Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Link zur eigenen Webseite spinnt

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 01.05.2014, 07:39   #1
jola58
 
Link zur eigenen Webseite spinnt - Standard

Link zur eigenen Webseite spinnt



Hallo

Ich habe folgendes Problem. Wenn ich bei Google ein Stichwort eingebe, um meine eigene Webseite zu finden, z. B. lernprogramme, und dann auf den Link zu meiner Webseite klicke, passiert es manchmal, dass sich eine andere Seite öffnet. Dies auch manchmal bei andern PCs. Es öffnet sich machmal dann eine leere Google-Seite, oder eine ganz unbekannte Seite, wo auch schon WinPatrol aufgejault hat. Das ist jedoch erst 1 Mal passiert.

Und wenn ich auf den zurück-Pfeil klicke, komme ich nicht mehr auf die Seite davor mit den Links, sondern auf eine leere Google Suchseite.

Dies passiert jedoch nur mit meiner Webseite und meinem PC, mit allen anderen Links funktioniert es einwandfrei. Innerhalb meiner Webseite funktioniert auch der zurück-Button, nur wenn ich zurück zu google-seite gehe, kommt die leere Google-Seite.
Ich google mit Firefox, benutze Windows7.

Vielen Dank für eure Hilfe.

Jola

Alt 01.05.2014, 15:29   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Link zur eigenen Webseite spinnt - Standard

Link zur eigenen Webseite spinnt



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 01.05.2014, 15:50   #3
jola58
 
Link zur eigenen Webseite spinnt - Standard

Link zur eigenen Webseite spinnt



Hi

Vielen Dank, dass du Zeit für mich nimmst. Hier die geforderten Daten:


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-05-2014
Ran by Savitri (administrator) on SAVITRI on 01-05-2014 16:44:43
Running from C:\Users\Savitri\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\D-Link\DWA-140 revB\ANIWConnService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Brio) C:\Program Files\FolderSize\FolderSizeSvc.exe
(hMailServer) C:\Program Files (x86)\hMailServer\Bin\hMailServer.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
() C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe
(brother) C:\Program Files (x86)\Brownie\BrStsW64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(RealNetworks, Inc.) C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
(BillP Studios) C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [610360 2009-07-08] ()
HKLM\...\Run: [Monitor] => C:\Windows\PixArt\PAC7311\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM-x32\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-05-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [60464 2009-06-22] (EasyBits Software AS)
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [BrStsWnd] => C:\Program Files (x86)\Brownie\BrstsW64.exe [963072 2008-01-08] (brother)
HKLM-x32\...\Run: [UpdatePDRShortCut] => c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [D-Link D-Link DWA-140] => C:\Program Files (x86)\D-Link\DWA-140 revB\AirNCFG.exe [1074496 2011-06-29] (D-Link Corp.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640 2014-04-09] (AVAST Software)
HKLM-x32\...\Run: [Ad-Aware Browsing Protection] => C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [559696 2013-09-27] (Lavasoft)
HKLM-x32\...\Run: [Magic Desktop for HP notification] => C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe [1243656 2013-12-11] (Easybits)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [TkBellExe] => c:\program files (x86)\real\realplayer\Update\realsched.exe [296520 2014-04-04] (RealNetworks, Inc.)
HKLM\...\RunOnce: [NCPluginUpdater] - "c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\NCPluginUpdater.exe" Update [21720 2014-04-22] (Hewlett-Packard)
HKLM-x32\...\RunOnce: [20131224] - C:\Program Files\AVAST Software\Avast\setup\emupdate\b5c27391-06b5-4d2b-9bdd-367dc756b430.exe /check [181136 2014-04-29] (AVAST Software)
HKU\S-1-5-21-842135949-2711248906-428214252-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-842135949-2711248906-428214252-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-842135949-2711248906-428214252-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-842135949-2711248906-428214252-1000\...\Run: [WinPatrol] => C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe [533568 2014-04-23] (BillP Studios)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk
ShortcutTarget: RealPlayer Cloud Service UI.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe (RealNetworks, Inc.)
Startup: C:\Users\Savitri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {71398C2C-687B-4CD9-8A25-501D138F73E6} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1452&query={searchTerms}&invocationType=tb50hpcndtie7-de-ch
SearchScopes: HKLM - {71398C2C-687B-4CD9-8A25-501D138F73E6} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1452&query={searchTerms}&invocationType=tb50hpcndtie7-de-ch
SearchScopes: HKCU - DefaultScope {71398C2C-687B-4CD9-8A25-501D138F73E6} URL = 
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll (RealDownloader)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKLM-x32 - No Name - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} -  No File
Toolbar: HKCU - No Name - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} -  No File
DPF: HKLM-x32 {4FF78044-96B4-4312-A5B7-FDA3CB328095} 
DPF: HKLM-x32 {5C051655-FCD5-4969-9182-770EA5AA5565} hxxp://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455} 
DPF: HKLM-x32 {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52272 2009-09-11] (EasyBits Software Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Savitri\AppData\Roaming\Mozilla\Firefox\Profiles\psydjhqg.Savitri
FF Homepage: https://www.google.ch/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()
FF Plugin: @java.com/DTPlugin,version=10.17.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=17.0.6.13 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=17.0.6 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=17.0.6 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=17.0.6 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=12.0.1.669 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=12.0.1.669 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=17.0.6.13 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer Cloud)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @movenetworks.com/Quantum Media Player - C:\Users\Savitri\AppData\Roaming\Move Networks\plugins\071802000001\npqmp071802000001.dll (Move Networks)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\libdivx.dll (The OpenSSL Project, hxxp://www.openssl.org/)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdivx32.dll (DivX,Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll (RealPlayer Cloud)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ssldivx.dll (The OpenSSL Project, hxxp://www.openssl.org/)
FF SearchPlugin: C:\Users\Savitri\AppData\Roaming\Mozilla\Firefox\Profiles\psydjhqg.Savitri\searchplugins\safeguard-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: WOT - C:\Users\Savitri\AppData\Roaming\Mozilla\Firefox\Profiles\psydjhqg.Savitri\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-11-27]
FF Extension: NoScript - C:\Users\Savitri\AppData\Roaming\Mozilla\Firefox\Profiles\psydjhqg.Savitri\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-10-01]
FF Extension: Web Developer - C:\Users\Savitri\AppData\Roaming\Mozilla\Firefox\Profiles\psydjhqg.Savitri\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2012-08-21]
FF Extension: Adblock Plus - C:\Users\Savitri\AppData\Roaming\Mozilla\Firefox\Profiles\psydjhqg.Savitri\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-01]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-03-29]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-03-29]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2014-03-29]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-11-27]
FF HKLM-x32\...\Firefox\Extensions: [{8E8D8D12-A43B-4289-994D-DF2C7C0EF736}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []

==================== Services (Whitelisted) =================

S4 Apache2.4; C:\xampp\apache\bin\httpd.exe [22016 2012-08-18] (Apache Software Foundation)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-09] (AVAST Software)
R2 D_Link_DWA-140_WPS; C:\Program Files (x86)\D-Link\DWA-140 revB\ANIWConnService.exe [53248 2010-07-12] ()
R2 FolderSize; C:\Program Files\FolderSize\FolderSizeSvc.exe [167936 2010-04-06] (Brio)
R2 hMailServer; C:\Program Files (x86)\hMailServer\Bin\hMailServer.exe [5395968 2010-06-07] (hMailServer)
S2 MAGIX StartUp Analyze Service; C:\Program Files (x86)\MAGIX\PC_Check_Tuning_Free_2011\MXSAS.exe [186368 2010-11-04] (MAGIX AG)
S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S4 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-02-12] ()
R2 RealPlayer Cloud Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1141336 2014-04-04] (RealNetworks, Inc.)
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [23552 2014-02-14] ()
R2 RichVideo; C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe [247152 2009-04-17] ()
R2 ezSharedSvc; C:\Windows\System32\ezsvc7.dll [X]

==================== Drivers (Whitelisted) ====================

R1 anodlwf; C:\Windows\System32\DRIVERS\anodlwfx.sys [15872 2011-02-21] ()
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-04-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-04-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-04-09] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-04-09] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-04-09] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [84816 2014-04-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208928 2014-04-09] ()
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [104912 2007-11-07] (EZB Systems, Inc.)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 netr28ux; C:\Windows\System32\DRIVERS\Dnetr28ux.sys [1617472 2011-04-28] (Ralink Technology Corp.)
S3 PAC7311; C:\Windows\System32\DRIVERS\PA707UCM.SYS [602112 2006-11-08] (PixArt Imaging Inc.)
S4 ATIXPGAA; \??\C:\Program Files\PC-Doctor for Windows\ATIXPGAA.SYS [X]
S4 catchme; \??\C:\ComboFix\catchme.sys [X]
U3 DfSdkS; 
U4 esgiguard; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-01 16:44 - 2014-05-01 16:44 - 00021110 _____ () C:\Users\Savitri\Downloads\FRST.txt
2014-05-01 16:44 - 2014-05-01 16:44 - 00000000 ____D () C:\FRST
2014-05-01 16:43 - 2014-05-01 16:44 - 02061824 _____ (Farbar) C:\Users\Savitri\Downloads\FRST64.exe
2014-04-30 17:37 - 2014-04-06 08:36 - 01016261 _____ (Thisisu) C:\Users\Savitri\Desktop\JRT_NEW.exe
2014-04-27 08:19 - 2014-04-27 08:19 - 00002672 _____ () C:\Windows\System32\Tasks\ReclaimerResumeInstallLogin_Savitri
2014-04-27 08:19 - 2014-04-27 08:19 - 00000382 _____ () C:\Windows\Tasks\ReclaimerResumeInstallLogin_Savitri.job
2014-04-25 16:33 - 2014-04-25 16:33 - 01130024 _____ (BillP Studios) C:\Users\Savitri\Downloads\wpsetup.exe
2014-04-24 10:18 - 2014-04-24 10:18 - 06358130 _____ () C:\Users\Savitri\Documents\Produce.wmv
2014-04-20 07:36 - 2014-04-20 07:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-04-20 07:36 - 2014-04-14 20:13 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-20 07:36 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-20 07:36 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-20 07:36 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-20 07:35 - 2014-04-20 07:36 - 00004161 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-19 16:41 - 2014-04-19 16:41 - 00010123 _____ () C:\Users\Savitri\Desktop\Arbeitsmappe1.xlsx
2014-04-10 20:27 - 2014-04-28 17:11 - 00003342 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-842135949-2711248906-428214252-1000
2014-04-10 20:02 - 2014-03-06 12:21 - 23549440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-10 20:02 - 2014-03-06 11:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-10 20:02 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-10 20:02 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-10 20:02 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-10 20:02 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-10 20:02 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-10 20:02 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-10 20:02 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-10 20:02 - 2014-03-06 10:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-10 20:02 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-10 20:02 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-10 20:02 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-10 20:02 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-10 20:02 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-10 20:02 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-10 20:02 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-10 20:02 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-10 20:02 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-10 20:02 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-10 20:02 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-10 20:02 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-10 20:02 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-10 20:02 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-10 20:02 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-10 20:02 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-10 20:02 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-10 20:02 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-10 20:02 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-10 20:02 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-10 20:02 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-10 20:02 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-10 20:02 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-10 20:02 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-10 20:02 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-10 20:02 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-10 20:02 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-10 20:02 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-10 20:01 - 2014-03-06 11:19 - 17387008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-10 20:01 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-10 20:01 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-10 20:01 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-10 20:01 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-10 20:01 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-10 20:01 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-10 20:01 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-10 20:01 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-10 20:01 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-09 16:32 - 2014-04-09 16:32 - 00001928 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-04-09 16:31 - 2014-04-09 16:31 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-09 13:56 - 2014-04-26 13:44 - 00000000 ____D () C:\Users\Savitri\Documents\My Podcasts
2014-04-09 08:45 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-09 08:45 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-09 08:45 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-09 08:45 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-09 08:45 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-09 08:45 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-09 08:45 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-09 08:45 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-09 08:45 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-09 08:45 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-09 08:45 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-09 08:45 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-09 08:45 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-09 08:45 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-09 08:45 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-09 08:45 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-09 08:45 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-08 08:23 - 2014-04-08 08:33 - 00000000 ____D () C:\Users\Savitri\Desktop\CD_OG
2014-04-08 08:11 - 2014-04-14 08:08 - 00000000 ____D () C:\Program Files (x86)\Wahrnehmung Optisches Gedächtnis
2014-04-07 07:51 - 2014-04-07 07:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KompoZer
2014-04-07 07:51 - 2014-04-07 07:51 - 00000000 ____D () C:\Program Files (x86)\KompoZer
2014-04-07 07:42 - 2014-04-07 07:42 - 00001226 _____ () C:\Users\Savitri\Desktop\Revo Uninstaller.lnk
2014-04-07 07:42 - 2014-04-07 07:42 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-04-04 08:13 - 2014-04-04 08:13 - 00000000 ____D () C:\Users\Savitri\AppData\Roaming\RealNetworks
2014-04-04 08:13 - 2014-04-04 08:13 - 00000000 ____D () C:\ProgramData\RealNetworks
2014-04-04 08:13 - 2014-04-04 08:13 - 00000000 ____D () C:\Program Files (x86)\RealNetworks
2014-04-04 08:12 - 2014-04-04 08:12 - 00201800 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\rmoc3260.dll
2014-04-04 08:11 - 2014-04-04 08:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
2014-04-04 08:11 - 2014-04-04 08:11 - 00278600 _____ (Progressive Networks) C:\Windows\SysWOW64\pncrt.dll
2014-04-04 08:07 - 2014-04-20 07:37 - 00000000 ____D () C:\ProgramData\Oracle

==================== One Month Modified Files and Folders =======

2014-05-01 16:44 - 2014-05-01 16:44 - 00021110 _____ () C:\Users\Savitri\Downloads\FRST.txt
2014-05-01 16:44 - 2014-05-01 16:44 - 00000000 ____D () C:\FRST
2014-05-01 16:44 - 2014-05-01 16:43 - 02061824 _____ (Farbar) C:\Users\Savitri\Downloads\FRST64.exe
2014-05-01 16:41 - 2012-12-23 15:12 - 00000000 ____D () C:\mp-os
2014-05-01 16:01 - 2013-03-25 23:05 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-01 15:48 - 2009-12-13 16:50 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-01 15:44 - 2009-10-07 20:23 - 01412649 _____ () C:\Windows\WindowsUpdate.log
2014-05-01 11:02 - 2012-04-06 14:10 - 00000000 ____D () C:\mp-mathe2
2014-05-01 07:48 - 2009-12-13 16:50 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-01 07:43 - 2013-11-27 17:45 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-05-01 07:43 - 2010-07-03 10:14 - 00184079 _____ () C:\Windows\setupact.log
2014-04-30 17:35 - 2014-02-05 17:04 - 00000000 ____D () C:\Users\Savitri\Desktop\Reinigung
2014-04-30 17:31 - 2013-01-01 15:48 - 00000000 ____D () C:\CD_OS
2014-04-30 17:22 - 2013-04-25 15:35 - 00000000 ____D () C:\Users\Savitri\AppData\Roaming\Skype
2014-04-30 15:13 - 2012-08-16 14:06 - 00000000 ____D () C:\mp-rechtschreibung2
2014-04-30 14:38 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-04-30 14:11 - 2013-05-29 16:44 - 00000000 ____D () C:\mp-OG
2014-04-30 14:11 - 2009-09-12 05:13 - 00718394 _____ () C:\Windows\system32\perfh007.dat
2014-04-30 14:11 - 2009-09-12 05:13 - 00158028 _____ () C:\Windows\system32\perfc007.dat
2014-04-30 14:11 - 2009-07-14 07:13 - 01672424 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-30 10:41 - 2009-10-31 15:14 - 00000552 _____ () C:\Windows\Tasks\PCDRScheduledMaintenance.job
2014-04-29 16:01 - 2013-03-25 23:05 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-29 16:01 - 2013-03-25 23:05 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-29 16:01 - 2013-01-31 20:32 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-29 15:59 - 2013-06-04 07:15 - 00000000 ____D () C:\mp-lega
2014-04-28 17:11 - 2014-04-10 20:27 - 00003342 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-842135949-2711248906-428214252-1000
2014-04-28 14:55 - 2013-05-29 16:44 - 00000000 ____D () C:\CD_OG
2014-04-28 14:50 - 2012-10-08 16:35 - 00000000 ____D () C:\mp-lesen7
2014-04-27 08:19 - 2014-04-27 08:19 - 00002672 _____ () C:\Windows\System32\Tasks\ReclaimerResumeInstallLogin_Savitri
2014-04-27 08:19 - 2014-04-27 08:19 - 00000382 _____ () C:\Windows\Tasks\ReclaimerResumeInstallLogin_Savitri.job
2014-04-26 13:44 - 2014-04-09 13:56 - 00000000 ____D () C:\Users\Savitri\Documents\My Podcasts
2014-04-26 09:43 - 2010-11-27 16:46 - 00013030 _____ () C:\PDOXUSRS.NET
2014-04-26 09:43 - 2009-07-14 04:34 - 00001460 _____ () C:\Windows\win.ini
2014-04-25 18:51 - 2009-10-31 23:28 - 00000000 ____D () C:\Users\Savitri\AppData\Roaming\FileZilla
2014-04-25 17:29 - 2013-06-04 07:15 - 00000000 ____D () C:\CD_Lega
2014-04-25 16:34 - 2014-01-29 15:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPatrol
2014-04-25 16:34 - 2014-01-29 15:15 - 00000000 ____D () C:\ProgramData\InstallMate
2014-04-25 16:33 - 2014-04-25 16:33 - 01130024 _____ (BillP Studios) C:\Users\Savitri\Downloads\wpsetup.exe
2014-04-25 07:56 - 2009-11-01 21:27 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-04-25 07:55 - 2011-11-10 18:10 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-04-24 16:52 - 2013-03-15 17:16 - 00000000 ____D () C:\Users\Savitri\Desktop\Lernprogramme
2014-04-24 16:51 - 2013-04-16 15:50 - 00000000 ____D () C:\Users\Savitri\Desktop\videos für youtube
2014-04-24 16:33 - 2013-10-07 16:36 - 00000000 ____D () C:\Users\Savitri\AppData\Local\Paint.NET
2014-04-24 10:18 - 2014-04-24 10:18 - 06358130 _____ () C:\Users\Savitri\Documents\Produce.wmv
2014-04-24 09:37 - 2012-08-13 15:50 - 00000000 ____D () C:\Users\Savitri\Desktop\video
2014-04-20 07:37 - 2014-04-04 08:07 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-20 07:36 - 2014-04-20 07:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-04-20 07:36 - 2014-04-20 07:35 - 00004161 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-20 07:36 - 2009-11-05 19:50 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-19 16:41 - 2014-04-19 16:41 - 00010123 _____ () C:\Users\Savitri\Desktop\Arbeitsmappe1.xlsx
2014-04-19 07:40 - 2009-10-31 17:29 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-18 14:50 - 2014-02-18 18:51 - 00000000 ____D () C:\vorlagen februar 2014
2014-04-16 14:15 - 2012-11-10 16:52 - 00000000 ____D () C:\Datenbanken
2014-04-16 08:42 - 2009-07-14 06:45 - 00015792 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-16 08:42 - 2009-07-14 06:45 - 00015792 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-16 08:31 - 2012-06-23 07:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView
2014-04-14 20:13 - 2014-04-20 07:36 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-14 20:05 - 2014-04-20 07:36 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-14 20:05 - 2014-04-20 07:36 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-14 20:04 - 2014-04-20 07:36 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-14 08:27 - 2014-01-25 09:59 - 00000000 ____D () C:\Users\Savitri\AppData\Roaming\CreateInstall Light
2014-04-14 08:23 - 2014-01-01 16:08 - 00000000 ____D () C:\Program Files (x86)\Aufmerksamkeit
2014-04-14 08:22 - 2013-06-01 14:08 - 00000000 ____D () C:\mp-AS
2014-04-14 08:18 - 2012-10-12 13:31 - 00000000 ____D () C:\mp-mathe5
2014-04-14 08:08 - 2014-04-08 08:11 - 00000000 ____D () C:\Program Files (x86)\Wahrnehmung Optisches Gedächtnis
2014-04-13 20:24 - 2013-05-03 14:49 - 00000440 _____ () C:\Windows\Tasks\PCCT - MAGIX AG.job
2014-04-13 17:29 - 2009-11-09 11:41 - 00000000 ____D () C:\Users\Savitri\AppData\Roaming\Audacity
2014-04-10 20:59 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-04-10 20:26 - 2009-12-18 15:19 - 00000324 _____ () C:\Windows\Brownie.ini
2014-04-10 20:22 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-10 20:20 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-10 11:09 - 2012-10-11 16:27 - 00000000 ____D () C:\mp-lesen9
2014-04-10 09:41 - 2012-08-05 19:32 - 00000000 ____D () C:\Users\Savitri\Desktop\Maerchen
2014-04-09 20:28 - 2010-07-04 08:26 - 00776978 _____ () C:\Windows\PFRO.log
2014-04-09 20:17 - 2012-09-09 19:56 - 00003946 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{10F27B3E-2E9E-47DB-ADB4-4D06C7998B75}
2014-04-09 20:08 - 2013-08-10 19:09 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-09 20:04 - 2009-11-01 09:44 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-09 16:32 - 2014-04-09 16:32 - 00001928 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-04-09 16:32 - 2014-01-04 09:28 - 00084816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-04-09 16:32 - 2013-11-27 17:45 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-04-09 16:32 - 2013-11-27 17:45 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-04-09 16:32 - 2013-11-27 17:45 - 00208928 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-04-09 16:32 - 2013-11-27 17:45 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-04-09 16:32 - 2013-11-27 17:45 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-04-09 16:32 - 2011-06-09 09:28 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-04-09 16:31 - 2014-04-09 16:31 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-09 16:31 - 2013-11-27 17:45 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-04-08 15:28 - 2010-04-08 10:35 - 00000000 ____D () C:\Users\Savitri\AppData\Roaming\vlc
2014-04-08 08:33 - 2014-04-08 08:23 - 00000000 ____D () C:\Users\Savitri\Desktop\CD_OG
2014-04-07 15:20 - 2013-04-07 14:48 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2014-04-07 15:20 - 2013-04-07 14:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-04-07 07:51 - 2014-04-07 07:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KompoZer
2014-04-07 07:51 - 2014-04-07 07:51 - 00000000 ____D () C:\Program Files (x86)\KompoZer
2014-04-07 07:50 - 2014-01-14 17:16 - 00000000 ____D () C:\Users\Savitri\Documents\Lernprogramme-Hilfsprogramme
2014-04-07 07:49 - 2014-01-18 17:26 - 00000000 ____D () C:\Users\Savitri\AppData\Roaming\KompoZer
2014-04-07 07:42 - 2014-04-07 07:42 - 00001226 _____ () C:\Users\Savitri\Desktop\Revo Uninstaller.lnk
2014-04-07 07:42 - 2014-04-07 07:42 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-04-07 07:39 - 2013-05-28 18:46 - 00000000 ____D () C:\CD_OD
2014-04-06 08:36 - 2014-04-30 17:37 - 01016261 _____ (Thisisu) C:\Users\Savitri\Desktop\JRT_NEW.exe
2014-04-04 08:13 - 2014-04-04 08:13 - 00000000 ____D () C:\Users\Savitri\AppData\Roaming\RealNetworks
2014-04-04 08:13 - 2014-04-04 08:13 - 00000000 ____D () C:\ProgramData\RealNetworks
2014-04-04 08:13 - 2014-04-04 08:13 - 00000000 ____D () C:\Program Files (x86)\RealNetworks
2014-04-04 08:13 - 2014-04-04 08:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
2014-04-04 08:13 - 2009-11-22 18:12 - 00000000 ____D () C:\Users\Savitri\AppData\Roaming\Real
2014-04-04 08:13 - 2009-11-22 18:12 - 00000000 ____D () C:\Program Files (x86)\Real
2014-04-04 08:12 - 2014-04-04 08:12 - 00201800 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\rmoc3260.dll
2014-04-04 08:12 - 2009-11-04 20:29 - 00000000 ____D () C:\ProgramData\Real
2014-04-04 08:12 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-04 08:11 - 2014-04-04 08:11 - 00278600 _____ (Progressive Networks) C:\Windows\SysWOW64\pncrt.dll
2014-04-03 08:22 - 2013-05-28 13:51 - 00000000 ____D () C:\mp-od
2014-04-03 07:43 - 2009-12-13 16:50 - 00004108 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-04-03 07:43 - 2009-12-13 16:50 - 00003856 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-30 18:09

==================== End Of Log ============================
         
--- --- ---

--- --- ---


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-05-2014
Ran by Savitri at 2014-05-01 16:45:36
Running from C:\Users\Savitri\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.1430 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.8.0.1430 - Adobe Systems Incorporated) Hidden
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.3 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.2.3 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Photoshop 7.0 (HKLM-x32\...\Adobe Photoshop 7.0) (Version: 7.0 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)
AFSS HTML Designer 2.3 (HKLM-x32\...\ST6UNST #1) (Version:  - )
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Artweaver 1.0 (HKLM-x32\...\{A025CFB8-64E7-4432-824F-11E7C5ED2ECE}_is1) (Version: 1.0 - Boris Eyrich Software)
ATI Catalyst Install Manager (HKLM\...\{F4934901-B3C8-9918-F018-2D68F94B380E}) (Version: 3.0.728.0 - ATI Technologies, Inc.)
Audacity 1.3.3 (HKLM-x32\...\Audacity 1.3 Beta_is1) (Version:  - Audacity Team)
Aufmerksamkeit Version 1.0 (HKLM-x32\...\{D3CFBB9F-99D3-4C24-B693-AEA403F3D566}_is1) (Version: 1.0 - Jolanda Arnold)
Aufmerksamkeitsübungen ohne Symbole Version 1.0 (HKLM-x32\...\{3E0E5E58-9F2F-4D1E-BCC6-5C005F7162B2}_is1) (Version: 1.0 - Jolanda Arnold)
Aufmerksamkeitsübungen Version 1.0 (HKLM-x32\...\{D3CFBB9F-99D3-4C24-B603-AEA403F3D566}_is1) (Version: 1.0 - Jolanda Arnold)
Australian Patience (HKLM-x32\...\280-com.novelgames.flashgames.australianpatience) (Version: 1.1.0 - Novel Games Limited)
Australian Patience (x32 Version: 1.1.0 - Novel Games Limited) Hidden
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2016 - Avast Software)
Bilder und Wörter (HKLM-x32\...\Bilder und Wörter) (Version:  - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brother HL-2140 (HKLM-x32\...\{8CF6878C-8BD6-4891-850E-5418D1128B2F}) (Version: 1.00 - Brother)
Calcularis (HKLM-x32\...\{ABE44AB4-E1C0-40B4-965C-442CB5BA45F8}) (Version: 1.0.4 - Dybuster)
CamStudio (HKLM-x32\...\CamStudio) (Version:  - )
CamStudio OSS Desktop Recorder (HKLM-x32\...\{FD9C31B6-F572-414D-81E3-89368C97A125}_is1) (Version: 2.6 Beta r294 - CamStudio Open Source Dev Team)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2009.0520.1631.27815 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2009.0520.1631.27815 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2009.0520.1631.27815 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2009.0520.1631.27815 - ATI) Hidden
Catalyst Control Center HydraVision Full (x32 Version: 2009.0520.1631.27815 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2009.0520.1631.27815 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2009.0520.1631.27815 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2009.0520.1630.27815 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2009.0520.1630.27815 - ATI) Hidden
CCC Help Czech (x32 Version: 2009.0520.1630.27815 - ATI) Hidden
CCC Help Danish (x32 Version: 2009.0520.1630.27815 - ATI) Hidden
CCC Help Dutch (x32 Version: 2009.0520.1630.27815 - ATI) Hidden
CCC Help English (x32 Version: 2009.0520.1630.27815 - ATI) Hidden
CCC Help Finnish (x32 Version: 2009.0520.1630.27815 - ATI) Hidden
CCC Help French (x32 Version: 2009.0520.1630.27815 - ATI) Hidden
CCC Help German (x32 Version: 2009.0520.1630.27815 - ATI) Hidden
CCC Help Greek (x32 Version: 2009.0520.1630.27815 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2009.0520.1630.27815 - ATI) Hidden
CCC Help Italian (x32 Version: 2009.0520.1630.27815 - ATI) Hidden
CCC Help Japanese (x32 Version: 2009.0520.1630.27815 - ATI) Hidden
CCC Help Korean (x32 Version: 2009.0520.1630.27815 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2009.0520.1630.27815 - ATI) Hidden
CCC Help Polish (x32 Version: 2009.0520.1630.27815 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2009.0520.1630.27815 - ATI) Hidden
CCC Help Russian (x32 Version: 2009.0520.1630.27815 - ATI) Hidden
CCC Help Spanish (x32 Version: 2009.0520.1630.27815 - ATI) Hidden
CCC Help Swedish (x32 Version: 2009.0520.1630.27815 - ATI) Hidden
CCC Help Thai (x32 Version: 2009.0520.1630.27815 - ATI) Hidden
CCC Help Turkish (x32 Version: 2009.0520.1630.27815 - ATI) Hidden
ccc-core-static (x32 Version: 2009.0520.1631.27815 - Ihr Firmenname) Hidden
ccc-utility64 (Version: 2009.0520.1631.27815 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.25 - Piriform)
Codec Pack für Windows 7 (Full Package) (HKLM-x32\...\{D90A1FED-EFC7-4a3c-B0DD-6ED8CA37954F}) (Version:  - thoosje.com)
CodecInstaller 2.10.4 (HKLM-x32\...\CodecInstaller) (Version: 2.10.4 - JockerSoft)
Common RTP 1.0 (HKLM-x32\...\RPGAdvocates_RTP_1.0) (Version:  - )
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CreateInstall Light (HKLM-x32\...\CreateInstall Light) (Version: 6.1.1 - Novostrim, Inc.)
CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.3101 - CyberLink Corp.)
CyberLink DVD Suite Deluxe (x32 Version: 6.0.3101 - CyberLink Corp.) Hidden
CyberLink PhotoNow (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.)
CyberLink PhotoNow (x32 Version: 1.1.6904 - CyberLink Corp.) Hidden
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3022 - CyberLink Corp.)
CyberLink PowerDirector (x32 Version: 8.0.3022 - CyberLink Corp.) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.17 - Piriform)
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904 - Microsoft) Hidden
DivX Web Player (HKLM-x32\...\{B7050CBDB2504B34BC2A9CA0A692CC29}) (Version: 1.5.0 - DivX,Inc.)
D-Link DWA-140 (HKLM-x32\...\{D7D2F494-89E3-42ED-8A2B-75BDD9B464CB}) (Version:  - D-Link)
EasySetup  2.0.4e (HKLM-x32\...\{7CD2DA07-6695-4FFE-A2A6-5F7055F1A8FA}) (Version:  - Thorsten Hoeppner)
Excelsior Installer 2.1 (HKLM-x32\...\Excelsior_0) (Version: 2.1 - Excelsior)
ffdshow v1.2.4422 [2012-04-09] (HKLM-x32\...\ffdshow_is1) (Version: 1.2.4422.0 - )
FileZilla Client 3.8.0 (HKLM-x32\...\FileZilla Client) (Version: 3.8.0 - Tim Kosse)
Folder Size for Windows (64-bit) (HKLM\...\{F24FF688-7138-4CCF-A83F-71E9FB01170E}) (Version: 2.5 - Brio)
Free Studio version 4.8 (HKLM-x32\...\Free Studio_is1) (Version:  - DVDVideoSoft Limited.)
Free Video Flip and Rotate version 2.1.9.822 (HKLM-x32\...\Free Video Flip and Rotate_is1) (Version: 2.1.9.822 - DVDVideoSoft Ltd.)
Free WMA to MP3 Converter 1.16 (HKLM-x32\...\Free WMA to MP3 Converter_is1) (Version:  - Jodix Technologies Ltd.)
Galiastro 4.7.3 Light (HKLM-x32\...\{F93E79F2-D76B-4AC7-BCE0-75692B88296C}) (Version: 4.7.3 - Paessler Software)
Gigaflat (HKLM-x32\...\{C9E91711-8600-4919-AEF0-D4821F886797}_is1) (Version:  - Bitrockers Inc.)
GIMP 2.6.8 (HKLM-x32\...\WinGimp-2.0_is1) (Version:  - )
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
GPL Ghostscript 8.61 (HKLM-x32\...\GPL Ghostscript 8.61) (Version:  - )
GPL Ghostscript Fonts (HKLM-x32\...\GPL Ghostscript Fonts) (Version:  - )
Hardwarediagnosetools (HKLM\...\PC-Doctor for Windows) (Version: 6.0.5205.31 - PC-Doctor, Inc.)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HiJaak Image Manager Browser 1.5 (HKLM-x32\...\{A8F10BB5-1264-4116-8150-89AB1FB48F20}) (Version:  - )
hMailServer 5.3.3-B1879 (HKLM-x32\...\hMailServer_is1) (Version:  - )
HP Advisor (HKLM-x32\...\{B53E61D7-7C80-40DF-82D2-CF5390D6D20A}) (Version: 3.2.8946.3086 - Hewlett-Packard)
HP Customer Experience Enhancements (x32 Version: 6.0.1.3 - Hewlett-Packard) Hidden
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 3.0.3123 - Hewlett-Packard)
HP MediaSmart DVD (x32 Version: 3.0.3123 - Hewlett-Packard) Hidden
HP MediaSmart Movie Themes (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 3.0.3102 - Hewlett-Packard)
HP MediaSmart Movie Themes (x32 Version: 3.0.3102 - Hewlett-Packard) Hidden
HP MediaSmart Music/Photo/Video (HKLM-x32\...\InstallShield_{B2EE25B9-5B00-4ACF-94F0-92433C28C39E}) (Version: 3.0.3205 - Hewlett-Packard)
HP MediaSmart Music/Photo/Video (x32 Version: 3.0.3205 - Hewlett-Packard) Hidden
HP MediaSmart SmartMenu (HKLM\...\{26280024-DFB7-4967-90DB-7F9C6660D01E}) (Version: 3.0.28.2 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Remote Solution (x32 Version: 1.1.9.0 - TopSeed) Hidden
HP Setup (HKLM-x32\...\{F3B912F5-EB57-45AA-B3D1-EB532BCF6EF8}) (Version: 1.2.3220.3079 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}) (Version: 10.1.0002 - Hewlett-Packard)
HP Update (HKLM-x32\...\{D46D081B-F60E-467E-A7C4-117B70D76731}) (Version: 5.001.000.014 - Hewlett-Packard)
HydraVision (x32 Version: 4.2.98.0 - ATI Technologies Inc.) Hidden
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
IcoFX 1.6.4 (HKLM-x32\...\IcoFX_is1) (Version:  - )
Inno Script Studio version 2.1.0.20 (HKLM-x32\...\{7C22BD69-9939-43CE-B16E-437DB2A39492}_is1) (Version: 2.1.0.20 - Kymoto Solutions)
Inno Setup Version 5.5.4 (HKLM-x32\...\Inno Setup 5_is1) (Version: 5.5.4 - jrsoftware.org)
InnoIDE 1.0.0.78 (HKLM-x32\...\{1E8BAA74-62A9-421D-A61F-164C7C3943E9}_is1) (Version: 1.0.0.78 - Kernow Software)
Install Creator (HKLM-x32\...\Install Creator) (Version:  - )
InterCasino (HKLM-x32\...\InterCasinoV9GermanEUR) (Version:  - )
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Jackie Chan Adventures (HKLM-x32\...\{83B67A53-D457-492F-BF99-C0BADDED0031}_is1) (Version:  - ePlaybus.com)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Jurassic Park - Rampage Edition (HKLM-x32\...\Jurassic Park - Rampage Edition_is1) (Version:  - GameFabrique)
Jurassic Park 2 - The Lost World (HKLM-x32\...\Jurassic Park 2 - The Lost World_is1) (Version:  - GameFabrique)
Khufus Tomb (HKLM-x32\...\Khufus Tomb_is1) (Version:  - )
K-Lite Codec Pack 8.8.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 8.8.0 - )
KompoZer 0.8b3 (HKLM-x32\...\{20aa4150-b5f4-11de-8a39-0800200c9a66}_is1) (Version:  - KompoZer)
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1901 - CyberLink Corp.)
LabelPrint 1.0 (x32 Version: 2.5.1901 - CyberLink Corp.) Hidden
LAME v3.98.2 for Audacity (HKLM-x32\...\LAME for Audacity_is1) (Version:  - )
Land Grabbers (HKLM-x32\...\Land Grabbers_is1) (Version: de - Boonty)
Land Grabbers (nur deinstallation) (HKLM-x32\...\Land Grabbers) (Version:  - )
Last Conundrum Of Da Vinci Deluxe (HKLM-x32\...\Last Conundrum Of Da Vinci Deluxe_is1) (Version:  - GameHitZone.com)
Legend of the Golden Mask (HKLM-x32\...\{E06660DB-957D-4C58-8A5E-E4626B4D182D}_is1) (Version:  - ePlaybus.com)
Letter Blocks (HKLM-x32\...\90-com.novelgames.flashgames.letterblocks) (Version: 1.9.1 - Novel Games Limited)
Letter Blocks (x32 Version: 1.9.1 - Novel Games Limited) Hidden
LIDOS7 (HKLM-x32\...\LIDOS7) (Version: 7.1 - Land Software Entwicklung)
LightScribe System Software (HKLM-x32\...\{DD6C316A-FE75-4FBB-9D22-4C1920232B72}) (Version: 1.18.5.1 - LightScribe)
Loan Consolidation 1.1.0 (HKLM-x32\...\Loan Consolidation_is1) (Version: 1.1.0 - Novel Games Limited)
Magic Desktop (HKLM-x32\...\EasyBits Magic Desktop) (Version:  - EasyBits Software AS)
MAGIX PC Check & Tuning Free 2011 (HKLM-x32\...\MAGIX_MSI_PC_Check_Tuning_Free_2011) (Version: 6.0.403.1050 - MAGIX AG)
MAGIX PC Check & Tuning Free 2011 (x32 Version: 6.0.403.1050 - MAGIX AG) Hidden
MAGIX Screenshare (HKLM-x32\...\{B63DFA23-5C10-44B4-881D-45EFBF4A4761}) (Version: 4.3.6.1987 - MAGIX AG)
MAGIX Web Designer 6 Download-Version (HKLM-x32\...\MAGIX_MSI_Web_Designer_6) (Version: 6.0.1.12379 - MAGIX AG)
MAGIX Web Designer 6 Download-Version (x32 Version: 6.0.1.12379 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Martyrdom Dungeon (HKLM-x32\...\{25EE9B91-7AE6-4499-A25E-CB8C59661AA1}_is1) (Version:  - Free Windows Games)
MatchWare Mediator 9 (HKLM-x32\...\{E04D74CB-CF0B-46BA-942E-76B926336352}) (Version: 9.0.152 - MatchWare A/S)
Media Browser (HKLM-x32\...\{39561278-78E9-4E0D-971F-0F13C7157BC8}) (Version: 2.1.3.0 - Media Browser)
Media Manager for WALKMAN 1.2 (HKLM-x32\...\{5A6ED905-D19D-4954-8499-0DAF386460F7}) (Version: 1.2.771 - Sony)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office FrontPage 2003 (HKLM-x32\...\{91170407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 ENU (HKLM-x32\...\{BCC899FE-2DAA-460C-A5FB-60291E73D9C3}) (Version: 3.5.5386.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Web Platform Installer 4.0 (HKLM\...\{50C865A7-6C1E-48EF-BE74-D8066D491810}) (Version: 4.0.1586 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation)
Move Media Player (HKCU\...\Move Media Player) (Version:  - Move Networks)
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MPC-HC 1.7.0 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.0.7858 - MPC-HC Team)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
My Kingdom for the Princess (HKLM-x32\...\{A53FF346-2A12-449F-99A4-7072B0F3CEDC}_is1) (Version:  - MyPlayBus.com)
My Kingdom for the Princess 3 (HKLM-x32\...\{7E4389E7-DAF4-4ECE-A8D1-2B2DC8822CAE}) (Version: 1.0.0 - Youdagames)
No Place Like Home (HKLM-x32\...\{A5ACF80C-C2C6-45C6-906F-5F923BC59CC0}_is1) (Version:  - ePlaybus.com)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.2 - Notepad++ Team)
NWZ-B160 WALKMAN Guide (HKLM-x32\...\{B1A8A5D7-0613-4373-BB0C-2AA428C935BD}) (Version: 2.1.0.24141 - Sony Corporation)
NWZ-B170 WALKMAN Guide (HKLM-x32\...\{B91B14D5-B817-4C79-BEF6-0A7A23FE6C61}) (Version: 2.1.0.33220 - Sony Corporation)
Ozee (HKLM-x32\...\{D957C02C-DF35-4F5C-AB6F-62EE9C7790F8}_is1) (Version:  - ePlaybus.com)
Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC)
Patrimonium (HKLM-x32\...\Patrimonium_is1) (Version:  - )
PC VGA Camera  (HKLM-x32\...\InstallShield_{0082631F-BEA0-4346-8BBC-E9054300E73D}) (Version: 1.0.2.7 - Ihr Firmenname)
PC VGA Camera  (x32 Version: 1.0.2.7 - Ihr Firmenname) Hidden
Phase 5 HTML-Editor (HKLM-x32\...\{20B1B020-DEAE-48D1-9960-D4C3185D758B}) (Version: 5.6.2.3 - Systemberatung Schommer)
Pirates Gold (HKLM-x32\...\Pirates Gold_is1) (Version:  - GameFabrique)
PokerStars (HKLM-x32\...\PokerStars) (Version:  - PokerStars)
PokerStars.net (HKLM-x32\...\PokerStars.net) (Version:  - PokerStars.net)
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3101 - CyberLink Corp.)
Power2Go (x32 Version: 6.0.3101 - CyberLink Corp.) Hidden
PowerRecover (x32 Version: 5.5.1923 - CyberLink Corp.) Hidden
Private Tax 2009 (HKLM-x32\...\Private Tax 2009) (Version: 1.1.5.543 - Abraxas Informatik AG)
Private Tax 2010 (HKLM-x32\...\Private Tax 2010) (Version: 1.1.0.581 - Abraxas Informatik AG)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Quillionär 2009 (HKLM-x32\...\Quillionär) (Version:  - )
RealDownloader (x32 Version: 17.0.6 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer Cloud (HKLM-x32\...\RealPlayer 17.0) (Version: 17.0.6 - RealNetworks)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6196 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Resource Hacker Version 3.6.0 (HKLM-x32\...\ResourceHacker_is1) (Version:  - )
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RomCenter 3.6.0 (HKLM-x32\...\romcenter_is1) (Version: 3.6.0 - Eric Bole-Feysot)
Royal Envoy 2 Free Trial (HKLM-x32\...\Royal Envoy 2 Free Trial_is1) (Version:  - Playrix Entertainment)
Royal Envoy™ 2 Collector’s Edition (HKLM-x32\...\Royal Envoy™ 2 Collector’s Edition_is1) (Version:  - Playrix Entertainment)
RPG Maker 2000 1.05 (HKLM-x32\...\RPG Maker 2000 1.05) (Version:  - )
RPG Maker 2003 (HKLM-x32\...\RPG Maker 20031.05) (Version:  - )
RPG Maker 2003 v1.08 (HKLM-x32\...\RPG Maker 2003_is1) (Version:  - Enterbrain, Inc.)
RTP 1.32 Add-On for RM2k (HKLM-x32\...\RTP 1.32 Add-On for RM2k) (Version:  - )
RTP for RM2K (Png, Wav, Midi, Fonts) (HKLM-x32\...\RTP for RM2K (Png, Wav, Midi, Fonts)) (Version:  - )
RTP para RPG Maker 2003 (HKLM-x32\...\RTP para RPG Maker 20031.00) (Version:  - )
Rubik's Cube 1.1.0 (HKLM-x32\...\Rubik's Cube_is1) (Version: 1.1.0 - Novel Games Limited)
SES Driver (HKLM\...\{D8CC254C-C671-4664-9A38-FA368D1E2C97}) (Version: 1.0.0 - Western Digital)
Setup Generator (HKLM-x32\...\Setup Generator) (Version:  - )
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Smart Data Recovery v4.3 (HKLM-x32\...\Smart Data Recovery_is1) (Version: 4.3 - Smart PC Solutions)
SmartSound Quicktracks Plugin (HKLM-x32\...\InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}) (Version: 3.0.3.0 - SmartSound Software Inc)
SmartSound Quicktracks Plugin (x32 Version: 3.0.3.0 - SmartSound Software Inc) Hidden
Softwarenetz Rechnung4 (HKLM-x32\...\Rechnung4) (Version:  - Softwarenetz)
Speed Solitaire (HKLM-x32\...\{71CD88B5-845B-456B-A564-71DB682B5593}_is1) (Version:  - ePlaybus.com)
SpywareBlaster 5.0 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)
SUPER © v2012.build.51 (April 7, 2012) Version v2012.build.51 (HKLM-x32\...\{B93AFF55-AF57-41DC-9D49-C75C86A6312F}_is1) (Version: v2012.build.51 - eRightSoft)
Super Solitaire 1.07 (HKLM-x32\...\Super Solitaire_is1) (Version:  - Etiumsoft, Inc.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamViewer 5 (HKLM-x32\...\TeamViewer 5) (Version: 5.1.9385  - TeamViewer GmbH)
The Great Bathroom Escape (HKLM-x32\...\{37E2FE01-997B-47A2-B244-321820C2E1B8}_is1) (Version:  - ePlaybus.com)
The Railway Robot's Road Trip (HKLM-x32\...\{887FF9C0-5CA2-48F3-A69A-D6E525FBE48E}_is1) (Version:  - ePlaybus.com)
Thieves of Egypt Solitaire (HKLM-x32\...\212-com.novelgames.flashgames.egyptsolitaire) (Version: 1.3.0 - Novel Games Limited)
Thieves of Egypt Solitaire (x32 Version: 1.3.0 - Novel Games Limited) Hidden
Tibet Quest (HKLM-x32\...\Tibet Quest_is1) (Version:  - )
TreeSize Free V2.7 (HKLM-x32\...\TreeSize Free_is1) (Version: 2.7 - JAM Software)
Trio - The Great Settlement (HKLM-x32\...\Trio - The Great Settlement_is1) (Version:  - )
Tuckers Abenteuer (HKCU\...\Tuckers Abenteuer) (Version:  - )
UltraISO Premium V9.3 (HKLM-x32\...\UltraISO_is1) (Version:  - )
Uninstall 1.0.0.1 (HKLM-x32\...\Uninstall_is1) (Version:  - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2878297) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{9B1DEEA3-B4ED-49F0-9EF7-4A820EEEA7F1}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
VC80CRTRedist - 8.0.50727.762 (x32 Version: 1.0.0 - DivX, Inc) Hidden
VLC media player 2.1.0 (HKLM-x32\...\VLC media player) (Version: 2.1.0 - VideoLAN)
Voxware Audio decoder 1.6 (HKLM-x32\...\voxware_is1) (Version: 1.6.0 - )
Wahrnehmung Optisches Gedächtnis (HKLM-x32\...\Wahrnehmung Optisches Gedächtnis) (Version: Version 1.0 - Jolanda Arnold)
Webocton - Scriptly 0.8.95.6.COM (HKLM-x32\...\Webocton - Scriptly_is1) (Version: 0.8.95.6 - Webocton)
Wecker 2.2 2.2 (HKLM-x32\...\Wecker 2.2) (Version: 2.2 - Frederik Trinkmann)
Windows Driver Package - Western Digital Technologies (WDC_SAM) WDC_SAM  (01/19/2011 1.0.0009.0) (HKLM\...\4CA7CFBB29889F25ACB3DF6E3A42BAE29EB43B20) (Version: 01/19/2011 1.0.0009.0 - Western Digital Technologies)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinPatrol (HKLM\...\{84481A87-2316-4923-8FAB-3BA8CA29323D}) (Version: 30.9.2014.0 - BillP Studios)
WinRAR (HKLM\...\WinRAR archiver) (Version:  - )
WinRAR (HKLM-x32\...\WinRAR archiver) (Version:  - )
WinZip (HKLM-x32\...\WinZip) (Version:  8.1  (4331g) - WinZip Computing, Inc.)
Wordpool 2.7.7 (HKLM-x32\...\Wordpool_is1) (Version:  - Thorsten Gottlob)
WOW Slider (HKLM-x32\...\WOW Slider) (Version:  - )
Zattoo 3.2.0 Beta Technology Preview (HKLM-x32\...\Zattoo) (Version: 3.2.0 Beta Technology Preview - Zattoo Inc.)
Zattoo4 4.0.5 (HKLM-x32\...\Zattoo4) (Version: 4.0.5 - Zattoo Inc.)
Zelda Forever (HKLM-x32\...\Zelda Forever) (Version:  - )
Zeta Uploader (HKCU\...\ZetaUploader) (Version: 2.1.0.57 - Zeta Software GmbH)

==================== Restore Points  =========================

25-02-2014 07:10:39 Windows Update
04-03-2014 07:15:55 Windows Update
07-03-2014 07:27:41 Windows Update
11-03-2014 06:24:24 Windows Update
13-03-2014 19:00:57 Windows Update
24-03-2014 11:14:00 Windows Update
24-03-2014 19:00:11 Windows Update
25-03-2014 16:49:35 Windows Live Essentials
25-03-2014 16:52:30 DirectX wurde installiert
25-03-2014 16:53:28 DirectX wurde installiert
25-03-2014 16:54:59 DirectX wurde installiert
25-03-2014 16:56:56 WLSetup
27-03-2014 16:11:23 Removed Microsoft SQL Server 2005 Compact Edition [ENU]
28-03-2014 05:45:32 Windows Live Essentials
28-03-2014 05:45:59 WLSetup
28-03-2014 08:13:32 TuneUp Utilities 2014 wird entfernt
28-03-2014 08:15:08 TuneUp Utilities 2014 (de-DE) wird entfernt
29-03-2014 06:00:28 Windows Update
04-04-2014 06:02:11 Windows Update
04-04-2014 06:05:16 Installed Java 7 Update 51
05-04-2014 12:19:17 Windows-Sicherung
06-04-2014 07:43:39 Windows-Sicherung
07-04-2014 05:45:37 Revo Uninstaller's restore point - KompoZer 0.8b3
08-04-2014 05:50:27 Windows Update
09-04-2014 14:29:51 avast! antivirus system restore point
09-04-2014 18:01:05 Windows Update
10-04-2014 18:00:40 Windows Update
15-04-2014 05:26:03 Windows Update
18-04-2014 06:06:35 Windows Update
20-04-2014 05:33:48 Installed Java 7 Update 55
22-04-2014 05:58:27 Windows Update
29-04-2014 05:44:37 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2013-11-28 23:46 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {03E79A4B-120B-4926-946A-7BD4CE894476} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-12-12] (Hewlett-Packard Company)
Task: {05B92338-A851-4433-AEBF-F8C0754D8DA7} - \SpyHunter4Startup No Task File <==== ATTENTION
Task: {10C8625D-6240-457B-9C60-10D64ED6F741} - System32\Tasks\{8B54BEFF-A36C-46E8-A584-09BF879A73C5} => C:\Users\Savitri\Downloads\Eternal Legends\RPG_RT.EXE
Task: {1708DB40-3286-4E23-85A8-7A110C145858} - System32\Tasks\{18FA6C08-2B4F-4CCA-A936-4E06F9BA1354} => C:\Program Files (x86)\MyPlayBus.com\Weather Master\Weather Master.exe
Task: {1826D05D-4481-4FF9-BD60-8A0815F5D4EA} - System32\Tasks\{8867E9E9-FE92-4A77-AE2D-C793465794C7} => Firefox.exe hxxp://ui.skype.com/ui/0/6.0.73.126.456/de/eula
Task: {189B45AD-0118-4867-90A9-B819125568E0} - System32\Tasks\{3A510E48-7963-489B-A7A2-29CFAA1B5FCD} => C:\Users\Savitri\Downloads\Eternal Legends\RPG_RT.EXE
Task: {1CB8D895-24A9-41D7-A8B3-10CB5E10447D} - System32\Tasks\{3E040147-1DD8-4DB4-B164-4B8680E8C6A9} => C:\Program Files (x86)\MyPlayBus.com\Elven Mists\Elven Mists.exe
Task: {20887E3C-445D-4CA7-80CF-310B40F0D862} - System32\Tasks\{74322FA9-F3F3-4EFE-A517-07D3CE1EFCF1} => C:\Program Files (x86)\MyPlayBus.com\Land Grabbers\Land Grabbers.exe
Task: {25FB0EA9-B985-4BC0-B4CF-F251ADD7F32A} - System32\Tasks\{660F49D7-4F30-4ED0-AD0D-FD7C395A75A1} => C:\Program Files (x86)\MyPlayBus.com\Princess Isabella A Witch's Curse\Princess Isabella A Witch's Curse.exe
Task: {26822742-BAB8-444A-ABCE-5978E2055FAC} - System32\Tasks\{1D0B6D7D-FB6A-46C4-BE93-629B59B601C6} => C:\Program Files (x86)\MyPlayBus.com\Weather Master\Weather Master.exe
Task: {31AF753B-5F0E-4DA5-ABFE-7D3AC3AA890C} - System32\Tasks\{4B8BFC65-4FC4-4141-A9EB-5524B53A4FC0} => C:\Users\Savitri\Downloads\CRUSHER2.EXE
Task: {38BD1145-3EEA-4254-9B50-22E23AF09C01} - System32\Tasks\{719295C1-2170-4EC3-ADE4-13C23D1269DA} => C:\Users\Savitri\Downloads\FruitasticPlus.exe
Task: {38D2A825-2F0E-4AF7-987E-0E7415E9DC32} - System32\Tasks\{E02D7EB7-8BC8-4AEE-ACE1-0C516E7C8DCD} => C:\Users\Savitri\Downloads\rpg2003(3).exe
Task: {39E696A2-BAB6-429C-B5D7-D2B08A62DC7C} - System32\Tasks\{386EBE5C-300E-44F3-B1A7-A030D5221843} => C:\Program Files (x86)\MyPlayBus.com\World Class Solitaire\World Class Solitaire.exe
Task: {44344D81-C751-4EB6-8CB4-CCEF4D1F1BA1} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-842135949-2711248906-428214252-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-02-14] (RealNetworks, Inc.)
Task: {47A22F3B-F43A-4852-B5D5-D6163DC59CC4} - System32\Tasks\{3A4A16B9-0025-4CDD-BA86-565A9AE73AAC} => C:\Users\Savitri\Downloads\CRUSHER2.EXE
Task: {48D22EA2-4FA9-40BE-B4BB-E571603C9480} - System32\Tasks\{90FF0556-149F-49A6-AD96-E03386C44F96} => C:\Program Files (x86)\MyPlayBus.com\The Poppit! Show\The Poppit! Show.exe
Task: {492B0E14-97DA-4851-BA8B-856EB2377AA0} - System32\Tasks\{705026A9-1121-4C04-B618-B3C5378FB942} => C:\Program Files (x86)\MyPlayBus.com\Weather Master\Weather Master.exe
Task: {4B54579C-3D9B-4AFB-BB2B-3552902456EB} - System32\Tasks\{6D186016-9368-43D7-871B-957D7CD66524} => C:\Program Files (x86)\MyPlayBus.com\The Poppit! Show\The Poppit! Show.exe
Task: {51AA883B-D6C4-44A4-BCB5-6CA1D7FF8D02} - System32\Tasks\{FFA74089-4706-4158-83E7-A026B7F64B71} => C:\Users\Savitri\Downloads\Eternal Legends\RPG_RT.EXE
Task: {54DEB459-A6BF-4C9D-A50F-056FD66DF52C} - System32\Tasks\DVDAgent => c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe [2009-07-23] (CyberLink Corp.)
Task: {5636BD10-55DC-453B-BFED-67EE640917BE} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {56A4FB4A-DBAE-4BD1-BA5E-3065D8AE51E2} - System32\Tasks\CLMLSvc => c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe [2009-08-05] (CyberLink)
Task: {5CD26887-8017-40E3-B6C1-7D16118AD1FA} - System32\Tasks\{D77CFDC2-1BDA-40F5-9D1B-2831AEFCA83E} => C:\Users\Savitri\Downloads\CRUSHER2.EXE
Task: {5D209EF9-293D-43AA-A4D1-FAEF1BD26C56} - System32\Tasks\{7AB3528A-61A8-464F-81E3-8F37A8522657} => C:\Program Files (x86)\MyPlayBus.com\Clayside\Clayside.exe
Task: {5EB30861-7583-46A6-89FD-73C0F975F2EA} - System32\Tasks\{1E689C00-32CB-407C-A420-03EAA58ACFFB} => C:\Program Files (x86)\MyPlayBus.com\Weather Master\Weather Master.exe
Task: {64041DBA-260D-4EEB-A9D7-E0DCF1B707E1} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-842135949-2711248906-428214252-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-02-14] (RealNetworks, Inc.)
Task: {64AC2146-750B-4436-B9A7-B6F8E45188FD} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {6E197D0B-D796-4395-B812-708B60903731} - System32\Tasks\{4C102F77-4A8E-4144-A12A-E5E9DAB1C0C3} => C:\Program Files (x86)\MyPlayBus.com\Weather Master\Weather Master.exe
Task: {6E9FFB2A-2D1A-462B-9ECE-57F54ACEFB12} - System32\Tasks\{C0DD6C7F-7AEF-4131-8717-68141162D91C} => C:\Users\Savitri\Downloads\FruitasticPlus.exe
Task: {70739661-96D9-4E77-9A58-F6F2164C050D} - System32\Tasks\{7AFFC463-EE82-4E84-878F-87CA1939AA35} => C:\Program Files (x86)\MyPlayBus.com\Land Grabbers\Land Grabbers.exe
Task: {7292B837-DBE9-423B-BA60-D03C9ACBAFB2} - System32\Tasks\{9535B671-F748-4AD2-8692-AF6E904E36D9} => C:\Program Files (x86)\MyPlayBus.com\Pet Set\Pet Set.exe
Task: {746A628D-876C-4C68-B725-4F60ECBB1508} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-04-09] (AVAST Software)
Task: {776C4F19-5B23-4D60-9268-F671839A69F9} - System32\Tasks\{FB1936A0-55DA-43B1-B5D9-42CC69A40D5E} => C:\Users\Savitri\Downloads\FruitasticPlus.exe
Task: {79ABC6AC-2B8D-4CBA-8DD8-7B50F87510F2} - System32\Tasks\{FF0B00EC-F959-484B-9F1A-20F21C0D8300} => C:\Users\Savitri\Downloads\CRUSHER2.EXE
Task: {83774E24-C10E-44CA-A5C1-5D35D6C2F74F} - System32\Tasks\PCCT - MAGIX AG => C:\Program Files (x86)\MAGIX\PC_Check_Tuning_Free_2011\MxTray.exe [2010-11-08] ()
Task: {8AC5C122-603B-442A-9BBA-52A2BAC17304} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {8ACDE49F-32BD-430D-94DB-4E6C977CF0C1} - System32\Tasks\{DD8A7014-F761-463C-91C5-489AA49F865F} => C:\Program Files (x86)\MatchWare\Mediator 9.0\medi8or.exe [2010-05-21] (MatchWare A/S)
Task: {8ADB2AF4-8F83-47F4-9FA3-81A31AA19859} - System32\Tasks\{34B68BC1-3B36-45C3-A5F3-44A89EFA79DE} => C:\Program Files (x86)\MyPlayBus.com\Land Grabbers\Land Grabbers.exe
Task: {8CF702B4-4592-4201-A044-7D2FC87124C6} - System32\Tasks\{1C9C345C-092D-4E42-9BAD-215D6E742CA9} => C:\Users\Savitri\Downloads\FruitasticPlus.exe
Task: {8E0BD5BF-8BFF-4AF0-9240-2340BDA7176B} - System32\Tasks\RunAsStdUser Task => C:\Program Files (x86)\iWin Games\iWinGames.exe <==== ATTENTION
Task: {8EB11193-80E8-4FA5-B34B-E16A5A7659D3} - System32\Tasks\{966011B3-4969-45E7-889D-E0658A236030} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-02-10] (Skype Technologies S.A.)
Task: {94C0E264-8C69-45AC-8F30-7407525E6FED} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-12-13] (Google Inc.)
Task: {9729F1F0-F099-4B62-9B3B-803032453C7F} - System32\Tasks\{0A3FEDFE-77E1-4A1C-A613-FDBFFF421333} => C:\Program Files (x86)\MyPlayBus.com\Princess Isabella A Witch's Curse\Princess Isabella A Witch's Curse.exe
Task: {991675EF-471A-4642-84D7-D1D8F0DAF2CB} - System32\Tasks\{1E3DF1EF-030E-4AB5-9BCA-6FA4B8137F37} => C:\Program Files (x86)\MyPlayBus.com\Shopping Marathon\Shopping Marathon.exe
Task: {99BBDC72-7E05-4D55-A049-7B4E38F44CAC} - System32\Tasks\{35EA30DE-1539-40B7-B9BB-8B96828240CB} => C:\Program Files (x86)\MyPlayBus.com\Build-a-lot 5 The Elizabethan Era\Build-a-lot 5 The Elizabethan Era.exe
Task: {9C9DEBE8-1EB5-4257-857B-D7B331ABDF9F} - System32\Tasks\{F26F4CEE-39E3-4463-A49F-BD96DEBBD430} => C:\Users\Savitri\Downloads\FruitasticPlus.exe
Task: {A25203C4-E046-485E-8106-24D347164784} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {A2C1FF06-405F-46A6-9ACC-CD27ECF30588} - System32\Tasks\{89563CAC-F44C-4D46-9743-6A338B5AE933} => C:\Users\Savitri\Downloads\Eternal Legends\RPG_RT.EXE
Task: {AC9E6EF8-DD47-49FB-9872-8B3867BCE7C4} - System32\Tasks\{921DE11E-4910-48AE-B3E9-11ECB0C8E6D3} => C:\Program Files (x86)\MyPlayBus.com\Princess Isabella A Witch's Curse\Princess Isabella A Witch's Curse.exe
Task: {AEE27528-74BC-46AB-B52E-0BDC75F3695B} - System32\Tasks\{C0B0DBE3-89C1-46F4-9FA2-D5FE11AD5C64} => C:\Users\Savitri\Downloads\CRUSHER2.EXE
Task: {B730DD60-3E05-4307-BEC5-867F995AD2D7} - System32\Tasks\ReclaimerResumeInstallLogin_Savitri => C:\Users\Savitri\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.90\agent\rnupgagent.exe [2014-04-27] (RealNetworks, Inc.)
Task: {B747664F-253A-4F09-9099-160A56870094} - System32\Tasks\{64276C5B-29DD-4E84-8087-458F8DA9362C} => C:\Program Files (x86)\MyPlayBus.com\The Poppit! Show\The Poppit! Show.exe
Task: {BA7A7CF3-5FBF-47B9-A746-EF3026CF303F} - System32\Tasks\{3AD24082-5260-4349-B55F-A078754E5AFC} => C:\Program Files (x86)\MyPlayBus.com\Weather Master\Weather Master.exe
Task: {C2579986-D8E3-4583-897B-301936DA19D2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-29] (Adobe Systems Incorporated)
Task: {C4AF4FEA-4491-4B85-ACC1-D47D64F53640} - System32\Tasks\{B79A8E17-BFD9-4C5E-A09A-8F02E090CBAB} => C:\Program Files (x86)\MyPlayBus.com\Machi Paco\Machi Paco.exe
Task: {C513D9A0-B668-44C3-89D0-1580AC8FBC5A} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-842135949-2711248906-428214252-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-02-14] (RealNetworks, Inc.)
Task: {C9955568-996F-4E63-A5B8-597BF46204AF} - System32\Tasks\{43F8BAFB-7C8B-4BFA-ABAF-E1623C04743F} => C:\Program Files (x86)\MyPlayBus.com\Build-a-lot 5 The Elizabethan Era\Build-a-lot 5 The Elizabethan Era.exe
Task: {CFEAAFE4-868E-4070-8B59-DCA054C423B4} - System32\Tasks\{043292B9-448F-48DA-884F-5D9CC362FCC1} => C:\Program Files (x86)\MatchWare\Mediator 9.0\medi8or.exe [2010-05-21] (MatchWare A/S)
Task: {D5417243-8A3E-4E8B-B596-EC9FFBA8971D} - System32\Tasks\PCDRScheduledMaintenance => C:\Program Files\PC-Doctor for Windows\pcdr5cuiw32.exe [2009-07-02] (PC-Doctor, Inc.)
Task: {DE7D9E2B-4721-4D75-B67E-1274C29C0A7E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2009-12-13] (Google Inc.)
Task: {E36A7AF5-7F21-4B73-ABFA-EDC92C73F33E} - System32\Tasks\{77509447-96D5-40DF-A56E-8C72AAE8EE5B} => C:\Program Files (x86)\MatchWare\Mediator 9.0\medi8or.exe [2010-05-21] (MatchWare A/S)
Task: {E3F2E252-0142-48A5-BF6D-04B563FBFD1B} - System32\Tasks\{32F509B6-944A-41C2-836F-07F4C02DE8A3} => C:\Program Files (x86)\MyPlayBus.com\Machi Paco\Machi Paco.exe
Task: {E43C2AD2-3FD9-414B-BE92-E66DF411621F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files (x86)\CCleaner\CCleaner.exe [2012-11-24] (Piriform Ltd)
Task: {E816465A-05A3-4DDA-AF6F-3B8816CE2197} - System32\Tasks\{FACE236A-21BB-4C81-85DA-16C5429C6568} => C:\Users\Savitri\Downloads\Eternal Legends\RPG_RT.EXE
Task: {F360EB6A-7055-4050-B425-CFF9083F8180} - System32\Tasks\{6A5CBF0F-98C5-45E9-8BFB-7426698BE83C} => C:\Program Files (x86)\MyPlayBus.com\Machi Paco\Machi Paco.exe
Task: {FF7ECA21-1F5A-4D2B-B04F-35BF90BB889B} - System32\Tasks\{0995F4C9-FAE6-4554-BC96-B72483DED0EA} => C:\Users\Savitri\Downloads\FruitasticPlus.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PCCT - MAGIX AG.job => C:\Program Files (x86)\MAGIX\PC_Check_Tuning_Free_2011\MxTray.exe
Task: C:\Windows\Tasks\PCDRScheduledMaintenance.job => C:\Program Files\PC-Doctor for Windows\pcdr5cuiw32.exe
Task: C:\Windows\Tasks\ReclaimerResumeInstallLogin_Savitri.job => C:\Users\Savitri\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.90\agent\rnupgagent.exe

==================== Loaded Modules (whitelisted) =============

2013-06-18 14:11 - 2010-07-12 14:39 - 00053248 _____ () C:\Program Files (x86)\D-Link\DWA-140 revB\ANIWConnService.exe
2014-02-12 14:42 - 2014-02-12 14:42 - 00039568 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2014-02-14 12:06 - 2014-02-14 12:06 - 00023552 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
2010-07-02 14:22 - 2009-04-17 18:01 - 00247152 ____N () C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
2010-01-02 16:42 - 2010-01-02 16:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2012-06-18 17:24 - 2012-06-18 17:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2014-04-10 11:16 - 2014-04-10 11:16 - 02193408 _____ () C:\Program Files\AVAST Software\Avast\defs\14041000\algo.dll
2014-05-01 07:43 - 2014-05-01 07:43 - 02252800 _____ () C:\Program Files\AVAST Software\Avast\defs\14043002\algo.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-04-04 08:11 - 2014-04-04 08:11 - 00867928 _____ () c:\program files (x86)\real\realplayer\RPDS\Plugins\cldplin.dll
2010-07-02 14:22 - 2009-04-17 18:01 - 00034088 ____N () C:\Program Files (x86)\Cyberlink\Shared files\RichVideops.dll
2013-11-27 17:44 - 2013-11-27 17:44 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2009-02-26 14:46 - 2009-02-26 14:46 - 00064344 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\ColleagueImport.dll
2011-06-22 12:46 - 2011-06-22 12:46 - 00434016 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll
2013-07-10 18:07 - 2013-07-10 18:07 - 00756888 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
2014-03-29 09:36 - 2014-03-29 09:36 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-04-04 08:11 - 2014-04-04 08:11 - 00571992 _____ () c:\program files (x86)\real\realplayer\RPDS\Lib\r1api.dll
2014-01-29 15:15 - 2014-04-22 20:39 - 00645592 ____N () C:\Program Files (x86)\BillP Studios\WinPatrol\sqlite3.dll
2014-04-29 16:01 - 2014-04-29 16:01 - 16351920 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\Temp:5C321E34
AlternateDataStreams: C:\Users\Savitri\Cookies:gs5sys
AlternateDataStreams: C:\Users\Savitri\Vorlagen:gs5sys
AlternateDataStreams: C:\Users\Savitri\AppData\Local\Verlauf:gs5sys

==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\Services: AntiVirSchedulerService => 2
MSCONFIG\Services: AntiVirService => 2
MSCONFIG\startupreg: avgnt => "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/01/2014 00:00:04 PM) (Source: Windows Backup) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "J:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"

Error: (04/29/2014 03:49:59 PM) (Source: Application Hang) (User: )
Description: Programm medi8or.exe, Version 9.0.152.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 20d0

Startzeit: 01cf63b16dbd7542

Endzeit: 24

Anwendungspfad: C:\Program Files (x86)\MatchWare\Mediator 9.0\medi8or.exe

Berichts-ID:

Error: (04/29/2014 03:46:22 PM) (Source: Application Hang) (User: )
Description: Programm medi8or.exe, Version 9.0.152.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1138

Startzeit: 01cf63acc9cc7559

Endzeit: 32

Anwendungspfad: C:\Program Files (x86)\MatchWare\Mediator 9.0\medi8or.exe

Berichts-ID:

Error: (04/29/2014 03:13:08 PM) (Source: Application Hang) (User: )
Description: Programm medi8or.exe, Version 9.0.152.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 4cc

Startzeit: 01cf63ac203de1e8

Endzeit: 16

Anwendungspfad: C:\Program Files (x86)\MatchWare\Mediator 9.0\medi8or.exe

Berichts-ID:

Error: (04/29/2014 03:08:28 PM) (Source: Application Hang) (User: )
Description: Programm medi8or.exe, Version 9.0.152.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1eec

Startzeit: 01cf63ab6ff911aa

Endzeit: 19

Anwendungspfad: C:\Program Files (x86)\MatchWare\Mediator 9.0\medi8or.exe

Berichts-ID:

Error: (04/29/2014 03:03:33 PM) (Source: Application Hang) (User: )
Description: Programm medi8or.exe, Version 9.0.152.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 21bc

Startzeit: 01cf6373e09b3b91

Endzeit: 36

Anwendungspfad: C:\Program Files (x86)\MatchWare\Mediator 9.0\medi8or.exe

Berichts-ID:

Error: (04/29/2014 08:25:26 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: medi8or.exe, Version: 9.0.152.0, Zeitstempel: 0x4bf52a08
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc015000f
Fehleroffset: 0x00084671
ID des fehlerhaften Prozesses: 0x22b8
Startzeit der fehlerhaften Anwendung: 0xmedi8or.exe0
Pfad der fehlerhaften Anwendung: medi8or.exe1
Pfad des fehlerhaften Moduls: medi8or.exe2
Berichtskennung: medi8or.exe3

Error: (04/29/2014 07:50:12 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: medi8or.exe, Version: 9.0.152.0, Zeitstempel: 0x4bf52a08
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0150010
Fehleroffset: 0x0008482b
ID des fehlerhaften Prozesses: 0x200c
Startzeit der fehlerhaften Anwendung: 0xmedi8or.exe0
Pfad der fehlerhaften Anwendung: medi8or.exe1
Pfad des fehlerhaften Moduls: medi8or.exe2
Berichtskennung: medi8or.exe3

Error: (04/29/2014 07:50:07 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: medi8or.exe, Version: 9.0.152.0, Zeitstempel: 0x4bf52a08
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x200c
Startzeit der fehlerhaften Anwendung: 0xmedi8or.exe0
Pfad der fehlerhaften Anwendung: medi8or.exe1
Pfad des fehlerhaften Moduls: medi8or.exe2
Berichtskennung: medi8or.exe3

Error: (04/28/2014 05:20:36 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: medi8or.exe, Version: 9.0.152.0, Zeitstempel: 0x4bf52a08
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea8e7
Ausnahmecode: 0xc0150010
Fehleroffset: 0x0008482b
ID des fehlerhaften Prozesses: 0x4e0
Startzeit der fehlerhaften Anwendung: 0xmedi8or.exe0
Pfad der fehlerhaften Anwendung: medi8or.exe1
Pfad des fehlerhaften Moduls: medi8or.exe2
Berichtskennung: medi8or.exe3


System errors:
=============
Error: (04/30/2014 03:00:14 PM) (Source: BROWSER) (User: )
Description: Das Einlesen der Sicherungsliste durch den Suchdienst schlug auf Transport "\Device\NetBT_Tcpip_{4DA92D0C-2BBD-4EBB-B615-15C4B65003A0}" zu oft fehl.
Der Sicherungssuchdienst wird beendet.

Error: (04/30/2014 02:09:54 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR9 gefunden.

Error: (04/28/2014 07:41:39 AM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "VIRENDRA-HP",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{4DA92D0C-2BBD-4EBB-B615-15C4B65003A0}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (04/27/2014 10:01:02 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "UPnP-Gerätehost" ist vom Dienst "SSDP-Suche" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058

Error: (04/27/2014 10:01:02 PM) (Source: DCOM) (User: )
Description: 1068upnphost{204810B9-73B2-11D4-BF42-00B0D0118B56}

Error: (04/26/2014 10:21:37 PM) (Source: BROWSER) (User: )
Description: Das Einlesen der Sicherungsliste durch den Suchdienst schlug auf Transport "\Device\NetBT_Tcpip_{4DA92D0C-2BBD-4EBB-B615-15C4B65003A0}" zu oft fehl.
Der Sicherungssuchdienst wird beendet.

Error: (04/26/2014 07:32:38 AM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "VIRENDRA-HP",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{4DA92D0C-2BBD-4EBB-B615-15C4B65003A0}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (04/23/2014 10:57:42 AM) (Source: BROWSER) (User: )
Description: Das Einlesen der Sicherungsliste durch den Suchdienst schlug auf Transport "\Device\NetBT_Tcpip_{4DA92D0C-2BBD-4EBB-B615-15C4B65003A0}" zu oft fehl.
Der Sicherungssuchdienst wird beendet.

Error: (04/22/2014 07:49:49 AM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "VIRENDRA-HP",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{4DA92D0C-2BBD-4EBB-B615-15C4B65003A0}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (04/20/2014 03:24:50 PM) (Source: NetBT) (User: )
Description: Der Name "WORKGROUP      :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.1.36
registriert werden. Der Computer mit IP-Adresse 192.168.1.35 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.


Microsoft Office Sessions:
=========================
Error: (11/11/2012 04:00:36 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 2, Application Name: Microsoft Office Access, Application Version: 12.0.6606.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 8 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (11/11/2012 03:58:15 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 2, Application Name: Microsoft Office Access, Application Version: 12.0.6606.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 23 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (11/11/2012 03:57:41 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 2, Application Name: Microsoft Office Access, Application Version: 12.0.6606.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 14 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (11/11/2012 03:56:45 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 2, Application Name: Microsoft Office Access, Application Version: 12.0.6606.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 9 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (01/20/2011 08:09:50 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (07/15/2010 04:00:05 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 389578 seconds with 1920 seconds of active time.  This session ended with a crash.

Error: (05/19/2010 00:37:40 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 6 seconds with 0 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2013-11-28 22:41:11.812
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-11-28 22:41:11.482
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2010-02-18 18:23:08.957
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Savitri\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2010-02-18 18:23:08.950
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Savitri\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2010-02-18 18:23:08.652
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2010-02-18 18:23:08.645
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Percentage of memory in use: 49%
Total physical RAM: 4095.18 MB
Available physical RAM: 2079.43 MB
Total Pagefile: 8188.54 MB
Available Pagefile: 5424.61 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (HP) (Fixed) (Total:916.89 GB) (Free:588.49 GB) NTFS
Drive d: (FACTORY_IMAGE) (Fixed) (Total:14.53 GB) (Free:2.53 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=917 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=15 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
__________________

Alt 02.05.2014, 07:40   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Link zur eigenen Webseite spinnt - Standard

Link zur eigenen Webseite spinnt



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 02.05.2014, 12:24   #5
jola58
 
Link zur eigenen Webseite spinnt - Standard

Link zur eigenen Webseite spinnt



Hier das Gewünschte:

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 02.05.2014
Suchlauf-Zeit: 10:44:32
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.1.1004
Malware Datenbank: v2014.05.02.05
Rootkit Datenbank: v2014.03.27.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Chameleon: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Savitri

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 315780
Verstrichene Zeit: 19 Min, 29 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Shuriken: Aktiviert
PUP: Warnen
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 0
(No malicious items detected)

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 3
PUP.Optional.OpenCandy, C:\Users\Savitri\AppData\Roaming\OpenCandy, In Quarantäne, [1fe18a7641bf54ac36b69ccaf70b31cf], 
PUP.Optional.OpenCandy, C:\Users\Savitri\AppData\Roaming\OpenCandy\332152DA251540BF8499F80478098121, In Quarantäne, [1fe18a7641bf54ac36b69ccaf70b31cf], 
PUP.Optional.OpenCandy, C:\Users\Savitri\AppData\Roaming\OpenCandy\E0E7D58CE9254286A26F5D8153072DD3, In Quarantäne, [1fe18a7641bf54ac36b69ccaf70b31cf], 

Dateien: 2
PUP.Optional.OpenCandy, C:\Users\Savitri\AppData\Roaming\OpenCandy\332152DA251540BF8499F80478098121\Trial-14.0.1000.89_de-DE_1004743_CH-DE-1.exe, In Quarantäne, [1fe18a7641bf54ac36b69ccaf70b31cf], 
PUP.Optional.OpenCandy, C:\Users\Savitri\AppData\Roaming\OpenCandy\E0E7D58CE9254286A26F5D8153072DD3\pokkiInstaller.exe, In Quarantäne, [1fe18a7641bf54ac36b69ccaf70b31cf], 

Physische Sektoren: 0
(No malicious items detected)


(end)
         
Code:
ATTFilter
# AdwCleaner v3.205 - Bericht erstellt am 02/05/2014 um 11:06:13
# Aktualisiert 28/04/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Savitri - SAVITRI
# Gestartet von : C:\Users\Savitri\Downloads\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Users\Savitri\AppData\Roaming\SecureSearch
Ordner Gelöscht : C:\Users\Savitri\AppData\Roaming\Uniblue
Ordner Gelöscht : C:\Users\Savitri\AppData\Roaming\Mozilla\Firefox\Profiles\psydjhqg.Savitri\adawaretb
Datei Gelöscht : C:\Users\Savitri\AppData\Roaming\Mozilla\Firefox\Profiles\psydjhqg.Savitri\searchplugins\safeguard-secure-search.xml

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\oejkcgajlodefenbbjdnaiahmbnnoole
Schlüssel Gelöscht : HKCU\Software\Classes\pokki
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{318A227B-5E9F-45BD-8999-7F8F10CA4CF5}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5}
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\adawarebp
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\Trymedia Systems

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17041


-\\ Mozilla Firefox v28.0 (de)

[ Datei : C:\Users\Savitri\AppData\Roaming\Mozilla\Firefox\Profiles\psydjhqg.Savitri\prefs.js ]


-\\ Google Chrome v

*************************

AdwCleaner[R0].txt - [2101 octets] - [02/05/2014 11:04:30]
AdwCleaner[S0].txt - [1964 octets] - [02/05/2014 11:06:13]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2024 octets] ##########
         


Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Savitri on 02.05.2014 at 11:14:16.86
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\adawarebp



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Savitri\AppData\Roaming\mozilla\firefox\profiles\psydjhqg.Savitri\minidumps [21 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 02.05.2014 at 11:24:21.71
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-05-2014
Ran by Savitri (administrator) on SAVITRI on 02-05-2014 13:19:29
Running from C:\Users\Savitri\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files (x86)\MAGIX\PC_Check_Tuning_Free_2011\MxTray.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\D-Link\DWA-140 revB\ANIWConnService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Brio) C:\Program Files\FolderSize\FolderSizeSvc.exe
(hMailServer) C:\Program Files (x86)\hMailServer\Bin\hMailServer.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
() C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
(CyberLink Corp.) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\PAC7311\Monitor.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(BillP Studios) C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(brother) C:\Program Files (x86)\Brownie\BrStsW64.exe
(D-Link Corp.) C:\Program Files (x86)\D-Link\DWA-140 revB\AirNCFG.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(brother) C:\Program Files (x86)\Brownie\brpjp04a.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(RealNetworks, Inc.) C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [610360 2009-07-08] ()
HKLM\...\Run: [Monitor] => C:\Windows\PixArt\PAC7311\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM-x32\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-05-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [60464 2009-06-22] (EasyBits Software AS)
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [BrStsWnd] => C:\Program Files (x86)\Brownie\BrstsW64.exe [963072 2008-01-08] (brother)
HKLM-x32\...\Run: [UpdatePDRShortCut] => c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [D-Link D-Link DWA-140] => C:\Program Files (x86)\D-Link\DWA-140 revB\AirNCFG.exe [1074496 2011-06-29] (D-Link Corp.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640 2014-04-09] (AVAST Software)
HKLM-x32\...\Run: [Ad-Aware Browsing Protection] => C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [559696 2013-09-27] (Lavasoft)
HKLM-x32\...\Run: [Magic Desktop for HP notification] => C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe [1243656 2013-12-11] (Easybits)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [TkBellExe] => c:\program files (x86)\real\realplayer\Update\realsched.exe [296520 2014-04-04] (RealNetworks, Inc.)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-04-22] (Hewlett-Packard)
HKU\S-1-5-21-842135949-2711248906-428214252-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-842135949-2711248906-428214252-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-842135949-2711248906-428214252-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-842135949-2711248906-428214252-1000\...\Run: [WinPatrol] => C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe [533568 2014-04-23] (BillP Studios)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk
ShortcutTarget: RealPlayer Cloud Service UI.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe (RealNetworks, Inc.)
Startup: C:\Users\Savitri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {71398C2C-687B-4CD9-8A25-501D138F73E6} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1452&query={searchTerms}&invocationType=tb50hpcndtie7-de-ch
SearchScopes: HKLM - {71398C2C-687B-4CD9-8A25-501D138F73E6} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1452&query={searchTerms}&invocationType=tb50hpcndtie7-de-ch
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll (RealDownloader)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKLM-x32 - No Name - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} -  No File
Toolbar: HKCU - No Name - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} -  No File
DPF: HKLM-x32 {4FF78044-96B4-4312-A5B7-FDA3CB328095} 
DPF: HKLM-x32 {5C051655-FCD5-4969-9182-770EA5AA5565} hxxp://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455} 
DPF: HKLM-x32 {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52272 2009-09-11] (EasyBits Software Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Savitri\AppData\Roaming\Mozilla\Firefox\Profiles\psydjhqg.Savitri
FF Homepage: https://www.google.ch/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()
FF Plugin: @java.com/DTPlugin,version=10.17.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=17.0.6.13 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=17.0.6 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=17.0.6 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=17.0.6 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=12.0.1.669 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=12.0.1.669 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=17.0.6.13 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer Cloud)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @movenetworks.com/Quantum Media Player - C:\Users\Savitri\AppData\Roaming\Move Networks\plugins\071802000001\npqmp071802000001.dll (Move Networks)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\libdivx.dll (The OpenSSL Project, hxxp://www.openssl.org/)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdivx32.dll (DivX,Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll (RealPlayer Cloud)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ssldivx.dll (The OpenSSL Project, hxxp://www.openssl.org/)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: WOT - C:\Users\Savitri\AppData\Roaming\Mozilla\Firefox\Profiles\psydjhqg.Savitri\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-11-27]
FF Extension: NoScript - C:\Users\Savitri\AppData\Roaming\Mozilla\Firefox\Profiles\psydjhqg.Savitri\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-10-01]
FF Extension: Web Developer - C:\Users\Savitri\AppData\Roaming\Mozilla\Firefox\Profiles\psydjhqg.Savitri\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2012-08-21]
FF Extension: Adblock Plus - C:\Users\Savitri\AppData\Roaming\Mozilla\Firefox\Profiles\psydjhqg.Savitri\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-01]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-03-29]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-03-29]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2014-03-29]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-11-27]
FF HKLM-x32\...\Firefox\Extensions: [{8E8D8D12-A43B-4289-994D-DF2C7C0EF736}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []

==================== Services (Whitelisted) =================

S4 Apache2.4; C:\xampp\apache\bin\httpd.exe [22016 2012-08-18] (Apache Software Foundation)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-09] (AVAST Software)
R2 D_Link_DWA-140_WPS; C:\Program Files (x86)\D-Link\DWA-140 revB\ANIWConnService.exe [53248 2010-07-12] ()
R2 FolderSize; C:\Program Files\FolderSize\FolderSizeSvc.exe [167936 2010-04-06] (Brio)
R2 hMailServer; C:\Program Files (x86)\hMailServer\Bin\hMailServer.exe [5395968 2010-06-07] (hMailServer)
S2 MAGIX StartUp Analyze Service; C:\Program Files (x86)\MAGIX\PC_Check_Tuning_Free_2011\MXSAS.exe [186368 2010-11-04] (MAGIX AG)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-02-12] ()
R2 RealPlayer Cloud Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1141336 2014-04-04] (RealNetworks, Inc.)
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [23552 2014-02-14] ()
R2 RichVideo; C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe [247152 2009-04-17] ()
R2 ezSharedSvc; C:\Windows\System32\ezsvc7.dll [X]

==================== Drivers (Whitelisted) ====================

R1 anodlwf; C:\Windows\System32\DRIVERS\anodlwfx.sys [15872 2011-02-21] ()
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-04-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-04-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-04-09] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-04-09] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-04-09] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [84816 2014-04-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208928 2014-04-09] ()
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [104912 2007-11-07] (EZB Systems, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-05-02] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)
S3 netr28ux; C:\Windows\System32\DRIVERS\Dnetr28ux.sys [1617472 2011-04-28] (Ralink Technology Corp.)
S3 PAC7311; C:\Windows\System32\DRIVERS\PA707UCM.SYS [602112 2006-11-08] (PixArt Imaging Inc.)
S4 ATIXPGAA; \??\C:\Program Files\PC-Doctor for Windows\ATIXPGAA.SYS [X]
S4 catchme; \??\C:\ComboFix\catchme.sys [X]
R3 cpuz132; \??\C:\Users\Savitri\AppData\Local\Temp\cpuz132\cpuz132_x64.sys [X]
U3 DfSdkS; 
U4 esgiguard; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-02 13:19 - 2014-05-02 13:19 - 00000000 ____D () C:\Users\Savitri\Downloads\FRST-OlderVersion
2014-05-02 11:24 - 2014-05-02 11:24 - 00000858 _____ () C:\Users\Savitri\Desktop\JRT.txt
2014-05-02 11:13 - 2014-05-02 11:13 - 01016261 _____ (Thisisu) C:\Users\Savitri\Downloads\JRT.exe
2014-05-02 11:12 - 2014-05-02 11:12 - 00002112 _____ () C:\Users\Savitri\Desktop\AdwCleaner[S0].txt
2014-05-02 11:05 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-02 11:04 - 2014-05-02 11:06 - 00000000 ____D () C:\AdwCleaner
2014-05-02 11:02 - 2014-05-02 11:02 - 01310621 _____ () C:\Users\Savitri\Downloads\adwcleaner.exe
2014-05-02 11:02 - 2014-05-02 11:02 - 00001885 _____ () C:\Users\Savitri\Desktop\mbam.txt
2014-05-02 10:51 - 2014-05-02 11:08 - 00000384 _____ () C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_Savitri.job
2014-05-02 10:51 - 2014-05-02 11:07 - 00000378 _____ () C:\Windows\Tasks\ReclaimerUpdateFiles_Savitri.job
2014-05-02 10:51 - 2014-05-02 10:52 - 00002970 _____ () C:\Windows\System32\Tasks\ReclaimerUpdateFiles_Savitri
2014-05-02 10:51 - 2014-05-02 10:52 - 00002966 _____ () C:\Windows\System32\Tasks\ReclaimerUpdateXML_Savitri
2014-05-02 10:51 - 2014-05-02 10:52 - 00002674 _____ () C:\Windows\System32\Tasks\RNUpgradeHelperLogonPrompt_Savitri
2014-05-02 10:51 - 2014-05-02 10:51 - 00003618 _____ () C:\Windows\System32\Tasks\RNUpgradeHelperResumePrompt_Savitri
2014-05-02 10:50 - 2014-05-02 11:07 - 00000374 _____ () C:\Windows\Tasks\ReclaimerUpdateXML_Savitri.job
2014-05-02 10:23 - 2014-05-02 11:48 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-02 10:23 - 2014-05-02 10:23 - 00001064 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-02 10:23 - 2014-05-02 10:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-02 10:23 - 2014-05-02 10:23 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-05-02 10:23 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-02 10:23 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-02 10:21 - 2014-05-02 10:22 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Savitri\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-01 16:45 - 2014-05-01 16:46 - 00063403 _____ () C:\Users\Savitri\Downloads\Addition.txt
2014-05-01 16:44 - 2014-05-02 13:19 - 00022041 _____ () C:\Users\Savitri\Downloads\FRST.txt
2014-05-01 16:44 - 2014-05-02 13:19 - 00000000 ____D () C:\FRST
2014-05-01 16:43 - 2014-05-02 13:19 - 02062336 _____ (Farbar) C:\Users\Savitri\Downloads\FRST64.exe
2014-04-30 17:37 - 2014-04-06 08:36 - 01016261 _____ (Thisisu) C:\Users\Savitri\Desktop\JRT_NEW.exe
2014-04-25 16:33 - 2014-04-25 16:33 - 01130024 _____ (BillP Studios) C:\Users\Savitri\Downloads\wpsetup.exe
2014-04-24 10:18 - 2014-04-24 10:18 - 06358130 _____ () C:\Users\Savitri\Documents\Produce.wmv
2014-04-20 07:36 - 2014-04-20 07:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-04-20 07:36 - 2014-04-14 20:13 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-20 07:36 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-20 07:36 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-20 07:36 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-20 07:35 - 2014-04-20 07:36 - 00004161 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-19 16:41 - 2014-04-19 16:41 - 00010123 _____ () C:\Users\Savitri\Desktop\Arbeitsmappe1.xlsx
2014-04-10 20:27 - 2014-05-02 11:08 - 00003342 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-842135949-2711248906-428214252-1000
2014-04-10 20:02 - 2014-03-06 12:21 - 23549440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-10 20:02 - 2014-03-06 11:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-10 20:02 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-10 20:02 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-10 20:02 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-10 20:02 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-10 20:02 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-10 20:02 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-10 20:02 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-10 20:02 - 2014-03-06 10:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-10 20:02 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-10 20:02 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-10 20:02 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-10 20:02 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-10 20:02 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-10 20:02 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-10 20:02 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-10 20:02 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-10 20:02 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-10 20:02 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-10 20:02 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-10 20:02 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-10 20:02 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-10 20:02 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-10 20:02 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-10 20:02 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-10 20:02 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-10 20:02 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-10 20:02 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-10 20:02 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-10 20:02 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-10 20:02 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-10 20:02 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-10 20:02 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-10 20:02 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-10 20:02 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-10 20:02 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-10 20:02 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-10 20:01 - 2014-03-06 11:19 - 17387008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-10 20:01 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-10 20:01 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-10 20:01 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-10 20:01 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-10 20:01 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-10 20:01 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-10 20:01 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-10 20:01 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-10 20:01 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-09 16:32 - 2014-04-09 16:32 - 00001928 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-04-09 16:31 - 2014-04-09 16:31 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-09 13:56 - 2014-04-26 13:44 - 00000000 ____D () C:\Users\Savitri\Documents\My Podcasts
2014-04-09 08:45 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-09 08:45 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-09 08:45 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-09 08:45 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-09 08:45 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-09 08:45 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-09 08:45 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-09 08:45 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-09 08:45 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-09 08:45 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-09 08:45 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-09 08:45 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-09 08:45 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-09 08:45 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-09 08:45 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-09 08:45 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-09 08:45 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-08 08:23 - 2014-04-08 08:33 - 00000000 ____D () C:\Users\Savitri\Desktop\CD_OG
2014-04-08 08:11 - 2014-04-14 08:08 - 00000000 ____D () C:\Program Files (x86)\Wahrnehmung Optisches Gedächtnis
2014-04-07 07:51 - 2014-04-07 07:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KompoZer
2014-04-07 07:51 - 2014-04-07 07:51 - 00000000 ____D () C:\Program Files (x86)\KompoZer
2014-04-07 07:42 - 2014-04-07 07:42 - 00001226 _____ () C:\Users\Savitri\Desktop\Revo Uninstaller.lnk
2014-04-07 07:42 - 2014-04-07 07:42 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-04-04 08:13 - 2014-04-04 08:13 - 00000000 ____D () C:\Users\Savitri\AppData\Roaming\RealNetworks
2014-04-04 08:13 - 2014-04-04 08:13 - 00000000 ____D () C:\ProgramData\RealNetworks
2014-04-04 08:13 - 2014-04-04 08:13 - 00000000 ____D () C:\Program Files (x86)\RealNetworks
2014-04-04 08:12 - 2014-04-04 08:12 - 00201800 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\rmoc3260.dll
2014-04-04 08:11 - 2014-04-04 08:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
2014-04-04 08:11 - 2014-04-04 08:11 - 00278600 _____ (Progressive Networks) C:\Windows\SysWOW64\pncrt.dll
2014-04-04 08:07 - 2014-04-20 07:37 - 00000000 ____D () C:\ProgramData\Oracle

==================== One Month Modified Files and Folders =======

2014-05-02 13:19 - 2014-05-02 13:19 - 00000000 ____D () C:\Users\Savitri\Downloads\FRST-OlderVersion
2014-05-02 13:19 - 2014-05-01 16:44 - 00022041 _____ () C:\Users\Savitri\Downloads\FRST.txt
2014-05-02 13:19 - 2014-05-01 16:44 - 00000000 ____D () C:\FRST
2014-05-02 13:19 - 2014-05-01 16:43 - 02062336 _____ (Farbar) C:\Users\Savitri\Downloads\FRST64.exe
2014-05-02 13:11 - 2013-04-25 15:35 - 00000000 ____D () C:\Users\Savitri\AppData\Roaming\Skype
2014-05-02 13:01 - 2013-03-25 23:05 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-02 12:48 - 2009-12-13 16:50 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-02 11:48 - 2014-05-02 10:23 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-02 11:24 - 2014-05-02 11:24 - 00000858 _____ () C:\Users\Savitri\Desktop\JRT.txt
2014-05-02 11:17 - 2009-07-14 06:45 - 00015792 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-02 11:17 - 2009-07-14 06:45 - 00015792 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-02 11:14 - 2009-10-07 20:23 - 01485127 _____ () C:\Windows\WindowsUpdate.log
2014-05-02 11:13 - 2014-05-02 11:13 - 01016261 _____ (Thisisu) C:\Users\Savitri\Downloads\JRT.exe
2014-05-02 11:12 - 2014-05-02 11:12 - 00002112 _____ () C:\Users\Savitri\Desktop\AdwCleaner[S0].txt
2014-05-02 11:10 - 2009-12-18 15:19 - 00000324 _____ () C:\Windows\Brownie.ini
2014-05-02 11:09 - 2013-11-27 18:11 - 00000000 ____D () C:\ProgramData\Ad-Aware Browsing Protection
2014-05-02 11:08 - 2014-05-02 10:51 - 00000384 _____ () C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_Savitri.job
2014-05-02 11:08 - 2014-04-10 20:27 - 00003342 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-842135949-2711248906-428214252-1000
2014-05-02 11:07 - 2014-05-02 10:51 - 00000378 _____ () C:\Windows\Tasks\ReclaimerUpdateFiles_Savitri.job
2014-05-02 11:07 - 2014-05-02 10:50 - 00000374 _____ () C:\Windows\Tasks\ReclaimerUpdateXML_Savitri.job
2014-05-02 11:07 - 2013-05-03 14:49 - 00000440 _____ () C:\Windows\Tasks\PCCT - MAGIX AG.job
2014-05-02 11:07 - 2010-07-04 08:26 - 00779608 _____ () C:\Windows\PFRO.log
2014-05-02 11:07 - 2010-07-03 10:14 - 00184303 _____ () C:\Windows\setupact.log
2014-05-02 11:07 - 2009-12-13 16:50 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-02 11:07 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-02 11:06 - 2014-05-02 11:04 - 00000000 ____D () C:\AdwCleaner
2014-05-02 11:02 - 2014-05-02 11:02 - 01310621 _____ () C:\Users\Savitri\Downloads\adwcleaner.exe
2014-05-02 11:02 - 2014-05-02 11:02 - 00001885 _____ () C:\Users\Savitri\Desktop\mbam.txt
2014-05-02 10:53 - 2013-11-27 17:45 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-05-02 10:52 - 2014-05-02 10:51 - 00002970 _____ () C:\Windows\System32\Tasks\ReclaimerUpdateFiles_Savitri
2014-05-02 10:52 - 2014-05-02 10:51 - 00002966 _____ () C:\Windows\System32\Tasks\ReclaimerUpdateXML_Savitri
2014-05-02 10:52 - 2014-05-02 10:51 - 00002674 _____ () C:\Windows\System32\Tasks\RNUpgradeHelperLogonPrompt_Savitri
2014-05-02 10:51 - 2014-05-02 10:51 - 00003618 _____ () C:\Windows\System32\Tasks\RNUpgradeHelperResumePrompt_Savitri
2014-05-02 10:48 - 2010-06-27 15:49 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-05-02 10:48 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help
2014-05-02 10:44 - 2012-12-23 15:12 - 00000000 ____D () C:\mp-os
2014-05-02 10:23 - 2014-05-02 10:23 - 00001064 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-02 10:23 - 2014-05-02 10:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-02 10:23 - 2014-05-02 10:23 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-05-02 10:23 - 2010-04-28 12:41 - 00000000 ____D () C:\Users\Savitri\AppData\Roaming\Malwarebytes
2014-05-02 10:23 - 2010-04-28 12:41 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-02 10:22 - 2014-05-02 10:21 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Savitri\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-01 21:46 - 2012-08-03 14:14 - 00000000 ____D () C:\Users\Savitri\Desktop\Mediator
2014-05-01 20:43 - 2011-11-10 18:10 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-05-01 20:43 - 2009-11-01 21:27 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-05-01 16:46 - 2014-05-01 16:45 - 00063403 _____ () C:\Users\Savitri\Downloads\Addition.txt
2014-05-01 11:02 - 2012-04-06 14:10 - 00000000 ____D () C:\mp-mathe2
2014-04-30 17:35 - 2014-02-05 17:04 - 00000000 ____D () C:\Users\Savitri\Desktop\Reinigung
2014-04-30 17:31 - 2013-01-01 15:48 - 00000000 ____D () C:\CD_OS
2014-04-30 15:13 - 2012-08-16 14:06 - 00000000 ____D () C:\mp-rechtschreibung2
2014-04-30 14:38 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-04-30 14:11 - 2013-05-29 16:44 - 00000000 ____D () C:\mp-OG
2014-04-30 14:11 - 2009-09-12 05:13 - 00718394 _____ () C:\Windows\system32\perfh007.dat
2014-04-30 14:11 - 2009-09-12 05:13 - 00158028 _____ () C:\Windows\system32\perfc007.dat
2014-04-30 14:11 - 2009-07-14 07:13 - 01672424 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-30 10:41 - 2009-10-31 15:14 - 00000552 _____ () C:\Windows\Tasks\PCDRScheduledMaintenance.job
2014-04-29 16:01 - 2013-03-25 23:05 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-29 16:01 - 2013-03-25 23:05 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-29 16:01 - 2013-01-31 20:32 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-29 15:59 - 2013-06-04 07:15 - 00000000 ____D () C:\mp-lega
2014-04-28 14:55 - 2013-05-29 16:44 - 00000000 ____D () C:\CD_OG
2014-04-28 14:50 - 2012-10-08 16:35 - 00000000 ____D () C:\mp-lesen7
2014-04-26 13:44 - 2014-04-09 13:56 - 00000000 ____D () C:\Users\Savitri\Documents\My Podcasts
2014-04-26 09:43 - 2010-11-27 16:46 - 00013030 _____ () C:\PDOXUSRS.NET
2014-04-26 09:43 - 2009-07-14 04:34 - 00001460 _____ () C:\Windows\win.ini
2014-04-25 18:51 - 2009-10-31 23:28 - 00000000 ____D () C:\Users\Savitri\AppData\Roaming\FileZilla
2014-04-25 17:29 - 2013-06-04 07:15 - 00000000 ____D () C:\CD_Lega
2014-04-25 16:34 - 2014-01-29 15:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPatrol
2014-04-25 16:34 - 2014-01-29 15:15 - 00000000 ____D () C:\ProgramData\InstallMate
2014-04-25 16:33 - 2014-04-25 16:33 - 01130024 _____ (BillP Studios) C:\Users\Savitri\Downloads\wpsetup.exe
2014-04-24 16:52 - 2013-03-15 17:16 - 00000000 ____D () C:\Users\Savitri\Desktop\Lernprogramme
2014-04-24 16:51 - 2013-04-16 15:50 - 00000000 ____D () C:\Users\Savitri\Desktop\videos für youtube
2014-04-24 16:33 - 2013-10-07 16:36 - 00000000 ____D () C:\Users\Savitri\AppData\Local\Paint.NET
2014-04-24 10:18 - 2014-04-24 10:18 - 06358130 _____ () C:\Users\Savitri\Documents\Produce.wmv
2014-04-24 09:37 - 2012-08-13 15:50 - 00000000 ____D () C:\Users\Savitri\Desktop\video
2014-04-20 07:37 - 2014-04-04 08:07 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-20 07:36 - 2014-04-20 07:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-04-20 07:36 - 2014-04-20 07:35 - 00004161 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-20 07:36 - 2009-11-05 19:50 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-19 16:41 - 2014-04-19 16:41 - 00010123 _____ () C:\Users\Savitri\Desktop\Arbeitsmappe1.xlsx
2014-04-19 07:40 - 2009-10-31 17:29 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-18 14:50 - 2014-02-18 18:51 - 00000000 ____D () C:\vorlagen februar 2014
2014-04-16 14:15 - 2012-11-10 16:52 - 00000000 ____D () C:\Datenbanken
2014-04-16 08:31 - 2012-06-23 07:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView
2014-04-14 20:13 - 2014-04-20 07:36 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-14 20:05 - 2014-04-20 07:36 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-14 20:05 - 2014-04-20 07:36 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-14 20:04 - 2014-04-20 07:36 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-14 08:27 - 2014-01-25 09:59 - 00000000 ____D () C:\Users\Savitri\AppData\Roaming\CreateInstall Light
2014-04-14 08:23 - 2014-01-01 16:08 - 00000000 ____D () C:\Program Files (x86)\Aufmerksamkeit
2014-04-14 08:22 - 2013-06-01 14:08 - 00000000 ____D () C:\mp-AS
2014-04-14 08:18 - 2012-10-12 13:31 - 00000000 ____D () C:\mp-mathe5
2014-04-14 08:08 - 2014-04-08 08:11 - 00000000 ____D () C:\Program Files (x86)\Wahrnehmung Optisches Gedächtnis
2014-04-13 17:29 - 2009-11-09 11:41 - 00000000 ____D () C:\Users\Savitri\AppData\Roaming\Audacity
2014-04-10 20:59 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-04-10 20:20 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-10 11:09 - 2012-10-11 16:27 - 00000000 ____D () C:\mp-lesen9
2014-04-10 09:41 - 2012-08-05 19:32 - 00000000 ____D () C:\Users\Savitri\Desktop\Maerchen
2014-04-09 20:17 - 2012-09-09 19:56 - 00003946 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{10F27B3E-2E9E-47DB-ADB4-4D06C7998B75}
2014-04-09 20:08 - 2013-08-10 19:09 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-09 20:04 - 2009-11-01 09:44 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-09 16:32 - 2014-04-09 16:32 - 00001928 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-04-09 16:32 - 2014-01-04 09:28 - 00084816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-04-09 16:32 - 2013-11-27 17:45 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-04-09 16:32 - 2013-11-27 17:45 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-04-09 16:32 - 2013-11-27 17:45 - 00208928 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-04-09 16:32 - 2013-11-27 17:45 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-04-09 16:32 - 2013-11-27 17:45 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-04-09 16:32 - 2011-06-09 09:28 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-04-09 16:31 - 2014-04-09 16:31 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-09 16:31 - 2013-11-27 17:45 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-04-08 15:28 - 2010-04-08 10:35 - 00000000 ____D () C:\Users\Savitri\AppData\Roaming\vlc
2014-04-08 08:33 - 2014-04-08 08:23 - 00000000 ____D () C:\Users\Savitri\Desktop\CD_OG
2014-04-07 15:20 - 2013-04-07 14:48 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2014-04-07 15:20 - 2013-04-07 14:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-04-07 07:51 - 2014-04-07 07:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KompoZer
2014-04-07 07:51 - 2014-04-07 07:51 - 00000000 ____D () C:\Program Files (x86)\KompoZer
2014-04-07 07:50 - 2014-01-14 17:16 - 00000000 ____D () C:\Users\Savitri\Documents\Lernprogramme-Hilfsprogramme
2014-04-07 07:49 - 2014-01-18 17:26 - 00000000 ____D () C:\Users\Savitri\AppData\Roaming\KompoZer
2014-04-07 07:42 - 2014-04-07 07:42 - 00001226 _____ () C:\Users\Savitri\Desktop\Revo Uninstaller.lnk
2014-04-07 07:42 - 2014-04-07 07:42 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-04-07 07:39 - 2013-05-28 18:46 - 00000000 ____D () C:\CD_OD
2014-04-06 08:36 - 2014-04-30 17:37 - 01016261 _____ (Thisisu) C:\Users\Savitri\Desktop\JRT_NEW.exe
2014-04-04 08:13 - 2014-04-04 08:13 - 00000000 ____D () C:\Users\Savitri\AppData\Roaming\RealNetworks
2014-04-04 08:13 - 2014-04-04 08:13 - 00000000 ____D () C:\ProgramData\RealNetworks
2014-04-04 08:13 - 2014-04-04 08:13 - 00000000 ____D () C:\Program Files (x86)\RealNetworks
2014-04-04 08:13 - 2014-04-04 08:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
2014-04-04 08:13 - 2009-11-22 18:12 - 00000000 ____D () C:\Users\Savitri\AppData\Roaming\Real
2014-04-04 08:13 - 2009-11-22 18:12 - 00000000 ____D () C:\Program Files (x86)\Real
2014-04-04 08:12 - 2014-04-04 08:12 - 00201800 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\rmoc3260.dll
2014-04-04 08:12 - 2009-11-04 20:29 - 00000000 ____D () C:\ProgramData\Real
2014-04-04 08:12 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-04 08:11 - 2014-04-04 08:11 - 00278600 _____ (Progressive Networks) C:\Windows\SysWOW64\pncrt.dll
2014-04-03 09:51 - 2014-05-02 10:23 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-05-02 10:23 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2013-11-27 19:59 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-03 08:22 - 2013-05-28 13:51 - 00000000 ____D () C:\mp-od
2014-04-03 07:43 - 2009-12-13 16:50 - 00004108 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-04-03 07:43 - 2009-12-13 16:50 - 00003856 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

Some content of TEMP:
====================
C:\Users\Savitri\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-30 18:09

==================== End Of Log ============================
         
--- --- ---

--- --- ---



Gruss Jola


Alt 03.05.2014, 07:33   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Link zur eigenen Webseite spinnt - Standard

Link zur eigenen Webseite spinnt




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
--> Link zur eigenen Webseite spinnt

Alt 04.05.2014, 06:37   #7
jola58
 
Link zur eigenen Webseite spinnt - Standard

Link zur eigenen Webseite spinnt



Habe alles gemäss Anweisung gemacht. Doch das Problem besteht immer noch. Wenn ich von meiner Webseite aus zurück gehe, komme ich nicht auf die vorhergegange Seite, sondern auf eine leere Google-Suchseite.
Ausserdem ist nun der Lautsprecher inaktiv. Es heisst: Der Audiodienst wird nicht ausgeführt.

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=24953f8c458b3b4db36f7fd60b9f26ee
# engine=18120
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-05-03 02:38:58
# local_time=2014-05-03 04:38:58 (+0100, Mitteleuropäische Sommerzeit)
# country="Switzerland"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=774 16777213 71 76 2059854 2074031 0 0
# compatibility_mode=5893 16776573 100 94 94727 150757788 0 0
# scanned=475013
# found=0
# cleaned=0
# scan_time=22135
         


Code:
ATTFilter
 Results of screen317's Security Check version 0.99.82  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
avast! Antivirus   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:````````` 
 SpywareBlaster 5.0    
 Java 7 Update 55  
 Adobe Flash Player 13.0.0.206  
 Adobe Reader XI  
 Mozilla Firefox (28.0) 
````````Process Check: objlist.exe by Laurent````````  
 WinPatrol winpatrol.exe 
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 system32 AvastSvc.exe -?-   
 AVAST Software Avast AvastUI.exe  
 BillP Studios WinPatrol WinPatrol.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         



FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-05-2014
Ran by Savitri (administrator) on SAVITRI on 03-05-2014 17:59:43
Running from C:\Users\Savitri\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\MAGIX\PC_Check_Tuning_Free_2011\MxTray.exe
() C:\Program Files (x86)\D-Link\DWA-140 revB\ANIWConnService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Brio) C:\Program Files\FolderSize\FolderSizeSvc.exe
(hMailServer) C:\Program Files (x86)\hMailServer\Bin\hMailServer.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(CyberLink Corp.) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
() C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\PAC7311\Monitor.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(BillP Studios) C:\Program Files (x86)\BillP Studios\WinPatrol\WinPatrol.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(brother) C:\Program Files (x86)\Brownie\BrStsW64.exe
(D-Link Corp.) C:\Program Files (x86)\D-Link\DWA-140 revB\AirNCFG.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Lavasoft) C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(brother) C:\Program Files (x86)\Brownie\brpjp04a.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(RealNetworks, Inc.) C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [610360 2009-07-08] ()
HKLM\...\Run: [Monitor] => C:\Windows\PixArt\PAC7311\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM-x32\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-05-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Easybits Recovery] => C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [60464 2009-06-22] (EasyBits Software AS)
HKLM-x32\...\Run: [UpdatePRCShortCut] => C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [BrStsWnd] => C:\Program Files (x86)\Brownie\BrstsW64.exe [963072 2008-01-08] (brother)
HKLM-x32\...\Run: [UpdatePDRShortCut] => c:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [D-Link D-Link DWA-140] => C:\Program Files (x86)\D-Link\DWA-140 revB\AirNCFG.exe [1074496 2011-06-29] (D-Link Corp.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640 2014-04-09] (AVAST Software)
HKLM-x32\...\Run: [Ad-Aware Browsing Protection] => C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [559696 2013-09-27] (Lavasoft)
HKLM-x32\...\Run: [Magic Desktop for HP notification] => C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe [1243656 2013-12-11] (Easybits)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [TkBellExe] => c:\program files (x86)\real\realplayer\Update\realsched.exe [296520 2014-04-04] (RealNetworks, Inc.)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-04-22] (Hewlett-Packard)
HKU\S-1-5-21-842135949-2711248906-428214252-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-842135949-2711248906-428214252-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-842135949-2711248906-428214252-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-842135949-2711248906-428214252-1000\...\Run: [WinPatrol] => C:\Program Files (x86)\BillP Studios\WinPatrol\winpatrol.exe [533568 2014-04-23] (BillP Studios)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk
ShortcutTarget: RealPlayer Cloud Service UI.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe (RealNetworks, Inc.)
Startup: C:\Users\Savitri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {71398C2C-687B-4CD9-8A25-501D138F73E6} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1452&query={searchTerms}&invocationType=tb50hpcndtie7-de-ch
SearchScopes: HKLM - {71398C2C-687B-4CD9-8A25-501D138F73E6} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1452&query={searchTerms}&invocationType=tb50hpcndtie7-de-ch
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll (RealDownloader)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKLM-x32 - No Name - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} -  No File
Toolbar: HKCU - No Name - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} -  No File
DPF: HKLM-x32 {4FF78044-96B4-4312-A5B7-FDA3CB328095} 
DPF: HKLM-x32 {5C051655-FCD5-4969-9182-770EA5AA5565} hxxp://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455} 
DPF: HKLM-x32 {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52272 2009-09-11] (EasyBits Software Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Savitri\AppData\Roaming\Mozilla\Firefox\Profiles\psydjhqg.Savitri
FF Homepage: https://www.google.ch/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()
FF Plugin: @java.com/DTPlugin,version=10.17.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=17.0.6.13 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=17.0.6 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=17.0.6 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=17.0.6 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=12.0.1.669 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=12.0.1.669 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=17.0.6.13 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer Cloud)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @movenetworks.com/Quantum Media Player - C:\Users\Savitri\AppData\Roaming\Move Networks\plugins\071802000001\npqmp071802000001.dll (Move Networks)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\libdivx.dll (The OpenSSL Project, hxxp://www.openssl.org/)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npdivx32.dll (DivX,Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npLegitCheckPlugin.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll (RealPlayer Cloud)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ssldivx.dll (The OpenSSL Project, hxxp://www.openssl.org/)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: WOT - C:\Users\Savitri\AppData\Roaming\Mozilla\Firefox\Profiles\psydjhqg.Savitri\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-11-27]
FF Extension: NoScript - C:\Users\Savitri\AppData\Roaming\Mozilla\Firefox\Profiles\psydjhqg.Savitri\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013-10-01]
FF Extension: Web Developer - C:\Users\Savitri\AppData\Roaming\Mozilla\Firefox\Profiles\psydjhqg.Savitri\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2012-08-21]
FF Extension: Adblock Plus - C:\Users\Savitri\AppData\Roaming\Mozilla\Firefox\Profiles\psydjhqg.Savitri\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-10-01]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-03-29]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-03-29]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2014-03-29]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-11-27]
FF HKLM-x32\...\Firefox\Extensions: [{8E8D8D12-A43B-4289-994D-DF2C7C0EF736}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []

==================== Services (Whitelisted) =================

S4 Apache2.4; C:\xampp\apache\bin\httpd.exe [22016 2012-08-18] (Apache Software Foundation)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-09] (AVAST Software)
R2 D_Link_DWA-140_WPS; C:\Program Files (x86)\D-Link\DWA-140 revB\ANIWConnService.exe [53248 2010-07-12] ()
R2 FolderSize; C:\Program Files\FolderSize\FolderSizeSvc.exe [167936 2010-04-06] (Brio)
R2 hMailServer; C:\Program Files (x86)\hMailServer\Bin\hMailServer.exe [5395968 2010-06-07] (hMailServer)
S2 MAGIX StartUp Analyze Service; C:\Program Files (x86)\MAGIX\PC_Check_Tuning_Free_2011\MXSAS.exe [186368 2010-11-04] (MAGIX AG)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-02-12] ()
R2 RealPlayer Cloud Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1141336 2014-04-04] (RealNetworks, Inc.)
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [23552 2014-02-14] ()
R2 RichVideo; C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe [247152 2009-04-17] ()
R2 ezSharedSvc; C:\Windows\System32\ezsvc7.dll [X]

==================== Drivers (Whitelisted) ====================

R1 anodlwf; C:\Windows\System32\DRIVERS\anodlwfx.sys [15872 2011-02-21] ()
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-04-09] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-04-09] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-04-09] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-04-09] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-04-09] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [84816 2014-04-09] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208928 2014-04-09] ()
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [104912 2007-11-07] (EZB Systems, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-05-03] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)
S3 netr28ux; C:\Windows\System32\DRIVERS\Dnetr28ux.sys [1617472 2011-04-28] (Ralink Technology Corp.)
S3 PAC7311; C:\Windows\System32\DRIVERS\PA707UCM.SYS [602112 2006-11-08] (PixArt Imaging Inc.)
S4 ATIXPGAA; \??\C:\Program Files\PC-Doctor for Windows\ATIXPGAA.SYS [X]
S4 catchme; \??\C:\ComboFix\catchme.sys [X]
R3 cpuz132; \??\C:\Users\Savitri\AppData\Local\Temp\cpuz132\cpuz132_x64.sys [X]
U3 DfSdkS; 
U4 esgiguard; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-03 17:58 - 2014-05-03 17:58 - 00000915 _____ () C:\Users\Savitri\Desktop\checkup.txt
2014-05-03 17:54 - 2014-05-03 17:54 - 00855379 _____ () C:\Users\Savitri\Desktop\SecurityCheck.exe
2014-05-03 17:50 - 2014-05-03 17:50 - 00003342 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-842135949-2711248906-428214252-1000
2014-05-03 17:44 - 2014-04-29 16:01 - 23547904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-03 17:44 - 2014-04-29 15:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-03 17:44 - 2014-04-29 14:48 - 17384448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-03 17:44 - 2014-04-29 14:34 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-03 10:23 - 2014-05-03 10:23 - 02347384 _____ (ESET) C:\Users\Savitri\Desktop\esetsmartinstaller_deu.exe
2014-05-02 13:19 - 2014-05-02 13:19 - 00000000 ____D () C:\Users\Savitri\Downloads\FRST-OlderVersion
2014-05-02 11:13 - 2014-05-02 11:13 - 01016261 _____ (Thisisu) C:\Users\Savitri\Downloads\JRT.exe
2014-05-02 11:05 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-02 11:04 - 2014-05-02 11:06 - 00000000 ____D () C:\AdwCleaner
2014-05-02 11:02 - 2014-05-02 11:02 - 01310621 _____ () C:\Users\Savitri\Downloads\adwcleaner.exe
2014-05-02 10:51 - 2014-05-03 17:49 - 00000384 _____ () C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_Savitri.job
2014-05-02 10:51 - 2014-05-02 11:07 - 00000378 _____ () C:\Windows\Tasks\ReclaimerUpdateFiles_Savitri.job
2014-05-02 10:51 - 2014-05-02 10:52 - 00002970 _____ () C:\Windows\System32\Tasks\ReclaimerUpdateFiles_Savitri
2014-05-02 10:51 - 2014-05-02 10:52 - 00002966 _____ () C:\Windows\System32\Tasks\ReclaimerUpdateXML_Savitri
2014-05-02 10:51 - 2014-05-02 10:52 - 00002674 _____ () C:\Windows\System32\Tasks\RNUpgradeHelperLogonPrompt_Savitri
2014-05-02 10:51 - 2014-05-02 10:51 - 00003618 _____ () C:\Windows\System32\Tasks\RNUpgradeHelperResumePrompt_Savitri
2014-05-02 10:50 - 2014-05-03 10:53 - 00000374 _____ () C:\Windows\Tasks\ReclaimerUpdateXML_Savitri.job
2014-05-02 10:23 - 2014-05-03 17:55 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-02 10:23 - 2014-05-02 10:23 - 00001064 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-02 10:23 - 2014-05-02 10:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-02 10:23 - 2014-05-02 10:23 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-05-02 10:23 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-02 10:23 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-02 10:21 - 2014-05-02 10:22 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Savitri\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-01 16:45 - 2014-05-01 16:46 - 00063403 _____ () C:\Users\Savitri\Downloads\Addition.txt
2014-05-01 16:44 - 2014-05-03 17:59 - 00022111 _____ () C:\Users\Savitri\Downloads\FRST.txt
2014-05-01 16:44 - 2014-05-03 17:59 - 00000000 ____D () C:\FRST
2014-05-01 16:43 - 2014-05-02 13:19 - 02062336 _____ (Farbar) C:\Users\Savitri\Downloads\FRST64.exe
2014-04-30 17:37 - 2014-04-06 08:36 - 01016261 _____ (Thisisu) C:\Users\Savitri\Desktop\JRT_NEW.exe
2014-04-25 16:33 - 2014-04-25 16:33 - 01130024 _____ (BillP Studios) C:\Users\Savitri\Downloads\wpsetup.exe
2014-04-24 10:18 - 2014-04-24 10:18 - 06358130 _____ () C:\Users\Savitri\Documents\Produce.wmv
2014-04-20 07:36 - 2014-04-20 07:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-04-20 07:36 - 2014-04-14 20:13 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-20 07:36 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-20 07:36 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-20 07:36 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-20 07:35 - 2014-04-20 07:36 - 00004161 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-19 16:41 - 2014-04-19 16:41 - 00010123 _____ () C:\Users\Savitri\Desktop\Arbeitsmappe1.xlsx
2014-04-10 20:02 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-10 20:02 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-10 20:02 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-10 20:02 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-10 20:02 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-10 20:02 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-10 20:02 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-10 20:02 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-10 20:02 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-10 20:02 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-10 20:02 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-10 20:02 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-10 20:02 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-10 20:02 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-10 20:02 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-10 20:02 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-10 20:02 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-10 20:02 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-10 20:02 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-10 20:02 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-10 20:02 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-10 20:02 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-10 20:02 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-10 20:02 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-10 20:02 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-10 20:02 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-10 20:02 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-10 20:02 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-10 20:02 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-10 20:02 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-10 20:02 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-10 20:02 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-10 20:02 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-10 20:02 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-10 20:02 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-10 20:01 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-10 20:01 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-10 20:01 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-10 20:01 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-10 20:01 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-10 20:01 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-10 20:01 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-10 20:01 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-10 20:01 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-09 16:32 - 2014-04-09 16:32 - 00001928 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-04-09 16:31 - 2014-04-09 16:31 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-09 13:56 - 2014-04-26 13:44 - 00000000 ____D () C:\Users\Savitri\Documents\My Podcasts
2014-04-09 08:45 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-09 08:45 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-09 08:45 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-09 08:45 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-09 08:45 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-09 08:45 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-09 08:45 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-09 08:45 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-09 08:45 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-09 08:45 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-09 08:45 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-09 08:45 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-09 08:45 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-09 08:45 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-09 08:45 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-09 08:45 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-09 08:45 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-08 08:23 - 2014-04-08 08:33 - 00000000 ____D () C:\Users\Savitri\Desktop\CD_OG
2014-04-08 08:11 - 2014-04-14 08:08 - 00000000 ____D () C:\Program Files (x86)\Wahrnehmung Optisches Gedächtnis
2014-04-07 07:51 - 2014-04-07 07:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KompoZer
2014-04-07 07:51 - 2014-04-07 07:51 - 00000000 ____D () C:\Program Files (x86)\KompoZer
2014-04-07 07:42 - 2014-04-07 07:42 - 00001226 _____ () C:\Users\Savitri\Desktop\Revo Uninstaller.lnk
2014-04-07 07:42 - 2014-04-07 07:42 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-04-04 08:13 - 2014-04-04 08:13 - 00000000 ____D () C:\Users\Savitri\AppData\Roaming\RealNetworks
2014-04-04 08:13 - 2014-04-04 08:13 - 00000000 ____D () C:\ProgramData\RealNetworks
2014-04-04 08:13 - 2014-04-04 08:13 - 00000000 ____D () C:\Program Files (x86)\RealNetworks
2014-04-04 08:12 - 2014-04-04 08:12 - 00201800 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\rmoc3260.dll
2014-04-04 08:11 - 2014-04-04 08:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
2014-04-04 08:11 - 2014-04-04 08:11 - 00278600 _____ (Progressive Networks) C:\Windows\SysWOW64\pncrt.dll
2014-04-04 08:07 - 2014-04-20 07:37 - 00000000 ____D () C:\ProgramData\Oracle

==================== One Month Modified Files and Folders =======

2014-05-03 17:59 - 2014-05-01 16:44 - 00022111 _____ () C:\Users\Savitri\Downloads\FRST.txt
2014-05-03 17:59 - 2014-05-01 16:44 - 00000000 ____D () C:\FRST
2014-05-03 17:58 - 2014-05-03 17:58 - 00000915 _____ () C:\Users\Savitri\Desktop\checkup.txt
2014-05-03 17:58 - 2009-07-14 06:45 - 00015792 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-03 17:58 - 2009-07-14 06:45 - 00015792 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-03 17:55 - 2014-05-02 10:23 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-03 17:54 - 2014-05-03 17:54 - 00855379 _____ () C:\Users\Savitri\Desktop\SecurityCheck.exe
2014-05-03 17:53 - 2010-07-03 10:14 - 00184527 _____ () C:\Windows\setupact.log
2014-05-03 17:52 - 2013-04-25 15:35 - 00000000 ____D () C:\Users\Savitri\AppData\Roaming\Skype
2014-05-03 17:51 - 2013-11-27 17:45 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-05-03 17:51 - 2009-12-18 15:19 - 00000324 _____ () C:\Windows\Brownie.ini
2014-05-03 17:50 - 2014-05-03 17:50 - 00003342 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-842135949-2711248906-428214252-1000
2014-05-03 17:50 - 2013-11-27 18:11 - 00000000 ____D () C:\ProgramData\Ad-Aware Browsing Protection
2014-05-03 17:49 - 2014-05-02 10:51 - 00000384 _____ () C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_Savitri.job
2014-05-03 17:48 - 2013-05-03 14:49 - 00000440 _____ () C:\Windows\Tasks\PCCT - MAGIX AG.job
2014-05-03 17:48 - 2009-12-13 16:50 - 00001108 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-03 17:48 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-03 17:46 - 2010-07-04 08:26 - 00780434 _____ () C:\Windows\PFRO.log
2014-05-03 17:45 - 2009-10-07 20:23 - 01855959 _____ () C:\Windows\WindowsUpdate.log
2014-05-03 17:42 - 2013-01-01 15:48 - 00000000 ____D () C:\CD_OS
2014-05-03 17:42 - 2012-12-23 15:12 - 00000000 ____D () C:\mp-os
2014-05-03 17:42 - 2009-11-09 11:41 - 00000000 ____D () C:\Users\Savitri\AppData\Roaming\Audacity
2014-05-03 17:01 - 2013-03-25 23:05 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-03 16:48 - 2009-12-13 16:50 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-03 10:53 - 2014-05-02 10:50 - 00000374 _____ () C:\Windows\Tasks\ReclaimerUpdateXML_Savitri.job
2014-05-03 10:23 - 2014-05-03 10:23 - 02347384 _____ (ESET) C:\Users\Savitri\Desktop\esetsmartinstaller_deu.exe
2014-05-02 14:21 - 2009-09-12 05:13 - 00718394 _____ () C:\Windows\system32\perfh007.dat
2014-05-02 14:21 - 2009-09-12 05:13 - 00158028 _____ () C:\Windows\system32\perfc007.dat
2014-05-02 14:21 - 2009-07-14 07:13 - 01672424 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-02 13:19 - 2014-05-02 13:19 - 00000000 ____D () C:\Users\Savitri\Downloads\FRST-OlderVersion
2014-05-02 13:19 - 2014-05-01 16:43 - 02062336 _____ (Farbar) C:\Users\Savitri\Downloads\FRST64.exe
2014-05-02 11:13 - 2014-05-02 11:13 - 01016261 _____ (Thisisu) C:\Users\Savitri\Downloads\JRT.exe
2014-05-02 11:07 - 2014-05-02 10:51 - 00000378 _____ () C:\Windows\Tasks\ReclaimerUpdateFiles_Savitri.job
2014-05-02 11:06 - 2014-05-02 11:04 - 00000000 ____D () C:\AdwCleaner
2014-05-02 11:02 - 2014-05-02 11:02 - 01310621 _____ () C:\Users\Savitri\Downloads\adwcleaner.exe
2014-05-02 10:52 - 2014-05-02 10:51 - 00002970 _____ () C:\Windows\System32\Tasks\ReclaimerUpdateFiles_Savitri
2014-05-02 10:52 - 2014-05-02 10:51 - 00002966 _____ () C:\Windows\System32\Tasks\ReclaimerUpdateXML_Savitri
2014-05-02 10:52 - 2014-05-02 10:51 - 00002674 _____ () C:\Windows\System32\Tasks\RNUpgradeHelperLogonPrompt_Savitri
2014-05-02 10:51 - 2014-05-02 10:51 - 00003618 _____ () C:\Windows\System32\Tasks\RNUpgradeHelperResumePrompt_Savitri
2014-05-02 10:48 - 2010-06-27 15:49 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-05-02 10:48 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help
2014-05-02 10:23 - 2014-05-02 10:23 - 00001064 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-02 10:23 - 2014-05-02 10:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-02 10:23 - 2014-05-02 10:23 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-05-02 10:23 - 2010-04-28 12:41 - 00000000 ____D () C:\Users\Savitri\AppData\Roaming\Malwarebytes
2014-05-02 10:23 - 2010-04-28 12:41 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-02 10:22 - 2014-05-02 10:21 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Savitri\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-01 21:46 - 2012-08-03 14:14 - 00000000 ____D () C:\Users\Savitri\Desktop\Mediator
2014-05-01 20:43 - 2011-11-10 18:10 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-05-01 20:43 - 2009-11-01 21:27 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-05-01 16:46 - 2014-05-01 16:45 - 00063403 _____ () C:\Users\Savitri\Downloads\Addition.txt
2014-05-01 11:02 - 2012-04-06 14:10 - 00000000 ____D () C:\mp-mathe2
2014-04-30 17:35 - 2014-02-05 17:04 - 00000000 ____D () C:\Users\Savitri\Desktop\Reinigung
2014-04-30 15:13 - 2012-08-16 14:06 - 00000000 ____D () C:\mp-rechtschreibung2
2014-04-30 14:38 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-04-30 14:11 - 2013-05-29 16:44 - 00000000 ____D () C:\mp-OG
2014-04-30 10:41 - 2009-10-31 15:14 - 00000552 _____ () C:\Windows\Tasks\PCDRScheduledMaintenance.job
2014-04-29 16:01 - 2014-05-03 17:44 - 23547904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-29 16:01 - 2013-03-25 23:05 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-29 16:01 - 2013-03-25 23:05 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-29 16:01 - 2013-01-31 20:32 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-29 15:59 - 2013-06-04 07:15 - 00000000 ____D () C:\mp-lega
2014-04-29 15:40 - 2014-05-03 17:44 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-29 14:48 - 2014-05-03 17:44 - 17384448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-29 14:34 - 2014-05-03 17:44 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-28 14:55 - 2013-05-29 16:44 - 00000000 ____D () C:\CD_OG
2014-04-28 14:50 - 2012-10-08 16:35 - 00000000 ____D () C:\mp-lesen7
2014-04-26 13:44 - 2014-04-09 13:56 - 00000000 ____D () C:\Users\Savitri\Documents\My Podcasts
2014-04-26 09:43 - 2010-11-27 16:46 - 00013030 _____ () C:\PDOXUSRS.NET
2014-04-26 09:43 - 2009-07-14 04:34 - 00001460 _____ () C:\Windows\win.ini
2014-04-25 18:51 - 2009-10-31 23:28 - 00000000 ____D () C:\Users\Savitri\AppData\Roaming\FileZilla
2014-04-25 17:29 - 2013-06-04 07:15 - 00000000 ____D () C:\CD_Lega
2014-04-25 16:34 - 2014-01-29 15:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPatrol
2014-04-25 16:34 - 2014-01-29 15:15 - 00000000 ____D () C:\ProgramData\InstallMate
2014-04-25 16:33 - 2014-04-25 16:33 - 01130024 _____ (BillP Studios) C:\Users\Savitri\Downloads\wpsetup.exe
2014-04-24 16:52 - 2013-03-15 17:16 - 00000000 ____D () C:\Users\Savitri\Desktop\Lernprogramme
2014-04-24 16:51 - 2013-04-16 15:50 - 00000000 ____D () C:\Users\Savitri\Desktop\videos für youtube
2014-04-24 16:33 - 2013-10-07 16:36 - 00000000 ____D () C:\Users\Savitri\AppData\Local\Paint.NET
2014-04-24 10:18 - 2014-04-24 10:18 - 06358130 _____ () C:\Users\Savitri\Documents\Produce.wmv
2014-04-24 09:37 - 2012-08-13 15:50 - 00000000 ____D () C:\Users\Savitri\Desktop\video
2014-04-20 07:37 - 2014-04-04 08:07 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-20 07:36 - 2014-04-20 07:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-04-20 07:36 - 2014-04-20 07:35 - 00004161 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-20 07:36 - 2009-11-05 19:50 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-19 16:41 - 2014-04-19 16:41 - 00010123 _____ () C:\Users\Savitri\Desktop\Arbeitsmappe1.xlsx
2014-04-19 07:40 - 2009-10-31 17:29 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-18 14:50 - 2014-02-18 18:51 - 00000000 ____D () C:\vorlagen februar 2014
2014-04-16 14:15 - 2012-11-10 16:52 - 00000000 ____D () C:\Datenbanken
2014-04-16 08:31 - 2012-06-23 07:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IrfanView
2014-04-14 20:13 - 2014-04-20 07:36 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-14 20:05 - 2014-04-20 07:36 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-14 20:05 - 2014-04-20 07:36 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-14 20:04 - 2014-04-20 07:36 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-14 08:27 - 2014-01-25 09:59 - 00000000 ____D () C:\Users\Savitri\AppData\Roaming\CreateInstall Light
2014-04-14 08:23 - 2014-01-01 16:08 - 00000000 ____D () C:\Program Files (x86)\Aufmerksamkeit
2014-04-14 08:22 - 2013-06-01 14:08 - 00000000 ____D () C:\mp-AS
2014-04-14 08:18 - 2012-10-12 13:31 - 00000000 ____D () C:\mp-mathe5
2014-04-14 08:08 - 2014-04-08 08:11 - 00000000 ____D () C:\Program Files (x86)\Wahrnehmung Optisches Gedächtnis
2014-04-10 20:59 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-04-10 20:20 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-10 11:09 - 2012-10-11 16:27 - 00000000 ____D () C:\mp-lesen9
2014-04-10 09:41 - 2012-08-05 19:32 - 00000000 ____D () C:\Users\Savitri\Desktop\Maerchen
2014-04-09 20:17 - 2012-09-09 19:56 - 00003946 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{10F27B3E-2E9E-47DB-ADB4-4D06C7998B75}
2014-04-09 20:08 - 2013-08-10 19:09 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-09 20:04 - 2009-11-01 09:44 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-09 16:32 - 2014-04-09 16:32 - 00001928 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-04-09 16:32 - 2014-01-04 09:28 - 00084816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-04-09 16:32 - 2013-11-27 17:45 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-04-09 16:32 - 2013-11-27 17:45 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2014-04-09 16:32 - 2013-11-27 17:45 - 00208928 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-04-09 16:32 - 2013-11-27 17:45 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-04-09 16:32 - 2013-11-27 17:45 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-04-09 16:32 - 2011-06-09 09:28 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-04-09 16:31 - 2014-04-09 16:31 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-04-09 16:31 - 2013-11-27 17:45 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-04-08 15:28 - 2010-04-08 10:35 - 00000000 ____D () C:\Users\Savitri\AppData\Roaming\vlc
2014-04-08 08:33 - 2014-04-08 08:23 - 00000000 ____D () C:\Users\Savitri\Desktop\CD_OG
2014-04-07 15:20 - 2013-04-07 14:48 - 00000000 ____D () C:\Program Files (x86)\FileZilla FTP Client
2014-04-07 15:20 - 2013-04-07 14:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-04-07 07:51 - 2014-04-07 07:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KompoZer
2014-04-07 07:51 - 2014-04-07 07:51 - 00000000 ____D () C:\Program Files (x86)\KompoZer
2014-04-07 07:50 - 2014-01-14 17:16 - 00000000 ____D () C:\Users\Savitri\Documents\Lernprogramme-Hilfsprogramme
2014-04-07 07:49 - 2014-01-18 17:26 - 00000000 ____D () C:\Users\Savitri\AppData\Roaming\KompoZer
2014-04-07 07:42 - 2014-04-07 07:42 - 00001226 _____ () C:\Users\Savitri\Desktop\Revo Uninstaller.lnk
2014-04-07 07:42 - 2014-04-07 07:42 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-04-07 07:39 - 2013-05-28 18:46 - 00000000 ____D () C:\CD_OD
2014-04-06 08:36 - 2014-04-30 17:37 - 01016261 _____ (Thisisu) C:\Users\Savitri\Desktop\JRT_NEW.exe
2014-04-04 08:13 - 2014-04-04 08:13 - 00000000 ____D () C:\Users\Savitri\AppData\Roaming\RealNetworks
2014-04-04 08:13 - 2014-04-04 08:13 - 00000000 ____D () C:\ProgramData\RealNetworks
2014-04-04 08:13 - 2014-04-04 08:13 - 00000000 ____D () C:\Program Files (x86)\RealNetworks
2014-04-04 08:13 - 2014-04-04 08:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
2014-04-04 08:13 - 2009-11-22 18:12 - 00000000 ____D () C:\Users\Savitri\AppData\Roaming\Real
2014-04-04 08:13 - 2009-11-22 18:12 - 00000000 ____D () C:\Program Files (x86)\Real
2014-04-04 08:12 - 2014-04-04 08:12 - 00201800 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\rmoc3260.dll
2014-04-04 08:12 - 2009-11-04 20:29 - 00000000 ____D () C:\ProgramData\Real
2014-04-04 08:12 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-04 08:11 - 2014-04-04 08:11 - 00278600 _____ (Progressive Networks) C:\Windows\SysWOW64\pncrt.dll
2014-04-03 09:51 - 2014-05-02 10:23 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-05-02 10:23 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2013-11-27 19:59 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-03 08:22 - 2013-05-28 13:51 - 00000000 ____D () C:\mp-od
2014-04-03 07:43 - 2009-12-13 16:50 - 00004108 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-04-03 07:43 - 2009-12-13 16:50 - 00003856 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

Some content of TEMP:
====================
C:\Users\Savitri\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-30 18:09

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---



Gruss Jola

Der Lautsprecher funktioniert heute morgen wieder.

Alt 04.05.2014, 07:55   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Link zur eigenen Webseite spinnt - Standard

Link zur eigenen Webseite spinnt



schick mir mal bitte den Link zur Seite.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 04.05.2014, 08:23   #9
jola58
 
Link zur eigenen Webseite spinnt - Standard

Link zur eigenen Webseite spinnt



Hier der link von der Google-Seite:

https://www.google.ch/#q=lernprogramme

Der Link zu meiner Webseite ist der 2. von oben (lern-programme.ch)

Gruss Jola

Alt 04.05.2014, 10:54   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Link zur eigenen Webseite spinnt - Standard

Link zur eigenen Webseite spinnt



Ich hab deine Seite jetzt 2mal geöffnet, einmal ging sie normal auf, einmal kam direkt ein download einer Malware-Datei.

Deine Seite ist Müll. Komplett löschen, neu hochladen, FTP Passwort ändern.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 05.05.2014, 12:34   #11
jola58
 
Link zur eigenen Webseite spinnt - Standard

Link zur eigenen Webseite spinnt



Ok, habe mir schon gedacht, dass es an der Webseite liegt, da ja alle anderen Links funktionieren. Ich hatte ja vor einiger Zeit mal einen Virus oder Malware, da hattest du mir ja schon geholfen. Seither habe ich alles geschützt, so wie du es mir angeraten hattest. Vielleicht hatte ich aber schon vorher diesen Virus oder Malware hochgeladen, kann das sein?

Darf ich dir noch ein paar Fragen stellen?
Kann man den Virus oder die Malware auf der Webseite erkennen, wenn z.B. die hochgeladene Datei grösser ist als die auf dem PC?
Muss ich auch alle Bilder neu laden? Kann sich auch in einer jpg.-Datei, deren Grösse nicht verändert ist, Malware verstecken?
Alle Links werden bei mir von Awast beurteilt, ob sie sicher sind. Mein Link wird auch als sicher eingestuft. Das sollte doch eigentlich nicht sein, ist Awast nicht sicher?

Vielen Dank für deine Hilfe

Jola

Habe die Homepage nun ausser den Bildern alles gelöscht und neu hochgeladen, auch pw geändert. Der Zurück-Button spinnt aber immer noch. Das andere kann ich nicht beurteilen. Ist meine Homepage nun sauber?

In der Zwischenzeit habe ich online meine Webseite auf verschiedenen Seiten testen lassen und es scheint alles sauber zu sein. Ich habe auch alle Cookies gelöscht und siehe da, der Zurück-Button funktioniert auch wieder.
Sofern ich von dir nichts mehr höre, nehme ich an, dass nun alles in Ordnung ist und danke dir für deine Hilfe.

Gruss Jola

Alt 06.05.2014, 09:03   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Link zur eigenen Webseite spinnt - Standard

Link zur eigenen Webseite spinnt



Zitat:
Kann man den Virus oder die Malware auf der Webseite erkennen, wenn z.B. die hochgeladene Datei grösser ist als die auf dem PC?
Muss ich auch alle Bilder neu laden? Kann sich auch in einer jpg.-Datei, deren Grösse nicht verändert ist, Malware verstecken?
Alle Links werden bei mir von Awast beurteilt, ob sie sicher sind. Mein Link wird auch als sicher eingestuft. Das sollte doch eigentlich nicht sein, ist Awast nicht sicher?
Du kannst das auch im Code suchen und erkennen, wenn man es kann. Ich kann es nicht
Bilder gleicher Größe sollten sicher sein.

Sollte jetzt passen
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Link zur eigenen Webseite spinnt
andere, anderen, bekannte, eingebe, firefox, folge, folgendes, funktionier, funktioniert, google, innerhalb, klicke, leere, link, links, nicht mehr, patrol, programme, spinn, spinnt, stichwort, unbekannte, webseite, windows, winpatrol




Ähnliche Themen: Link zur eigenen Webseite spinnt


  1. Spammails werden vom eigenen PC versandt
    Plagegeister aller Art und deren Bekämpfung - 10.10.2015 (9)
  2. Link Analyse (Trojaner hinter dem Link?)
    Log-Analyse und Auswertung - 31.12.2014 (3)
  3. SandBoxie spinnt - Firefox in der SandBoxie spinnt; DefaultBox lässt sich nicht löschen
    Antiviren-, Firewall- und andere Schutzprogramme - 03.02.2014 (6)
  4. Pay Pal Phishing Mail mit Link erhalten (Link ausgeführt)
    Plagegeister aller Art und deren Bekämpfung - 08.06.2013 (9)
  5. Kein Admin mehr auf dem eigenen pc
    Log-Analyse und Auswertung - 11.08.2012 (1)
  6. Spammails vom eigenen Account verschickt!
    Plagegeister aller Art und deren Bekämpfung - 08.02.2012 (1)
  7. Portscanner bzw. scannen der eigenen Ports
    Antiviren-, Firewall- und andere Schutzprogramme - 13.10.2010 (8)
  8. ICQ link bekommen nun sagt anti vir virus und rechner spinnt
    Log-Analyse und Auswertung - 30.04.2010 (4)
  9. Tastatur hat eigenen Willen
    Log-Analyse und Auswertung - 09.08.2008 (11)
  10. Probleme in den Eigenen Dateien
    Mülltonne - 18.10.2006 (1)
  11. von der eigenen startseite überflutet
    Plagegeister aller Art und deren Bekämpfung - 23.10.2004 (14)
  12. Wie erstellt man MP3s von eigenen Cds??
    Alles rund um Windows - 11.09.2004 (12)
  13. Angriffe vom EIGENEN PC ???
    Plagegeister aller Art und deren Bekämpfung - 13.10.2003 (7)

Zum Thema Link zur eigenen Webseite spinnt - Hallo Ich habe folgendes Problem. Wenn ich bei Google ein Stichwort eingebe, um meine eigene Webseite zu finden, z. B. lernprogramme, und dann auf den Link zu meiner Webseite klicke, - Link zur eigenen Webseite spinnt...
Archiv
Du betrachtest: Link zur eigenen Webseite spinnt auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.