Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Windows 7 - Internet leitet zu Viren-Page um

Windows 7 - Internet leitet zu Viren-Page um


Log-Analyse und Auswertung: Windows 7 - Internet leitet zu Viren-Page um

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 20.08.2014, 14:28   #1
Music.Junky
 
Windows 7 - Internet leitet zu Viren-Page um - Standard

Windows 7 - Internet leitet zu Viren-Page um


Hallo Zusammen,

seit gestern Abend bemerke ich, dass ich beim Surven auf einer bestimmten Seite im Internet immer wieder zu einer anderen umgeleitet werde.
Umleitung erfolgt hierhin:
Code:
ATTFilter
hxxp://www.player.com.lkcfs.com/FPlayer/DE/auload.html?installer=Flash_Player_13_for_Other_Browsers&browser_type=KHTML&dualoffer=false
Glücklicherweise erkennt mein Virenprogramm die Seite sofort. Als Bedrohung wird "Exploit: Fake Flash Player (type 1734)" angezeigt.
Beim weitere Surfen (gleiche Domain) wurde ich jedoch immer wieder zu dieser Seite umgeleitet.. Habe diese Seite schon öfter besucht und das ist bisher noch nie vorgekommen.. Da stimmt doch was nicht?
Habe nun die Anleitung zum Einstieg gemacht und im abgesicherten Modus nochmal AVG laufen lassen. Anbei die Logs

defogger_disable.txt:
Code:
ATTFilter
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 11:13 on 20/08/2014 (UliMx921)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
FRST.txt:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-08-2014 01
Ran by UliMx921 (administrator) on ULIMX921-HP on 20-08-2014 11:15:36
Running from C:\Users\UliMx921\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(AVG) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(AMD) C:\Windows\System32\atieclxx.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(AVG) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
() C:\Windows\vsnpstd3.exe
(Badoo) C:\ProgramData\Badoo\Badoo Desktop\1.6.58.1220\Badoo.Desktop.exe
(Spotify Ltd) C:\Users\UliMx921\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
() C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_179.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_179.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [snpstd3] => C:\Windows\vsnpstd3.exe [827392 2006-09-19] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-06-01] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [658424 2011-05-06] (PDF Complete Inc)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5187088 2014-08-11] (AVG Technologies CZ, s.r.o.)
HKLM\...\RunOnce: [NCPluginUpdater] => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\NCPluginUpdater.exe [21720 2014-08-05] (Hewlett-Packard)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\.DEFAULT\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect"
HKU\S-1-5-21-351139012-3454371372-141882758-1000\...\Run: [Badoo Desktop] => C:\ProgramData\Badoo\Badoo Desktop\1.6.58.1220\Badoo.Desktop.exe [1067232 2012-12-24] (Badoo)
HKU\S-1-5-21-351139012-3454371372-141882758-1000\...\Run: [Spotify Web Helper] => C:\Users\UliMx921\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1104280 2013-03-29] (Spotify Ltd)
HKU\S-1-5-21-351139012-3454371372-141882758-1000\...\Run: [Google Update] => C:\Users\UliMx921\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-12-16] (Google Inc.)
HKU\S-1-5-21-351139012-3454371372-141882758-1000\...\MountPoints2: {4787c2e1-7502-11e2-ac6f-806e6f6e6963} - E:\Autorun.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\3.0.285\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA1100 Setup-Assistent.lnk
ShortcutTarget: NETGEAR WNA1100 Setup-Assistent.lnk -> C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://badoo.com/startpage/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK/4
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPDSK/4
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://websearch.just-browse.info/
URLSearchHook: HKLM-x32 - DVDvideoSoft 2.0 Toolbar - {04a8dd1a-4754-48fe-a703-99846646ef04} - C:\Program Files (x86)\DVDvideoSoft_2.0\prxtbDVDv.dll (Conduit Ltd.)
URLSearchHook: HKCU - DVDvideoSoft 2.0 Toolbar - {04a8dd1a-4754-48fe-a703-99846646ef04} - C:\Program Files (x86)\DVDvideoSoft_2.0\prxtbDVDv.dll (Conduit Ltd.)
SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
SearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKLM - {ED6242A3-5D15-4557-BD56-B1C486765F61} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 - {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
SearchScopes: HKLM-x32 - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM-x32 - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.just-browse.info/?l=1&q={searchTerms}
SearchScopes: HKLM-x32 - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKLM-x32 - {ED6242A3-5D15-4557-BD56-B1C486765F61} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKCU - DefaultScope {8A244612-A1F7-11E0-95C0-E71F4824019B} URL = hxxp://badoo.com/startpage/?source=bsb&q={searchTerms}
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = 
SearchScopes: HKCU - {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=HPDTDF
SearchScopes: HKCU - {8A244612-A1F7-11E0-95C0-E71F4824019B} URL = hxxp://badoo.com/startpage/?source=bsb&q={searchTerms}
SearchScopes: HKCU - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKCU - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.just-browse.info/?l=1&q={searchTerms}
SearchScopes: HKCU - {d43b3890-80c7-4010-a95d-1e77b5924dc3} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms}
SearchScopes: HKCU - {ED6242A3-5D15-4557-BD56-B1C486765F61} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: DVDvideoSoft 2.0 Toolbar -> {04a8dd1a-4754-48fe-a703-99846646ef04} -> C:\Program Files (x86)\DVDvideoSoft_2.0\prxtbDVDv.dll (Conduit Ltd.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM-x32 - DVDvideoSoft 2.0 Toolbar - {04a8dd1a-4754-48fe-a703-99846646ef04} - C:\Program Files (x86)\DVDvideoSoft_2.0\prxtbDVDv.dll (Conduit Ltd.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\UliMx921\AppData\Roaming\Mozilla\Firefox\Profiles\wbnsoi44.default
FF Homepage: hxxp://www.ebay.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\UliMx921\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\UliMx921\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF user.js: detected! => C:\Users\UliMx921\AppData\Roaming\Mozilla\Firefox\Profiles\wbnsoi44.default\user.js
FF SearchPlugin: C:\Users\UliMx921\AppData\Roaming\Mozilla\Firefox\Profiles\wbnsoi44.default\searchplugins\badoo.xml
FF SearchPlugin: C:\Users\UliMx921\AppData\Roaming\Mozilla\Firefox\Profiles\wbnsoi44.default\searchplugins\zonealarm.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: DownloadHelper - C:\Users\UliMx921\AppData\Roaming\Mozilla\Firefox\Profiles\wbnsoi44.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-08-15]

Chrome: 
=======
CHR HomePage: hxxp://google.de/
CHR StartupUrls: "hxxp://google.de/"
CHR Plugin: (Shockwave Flash) - C:\Users\UliMx921\AppData\Local\Google\Chrome\Application\36.0.1985.143\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\UliMx921\AppData\Local\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\UliMx921\AppData\Local\Google\Chrome\Application\36.0.1985.143\pdf.dll ()
CHR Plugin: (Norton Confidential) - C:\Users\UliMx921\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\6.0.2_0\npcoplgn.dll No File
CHR Plugin: (Windows Live? Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Users\UliMx921\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll No File
CHR Extension: (Google Drive) - C:\Users\UliMx921\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-12-16]
CHR Extension: (YouTube) - C:\Users\UliMx921\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-12-16]
CHR Extension: (Google-Suche) - C:\Users\UliMx921\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-12-16]
CHR Extension: (Google Wallet) - C:\Users\UliMx921\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-08]
CHR Extension: (Google Mail) - C:\Users\UliMx921\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-12-16]
CHR Extension: (Extutil) - C:\Users\UliMx921\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B [2014-02-08]
CHR Extension: (Managera) - C:\Users\UliMx921\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42 [2014-02-08]
CHR HKCU\...\Chrome\Extension: [oolkekjjhnaeaahibbnfebmogackofpf] - C:\Users\UliMx921\AppData\Local\CRE\oolkekjjhnaeaahibbnfebmogackofpf.crx [2013-03-27]
CHR HKLM-x32\...\Chrome\Extension: [blaofbhgbmeikidhlkmjhbkbfohpgekf] - C:\Program Files (x86)\Movie2KDownloader.com\Movie2KDownloader10.crx [2013-03-27]
CHR HKLM-x32\...\Chrome\Extension: [oolkekjjhnaeaahibbnfebmogackofpf] - C:\Users\UliMx921\AppData\Local\CRE\oolkekjjhnaeaahibbnfebmogackofpf.crx [2013-03-27]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3244048 2014-08-11] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [289328 2014-08-11] (AVG Technologies CZ, s.r.o.)
R2 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.285\McCHSvc.exe [234776 2012-09-05] (McAfee, Inc.)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1128952 2011-05-06] (PDF Complete Inc)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2185528 2014-04-15] (AVG)
R2 WSWNA1100; C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe [266240 2010-08-04] () [File not signed]
S2 CltMngSvc; C:\PROGRA~2\SearchProtect\Main\bin\CltMngSvc.exe [X]
S2 ZAPrivacyService; "C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [242968 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [269080 2014-06-17] (AVG Technologies CZ, s.r.o.)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [22528 2012-03-26] (Apple Inc.) [File not signed]
S3 SNPSTD3; C:\Windows\System32\DRIVERS\snpstd3.sys [10550272 2007-03-27] (Sonix Co. Ltd.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [14112 2014-03-26] (TuneUp Software)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [53760 2012-09-28] (Apple, Inc.) [File not signed]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-20 11:15 - 2014-08-20 11:16 - 00020386 _____ () C:\Users\UliMx921\Desktop\FRST.txt
2014-08-20 11:15 - 2014-08-20 11:15 - 00000000 ____D () C:\FRST
2014-08-20 11:14 - 2014-08-20 11:14 - 02101760 _____ (Farbar) C:\Users\UliMx921\Desktop\FRST64.exe
2014-08-20 11:13 - 2014-08-20 11:13 - 00000478 _____ () C:\Users\UliMx921\Desktop\defogger_disable.log
2014-08-20 11:13 - 2014-08-20 11:13 - 00000000 _____ () C:\Users\UliMx921\defogger_reenable
2014-08-20 11:09 - 2014-08-20 11:09 - 00017960 _____ () C:\Users\UliMx921\Documents\Mappe1 (Automatisch gespeichert).xlsx
2014-08-20 11:06 - 2014-08-20 11:06 - 00050477 _____ () C:\Users\UliMx921\Desktop\Defogger.exe
2014-08-20 10:30 - 2014-08-20 10:30 - 00055437 _____ () C:\Users\UliMx921\Downloads\Bahia Bathroom Darkwood -  mirror.zip
2014-08-20 10:30 - 2014-08-20 10:30 - 00022762 _____ () C:\Users\UliMx921\Downloads\Bahia Bathroom Darkwood -  sink.zip
2014-08-20 10:30 - 2014-08-20 10:30 - 00008500 _____ () C:\Users\UliMx921\Downloads\Bahia Bathroom Darkwood -  table low.zip
2014-08-20 10:30 - 2014-08-20 10:30 - 00008494 _____ () C:\Users\UliMx921\Downloads\Bahia Bathroom Darkwood -  table high.zip
2014-08-20 10:29 - 2014-08-20 10:30 - 00101683 _____ () C:\Users\UliMx921\Downloads\Bahia Bathroom Darkwood - bathtub.zip
2014-08-20 10:29 - 2014-08-20 10:29 - 00030832 _____ () C:\Users\UliMx921\Downloads\Bahia Bathroom Darkwood - rug.zip
2014-08-20 10:29 - 2014-08-20 10:29 - 00017674 _____ () C:\Users\UliMx921\Downloads\Bahia Bathroom Darkwood - box.zip
2014-08-20 10:16 - 2014-08-20 10:16 - 18594480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-08-20 09:51 - 2014-08-20 11:16 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-20 09:51 - 2014-08-20 10:17 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-08-20 09:51 - 2014-08-20 09:51 - 00002168 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-08-20 09:51 - 2014-08-20 09:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-08-20 09:51 - 2014-08-20 09:51 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-08-20 09:51 - 2014-08-20 09:51 - 00000000 ____D () C:\ProgramData\McAfee
2014-08-20 09:51 - 2014-08-20 09:51 - 00000000 ____D () C:\Program Files (x86)\McAfee Security Scan
2014-08-20 09:36 - 2014-08-20 09:36 - 00000000 ____D () C:\Users\UliMx921\Downloads\padre
2014-08-19 21:19 - 2014-08-19 21:22 - 00000000 ____D () C:\Users\UliMx921\Downloads\ShinoKCR
2014-08-19 21:16 - 2014-08-19 21:16 - 00000000 ____D () C:\Users\UliMx921\Downloads\marilu
2014-08-19 21:02 - 2014-08-20 10:25 - 00000000 ____D () C:\Users\UliMx921\Downloads\~Monica~
2014-08-19 20:49 - 2014-08-19 20:50 - 00000000 ____D () C:\Users\UliMx921\Downloads\mirake
2014-08-19 20:32 - 2014-08-20 10:24 - 00000000 ____D () C:\Users\UliMx921\Downloads\steffor
2014-08-19 18:38 - 2014-08-19 19:45 - 00000000 ____D () C:\Users\UliMx921\Downloads\thesimsresource.com
2014-08-19 14:22 - 2014-08-19 14:22 - 00000000 ____D () C:\Users\UliMx921\Downloads\thevintagesim.blogspot.de
2014-08-19 14:04 - 2014-08-19 14:23 - 00000000 ____D () C:\Users\UliMx921\Downloads\beosboxboy.blogspot.de
2014-08-19 13:44 - 2014-08-19 13:45 - 00000000 ____D () C:\Users\UliMx921\Downloads\kunoichikatie.dreamwidth.org..21689.html
2014-08-19 13:40 - 2014-08-19 13:40 - 00000000 ____D () C:\Users\UliMx921\Downloads\kativip.ucoz.ru
2014-08-19 13:28 - 2014-08-19 13:29 - 00000000 ____D () C:\Users\UliMx921\Downloads\verounique.livejournal.com..18267.html
2014-08-18 11:21 - 2014-08-18 11:21 - 00000000 ____D () C:\Users\UliMx921\Downloads\www.simplystyling.de
2014-08-16 14:32 - 2014-08-16 14:33 - 00000000 ____D () C:\Users\UliMx921\Downloads\All4sims.de
2014-08-16 14:30 - 2014-08-16 14:30 - 01909992 _____ () C:\Users\UliMx921\Downloads\Buggybooz_KIA.rar
2014-08-15 03:03 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-15 03:03 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-15 03:03 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-15 03:03 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-15 03:03 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-15 03:03 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-15 03:03 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-15 03:03 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-14 19:35 - 2014-07-24 21:28 - 17861120 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-14 19:35 - 2014-07-24 21:12 - 02339328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-14 19:35 - 2014-07-24 21:10 - 10920960 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-14 19:35 - 2014-07-24 21:07 - 01384960 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-14 19:35 - 2014-07-24 21:06 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-14 19:35 - 2014-07-24 21:05 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-14 19:35 - 2014-07-24 21:05 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-08-14 19:35 - 2014-07-24 21:05 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-14 19:35 - 2014-07-24 21:04 - 02155520 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-14 19:35 - 2014-07-24 21:04 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-08-14 19:35 - 2014-07-24 21:04 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-14 19:35 - 2014-07-24 21:04 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-14 19:35 - 2014-07-24 21:04 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-14 19:35 - 2014-07-24 21:04 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-14 19:35 - 2014-07-24 21:03 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-14 19:35 - 2014-07-24 21:03 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-14 19:35 - 2014-07-24 21:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-14 19:35 - 2014-07-24 21:03 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-08-14 19:35 - 2014-07-24 21:03 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-08-14 19:35 - 2014-07-24 21:03 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-08-14 19:35 - 2014-07-24 21:02 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-14 19:35 - 2014-07-24 20:07 - 12356608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-14 19:35 - 2014-07-24 19:58 - 01810432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-14 19:35 - 2014-07-24 19:57 - 09739264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-14 19:35 - 2014-07-24 19:52 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-14 19:35 - 2014-07-24 19:51 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-14 19:35 - 2014-07-24 19:51 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-14 19:35 - 2014-07-24 19:50 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-08-14 19:35 - 2014-07-24 19:50 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-14 19:35 - 2014-07-24 19:49 - 01802240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-14 19:35 - 2014-07-24 19:49 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-08-14 19:35 - 2014-07-24 19:49 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-14 19:35 - 2014-07-24 19:49 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-14 19:35 - 2014-07-24 19:49 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-14 19:35 - 2014-07-24 19:48 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-14 19:35 - 2014-07-24 19:48 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-14 19:35 - 2014-07-24 19:48 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-14 19:35 - 2014-07-24 19:48 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-14 19:35 - 2014-07-24 19:48 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-08-14 19:35 - 2014-07-24 19:48 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-08-14 19:35 - 2014-07-24 19:48 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-08-14 19:35 - 2014-07-24 19:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-14 19:35 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-14 19:35 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-14 19:35 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-14 19:35 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-14 19:35 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-14 19:35 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-14 19:35 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-14 19:35 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-14 19:35 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-14 19:35 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-14 19:35 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-14 19:35 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-14 19:34 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-14 19:34 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-14 19:34 - 2014-07-16 05:25 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-14 19:34 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-14 19:34 - 2014-07-16 04:46 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-14 19:34 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-14 19:34 - 2014-07-16 04:12 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-14 19:34 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-14 19:34 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-14 19:34 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-14 19:34 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-14 19:34 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-14 19:34 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-14 19:34 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-14 19:34 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-14 19:34 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-14 19:34 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-14 19:34 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-14 19:34 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-07-25 17:58 - 2014-07-25 17:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-20 11:16 - 2014-08-20 11:15 - 00020386 _____ () C:\Users\UliMx921\Desktop\FRST.txt
2014-08-20 11:16 - 2014-08-20 09:51 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-20 11:15 - 2014-08-20 11:15 - 00000000 ____D () C:\FRST
2014-08-20 11:14 - 2014-08-20 11:14 - 02101760 _____ (Farbar) C:\Users\UliMx921\Desktop\FRST64.exe
2014-08-20 11:13 - 2014-08-20 11:13 - 00000478 _____ () C:\Users\UliMx921\Desktop\defogger_disable.log
2014-08-20 11:13 - 2014-08-20 11:13 - 00000000 _____ () C:\Users\UliMx921\defogger_reenable
2014-08-20 11:13 - 2012-12-16 00:55 - 00000000 ____D () C:\Users\UliMx921
2014-08-20 11:12 - 2012-12-16 00:54 - 01273742 _____ () C:\Windows\WindowsUpdate.log
2014-08-20 11:10 - 2014-03-07 21:33 - 00000000 ____D () C:\Users\UliMx921\AppData\Roaming\SoftGrid Client
2014-08-20 11:09 - 2014-08-20 11:09 - 00017960 _____ () C:\Users\UliMx921\Documents\Mappe1 (Automatisch gespeichert).xlsx
2014-08-20 11:06 - 2014-08-20 11:06 - 00050477 _____ () C:\Users\UliMx921\Desktop\Defogger.exe
2014-08-20 10:41 - 2009-07-14 06:45 - 00024400 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-20 10:41 - 2009-07-14 06:45 - 00024400 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-20 10:30 - 2014-08-20 10:30 - 00055437 _____ () C:\Users\UliMx921\Downloads\Bahia Bathroom Darkwood -  mirror.zip
2014-08-20 10:30 - 2014-08-20 10:30 - 00022762 _____ () C:\Users\UliMx921\Downloads\Bahia Bathroom Darkwood -  sink.zip
2014-08-20 10:30 - 2014-08-20 10:30 - 00008500 _____ () C:\Users\UliMx921\Downloads\Bahia Bathroom Darkwood -  table low.zip
2014-08-20 10:30 - 2014-08-20 10:30 - 00008494 _____ () C:\Users\UliMx921\Downloads\Bahia Bathroom Darkwood -  table high.zip
2014-08-20 10:30 - 2014-08-20 10:29 - 00101683 _____ () C:\Users\UliMx921\Downloads\Bahia Bathroom Darkwood - bathtub.zip
2014-08-20 10:29 - 2014-08-20 10:29 - 00030832 _____ () C:\Users\UliMx921\Downloads\Bahia Bathroom Darkwood - rug.zip
2014-08-20 10:29 - 2014-08-20 10:29 - 00017674 _____ () C:\Users\UliMx921\Downloads\Bahia Bathroom Darkwood - box.zip
2014-08-20 10:25 - 2014-08-19 21:02 - 00000000 ____D () C:\Users\UliMx921\Downloads\~Monica~
2014-08-20 10:24 - 2014-08-19 20:32 - 00000000 ____D () C:\Users\UliMx921\Downloads\steffor
2014-08-20 10:24 - 2012-12-16 01:52 - 00001132 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-351139012-3454371372-141882758-1000UA.job
2014-08-20 10:23 - 2013-03-07 21:19 - 00000000 ____D () C:\ProgramData\MFAData
2014-08-20 10:17 - 2014-08-20 09:51 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-08-20 10:17 - 2014-05-06 13:06 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-20 10:17 - 2012-02-16 11:05 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-20 10:16 - 2014-08-20 10:16 - 18594480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-08-20 09:51 - 2014-08-20 09:51 - 00002168 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-08-20 09:51 - 2014-08-20 09:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
2014-08-20 09:51 - 2014-08-20 09:51 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-08-20 09:51 - 2014-08-20 09:51 - 00000000 ____D () C:\ProgramData\McAfee
2014-08-20 09:51 - 2014-08-20 09:51 - 00000000 ____D () C:\Program Files (x86)\McAfee Security Scan
2014-08-20 09:36 - 2014-08-20 09:36 - 00000000 ____D () C:\Users\UliMx921\Downloads\padre
2014-08-20 09:30 - 2012-12-16 01:52 - 00001080 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-351139012-3454371372-141882758-1000Core.job
2014-08-20 09:29 - 2012-02-16 11:09 - 00000000 ____D () C:\ProgramData\PDFC
2014-08-19 21:22 - 2014-08-19 21:19 - 00000000 ____D () C:\Users\UliMx921\Downloads\ShinoKCR
2014-08-19 21:16 - 2014-08-19 21:16 - 00000000 ____D () C:\Users\UliMx921\Downloads\marilu
2014-08-19 20:50 - 2014-08-19 20:49 - 00000000 ____D () C:\Users\UliMx921\Downloads\mirake
2014-08-19 19:45 - 2014-08-19 18:38 - 00000000 ____D () C:\Users\UliMx921\Downloads\thesimsresource.com
2014-08-19 14:23 - 2014-08-19 14:04 - 00000000 ____D () C:\Users\UliMx921\Downloads\beosboxboy.blogspot.de
2014-08-19 14:22 - 2014-08-19 14:22 - 00000000 ____D () C:\Users\UliMx921\Downloads\thevintagesim.blogspot.de
2014-08-19 13:45 - 2014-08-19 13:44 - 00000000 ____D () C:\Users\UliMx921\Downloads\kunoichikatie.dreamwidth.org..21689.html
2014-08-19 13:40 - 2014-08-19 13:40 - 00000000 ____D () C:\Users\UliMx921\Downloads\kativip.ucoz.ru
2014-08-19 13:29 - 2014-08-19 13:28 - 00000000 ____D () C:\Users\UliMx921\Downloads\verounique.livejournal.com..18267.html
2014-08-19 13:19 - 2012-12-16 01:01 - 00003954 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{B4831B8C-91D3-432E-AFEF-559F989D3C7C}
2014-08-18 23:04 - 2013-01-21 21:20 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-08-18 23:04 - 2012-12-17 21:59 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-08-18 11:21 - 2014-08-18 11:21 - 00000000 ____D () C:\Users\UliMx921\Downloads\www.simplystyling.de
2014-08-16 20:43 - 2014-02-08 13:21 - 00003204 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForUliMx921
2014-08-16 20:43 - 2014-02-08 13:21 - 00000344 _____ () C:\Windows\Tasks\HPCeeScheduleForUliMx921.job
2014-08-16 14:33 - 2014-08-16 14:32 - 00000000 ____D () C:\Users\UliMx921\Downloads\All4sims.de
2014-08-16 14:30 - 2014-08-16 14:30 - 01909992 _____ () C:\Users\UliMx921\Downloads\Buggybooz_KIA.rar
2014-08-15 17:09 - 2012-12-16 01:52 - 00002335 _____ () C:\Users\UliMx921\Desktop\Google Chrome.lnk
2014-08-15 03:35 - 2014-05-06 13:01 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-15 03:35 - 2013-04-11 03:19 - 00296584 _____ () C:\Windows\PFRO.log
2014-08-15 03:35 - 2013-04-11 03:19 - 00275856 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-15 03:35 - 2013-04-08 22:09 - 00020070 _____ () C:\Windows\setupact.log
2014-08-15 03:35 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-15 03:02 - 2014-05-07 03:01 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-14 19:35 - 2014-03-31 19:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-08-14 19:35 - 2014-03-16 15:58 - 00000983 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-08-12 23:32 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-08-07 04:06 - 2014-08-14 19:34 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 04:01 - 2014-08-14 19:34 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-04 22:49 - 2013-01-10 13:19 - 00000000 ____D () C:\Users\UliMx921\AppData\Local\CrashDumps
2014-08-04 22:16 - 2012-12-17 14:37 - 00000000 ____D () C:\Users\UliMx921\AppData\Roaming\vlc
2014-07-30 18:04 - 2014-05-06 13:33 - 00000000 ____D () C:\Users\UliMx921\dwhelper
2014-07-30 18:02 - 2014-05-06 13:33 - 00000000 ____D () C:\Users\UliMx921\Downloads\Germany's Next Topmodel
2014-07-30 17:29 - 2013-12-27 19:58 - 00000000 ____D () C:\Users\UliMx921\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-07-27 14:37 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-07-27 12:25 - 2013-03-14 04:01 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-27 12:25 - 2013-03-14 04:01 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-27 12:23 - 2012-12-17 20:06 - 00000000 ____D () C:\Users\UliMx921\AppData\Roaming\uTorrent
2014-07-26 03:02 - 2013-03-14 04:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-25 17:58 - 2014-07-25 17:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-24 21:28 - 2014-08-14 19:35 - 17861120 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-24 21:12 - 2014-08-14 19:35 - 02339328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-24 21:10 - 2014-08-14 19:35 - 10920960 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-24 21:07 - 2014-08-14 19:35 - 01384960 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-24 21:06 - 2014-08-14 19:35 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-24 21:05 - 2014-08-14 19:35 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-24 21:05 - 2014-08-14 19:35 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-07-24 21:05 - 2014-08-14 19:35 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-24 21:04 - 2014-08-14 19:35 - 02155520 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-24 21:04 - 2014-08-14 19:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-07-24 21:04 - 2014-08-14 19:35 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-24 21:04 - 2014-08-14 19:35 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-24 21:04 - 2014-08-14 19:35 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-24 21:04 - 2014-08-14 19:35 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-24 21:03 - 2014-08-14 19:35 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-24 21:03 - 2014-08-14 19:35 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-24 21:03 - 2014-08-14 19:35 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-24 21:03 - 2014-08-14 19:35 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-07-24 21:03 - 2014-08-14 19:35 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-07-24 21:03 - 2014-08-14 19:35 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-07-24 21:02 - 2014-08-14 19:35 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-24 20:07 - 2014-08-14 19:35 - 12356608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-24 19:58 - 2014-08-14 19:35 - 01810432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-24 19:57 - 2014-08-14 19:35 - 09739264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-24 19:52 - 2014-08-14 19:35 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-24 19:51 - 2014-08-14 19:35 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-24 19:51 - 2014-08-14 19:35 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-24 19:50 - 2014-08-14 19:35 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-07-24 19:50 - 2014-08-14 19:35 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-24 19:49 - 2014-08-14 19:35 - 01802240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-24 19:49 - 2014-08-14 19:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-07-24 19:49 - 2014-08-14 19:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-24 19:49 - 2014-08-14 19:35 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-24 19:49 - 2014-08-14 19:35 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-24 19:48 - 2014-08-14 19:35 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-24 19:48 - 2014-08-14 19:35 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-24 19:48 - 2014-08-14 19:35 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-24 19:48 - 2014-08-14 19:35 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-24 19:48 - 2014-08-14 19:35 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-07-24 19:48 - 2014-08-14 19:35 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-07-24 19:48 - 2014-08-14 19:35 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-07-24 19:47 - 2014-08-14 19:35 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

Some content of TEMP:
====================
C:\Users\UliMx921\AppData\Local\Temp\AutoRun.exe
C:\Users\UliMx921\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\UliMx921\AppData\Local\Temp\drm_dialogs.dll
C:\Users\UliMx921\AppData\Local\Temp\drm_dyndata_7380011.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-08 19:18

==================== End Of Log =============================
Addition.txt:
Zitat:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-08-2014 01
Ran by UliMx921 at 2014-08-20 11:16:44
Running from C:\Users\UliMx921\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 3.2.3.28705 - BitTorrent Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19120 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 2.6.0.19120 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.179 - Adobe Systems Incorporated)
Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
AMD APP SDK Runtime (Version: 2.4.595.10 - Advanced Micro Devices Inc.) Hidden
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{96F38867-9D41-683C-DF60-034A731C37FE}) (Version: 3.0.825.0 - ATI Technologies, Inc.)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4745 - AVG Technologies)
AVG 2014 (Version: 14.0.4007 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4745 - AVG Technologies) Hidden
AVG PC TuneUp 2014 (de-DE) (x32 Version: 14.0.1001.423 - AVG) Hidden
AVG PC TuneUp 2014 (HKLM-x32\...\AVG PC TuneUp) (Version: 14.0.1001.423 - AVG)
AVG PC TuneUp 2014 (x32 Version: 14.0.1001.423 - AVG) Hidden
Badoo Desktop (HKLM-x32\...\{D0AF8BD9-79A6-45D6-8B71-25281B1300A7}) (Version: 1.6.58.1220 - Badoo)
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Bounce Symphony (x32 Version: 2.2.0.97 - WildTangent) Hidden
Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center (x32 Version: 2011.0531.2216.38124 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2011.0531.2216.38124 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2011.0531.2216.38124 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2011.0531.2216.38124 - ATI) Hidden
Catalyst Control Center Profiles Desktop (x32 Version: 2011.0531.2216.38124 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2011.0531.2215.38124 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2011.0531.2215.38124 - ATI) Hidden
CCC Help Czech (x32 Version: 2011.0531.2215.38124 - ATI) Hidden
CCC Help Danish (x32 Version: 2011.0531.2215.38124 - ATI) Hidden
CCC Help Dutch (x32 Version: 2011.0531.2215.38124 - ATI) Hidden
CCC Help English (x32 Version: 2011.0531.2215.38124 - ATI) Hidden
CCC Help Finnish (x32 Version: 2011.0531.2215.38124 - ATI) Hidden
CCC Help French (x32 Version: 2011.0531.2215.38124 - ATI) Hidden
CCC Help German (x32 Version: 2011.0531.2215.38124 - ATI) Hidden
CCC Help Greek (x32 Version: 2011.0531.2215.38124 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2011.0531.2215.38124 - ATI) Hidden
CCC Help Italian (x32 Version: 2011.0531.2215.38124 - ATI) Hidden
CCC Help Japanese (x32 Version: 2011.0531.2215.38124 - ATI) Hidden
CCC Help Korean (x32 Version: 2011.0531.2215.38124 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2011.0531.2215.38124 - ATI) Hidden
CCC Help Polish (x32 Version: 2011.0531.2215.38124 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2011.0531.2215.38124 - ATI) Hidden
CCC Help Russian (x32 Version: 2011.0531.2215.38124 - ATI) Hidden
CCC Help Spanish (x32 Version: 2011.0531.2215.38124 - ATI) Hidden
CCC Help Swedish (x32 Version: 2011.0531.2215.38124 - ATI) Hidden
CCC Help Thai (x32 Version: 2011.0531.2215.38124 - ATI) Hidden
CCC Help Turkish (x32 Version: 2011.0531.2215.38124 - ATI) Hidden
ccc-utility64 (Version: 2011.0531.2216.38124 - ATI) Hidden
Chronicles of Albian (x32 Version: 2.2.0.95 - WildTangent) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cradle of Rome 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Die Sims 2 (HKLM-x32\...\{6E7DD182-9FC6-4651-0095-2E666CC6AF35}) (Version: - )
Die Sims 2: Nightlife (HKLM-x32\...\{F7529650-B9DB-481B-0089-A2AC3C2821C1}) (Version: - )
Die Sims 2: Open For Business (HKLM-x32\...\{7B3577F5-1D82-4C9B-008B-69D026FD8BCA}) (Version: - )
Die Sims 2: Wilde Campus-Jahre (HKLM-x32\...\{01521746-02A6-4A72-00BD-A285DF6B80C6}) (Version: - )
Die Sims™ 2 Apartment-Leben (HKLM-x32\...\{B6F5B704-06D3-4687-90F3-6195304AD755}) (Version: - Electronic Arts)
Die Sims™ 2 Freizeit-Spaß (HKLM-x32\...\{87F6C83D-F949-4d14-B5CB-DC8C75F8932D}) (Version: - Electronic Arts)
Die Sims™ 2 Gute Reise (HKLM-x32\...\{F248ADFA-64E0-4b03-8A83-059078BED6A0}) (Version: - Electronic Arts)
Die Sims™ 2 H&M®-Fashion-Accessoires (HKLM-x32\...\{84DDE556-43EF-43ed-B2DF-37AF9E5DDD75}) (Version: - )
Die Sims™ 2 Haustiere (HKLM-x32\...\{4817189D-1785-4627-A33C-39FD90919300}) (Version: - )
Die Sims™ 2 Küchen- und Bad-Einrichtungs-Accessoires (HKLM-x32\...\{6522C636-B04C-4333-9BEB-9E0C0B6350D6}) (Version: - Electronic Arts)
Die Sims™ 2 Teen Style-Accessoires (HKLM-x32\...\{5C648FDB-0138-4619-B66E-230EF53E8E2C}) (Version: - Electronic Arts)
Die Sims™ 2 Vier Jahreszeiten (HKLM-x32\...\{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}) (Version: - )
Die Sims™ 2 Villen- und Garten-Accessoires (HKLM-x32\...\{1A2A15C2-6780-49c1-B296-503230E9DE00}) (Version: - Electronic Arts)
DVDvideoSoft 2.0 Toolbar (HKLM-x32\...\DVDvideoSoft_2.0 Toolbar) (Version: 6.11.2.6 - DVDvideoSoft 2.0)
Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
Free YouTube to MP3 Converter version 3.12.42.716 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.42.716 - DVDVideoSoft Ltd.)
Google Chrome (HKCU\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Auto (Version: 1.0.12935.3667 - Hewlett-Packard Company) Hidden
HP Client Services (Version: 1.1.12938.3539 - Hewlett-Packard) Hidden
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP LinkUp (HKLM-x32\...\{DB3147AB-4024-4773-8EC0-A1FE5B44933D}) (Version: 2.01.028 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{D35B72B6-F0E4-462B-BDEB-E08032B3B681}) (Version: 8.7.4747.3786 - Hewlett-Packard Company)
HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13880.3792 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)
HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.9.0.0 - Hewlett-Packard)
HydraVision (x32 Version: 4.2.200.0 - ATI Technologies Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Jewel Quest Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden
Jewel Quest: The Sleepless Star - Collector's Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
McAfee Security Scan Plus (HKLM-x32\...\McAfee Security Scan) (Version: 3.0.285.6 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Mathematics (HKLM-x32\...\{4D090F70-6F08-4B60-9357-A1DFD4458F09}) (Version: 4.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 31.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MX Simulator Demo (HKLM-x32\...\MX Simulator Demo) (Version: - )
Mystery of Mortlake Mansion (x32 Version: 2.2.0.97 - WildTangent) Hidden
Namco All-Stars: PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden
NETGEAR WNA1100 N150 Wireless USB Adapter (HKLM-x32\...\{A2AE9709-283B-4B48-AA34-729C070A62FB}) (Version: 1.0.0.133 - NETGEAR)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.54 - PDF Complete, Inc)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6463 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.0.4320 - CyberLink Corp.) Hidden
Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.13.1.47 - Client Connect LTD) <==== ATTENTION
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Spotify (HKCU\...\Spotify) (Version: 0.8.8.450.gd9413516 - Spotify AB)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Vacation Quest - The Hawaiian Islands (x32 Version: 2.2.0.97 - WildTangent) Hidden
Virtual Villagers - The Secret City (x32 Version: 2.2.0.95 - WildTangent) Hidden
Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.0.5 (HKLM-x32\...\VLC media player) (Version: 2.0.5 - VideoLAN)
WildTangent Games App (HP Games) (x32 Version: 4.0.5.2 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-351139012-3454371372-141882758-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\UliMx921\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-351139012-3454371372-141882758-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\UliMx921\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-351139012-3454371372-141882758-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\UliMx921\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-351139012-3454371372-141882758-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\UliMx921\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

==================== Restore Points =========================

27-07-2014 17:18:00 Windows-Sicherung
06-08-2014 14:41:57 Geplanter Prüfpunkt
07-08-2014 17:44:30 Installed AVG 2014
15-08-2014 01:00:55 Windows Update
17-08-2014 17:30:29 Windows-Sicherung

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {25A1094E-2E00-4515-A580-C07490A27479} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {31734D57-4A05-4BA1-A121-6E02B630CEF5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {3785B26A-2D91-4F17-B586-0B9560C621A9} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {398269C5-DED7-4266-AB7C-C82A670AF9E0} - System32\Tasks\{991E6CFF-0F6A-4166-862D-12248E105515} => C:\Program Files (x86)\EA GAMES\Die Sims 2 Villen- und Garten-Accessoires\TSBin\Sims2EP9.exe [2008-10-24] (Maxis, a division of Electronic Arts Inc.)
Task: {3D2E4CE9-9680-4A77-92F3-A0B2511EBCB7} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2011-06-15] ()
Task: {4F99A69D-BAEF-4237-AA36-697F207E9357} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2011-05-10] (Hewlett-Packard)
Task: {6C21F4D2-0911-4FA0-A370-CBBC60ED700C} - System32\Tasks\{9712B368-C5B1-4935-9930-BFA1FA08C330} => C:\Program Files (x86)\EA GAMES\Die Sims 2 Villen- und Garten-Accessoires\TSBin\Sims2EP9.exe [2008-10-24] (Maxis, a division of Electronic Arts Inc.)
Task: {6C4BA2F2-AC19-4741-839A-F1FC180A87F7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {7843F139-EA3C-42F5-8220-3AD4AE3BE51B} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe [2014-04-15] (AVG)
Task: {8949BC00-61D0-4154-BD6B-27C4A09249A8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-20] (Adobe Systems Incorporated)
Task: {A167490F-559C-401E-90F7-A81A78ACB63B} - System32\Tasks\Google Updater and Installer => C:\Users\UliMx921\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-16] (Google Inc.)
Task: {ADE1357D-70D9-4D07-BA37-85B6618F471C} - System32\Tasks\{B6C140A9-83EB-47F6-AAD5-2CDB8E907F36} => C:\Program Files (x86)\EA GAMES\Die Sims 2 Villen- und Garten-Accessoires\TSBin\Sims2EP9.exe [2008-10-24] (Maxis, a division of Electronic Arts Inc.)
Task: {CEBFA74A-A980-446D-B890-FE5A59B73F99} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-351139012-3454371372-141882758-1000UA => C:\Users\UliMx921\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-16] (Google Inc.)
Task: {D36A4F58-C85D-4AA1-99EA-D8E7F96C2844} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {DC204A9F-1432-43A5-B6C6-E5A1E72BB3F9} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {E98D7D5B-95EB-494E-9894-FD22E62C18F2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)
Task: {E99EF112-8A62-4A59-88C9-347E44184CFD} - System32\Tasks\HPCeeScheduleForUliMx921 => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14] (Hewlett-Packard)
Task: {F38D6E9E-3E37-40E8-A87A-645C6EF3B705} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-351139012-3454371372-141882758-1000Core => C:\Users\UliMx921\AppData\Local\Google\Update\GoogleUpdate.exe [2012-12-16] (Google Inc.)
Task: {F912E56F-80CF-4A04-BF78-5AEBA61E8CF6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)
Task: {FDD93509-952B-4859-92F4-0AFCB3C8E072} - System32\Tasks\RMCreator => C:\Program Files (x86)\Hewlett-Packard\Recovery\Reminder.exe [2011-07-21] (CyberLink)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-351139012-3454371372-141882758-1000Core.job => C:\Users\UliMx921\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-351139012-3454371372-141882758-1000UA.job => C:\Users\UliMx921\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForUliMx921.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (whitelisted) =============

2014-04-15 16:23 - 2014-04-15 16:23 - 00675640 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\avgrepliba.dll
2012-12-16 01:43 - 2010-08-04 15:44 - 00266240 _____ () C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvc.exe
2006-09-19 10:07 - 2006-09-19 10:07 - 00827392 _____ () C:\Windows\vsnpstd3.exe
2012-12-16 01:43 - 2011-01-04 16:34 - 04545024 _____ () C:\Program Files (x86)\NETGEAR\WNA1100\WNA1100.exe
2011-06-01 08:14 - 2011-06-01 08:14 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-04-12 02:20 - 2011-04-12 02:20 - 00098304 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-04-12 02:20 - 2011-04-12 02:20 - 00028672 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\BrandingResources.dll
2012-12-16 01:43 - 2010-03-10 15:50 - 00360448 _____ () C:\Program Files (x86)\NETGEAR\WNA1100\WifiLib.dll
2012-12-16 01:43 - 2009-08-28 17:50 - 00282624 _____ () C:\Program Files (x86)\NETGEAR\WNA1100\WifiSvcLib.dll
2014-07-25 17:58 - 2014-07-25 17:58 - 03800688 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-05-06 13:06 - 2014-05-06 13:06 - 16351920 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll
2014-08-20 09:51 - 2014-08-20 09:51 - 17048240 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/17/2014 10:17:12 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed:

Error: (08/15/2014 03:01:18 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary Vsdatant.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (08/12/2014 04:04:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc3c1
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000004e4e4
ID des fehlerhaften Prozesses: 0x580
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe0
Pfad der fehlerhaften Anwendung: svchost.exe1
Pfad des fehlerhaften Moduls: svchost.exe2
Berichtskennung: svchost.exe3

Error: (08/07/2014 07:44:40 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary Vsdatant.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (08/06/2014 04:42:05 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".


Details:
AddLegacyDriverFiles: Unable to back up image of binary Vsdatant.

System Error:
Das System kann die angegebene Datei nicht finden.
.

Error: (08/04/2014 10:16:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vlc.exe, Version: 2.0.5.0, Zeitstempel: 0x50c91d8b
Name des fehlerhaften Moduls: vlc.exe, Version: 2.0.5.0, Zeitstempel: 0x50c91d8b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00001665
ID des fehlerhaften Prozesses: 0x1cdc
Startzeit der fehlerhaften Anwendung: 0xvlc.exe0
Pfad der fehlerhaften Anwendung: vlc.exe1
Pfad des fehlerhaften Moduls: vlc.exe2
Berichtskennung: vlc.exe3

Error: (08/02/2014 04:18:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Sims2Launcher.exe, Version: 1.0.0.1, Zeitstempel: 0x48f12e72
Name des fehlerhaften Moduls: Sims2Launcher.exe, Version: 1.0.0.1, Zeitstempel: 0x48f12e72
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00002167
ID des fehlerhaften Prozesses: 0x1584
Startzeit der fehlerhaften Anwendung: 0xSims2Launcher.exe0
Pfad der fehlerhaften Anwendung: Sims2Launcher.exe1
Pfad des fehlerhaften Moduls: Sims2Launcher.exe2
Berichtskennung: Sims2Launcher.exe3

Error: (07/30/2014 05:28:59 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: UliMx921-HP)
Description: Die Anwendung oder der Dienst "ZoneAlarm Privacy Service" konnte nicht heruntergefahren werden.

Error: (07/30/2014 05:28:59 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: UliMx921-HP)
Description: Die Anwendung oder der Dienst "ZoneAlarm Privacy Service" konnte nicht heruntergefahren werden.

Error: (07/30/2014 05:28:55 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: UliMx921-HP)
Description: Die Anwendung oder der Dienst "Check Point Install Utility" konnte nicht heruntergefahren werden.


System errors:
=============
Error: (08/15/2014 03:38:10 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Search Protect Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (08/15/2014 03:35:54 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ZoneAlarm Privacy Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (08/15/2014 03:32:26 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (08/12/2014 04:06:56 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Telefonie" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056

Error: (08/12/2014 04:06:56 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "DNS-Client" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056

Error: (08/12/2014 04:05:56 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Arbeitsstationsdienst" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056

Error: (08/12/2014 04:05:56 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Kryptografiedienste" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056

Error: (08/12/2014 04:04:56 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Remotedesktopdienste" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (08/12/2014 04:04:56 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Telefonie" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (08/12/2014 04:04:56 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "NLA (Network Location Awareness)" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 100 Millisekunden durchgeführt: Neustart des Diensts.


Microsoft Office Sessions:
=========================
Error: (08/17/2014 10:17:12 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: (Patch task for {90140011-0066-0407-0000-0000000FF1CE}): DownloadLatest Failed:

Error: (08/15/2014 03:01:18 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary Vsdatant.

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (08/12/2014 04:04:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe6.1.7600.163854a5bc3c1ntdll.dll6.1.7601.18247521eaf24c0000005000000000004e4e458001cfa9852ab708c0C:\Windows\system32\svchost.exeC:\Windows\S YSTEM32\ntdll.dll9f19fab1-2229-11e4-84ff-082e5f1503a7

Error: (08/07/2014 07:44:40 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary Vsdatant.

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (08/06/2014 04:42:05 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary Vsdatant.

System Error:
Das System kann die angegebene Datei nicht finden.

Error: (08/04/2014 10:16:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.0.5.050c91d8bvlc.exe2.0.5.050c91d8bc0000005000016651cdc01cfae70cf3d162cC:\Program Files (x86)\VideoLAN\VLC\vlc.exeC:\Program Files (x86)\VideoLAN\VLC\vlc.exe31dfb29a-1c14-11e4-84ff-082e5f1503a7

Error: (08/02/2014 04:18:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Sims2Launcher.exe1.0.0.148f12e72Sims2Launcher.exe1.0.0.148f12e72c000000500002167158401cfae5c94b24182C:\Program Files (x86)\EA GAMES\Die Sims 2 Villen- und Garten-Accessoires\TSBin\Sims2Launcher.exeC:\Program Files (x86)\EA GAMES\Die Sims 2 Villen- und Garten-Accessoires\TSBin\Sims2Launcher.exed3ba266e-1a4f-11e4-84ff-082e5f1503a7

Error: (07/30/2014 05:28:59 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: UliMx921-HP)
Description: 1C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exeZoneAlarm Privacy Service03026216127800

Error: (07/30/2014 05:28:59 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: UliMx921-HP)
Description: 0C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exeZoneAlarm Privacy Service0302621612780443003A005C00500072006F006700720061006D002000460069006C00650073002000280078003800360029005C0043006800650063006B0050006F0069006E007 4005C005A006F006E00650041006C00610072006D005C0043006F006D006D0075006E006900740079002E00430073006800610072007000530071006C006900740065002E0064006C006C0 0000043003A005C00500072006F006700720061006D002000460069006C00650073002000280078003800360029005C0043006800650063006B0050006F0069006E0074005C005A006F006 E00650041006C00610072006D005C0043006F006D006D0075006E006900740079002E00430073006800610072007000530071006C006900740065002E00530051004C00690074006500430 06C00690065006E0074002E0064006C006C00000043003A005C00500072006F006700720061006D002000460069006C00650073002000280078003800360029005C0043006800650063006 B0050006F0069006E0074005C005A006F006E00650041006C00610072006D005C0049006F006E00690063002E005A00690070002E0064006C006C00000043003A005C00500072006F00670 0720061006D002000460069006C00650073002000280078003800360029005C0043006800650063006B0050006F0069006E0074005C005A006F006E00650041006C00610072006D005C005 A004100500072006900760061006300790053006500720076006900630065002E006500780065000000

Error: (07/30/2014 05:28:55 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: UliMx921-HP)
Description: 1C:\Program Files (x86)\CheckPoint\Install\Install.exeCheck Point Install Utility0111780800


==================== Memory info ===========================

Processor: Intel(R) Pentium(R) CPU G620 @ 2.60GHz
Percentage of memory in use: 76%
Total physical RAM: 4076.84 MB
Available physical RAM: 956.23 MB
Total Pagefile: 8151.87 MB
Available Pagefile: 3742.01 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:918.74 GB) (Free:832.2 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (HP_RECOVERY) (Fixed) (Total:12.67 GB) (Free:1.56 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (Sims2EP9) (CDROM) (Total:0.66 GB) (Free:0 GB) UDF
Drive f: (Elements) (Fixed) (Total:1863.01 GB) (Free:1175.89 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 125B0853)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=918.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=12.7 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 0022BBEE)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== End Of Log ============================
Gmer.txt:
Zitat:
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-08-20 12:07:43
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 ST310005 rev.HP64 931,51GB
Running: Gmer-19357.exe; Driver: C:\Users\UliMx921\AppData\Local\Temp\kxlorkoc.sys


---- Kernel code sections - GMER 2.1 ----

INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 528 fffff80002ded000 63 bytes [4D, 6D, 53, 74, 01, 00, 00, ...]
INITKDBG C:\Windows\system32\ntoskrnl.exe!ExDeleteNPagedLookasideList + 592 fffff80002ded040 12 bytes [01, 60, 18, 07, 80, FA, FF, ...]

---- EOF - GMER 2.1 ----
AVG Filelog:
Code:
ATTFilter
AVG 2014 AntiVirus-Befehlszeilenscanner
Copyright (c) 1992 - 2013 AVG Technologies
Programmversion 2014.0.4745, Engine 2014.0.4007
Virendatenbank: Version 4007/8068 2014-08-20
@Scan_BootSectorName|%name%=HIDDEN| Bootkit.61030040.F987090C gefunden ist OK.
@Scan_BootSectorName|%name%=C:\| Bootkit.61030040.F987090C gefunden ist OK.
@Scan_BootSectorName|%name%=D:\| Bootkit.61030040.F987090C gefunden ist OK.
@Scan_BootSectorName|%name%=F:\| Bootkit.61030040.15908BB7 gefunden ist OK.
C:\Documents and Settings\ Gesperrte Datei. Nicht gescannt. ist OK.
C:\hiberfil.sys Gesperrte Datei. Nicht gescannt. ist OK.
C:\pagefile.sys Gesperrte Datei. Nicht gescannt. ist OK.
C:\Program Files (x86)\HP Games\Agatha Christie - Peril at End House\Agatha Christie - Peril at End House-WT.exe  ist OK.
C:\Program Files (x86)\HP Games\Bejeweled 3\bejeweled3-WT.exe  ist OK.
C:\Program Files (x86)\HP Games\Blasterball 3\BlasterBall3-WT.exe  ist OK.
C:\Program Files (x86)\HP Games\Cake Mania\Cake Mania-WT.exe  ist OK.
C:\Program Files (x86)\HP Games\Chronicles of Albian\Chronicles of Albian-WT.exe  ist OK.
C:\Program Files (x86)\HP Games\Farm Frenzy\Farm Frenzy-WT.exe  ist OK.
C:\Program Files (x86)\HP Games\FATE\Fate-WT.exe  ist OK.
C:\Program Files (x86)\HP Games\Jewel Quest Solitaire\Jewel Quest Solitaire-WT.exe  ist OK.
C:\Program Files (x86)\HP Games\Plants vs Zombies - Game of the Year\plantsvszombies-WT.exe  ist OK.
C:\Program Files (x86)\HP Games\Slingo Deluxe\Slingo Deluxe-WT.exe  ist OK.
C:\Program Files (x86)\HP Games\Virtual Villagers - The Secret City\Virtual Villagers - The Secret City-WT.exe  ist OK.
C:\Program Files (x86)\HP Games\Zuma Deluxe\Zuma Deluxe-WT.exe  ist OK.
C:\ProgramData\Desktop\ Gesperrte Datei. Nicht gescannt. ist OK.
C:\ProgramData\Documents\ Gesperrte Datei. Nicht gescannt. ist OK.
C:\ProgramData\Favorites\ Gesperrte Datei. Nicht gescannt. ist OK.
C:\ProgramData\Templates\ Gesperrte Datei. Nicht gescannt. ist OK.
C:\ProgramData\TuneUp Software\TuneUp Utilities 2013\TTUSvclrt.tt Gesperrte Datei. Nicht gescannt. ist OK.
C:\System Volume Information\ Gesperrte Datei. Nicht gescannt. ist OK.
C:\Users\Default\AppData\Local\History\ Gesperrte Datei. Nicht gescannt. ist OK.
C:\Users\Default\Documents\My Music\ Gesperrte Datei. Nicht gescannt. ist OK.
C:\Users\Default\Documents\My Pictures\ Gesperrte Datei. Nicht gescannt. ist OK.
C:\Users\Default\Documents\My Videos\ Gesperrte Datei. Nicht gescannt. ist OK.
C:\Users\Default\NetHood\ Gesperrte Datei. Nicht gescannt. ist OK.
C:\Users\Default\PrintHood\ Gesperrte Datei. Nicht gescannt. ist OK.
C:\Users\Default\Templates\ Gesperrte Datei. Nicht gescannt. ist OK.
C:\Users\Public\Documents\My Music\ Gesperrte Datei. Nicht gescannt. ist OK.
C:\Users\Public\Documents\My Pictures\ Gesperrte Datei. Nicht gescannt. ist OK.
C:\Users\Public\Documents\My Videos\ Gesperrte Datei. Nicht gescannt. ist OK.
C:\Users\UliMx921\Anwendungsdaten\ Gesperrte Datei. Nicht gescannt. ist OK.
C:\Users\UliMx921\AppData\Local\Avg2014\temp\avg-0bc7e315-1e78-486e-ae43-4169287ced29.tmp Gesperrte Datei. Nicht gescannt. ist OK.
C:\Users\UliMx921\AppData\Local\Avg2014\temp\avg-5bf37909-def4-4a62-8b51-4736d8aa1a21.tmp Gesperrte Datei. Nicht gescannt. ist OK.
C:\Users\UliMx921\AppData\Local\Microsoft\Windows\UsrClass.dat Gesperrte Datei. Nicht gescannt. ist OK.
C:\Users\UliMx921\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG1 Gesperrte Datei. Nicht gescannt. ist OK.
C:\Users\UliMx921\AppData\Local\Microsoft\Windows\UsrClass.dat.LOG2 Gesperrte Datei. Nicht gescannt. ist OK.
C:\Users\UliMx921\AppData\Roaming\Microsoft\Windows\Start Menu\Programme\ Gesperrte Datei. Nicht gescannt. ist OK.
C:\Users\UliMx921\Documents\Eigene Bilder\ Gesperrte Datei. Nicht gescannt. ist OK.
C:\Users\UliMx921\Documents\Eigene Musik\ Gesperrte Datei. Nicht gescannt. ist OK.
C:\Users\UliMx921\Documents\Eigene Videos\ Gesperrte Datei. Nicht gescannt. ist OK.
C:\Users\UliMx921\Druckumgebung\ Gesperrte Datei. Nicht gescannt. ist OK.
C:\Users\UliMx921\Netzwerkumgebung\ Gesperrte Datei. Nicht gescannt. ist OK.
C:\Users\UliMx921\ntuser.dat Gesperrte Datei. Nicht gescannt. ist OK.
C:\Users\UliMx921\ntuser.dat.LOG1 Gesperrte Datei. Nicht gescannt. ist OK.
C:\Users\UliMx921\ntuser.dat.LOG2 Gesperrte Datei. Nicht gescannt. ist OK.
C:\Users\UliMx921\Vorlagen\ Gesperrte Datei. Nicht gescannt. ist OK.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat Gesperrte Datei. Nicht gescannt. ist OK.
C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat Gesperrte Datei. Nicht gescannt. ist OK.
C:\Windows\ServiceProfiles\LocalService\ntuser.dat Gesperrte Datei. Nicht gescannt. ist OK.
C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT.LOG1 Gesperrte Datei. Nicht gescannt. ist OK.
C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT.LOG2 Gesperrte Datei. Nicht gescannt. ist OK.
C:\Windows\ServiceProfiles\NetworkService\ntuser.dat Gesperrte Datei. Nicht gescannt. ist OK.
C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT.LOG1 Gesperrte Datei. Nicht gescannt. ist OK.
C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT.LOG2 Gesperrte Datei. Nicht gescannt. ist OK.
C:\Windows\System32\catroot2\edb.log Gesperrte Datei. Nicht gescannt. ist OK.
C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb Gesperrte Datei. Nicht gescannt. ist OK.
C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb Gesperrte Datei. Nicht gescannt. ist OK.
C:\Windows\System32\config\default Gesperrte Datei. Nicht gescannt. ist OK.
C:\Windows\System32\config\DEFAULT.LOG1 Gesperrte Datei. Nicht gescannt. ist OK.
C:\Windows\System32\config\DEFAULT.LOG2 Gesperrte Datei. Nicht gescannt. ist OK.
C:\Windows\System32\config\RegBack\DEFAULT Gesperrte Datei. Nicht gescannt. ist OK.
C:\Windows\System32\config\RegBack\SAM Gesperrte Datei. Nicht gescannt. ist OK.
C:\Windows\System32\config\RegBack\SECURITY Gesperrte Datei. Nicht gescannt. ist OK.
C:\Windows\System32\config\RegBack\SOFTWARE Gesperrte Datei. Nicht gescannt. ist OK.
C:\Windows\System32\config\RegBack\SYSTEM Gesperrte Datei. Nicht gescannt. ist OK.
C:\Windows\System32\config\sam Gesperrte Datei. Nicht gescannt. ist OK.
C:\Windows\System32\config\SAM.LOG1 Gesperrte Datei. Nicht gescannt. ist OK.
C:\Windows\System32\config\SAM.LOG2 Gesperrte Datei. Nicht gescannt. ist OK.
C:\Windows\System32\config\security Gesperrte Datei. Nicht gescannt. ist OK.
C:\Windows\System32\config\SECURITY.LOG1 Gesperrte Datei. Nicht gescannt. ist OK.
C:\Windows\System32\config\SECURITY.LOG2 Gesperrte Datei. Nicht gescannt. ist OK.
C:\Windows\System32\config\software Gesperrte Datei. Nicht gescannt. ist OK.
C:\Windows\System32\config\SOFTWARE.LOG1 Gesperrte Datei. Nicht gescannt. ist OK.
C:\Windows\System32\config\SOFTWARE.LOG2 Gesperrte Datei. Nicht gescannt. ist OK.
C:\Windows\System32\config\system Gesperrte Datei. Nicht gescannt. ist OK.
C:\Windows\System32\config\SYSTEM.LOG1 Gesperrte Datei. Nicht gescannt. ist OK.
C:\Windows\System32\config\SYSTEM.LOG2 Gesperrte Datei. Nicht gescannt. ist OK.
C:\Windows\System32\LogFiles\WMI\RtBackup\ Gesperrte Datei. Nicht gescannt. ist OK.
C:\Windows\System32\Microsoft\Protect\Recovery\Recovery.dat Gesperrte Datei. Nicht gescannt. ist OK.
C:\Windows\System32\Microsoft\Protect\Recovery\Recovery.dat.LOG1 Gesperrte Datei. Nicht gescannt. ist OK.
C:\Windows\System32\Microsoft\Protect\Recovery\Recovery.dat.LOG2 Gesperrte Datei. Nicht gescannt. ist OK.
C:\Windows\System32\Microsoft\Protect\Recovery\Recovery.dat{fb05fdd4-31e0-11e3-a5b1-082e5f1503a7}.TM.blf Gesperrte Datei. Nicht gescannt. ist OK.
C:\Windows\System32\Microsoft\Protect\Recovery\Recovery.dat{fb05fdd4-31e0-11e3-a5b1-082e5f1503a7}.TMContainer00000000000000000001.regtrans-ms Gesperrte Datei. Nicht gescannt. ist OK.
C:\Windows\System32\Microsoft\Protect\Recovery\Recovery.dat{fb05fdd4-31e0-11e3-a5b1-082e5f1503a7}.TMContainer00000000000000000002.regtrans-ms Gesperrte Datei. Nicht gescannt. ist OK.
D:\System Volume Information\ Gesperrte Datei. Nicht gescannt. ist OK.
F:\System Volume Information\ Gesperrte Datei. Nicht gescannt. ist OK.

------------------------------------------------------------
Test gestartet: 20.8.2014 12:16:05
Testdauer: 51 Minute(n) 45 Sekunde(n)
------------------------------------------------------------
Gescannte Objekte: 328135
Gefundene Infektionen:   75
Schweregrad 'Hoch' gefunden:    0
Schweregrad 'Mittel' gefunden:    0
Schweregrad 'Information' gefunden:   79
Schweregrad 'Hoch' behoben:    0
Schweregrad 'Mittel' behoben:    0
Schweregrad 'Information' behoben:    0
------------------------------------------------------------
Ich bin ratlos, aber vielleicht kann hier ja jemand helfen. Würde mich freuen!
Wenn noch Fragen aufkommen oder noch etwas benötigt wird - einfach Bescheid geben.
Danke im Voraus.

Grüße,
Music.Junky

 

Themen zu Windows 7 - Internet leitet zu Viren-Page um
antivirus, avg antivirus, branding, conduitsearch, conduitsearch entfernen, converter, dvdvideosoft ltd., fake flash player, flash player, programm, pup.optional.1clickdownload.a, pup.optional.conduitsearchprotect, pup.optional.fastsearchings, pup.optional.opencandy, pup.optional.searchprotect.a, pup.optional.sweetim.a, pup.optional.vaudix.a, pup.optional.websearchinfo, software, spotify web helper, viren-page, win32/adware.yontoo.b, win32/toolbar.conduit.p, win32/toolbar.conduit.x, win32/toolbar.conduit.y, win64/toolbar.conduit.b, windows xp


« Windows 7 64Bit, Virus: Infector.Gen9 | Windows Explorer stürzt ab, Norton AntiVirus lässt sich nicht öffnen »


Ähnliche Themen: Windows 7 - Internet leitet zu Viren-Page um


  1. Windows 8.1: Rootkit-gen, SupTab, Sweet Page
    Log-Analyse und Auswertung - 13.11.2014 (16)
  2. Ständiges Werbefenster im IE (Windows 8.1) u. Sweet Page im Firefox
    Log-Analyse und Auswertung - 07.10.2014 (13)
  3. Sweet page - System sauber oder kann ich noch andere Trojaner, Viren o.ä. haben?
    Plagegeister aller Art und deren Bekämpfung - 16.09.2014 (12)
  4. Windows 8: Internet leitet auf andere Seiten weiter
    Plagegeister aller Art und deren Bekämpfung - 03.08.2014 (1)
  5. Windows 7 64 Prof : Internet Explorer leitet immer auf marketpingloui.com um
    Log-Analyse und Auswertung - 18.02.2014 (18)
  6. Live Security eingefangen - Firefox leitet zu Windows Live um - immer noch Viren auf meinem PC?
    Plagegeister aller Art und deren Bekämpfung - 26.07.2012 (27)
  7. Internet langsam + Google leitet zu unerwünschen Seiten um
    Plagegeister aller Art und deren Bekämpfung - 17.07.2012 (5)
  8. Error we are sorry the payment page was Not opened correctly. Please go back to the merchant page to
    Plagegeister aller Art und deren Bekämpfung - 09.11.2011 (7)
  9. Internet Explorer leitet auf mir unbekannte Seiten um
    Log-Analyse und Auswertung - 13.05.2011 (30)
  10. svchost.exe / Internet Explorer/Google leitet um
    Log-Analyse und Auswertung - 25.02.2011 (7)
  11. internet langsam /google leitet auf falsche Seiten um
    Log-Analyse und Auswertung - 01.11.2008 (6)
  12. Internet langsam/Google leitet auf falsche Zeiten um
    Log-Analyse und Auswertung - 02.10.2008 (9)
  13. Internet Explorer leitet auf every-game.de etc. um und ist langsam
    Plagegeister aller Art und deren Bekämpfung - 05.08.2007 (6)
  14. Internet Explorer: Google leitet auf falsche Seiten um.
    Log-Analyse und Auswertung - 12.06.2007 (3)
  15. google.de leitet mich auf goneo internet gmbh weiter
    Log-Analyse und Auswertung - 24.01.2007 (12)
  16. Trojaner leitet Internet in die Ukraine um
    Plagegeister aller Art und deren Bekämpfung - 08.10.2005 (33)
  17. Desktop-Internet-Page ?
    Alles rund um Windows - 27.12.2004 (3)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Windows 7 - Internet leitet zu Viren-Page um - Hallo Zusammen, seit gestern Abend bemerke ich, dass ich beim Surven auf einer bestimmten Seite im Internet immer wieder zu einer anderen umgeleitet werde. Umleitung erfolgt hierhin: Code: Alles auswählen - Windows 7 - Internet leitet zu Viren-Page um...
Archiv
Du betrachtest: Windows 7 - Internet leitet zu Viren-Page um auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27