Rechner viel langsamer, stürzt häufig ab

dieter44

hallo,
- habe ws vista, avast antivirus und google chrome
- rechner ist letzte tage viel langsamer geworden und chrome friert bald den cursor ein, dann ist jede taste ohne reaktion, habe eindruck, das bald nix mehr geht
- bei anwendung von GMER ist mehrmals das gleiche passiert
- defogger hat auf schwarzer fläche nix angezeigt
- frst 32bit ergebnisse sende ich hier
- avast ergebisse lassen kein kopieren zu; da steht: einige dateien können nicht überprüft werden; bei status: fehler: archiv ist kennwortgeschützt

vielen dank , bis bald


Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:20-07-2014
Ran by tm (administrator) on TM-PC on 20-07-2014 20:45:29
Running from C:\Users\tm\Downloads
Platform: Microsoft® Windows Vista™ Home Premium (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 7
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Agere Systems) C:\Windows\System32\agrsmsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
() C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Safer Networking Ltd.) C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
() C:\Program Files\Samsung\Samsung Recovery Solution II\WCScheduler.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe
(SAMSUNG Electronics) C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
(SAMSUNG Electronics co., LTD.) C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Cyberlink Corp.) C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdSync.exe
(Google) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(shbox.de) C:\Program Files\FreePDF_XP\fpassist.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
() C:\Program Files\Samsung\Samsung PC Studio 7\PCSuite.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(FUJIFILM Corporation) C:\Program Files\FinePixViewer\QuickDCF2.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
() C:\Users\tm\Downloads\Defogger (6).exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Farbar) C:\Users\tm\Downloads\FRST (4).exe


==================== Registry (Whitelisted) ==================

HKLM\...\RunOnce: [AvgUninstallURL] => cmd.exe /c start hxxp://www.avg.de/de.special-uninstallation-feedback-lsf?lic=OUxTRlJFRS1WUFVaNy1HMk (the data entry has 177 more characters).
HKU\.DEFAULT\...\Run: [Samsung.PCSync] => C:\Program Files\Samsung\Samsung PC Studio 7\PcSync2.exe [1294336 2008-09-18] (Time Information Services Ltd.)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-3037083410-1282845951-3713001464-1003\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-3037083410-1282845951-3713001464-1003\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125440 2006-11-02] (Microsoft Corporation)
HKU\S-1-5-21-3037083410-1282845951-3713001464-1003\...\Run: [SpybotSD TeaTimer] => C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKU\S-1-5-21-3037083410-1282845951-3713001464-1003\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-01-26] (Google Inc.)
HKU\S-1-5-21-3037083410-1282845951-3713001464-1003\...\Run: [AVG-Secure-Search-Update_1213b] => C:\Users\tm\AppData\Roaming\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe /PROMPT /mid=7dd42 (the data entry has 82 more characters).
HKU\S-1-5-21-3037083410-1282845951-3713001464-1003\...\Run: [S60 PC Suite Tray] => C:\Program Files\Samsung\Samsung PC Studio 7\PCSuite.exe [699392 2008-12-06] ()
HKU\S-1-5-21-3037083410-1282845951-3713001464-1003\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-3037083410-1282845951-3713001464-1003\...\MountPoints2: {18cd0e19-9393-11e1-94c8-0013776453a9} - F:\AutoRun.exe
HKU\S-1-5-21-3037083410-1282845951-3713001464-1003\...\MountPoints2: {28fd0733-d443-11e1-9967-0013776453a9} - H:\Menu.exe
HKU\S-1-5-21-3037083410-1282845951-3713001464-1003\...\MountPoints2: {461fa564-22c4-11e1-90b4-0013776453a9} - F:\AutoRun.exe
HKU\S-1-5-21-3037083410-1282845951-3713001464-1003\...\MountPoints2: {461fa566-22c4-11e1-90b4-0013776453a9} - F:\AutoRun.exe
HKU\S-1-5-21-3037083410-1282845951-3713001464-1003\...\MountPoints2: {48a8bbfd-560a-11df-9857-0013776453a9} - F:\LaunchU3.exe -a
HKU\S-1-5-21-3037083410-1282845951-3713001464-1003\...\MountPoints2: {9b7a5ae1-d13f-11dd-aae1-0013776453a9} - F:\AutoRun.exe
HKU\S-1-5-21-3037083410-1282845951-3713001464-1003\...\MountPoints2: {9b7a5b06-d13f-11dd-aae1-0013776453a9} - G:\AutoRun.exe
HKU\S-1-5-21-3037083410-1282845951-3713001464-1003\...\MountPoints2: {ddab0c5a-e9c0-11e0-837a-0013776453a9} - F:\AutoRun.exe
HKU\S-1-5-21-3037083410-1282845951-3713001464-1003\...\MountPoints2: {f8940028-8263-11e0-ba62-db1fa4e62d98} - F:\Menu.exe
AppInit_DLLs: C:\PROGRA~1\GOOGLE\GOOGLE~2\GOEC62~1.DLL => C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll [123392 2010-06-10] (Google)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BTTray.lnk
ShortcutTarget: BTTray.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ExifLauncher2.lnk
ShortcutTarget: ExifLauncher2.lnk -> C:\Program Files\FinePixViewer\QuickDCF2.exe (FUJIFILM Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk
ShortcutTarget: DSL-Manager.lnk -> C:\Program Files\DSL-Manager\DslMgr.exe (T-Systems Enterprise Services GmbH)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk
ShortcutTarget: DSL-Manager.lnk -> C:\Program Files\DSL-Manager\DslMgr.exe (T-Systems Enterprise Services GmbH)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://go.microsoft.com/fwlink/?LinkId=69157
URLSearchHook: HKCU - (No Name) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - No File
URLSearchHook: HKCU - (No Name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - No File
SearchScopes: HKLM - DefaultScope {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = hxxp://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}
SearchScopes: HKLM - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = hxxp://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}
SearchScopes: HKCU - {70D46D94-BF1E-45ED-B567-48701376298E} URL = hxxp://127.0.0.1:4664/search&s=FbRkhSNyuC927LohHs6Uav7tIHA?q={searchTerms}
SearchScopes: HKCU - {A8221FCE-87F0-4F05-AFFC-6F4672A6D922} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=302398&p={searchTerms}
SearchScopes: HKCU - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = hxxp://search.avg.com/route/?d=0&v=6.103.18.1&i=&tp=chrome&q={searchTerms}&lng={language}&iy=&ychte=us
BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll No File
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
BHO: No Name -> {B922D405-6D13-4A2B-AE89-08A030DA4402} -> No File
Toolbar: HKLM - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {A057A204-BACC-4D26-9990-79A187E2698E} - No File
Toolbar: HKCU - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\tm\AppData\Roaming\Mozilla\Firefox\Profiles\4774widz.default
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF DefaultSearchEngine: WEB.DE Suche
FF SelectedSearchEngine: WEB.DE Suche
FF Homepage: hxxp://go.web.de/tb/mff_startpage
FF Keyword.URL: user_pref("keyword.URL", "");
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Users\tm\AppData\Roaming\Mozilla\Firefox\Profiles\4774widz.default\searchplugins\11-suche.xml
FF SearchPlugin: C:\Users\tm\AppData\Roaming\Mozilla\Firefox\Profiles\4774widz.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\tm\AppData\Roaming\Mozilla\Firefox\Profiles\4774widz.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\tm\AppData\Roaming\Mozilla\Firefox\Profiles\4774widz.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\tm\AppData\Roaming\Mozilla\Firefox\Profiles\4774widz.default\searchplugins\webde-suche.xml
FF Extension: WEB.DE MailCheck - C:\Users\tm\AppData\Roaming\Mozilla\Firefox\Profiles\4774widz.default\Extensions\toolbar@web.de.xpi [2012-12-14]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-11-09]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2014-07-20]

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR StartupUrls: "hxxp://www.google.com/"
CHR DefaultSearchKeyword: web.de
CHR DefaultNewTabURL:
CHR Extension: (Google Docs) - C:\Users\tm\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-09]
CHR Extension: (Google Drive) - C:\Users\tm\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-09]
CHR Extension: (YouTube) - C:\Users\tm\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-09]
CHR Extension: (Google-Suche) - C:\Users\tm\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-09]
CHR Extension: (avast! Online Security) - C:\Users\tm\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-11-09]
CHR Extension: (Google Wallet) - C:\Users\tm\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-09]
CHR Extension: (Google Mail) - C:\Users\tm\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-09]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2013-11-09]

========================== Services (Whitelisted) =================

R2 Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [116040 2008-09-10] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-01-06] (AVAST Software)
S3 GoogleDesktopManager-051210-111108; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-06-10] (Google)
S4 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [45408 2008-11-24] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44544 2008-12-03] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2008-12-03] (Hewlett-Packard) [File not signed]
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [171040 2007-01-08] () [File not signed]
S2 Samsung Update Plus; C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe [73728 2007-06-28] () [File not signed]
R2 SBSDWSCService; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
S3 TDslMgrService; C:\Program Files\DSL-Manager\DslMgrSvc.exe [307200 2008-10-23] (T-Systems Enterprise Services GmbH) [File not signed]
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]

==================== Drivers (Whitelisted) ====================

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-01-06] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [54832 2014-01-06] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2013-11-09] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [775952 2014-01-06] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [410528 2014-01-06] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57672 2014-01-06] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [180248 2014-01-06] ()
R1 DslMNLwf; C:\Windows\System32\DRIVERS\dslmnlwf.sys [16448 2007-08-01] (T-Systems Enterprise Services GmbH)
S3 dsltestSp5; C:\Windows\System32\Drivers\dsltestSp5.sys [26816 2007-09-12] (Printing Communications Assoc., Inc. (PCAUSA))
R2 KMDFMEMIO; C:\Windows\System32\DRIVERS\kmdfmemio.sys [13312 2007-07-11] (SAMSUNG ELECTRONICS CO., LTD.)
S3 NETw2v32; C:\Windows\System32\DRIVERS\NETw2v32.sys [2589184 2006-11-02] (Intel® Corporation)
S3 NPF; C:\Windows\System32\drivers\npf.sys [34064 2007-11-06] (CACE Technologies)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [113664 2009-12-08] (Huawei Technologies Co., Ltd.)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-20 20:45 - 2014-07-20 20:45 - 01080320 _____ (Farbar) C:\Users\tm\Downloads\FRST (4).exe
2014-07-20 20:44 - 2014-07-20 20:44 - 00050477 _____ () C:\Users\tm\Downloads\Defogger (6).exe
2014-07-20 20:26 - 2014-07-20 20:26 - 00380416 _____ () C:\Users\tm\Downloads\Gmer-19357 (4).exe
2014-07-20 20:16 - 2014-07-20 20:17 - 01080320 _____ (Farbar) C:\Users\tm\Downloads\FRST (3).exe
2014-07-20 20:16 - 2014-07-20 20:16 - 00050477 _____ () C:\Users\tm\Downloads\Defogger (5).exe
2014-07-20 19:45 - 2014-07-20 19:45 - 00380416 _____ () C:\Users\tm\Downloads\Gmer-19357 (3).exe
2014-07-20 19:41 - 2014-07-20 19:41 - 01080320 _____ (Farbar) C:\Users\tm\Downloads\FRST (2).exe
2014-07-20 19:40 - 2014-07-20 19:40 - 00050477 _____ () C:\Users\tm\Downloads\Defogger (4).exe
2014-07-20 19:27 - 2014-07-20 19:27 - 00380416 _____ () C:\Users\tm\Downloads\Gmer-19357 (2).exe
2014-07-20 19:25 - 2014-07-20 19:25 - 00380416 _____ () C:\Users\tm\Downloads\Gmer-19357 (1).exe
2014-07-20 19:13 - 2014-07-20 19:14 - 01080320 _____ (Farbar) C:\Users\tm\Downloads\FRST (1).exe
2014-07-20 19:10 - 2014-07-20 19:11 - 00050477 _____ () C:\Users\tm\Downloads\Defogger (3).exe
2014-07-20 04:33 - 2014-07-20 04:33 - 00380416 _____ () C:\Users\tm\Downloads\Gmer-19357.exe
2014-07-20 04:14 - 2014-07-20 20:20 - 00035689 _____ () C:\Users\tm\Downloads\Addition.txt
2014-07-20 04:10 - 2014-07-20 20:45 - 00019297 _____ () C:\Users\tm\Downloads\FRST.txt
2014-07-20 04:09 - 2014-07-20 20:45 - 00000000 ____D () C:\FRST
2014-07-20 04:08 - 2014-07-20 04:08 - 01079808 _____ (Farbar) C:\Users\tm\Downloads\FRST.exe
2014-07-20 04:04 - 2014-07-20 20:44 - 00000466 _____ () C:\Users\tm\Downloads\defogger_disable.log
2014-07-20 04:04 - 2014-07-20 04:04 - 00000000 _____ () C:\Users\tm\defogger_reenable
2014-07-20 04:02 - 2014-07-20 04:02 - 00050477 _____ () C:\Users\tm\Downloads\Defogger.exe
2014-07-20 04:02 - 2014-07-20 04:02 - 00050477 _____ () C:\Users\tm\Downloads\Defogger (2).exe
2014-07-20 04:02 - 2014-07-20 04:02 - 00050477 _____ () C:\Users\tm\Downloads\Defogger (1).exe
2014-07-20 03:48 - 2014-07-20 04:02 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-20 03:45 - 2014-07-20 03:45 - 00000000 ____D () C:\Windows\SQL9_KB970892_ENU
2014-07-20 03:27 - 2008-06-20 03:18 - 00781344 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll
2014-07-20 03:27 - 2008-06-20 03:18 - 00326160 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHost.exe
2014-07-20 03:27 - 2008-06-20 03:18 - 00105016 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-07-20 03:27 - 2008-06-20 03:18 - 00043544 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHostProxy.dll
2014-07-20 03:27 - 2008-06-20 03:17 - 00622080 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-07-20 03:27 - 2008-06-20 03:17 - 00097800 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-07-20 03:27 - 2008-06-20 03:17 - 00037384 _____ (Microsoft Corporation) C:\Windows\system32\infocardcpl.cpl
2014-07-20 03:27 - 2008-06-20 03:17 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-07-20 03:19 - 2014-07-20 03:26 - 00196608 _____ () C:\Windows\ocsetup_cbs_install_NetFx3.perf
2014-07-20 03:19 - 2014-07-20 03:26 - 00065536 _____ () C:\Windows\ocsetup_cbs_install_NetFx3.dpx
2014-07-20 03:06 - 2008-07-27 20:00 - 00096760 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-07-20 03:05 - 2008-07-27 20:00 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\mscoree.dll
2014-07-20 03:05 - 2008-07-27 20:00 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-07-20 03:05 - 2008-07-27 20:00 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll
2014-07-20 03:04 - 2008-07-27 20:00 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-07-20 03:02 - 2010-02-21 01:54 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\nshhttp.dll
2014-07-20 03:01 - 2010-02-21 01:51 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\httpapi.dll
2014-07-20 03:01 - 2010-02-20 23:30 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2014-07-12 20:56 - 2014-07-12 20:56 - 00031744 _____ () C:\Users\tm\Downloads\Firmenlauf_Bielefeld_Anmeldung2014.xls
2014-07-06 19:07 - 2006-12-14 13:42 - 00069120 ____R (AVM Berlin) C:\Windows\system32\avmadd32.dll

==================== One Month Modified Files and Folders =======

2014-07-20 20:45 - 2014-07-20 20:45 - 01080320 _____ (Farbar) C:\Users\tm\Downloads\FRST (4).exe
2014-07-20 20:45 - 2014-07-20 04:10 - 00019297 _____ () C:\Users\tm\Downloads\FRST.txt
2014-07-20 20:45 - 2014-07-20 04:09 - 00000000 ____D () C:\FRST
2014-07-20 20:45 - 2008-03-30 15:28 - 00000412 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{7DE789EB-2CEE-4FAA-A54E-B1DE1CF3B6DF}.job
2014-07-20 20:45 - 2008-01-25 05:31 - 00000434 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{D9B30BB4-63C0-47D4-A444-A174F9308500}.job
2014-07-20 20:44 - 2014-07-20 20:44 - 00050477 _____ () C:\Users\tm\Downloads\Defogger (6).exe
2014-07-20 20:44 - 2014-07-20 04:04 - 00000466 _____ () C:\Users\tm\Downloads\defogger_disable.log
2014-07-20 20:40 - 2011-05-29 04:42 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-20 20:40 - 2008-03-30 14:59 - 00000000 ____D () C:\Users\tm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
2014-07-20 20:40 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-20 20:40 - 2006-11-02 14:47 - 00003072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-20 20:40 - 2006-11-02 14:47 - 00003072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-20 20:26 - 2014-07-20 20:26 - 00380416 _____ () C:\Users\tm\Downloads\Gmer-19357 (4).exe
2014-07-20 20:20 - 2014-07-20 04:14 - 00035689 _____ () C:\Users\tm\Downloads\Addition.txt
2014-07-20 20:18 - 2011-05-29 04:42 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-20 20:17 - 2014-07-20 20:16 - 01080320 _____ (Farbar) C:\Users\tm\Downloads\FRST (3).exe
2014-07-20 20:16 - 2014-07-20 20:16 - 00050477 _____ () C:\Users\tm\Downloads\Defogger (5).exe
2014-07-20 20:13 - 2008-01-25 06:20 - 01084991 _____ () C:\Windows\WindowsUpdate.log
2014-07-20 19:45 - 2014-07-20 19:45 - 00380416 _____ () C:\Users\tm\Downloads\Gmer-19357 (3).exe
2014-07-20 19:41 - 2014-07-20 19:41 - 01080320 _____ (Farbar) C:\Users\tm\Downloads\FRST (2).exe
2014-07-20 19:40 - 2014-07-20 19:40 - 00050477 _____ () C:\Users\tm\Downloads\Defogger (4).exe
2014-07-20 19:27 - 2014-07-20 19:27 - 00380416 _____ () C:\Users\tm\Downloads\Gmer-19357 (2).exe
2014-07-20 19:25 - 2014-07-20 19:25 - 00380416 _____ () C:\Users\tm\Downloads\Gmer-19357 (1).exe
2014-07-20 19:14 - 2014-07-20 19:13 - 01080320 _____ (Farbar) C:\Users\tm\Downloads\FRST (1).exe
2014-07-20 19:11 - 2014-07-20 19:10 - 00050477 _____ () C:\Users\tm\Downloads\Defogger (3).exe
2014-07-20 18:54 - 2012-12-27 20:40 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-20 17:25 - 2009-08-26 12:57 - 00000000 ____D () C:\Program Files\PC Connectivity Solution
2014-07-20 12:54 - 2007-07-11 00:17 - 00000012 _____ () C:\Windows\bthservsdp.dat
2014-07-20 12:54 - 2006-11-02 15:01 - 00032538 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-07-20 12:53 - 2014-05-01 20:12 - 00035328 _____ () C:\Users\tm\Documents\infobook.xls
2014-07-20 11:22 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-07-20 11:17 - 2007-07-10 07:07 - 00000000 ____D () C:\Windows\system32\Drivers\de-DE
2014-07-20 11:17 - 2006-11-02 14:37 - 00000000 ____D () C:\Windows\system32\XPSViewer
2014-07-20 11:17 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\de-DE
2014-07-20 11:16 - 2008-08-23 19:22 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-20 11:16 - 2007-07-11 01:28 - 00034152 _____ () C:\Windows\PFRO.log
2014-07-20 04:33 - 2014-07-20 04:33 - 00380416 _____ () C:\Users\tm\Downloads\Gmer-19357.exe
2014-07-20 04:08 - 2014-07-20 04:08 - 01079808 _____ (Farbar) C:\Users\tm\Downloads\FRST.exe
2014-07-20 04:04 - 2014-07-20 04:04 - 00000000 _____ () C:\Users\tm\defogger_reenable
2014-07-20 04:04 - 2008-03-30 14:58 - 00000000 ____D () C:\Users\tm
2014-07-20 04:02 - 2014-07-20 04:02 - 00050477 _____ () C:\Users\tm\Downloads\Defogger.exe
2014-07-20 04:02 - 2014-07-20 04:02 - 00050477 _____ () C:\Users\tm\Downloads\Defogger (2).exe
2014-07-20 04:02 - 2014-07-20 04:02 - 00050477 _____ () C:\Users\tm\Downloads\Defogger (1).exe
2014-07-20 04:02 - 2014-07-20 03:48 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-20 03:46 - 2006-11-02 12:33 - 01492226 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-20 03:45 - 2014-07-20 03:45 - 00000000 ____D () C:\Windows\SQL9_KB970892_ENU
2014-07-20 03:45 - 2007-07-11 01:13 - 00000000 ____D () C:\Program Files\Microsoft SQL Server
2014-07-20 03:26 - 2014-07-20 03:19 - 00196608 _____ () C:\Windows\ocsetup_cbs_install_NetFx3.perf
2014-07-20 03:26 - 2014-07-20 03:19 - 00065536 _____ () C:\Windows\ocsetup_cbs_install_NetFx3.dpx
2014-07-20 03:26 - 2010-05-29 15:47 - 58916864 _____ () C:\Windows\ocsetup_install_NetFx3.etl
2014-07-20 03:01 - 2011-01-14 02:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-20 02:58 - 2010-05-29 15:35 - 00284204 _____ () C:\Windows\msxml4-KB954430-enu.LOG
2014-07-20 02:56 - 2010-05-29 15:34 - 00288290 _____ () C:\Windows\msxml4-KB973688-enu.LOG
2014-07-18 16:04 - 2013-11-09 06:07 - 00001963 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-12 20:56 - 2014-07-12 20:56 - 00031744 _____ () C:\Users\tm\Downloads\Firmenlauf_Bielefeld_Anmeldung2014.xls
2014-07-10 22:04 - 2008-04-15 23:06 - 00066048 _____ () C:\Users\tm\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-07-08 22:59 - 2012-12-27 20:40 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-07-08 22:59 - 2011-06-27 23:52 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-07-06 19:08 - 2013-02-09 20:46 - 00002963 _____ () C:\Windows\avmadd32.log
2014-07-06 19:07 - 2013-02-09 20:46 - 00000000 ____D () C:\Program Files\FRITZ!Box
2014-06-26 17:38 - 2006-11-02 12:24 - 93585272 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe

Some content of TEMP:
====================
C:\Users\tm\AppData\Local\Temp\DataCard_Setup.exe
C:\Users\tm\AppData\Local\Temp\ResetDevice.exe
C:\Users\tm\AppData\Local\Temp\UNINSTALL.EXE
C:\Users\tm\AppData\Local\Temp\_is227F.exe
C:\Users\tm\AppData\Local\Temp\_is4847.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-20 20:46

==================== End Of Log ============================


Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:20-07-2014
Ran by tm (administrator) on TM-PC on 20-07-2014 20:46:39
Running from C:\Users\tm\Downloads
Platform: Microsoft® Windows Vista™ Home Premium (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 7
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Agere Systems) C:\Windows\System32\agrsmsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files\CyberLink\Shared Files\RichVideo.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Safer Networking Ltd.) C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
() C:\Program Files\Samsung\Samsung Recovery Solution II\WCScheduler.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe
(SAMSUNG Electronics) C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
(SAMSUNG Electronics co., LTD.) C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Cyberlink Corp.) C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdSync.exe
(Google) C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(shbox.de) C:\Program Files\FreePDF_XP\fpassist.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
() C:\Program Files\Samsung\Samsung PC Studio 7\PCSuite.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(FUJIFILM Corporation) C:\Program Files\FinePixViewer\QuickDCF2.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
() C:\Users\tm\Downloads\Defogger (6).exe
(Microsoft Corporation) C:\Windows\System32\conime.exe
(Farbar) C:\Users\tm\Downloads\FRST (4).exe
() C:\Program Files\Samsung\Samsung Update Plus\SLUTrayNotifier.exe


==================== Registry (Whitelisted) ==================

HKLM\...\RunOnce: [AvgUninstallURL] => cmd.exe /c start hxxp://www.avg.de/de.special-uninstallation-feedback-lsf?lic=OUxTRlJFRS1WUFVaNy1HMk (the data entry has 177 more characters).
HKU\.DEFAULT\...\Run: [Samsung.PCSync] => C:\Program Files\Samsung\Samsung PC Studio 7\PcSync2.exe [1294336 2008-09-18] (Time Information Services Ltd.)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-3037083410-1282845951-3713001464-1003\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-3037083410-1282845951-3713001464-1003\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125440 2006-11-02] (Microsoft Corporation)
HKU\S-1-5-21-3037083410-1282845951-3713001464-1003\...\Run: [SpybotSD TeaTimer] => C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKU\S-1-5-21-3037083410-1282845951-3713001464-1003\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-01-26] (Google Inc.)
HKU\S-1-5-21-3037083410-1282845951-3713001464-1003\...\Run: [AVG-Secure-Search-Update_1213b] => C:\Users\tm\AppData\Roaming\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe /PROMPT /mid=7dd42 (the data entry has 82 more characters).
HKU\S-1-5-21-3037083410-1282845951-3713001464-1003\...\Run: [S60 PC Suite Tray] => C:\Program Files\Samsung\Samsung PC Studio 7\PCSuite.exe [699392 2008-12-06] ()
HKU\S-1-5-21-3037083410-1282845951-3713001464-1003\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-3037083410-1282845951-3713001464-1003\...\MountPoints2: {18cd0e19-9393-11e1-94c8-0013776453a9} - F:\AutoRun.exe
HKU\S-1-5-21-3037083410-1282845951-3713001464-1003\...\MountPoints2: {28fd0733-d443-11e1-9967-0013776453a9} - H:\Menu.exe
HKU\S-1-5-21-3037083410-1282845951-3713001464-1003\...\MountPoints2: {461fa564-22c4-11e1-90b4-0013776453a9} - F:\AutoRun.exe
HKU\S-1-5-21-3037083410-1282845951-3713001464-1003\...\MountPoints2: {461fa566-22c4-11e1-90b4-0013776453a9} - F:\AutoRun.exe
HKU\S-1-5-21-3037083410-1282845951-3713001464-1003\...\MountPoints2: {48a8bbfd-560a-11df-9857-0013776453a9} - F:\LaunchU3.exe -a
HKU\S-1-5-21-3037083410-1282845951-3713001464-1003\...\MountPoints2: {9b7a5ae1-d13f-11dd-aae1-0013776453a9} - F:\AutoRun.exe
HKU\S-1-5-21-3037083410-1282845951-3713001464-1003\...\MountPoints2: {9b7a5b06-d13f-11dd-aae1-0013776453a9} - G:\AutoRun.exe
HKU\S-1-5-21-3037083410-1282845951-3713001464-1003\...\MountPoints2: {ddab0c5a-e9c0-11e0-837a-0013776453a9} - F:\AutoRun.exe
HKU\S-1-5-21-3037083410-1282845951-3713001464-1003\...\MountPoints2: {f8940028-8263-11e0-ba62-db1fa4e62d98} - F:\Menu.exe
AppInit_DLLs: C:\PROGRA~1\GOOGLE\GOOGLE~2\GOEC62~1.DLL => C:\Program Files\Google\Google Desktop Search\GoogleDesktopNetwork3.dll [123392 2010-06-10] (Google)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BTTray.lnk
ShortcutTarget: BTTray.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ExifLauncher2.lnk
ShortcutTarget: ExifLauncher2.lnk -> C:\Program Files\FinePixViewer\QuickDCF2.exe (FUJIFILM Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk
ShortcutTarget: DSL-Manager.lnk -> C:\Program Files\DSL-Manager\DslMgr.exe (T-Systems Enterprise Services GmbH)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DSL-Manager.lnk
ShortcutTarget: DSL-Manager.lnk -> C:\Program Files\DSL-Manager\DslMgr.exe (T-Systems Enterprise Services GmbH)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkId=56626&homepage=hxxp://go.microsoft.com/fwlink/?LinkId=69157
URLSearchHook: HKCU - (No Name) - {B922D405-6D13-4A2B-AE89-08A030DA4402} - No File
URLSearchHook: HKCU - (No Name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - No File
SearchScopes: HKLM - DefaultScope {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = hxxp://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}
SearchScopes: HKLM - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = hxxp://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}
SearchScopes: HKCU - {70D46D94-BF1E-45ED-B567-48701376298E} URL = hxxp://127.0.0.1:4664/search&s=FbRkhSNyuC927LohHs6Uav7tIHA?q={searchTerms}
SearchScopes: HKCU - {A8221FCE-87F0-4F05-AFFC-6F4672A6D922} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=302398&p={searchTerms}
SearchScopes: HKCU - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = hxxp://search.avg.com/route/?d=0&v=6.103.18.1&i=&tp=chrome&q={searchTerms}&lng={language}&iy=&ychte=us
BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll No File
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
BHO: No Name -> {B922D405-6D13-4A2B-AE89-08A030DA4402} -> No File
Toolbar: HKLM - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - No Name - {A057A204-BACC-4D26-9990-79A187E2698E} - No File
Toolbar: HKCU - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\tm\AppData\Roaming\Mozilla\Firefox\Profiles\4774widz.default
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF DefaultSearchEngine: WEB.DE Suche
FF SelectedSearchEngine: WEB.DE Suche
FF Homepage: hxxp://go.web.de/tb/mff_startpage
FF Keyword.URL: user_pref("keyword.URL", "");
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Users\tm\AppData\Roaming\Mozilla\Firefox\Profiles\4774widz.default\searchplugins\11-suche.xml
FF SearchPlugin: C:\Users\tm\AppData\Roaming\Mozilla\Firefox\Profiles\4774widz.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\tm\AppData\Roaming\Mozilla\Firefox\Profiles\4774widz.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\tm\AppData\Roaming\Mozilla\Firefox\Profiles\4774widz.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\tm\AppData\Roaming\Mozilla\Firefox\Profiles\4774widz.default\searchplugins\webde-suche.xml
FF Extension: WEB.DE MailCheck - C:\Users\tm\AppData\Roaming\Mozilla\Firefox\Profiles\4774widz.default\Extensions\toolbar@web.de.xpi [2012-12-14]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-11-09]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2014-07-20]

Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR StartupUrls: "hxxp://www.google.com/"
CHR DefaultSearchKeyword: web.de
CHR DefaultNewTabURL:
CHR Extension: (Google Docs) - C:\Users\tm\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-11-09]
CHR Extension: (Google Drive) - C:\Users\tm\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-11-09]
CHR Extension: (YouTube) - C:\Users\tm\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-11-09]
CHR Extension: (Google-Suche) - C:\Users\tm\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-11-09]
CHR Extension: (avast! Online Security) - C:\Users\tm\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-11-09]
CHR Extension: (Google Wallet) - C:\Users\tm\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-09]
CHR Extension: (Google Mail) - C:\Users\tm\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-11-09]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2013-11-09]

========================== Services (Whitelisted) =================

R2 Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [116040 2008-09-10] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-01-06] (AVAST Software)
S3 GoogleDesktopManager-051210-111108; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [30192 2010-06-10] (Google)
S4 MSSQLServerADHelper; C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [45408 2008-11-24] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44544 2008-12-03] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2008-12-03] (Hewlett-Packard) [File not signed]
R2 RichVideo; C:\Program Files\CyberLink\Shared Files\RichVideo.exe [171040 2007-01-08] () [File not signed]
S2 Samsung Update Plus; C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe [73728 2007-06-28] () [File not signed]
R2 SBSDWSCService; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
S3 TDslMgrService; C:\Program Files\DSL-Manager\DslMgrSvc.exe [307200 2008-10-23] (T-Systems Enterprise Services GmbH) [File not signed]
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]

==================== Drivers (Whitelisted) ====================

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-01-06] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [54832 2014-01-06] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2013-11-09] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [775952 2014-01-06] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [410528 2014-01-06] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57672 2014-01-06] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [180248 2014-01-06] ()
R1 DslMNLwf; C:\Windows\System32\DRIVERS\dslmnlwf.sys [16448 2007-08-01] (T-Systems Enterprise Services GmbH)
S3 dsltestSp5; C:\Windows\System32\Drivers\dsltestSp5.sys [26816 2007-09-12] (Printing Communications Assoc., Inc. (PCAUSA))
R2 KMDFMEMIO; C:\Windows\System32\DRIVERS\kmdfmemio.sys [13312 2007-07-11] (SAMSUNG ELECTRONICS CO., LTD.)
S3 NETw2v32; C:\Windows\System32\DRIVERS\NETw2v32.sys [2589184 2006-11-02] (Intel® Corporation)
S3 NPF; C:\Windows\System32\drivers\npf.sys [34064 2007-11-06] (CACE Technologies)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
U5 ewusbnet; C:\Windows\System32\Drivers\ewusbnet.sys [113664 2009-12-08] (Huawei Technologies Co., Ltd.)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-20 20:45 - 2014-07-20 20:45 - 01080320 _____ (Farbar) C:\Users\tm\Downloads\FRST (4).exe
2014-07-20 20:44 - 2014-07-20 20:44 - 00050477 _____ () C:\Users\tm\Downloads\Defogger (6).exe
2014-07-20 20:26 - 2014-07-20 20:26 - 00380416 _____ () C:\Users\tm\Downloads\Gmer-19357 (4).exe
2014-07-20 20:16 - 2014-07-20 20:17 - 01080320 _____ (Farbar) C:\Users\tm\Downloads\FRST (3).exe
2014-07-20 20:16 - 2014-07-20 20:16 - 00050477 _____ () C:\Users\tm\Downloads\Defogger (5).exe
2014-07-20 19:45 - 2014-07-20 19:45 - 00380416 _____ () C:\Users\tm\Downloads\Gmer-19357 (3).exe
2014-07-20 19:41 - 2014-07-20 19:41 - 01080320 _____ (Farbar) C:\Users\tm\Downloads\FRST (2).exe
2014-07-20 19:40 - 2014-07-20 19:40 - 00050477 _____ () C:\Users\tm\Downloads\Defogger (4).exe
2014-07-20 19:27 - 2014-07-20 19:27 - 00380416 _____ () C:\Users\tm\Downloads\Gmer-19357 (2).exe
2014-07-20 19:25 - 2014-07-20 19:25 - 00380416 _____ () C:\Users\tm\Downloads\Gmer-19357 (1).exe
2014-07-20 19:13 - 2014-07-20 19:14 - 01080320 _____ (Farbar) C:\Users\tm\Downloads\FRST (1).exe
2014-07-20 19:10 - 2014-07-20 19:11 - 00050477 _____ () C:\Users\tm\Downloads\Defogger (3).exe
2014-07-20 04:33 - 2014-07-20 04:33 - 00380416 _____ () C:\Users\tm\Downloads\Gmer-19357.exe
2014-07-20 04:14 - 2014-07-20 20:20 - 00035689 _____ () C:\Users\tm\Downloads\Addition.txt
2014-07-20 04:10 - 2014-07-20 20:46 - 00019207 _____ () C:\Users\tm\Downloads\FRST.txt
2014-07-20 04:09 - 2014-07-20 20:46 - 00000000 ____D () C:\FRST
2014-07-20 04:08 - 2014-07-20 04:08 - 01079808 _____ (Farbar) C:\Users\tm\Downloads\FRST.exe
2014-07-20 04:04 - 2014-07-20 20:44 - 00000466 _____ () C:\Users\tm\Downloads\defogger_disable.log
2014-07-20 04:04 - 2014-07-20 04:04 - 00000000 _____ () C:\Users\tm\defogger_reenable
2014-07-20 04:02 - 2014-07-20 04:02 - 00050477 _____ () C:\Users\tm\Downloads\Defogger.exe
2014-07-20 04:02 - 2014-07-20 04:02 - 00050477 _____ () C:\Users\tm\Downloads\Defogger (2).exe
2014-07-20 04:02 - 2014-07-20 04:02 - 00050477 _____ () C:\Users\tm\Downloads\Defogger (1).exe
2014-07-20 03:48 - 2014-07-20 04:02 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-20 03:45 - 2014-07-20 03:45 - 00000000 ____D () C:\Windows\SQL9_KB970892_ENU
2014-07-20 03:27 - 2008-06-20 03:18 - 00781344 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll
2014-07-20 03:27 - 2008-06-20 03:18 - 00326160 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHost.exe
2014-07-20 03:27 - 2008-06-20 03:18 - 00105016 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-07-20 03:27 - 2008-06-20 03:18 - 00043544 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHostProxy.dll
2014-07-20 03:27 - 2008-06-20 03:17 - 00622080 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-07-20 03:27 - 2008-06-20 03:17 - 00097800 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-07-20 03:27 - 2008-06-20 03:17 - 00037384 _____ (Microsoft Corporation) C:\Windows\system32\infocardcpl.cpl
2014-07-20 03:27 - 2008-06-20 03:17 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-07-20 03:19 - 2014-07-20 03:26 - 00196608 _____ () C:\Windows\ocsetup_cbs_install_NetFx3.perf
2014-07-20 03:19 - 2014-07-20 03:26 - 00065536 _____ () C:\Windows\ocsetup_cbs_install_NetFx3.dpx
2014-07-20 03:06 - 2008-07-27 20:00 - 00096760 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-07-20 03:05 - 2008-07-27 20:00 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\mscoree.dll
2014-07-20 03:05 - 2008-07-27 20:00 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-07-20 03:05 - 2008-07-27 20:00 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll
2014-07-20 03:04 - 2008-07-27 20:00 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-07-20 03:02 - 2010-02-21 01:54 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\nshhttp.dll
2014-07-20 03:01 - 2010-02-21 01:51 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\httpapi.dll
2014-07-20 03:01 - 2010-02-20 23:30 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2014-07-12 20:56 - 2014-07-12 20:56 - 00031744 _____ () C:\Users\tm\Downloads\Firmenlauf_Bielefeld_Anmeldung2014.xls
2014-07-06 19:07 - 2006-12-14 13:42 - 00069120 ____R (AVM Berlin) C:\Windows\system32\avmadd32.dll

==================== One Month Modified Files and Folders =======

2014-07-20 20:46 - 2014-07-20 04:10 - 00019207 _____ () C:\Users\tm\Downloads\FRST.txt
2014-07-20 20:46 - 2014-07-20 04:09 - 00000000 ____D () C:\FRST
2014-07-20 20:45 - 2014-07-20 20:45 - 01080320 _____ (Farbar) C:\Users\tm\Downloads\FRST (4).exe
2014-07-20 20:45 - 2008-03-30 15:28 - 00000412 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{7DE789EB-2CEE-4FAA-A54E-B1DE1CF3B6DF}.job
2014-07-20 20:45 - 2008-01-25 05:31 - 00000434 ____H () C:\Windows\Tasks\User_Feed_Synchronization-{D9B30BB4-63C0-47D4-A444-A174F9308500}.job
2014-07-20 20:44 - 2014-07-20 20:44 - 00050477 _____ () C:\Users\tm\Downloads\Defogger (6).exe
2014-07-20 20:44 - 2014-07-20 04:04 - 00000466 _____ () C:\Users\tm\Downloads\defogger_disable.log
2014-07-20 20:43 - 2008-01-25 06:20 - 01084991 _____ () C:\Windows\WindowsUpdate.log
2014-07-20 20:40 - 2011-05-29 04:42 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-20 20:40 - 2008-03-30 14:59 - 00000000 ____D () C:\Users\tm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
2014-07-20 20:40 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-20 20:40 - 2006-11-02 14:47 - 00003072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-20 20:40 - 2006-11-02 14:47 - 00003072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-20 20:26 - 2014-07-20 20:26 - 00380416 _____ () C:\Users\tm\Downloads\Gmer-19357 (4).exe
2014-07-20 20:20 - 2014-07-20 04:14 - 00035689 _____ () C:\Users\tm\Downloads\Addition.txt
2014-07-20 20:18 - 2011-05-29 04:42 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-20 20:17 - 2014-07-20 20:16 - 01080320 _____ (Farbar) C:\Users\tm\Downloads\FRST (3).exe
2014-07-20 20:16 - 2014-07-20 20:16 - 00050477 _____ () C:\Users\tm\Downloads\Defogger (5).exe
2014-07-20 19:45 - 2014-07-20 19:45 - 00380416 _____ () C:\Users\tm\Downloads\Gmer-19357 (3).exe
2014-07-20 19:41 - 2014-07-20 19:41 - 01080320 _____ (Farbar) C:\Users\tm\Downloads\FRST (2).exe
2014-07-20 19:40 - 2014-07-20 19:40 - 00050477 _____ () C:\Users\tm\Downloads\Defogger (4).exe
2014-07-20 19:27 - 2014-07-20 19:27 - 00380416 _____ () C:\Users\tm\Downloads\Gmer-19357 (2).exe
2014-07-20 19:25 - 2014-07-20 19:25 - 00380416 _____ () C:\Users\tm\Downloads\Gmer-19357 (1).exe
2014-07-20 19:14 - 2014-07-20 19:13 - 01080320 _____ (Farbar) C:\Users\tm\Downloads\FRST (1).exe
2014-07-20 19:11 - 2014-07-20 19:10 - 00050477 _____ () C:\Users\tm\Downloads\Defogger (3).exe
2014-07-20 18:54 - 2012-12-27 20:40 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-20 17:25 - 2009-08-26 12:57 - 00000000 ____D () C:\Program Files\PC Connectivity Solution
2014-07-20 12:54 - 2007-07-11 00:17 - 00000012 _____ () C:\Windows\bthservsdp.dat
2014-07-20 12:54 - 2006-11-02 15:01 - 00032538 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-07-20 12:53 - 2014-05-01 20:12 - 00035328 _____ () C:\Users\tm\Documents\infobook.xls
2014-07-20 11:22 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-07-20 11:17 - 2007-07-10 07:07 - 00000000 ____D () C:\Windows\system32\Drivers\de-DE
2014-07-20 11:17 - 2006-11-02 14:37 - 00000000 ____D () C:\Windows\system32\XPSViewer
2014-07-20 11:17 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\system32\de-DE
2014-07-20 11:16 - 2008-08-23 19:22 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-20 11:16 - 2007-07-11 01:28 - 00034152 _____ () C:\Windows\PFRO.log
2014-07-20 04:33 - 2014-07-20 04:33 - 00380416 _____ () C:\Users\tm\Downloads\Gmer-19357.exe
2014-07-20 04:08 - 2014-07-20 04:08 - 01079808 _____ (Farbar) C:\Users\tm\Downloads\FRST.exe
2014-07-20 04:04 - 2014-07-20 04:04 - 00000000 _____ () C:\Users\tm\defogger_reenable
2014-07-20 04:04 - 2008-03-30 14:58 - 00000000 ____D () C:\Users\tm
2014-07-20 04:02 - 2014-07-20 04:02 - 00050477 _____ () C:\Users\tm\Downloads\Defogger.exe
2014-07-20 04:02 - 2014-07-20 04:02 - 00050477 _____ () C:\Users\tm\Downloads\Defogger (2).exe
2014-07-20 04:02 - 2014-07-20 04:02 - 00050477 _____ () C:\Users\tm\Downloads\Defogger (1).exe
2014-07-20 04:02 - 2014-07-20 03:48 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-20 03:46 - 2006-11-02 12:33 - 01492226 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-20 03:45 - 2014-07-20 03:45 - 00000000 ____D () C:\Windows\SQL9_KB970892_ENU
2014-07-20 03:45 - 2007-07-11 01:13 - 00000000 ____D () C:\Program Files\Microsoft SQL Server
2014-07-20 03:26 - 2014-07-20 03:19 - 00196608 _____ () C:\Windows\ocsetup_cbs_install_NetFx3.perf
2014-07-20 03:26 - 2014-07-20 03:19 - 00065536 _____ () C:\Windows\ocsetup_cbs_install_NetFx3.dpx
2014-07-20 03:26 - 2010-05-29 15:47 - 58916864 _____ () C:\Windows\ocsetup_install_NetFx3.etl
2014-07-20 03:01 - 2011-01-14 02:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-20 02:58 - 2010-05-29 15:35 - 00284204 _____ () C:\Windows\msxml4-KB954430-enu.LOG
2014-07-20 02:56 - 2010-05-29 15:34 - 00288290 _____ () C:\Windows\msxml4-KB973688-enu.LOG
2014-07-18 16:04 - 2013-11-09 06:07 - 00001963 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-12 20:56 - 2014-07-12 20:56 - 00031744 _____ () C:\Users\tm\Downloads\Firmenlauf_Bielefeld_Anmeldung2014.xls
2014-07-10 22:04 - 2008-04-15 23:06 - 00066048 _____ () C:\Users\tm\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-07-08 22:59 - 2012-12-27 20:40 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-07-08 22:59 - 2011-06-27 23:52 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-07-06 19:08 - 2013-02-09 20:46 - 00002963 _____ () C:\Windows\avmadd32.log
2014-07-06 19:07 - 2013-02-09 20:46 - 00000000 ____D () C:\Program Files\FRITZ!Box
2014-06-26 17:38 - 2006-11-02 12:24 - 93585272 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe

Some content of TEMP:
====================
C:\Users\tm\AppData\Local\Temp\DataCard_Setup.exe
C:\Users\tm\AppData\Local\Temp\ResetDevice.exe
C:\Users\tm\AppData\Local\Temp\UNINSTALL.EXE
C:\Users\tm\AppData\Local\Temp\_is227F.exe
C:\Users\tm\AppData\Local\Temp\_is4847.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-20 20:46

==================== End Of Log ============================