von einem Virus befallen ist.

Die Einstellungen zu Ihrem GMX Virenscanner können Sie jederzeit unter
Optionen/Virenschutz anpassen.

Ihr GMX Team

[ Dies ist eine automatisch generierte Nachricht, bitte
antworten Sie nicht an diesen Absender. Weitere Informationen
finden Sie in der Online-Hilfe unter h..p://faq.gmx.net ]

das war schon Merkwürdig denn ich kenne diese Frau nicht , hatte nach dem Absturz das Passwort geändert was ich gestern schon tat und 3 Einlogversuche waren !

Alt 25.04.2014, 18:42   #9
schrauber
/// the machine
/// TB-Ausbilder
 
immer wieder selbsterstellender Ordner auf dem Desktop : Name = Continue Vuu PC - Standard

immer wieder selbsterstellender Ordner auf dem Desktop : Name = Continue Vuu PC


Das ist einfach ne Spam Mail mit Malware, die bekommt man halt einfach so. Irgendwie arte ich noch auf das Log von ESET mit den abermillionen bösen Funden
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu immer wieder selbsterstellender Ordner auf dem Desktop : Name = Continue Vuu PC
79bjm5me7g.exe (trojan.vupx.gen), avast, bericht, besten, continue, desktop, downloader, escan, eset, installation, java, log, maus, neustart, nicht mehr, nichts, onlinescan, ordner, probleme, scan, seite, spybot, temp, update, version, virus, windows


« Malware und unzählige neue Programme nach Java Update | Avast free führte zu Abstürzen »


Ähnliche Themen: immer wieder selbsterstellender Ordner auf dem Desktop : Name = Continue Vuu PC


  1. Continue Live Installation erscheint immer wieder...
    Log-Analyse und Auswertung - 12.04.2015 (11)
  2. Unter C\PragramData erstellt sich immer wieder ein Ordner Boost_interprocess
    Plagegeister aller Art und deren Bekämpfung - 06.10.2014 (10)
  3. Ordner kehrt immer wieder zurück: C:\ProgramData\boost_interprocess?
    Plagegeister aller Art und deren Bekämpfung - 28.02.2014 (22)
  4. immer wieder neue Setup.exe in Temp-Ordner
    Plagegeister aller Art und deren Bekämpfung - 31.12.2013 (12)
  5. Ordner Boost_interprocess immer wieder da !
    Plagegeister aller Art und deren Bekämpfung - 21.10.2013 (21)
  6. Werde immer wieder auf den Desktop geworfen
    Alles rund um Windows - 02.05.2013 (19)
  7. Werde immer wieder auf den Desktop geworfen
    Plagegeister aller Art und deren Bekämpfung - 20.04.2013 (5)
  8. Werde immer wieder auf den Desktop geworfen
    Plagegeister aller Art und deren Bekämpfung - 27.03.2013 (7)
  9. Es erstellt sich immer ein Ordner und er kommt immer wieder
    Plagegeister aller Art und deren Bekämpfung - 14.04.2011 (1)
  10. Unregelmäßigkeiten auf Bankseite und immer wieder svchost.exe im Temp Ordner
    Plagegeister aller Art und deren Bekämpfung - 01.07.2010 (1)
  11. svchost.exe erstellt sich immer wieder neu im TEMP Ordner
    Plagegeister aller Art und deren Bekämpfung - 18.01.2010 (1)
  12. nach jedem Neustart immer ein Ordner Neuer Ordner auf dem Desktop
    Alles rund um Windows - 11.11.2009 (1)
  13. TR/Agent.iob immer wieder im temp Ordner - wie krieg ich den weg ?
    Plagegeister aller Art und deren Bekämpfung - 12.11.2008 (1)
  14. Trojaner generiert sich immer wieder neu im windows/temp ordner
    Log-Analyse und Auswertung - 21.07.2007 (8)
  15. Immer wieder auf den Desktop zurück
    Alles rund um Windows - 24.12.2006 (2)
  16. Ordner und exe kommen immer wieder
    Log-Analyse und Auswertung - 05.12.2006 (3)
  17. Desktop verschwindet immer wieder
    Log-Analyse und Auswertung - 28.04.2005 (4)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema immer wieder selbsterstellender Ordner auf dem Desktop : Name = Continue Vuu PC - Hallo , hoffe da ich noch nicht so recht hier durchblicke alles erstmal einigermaßen rüber bringe ? Ich hatte arge Probleme mit (wohl einem Virus) der mir laufend den Ordner - immer wieder selbsterstellender Ordner auf dem Desktop : Name = Continue Vuu PC...
Archiv
Du betrachtest: immer wieder selbsterstellender Ordner auf dem Desktop : Name = Continue Vuu PC auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55