Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   tcbhn wurde beendet (https://www.trojaner-board.de/138509-tcbhn-wurde-beendet.html)

Rosanja 20.07.2013 19:05
tcbhn wurde beendet
 
Hallo,

ich habe einen Computer von Medion ca. sieben Jahre alt, mit Windows-Vista. Der Computer läuft schon seit dem Kauf nicht einwandfrei. Die Fehler kann ich nicht mehr ganz genau benennen. com. surrog..... funktioniert nicht mehr und irgend Etwas mit Win32...exe..
Ich konnte schon nach einiger Zeit Windows-Fotogalerie nicht mehr benutzen und bin auf Picasa umgestiegen (jetzt auch mit Probleme). Aber jetzt geht gar nichts mehr ohne Fehler.
Ich habe Probleme mit Firefox, sobald ich etwas schließe steht das Bild und es geht in Mega Zeitlupe weiter, dann Starte ich den Computer neu und ich kann wieder ein WENIG arbeiten. Zwischendurch fährt Windows auf grund von Problemen alleine runter und ich muss den PC aus ? (Schwarzes Bild mit weißer Schrift) wieder Normal starten. Ich erhalte jetzt auch dauernd die Meldung: tcbhn wurde beendet. Ich denke es wird eine schwere Geburt...lach.

Ich habe schon tdss Killer von Kaspersky benutzt, er hat keinen Fehler gefunden.
Antivirus hatte ich Kaspersky (Kostenlose Version), der Schlüssel ist seit paar Tagen abgelaufen und die Datenbanken sind seit ewiger Zeit veraltet (liessen sich nicht erneuern).


Freue mich schon auf Hilfe :rolleyes:

schrauber 20.07.2013 19:37
hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


Rosanja 22.07.2013 10:38
Danke für die schnelle Antwort.

Ich habe versucht das Programm zu installieren und mein Rechner ist immer abgestürzt.
Ich werde das Programm jetzt auf einen anderen Rechner laden und auf einen Stick ziehen und melde mich dann wieder.

Bis dahin

schrauber 22.07.2013 10:55
ok :)

Rosanja 22.07.2013 19:54
Hallo Schrauber,

ich habe das Programm jetzt auf dem Stick!
Ich wollte es gleich Mal auf dem PC meiner Tochter ausprobieren und er hat tatsächlich über 1000 Fehler gefunden, um diese zu beheben muss ich das Programm aber in der Vollversion kaufen.

Soll ich die Vollversion kaufen (RegCleanPro)?

Kann ich das Programm dann auch für beide Rechner benutzen?

Soll ich im erweiterten Startmoduns scannen oder einfach wenn der Rechner läuft????

Ich habe inzwischen deine Themen etwas durchstöbert und bin jetzt endlich auch fündig geworden, wie es mit FRST läuft ;-) Hier die Logfiles:
FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 21-07-2013
Ran by Olaf (administrator) on 22-07-2013 20:43:00
Running from J:\
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe
(InterVideo Inc.) C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
() C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
(MAGIX AG) C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
(Hewlett-Packard Company) c:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS32.exe
() C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\tv_w32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Hewlett-Packard Company) C:\hp\support\hpsysdrv.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
() C:\Program Files\Steganos Safe Home\SteganosHotKeyService.exe
(Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Ask) C:\Program Files\Ask.com\Updater\Updater.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
() C:\Program Files\radio ffn Rekorder\phonostarTimer.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) \\?\C:\Windows\system32\wbem\WMIADAP.EXE
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Hewlett-Packard Company) C:\hp\kbd\kbd.exe
(RealNetworks, Inc.) C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe

==================== Registry (Whitelisted) ==================

Winlogon\Notify\klogon: C:\Windows\system32\klogon.dll (Kaspersky Lab)
MountPoints2: {f75312be-89cf-11de-a996-001a92486b3f} - J:\Menu.exe
HKU\IUSR_NMPR\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [ 2008-01-18] (Microsoft Corporation)
HKU\IUSR_NMPR\...\Run: [ICQ] - "C:\Program Files\ICQ6\ICQ.exe" silent [x]
HKU\IUSR_NMPR\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [x]
HKU\IUSR_NMPR\...\RunOnce: [ICQ Lite] - C:\Program Files\ICQLite\ICQLite.exe -trayboot [x]
HKU\IUSR_NMPR\...\RunOnce: [DATA BECKER Registrierung] - "C:\Program Files\Internet Explorer\Iexplore.exe" C:\Program Files\DATA BECKER\Visitenkarten-Druckerei 10\Support\Online\index.htm [x]

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.ask.com/?l=dis&o=14597
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_DE&c=71&bd=Pavilion&pf=desktop
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_DE&c=71&bd=Pavilion&pf=desktop
URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
URLSearchHook: ST-de3 Toolbar - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files\softonic-de3\prxtbsof0.dll (Conduit Ltd.)
SearchScopes: HKLM - {99BF4F38-A3A2-412A-996F-AAD9A3406746} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06
SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2431245
SearchScopes: HKCU - DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&AF=100482&babsrc=SP_ss&mntrId=ba071274000000000000001a92486b3f
SearchScopes: HKCU - {0D7562AE-8EF6-416d-A838-AB665251703A} URL = hxxp://start.facemoods.com/?a=ironto&s={searchTerms}&f=4
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&AF=100482&babsrc=SP_ss&mntrId=ba071274000000000000001a92486b3f
SearchScopes: HKCU - {639C8579-AFEB-4039-886E-D4B7612A0244} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=U3&apn_dtid=YYYYYYYYDE&apn_uid=E918B100-3F16-4AFE-9A56-655241D70738&apn_sauid=FA585939-A01E-4CF2-B412-32F822B64359
SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.de/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7GGLL_de
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2431245
SearchScopes: HKCU - {BE9654C9-9D79-42ec-B55A-3CAEB12DBF58} URL = hxxp://www.icq.com/search/results.php?q={searchTerms}&ch_id=osd
SearchScopes: HKCU - {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = hxxp://mystart.incredimail.com/?search={searchTerms}&loc=search_box_im2_test_v2
BHO: Ginyas Browser Companion - {00cbb66b-1d3b-46d3-9577-323a336acb50} - C:\Program Files\GinyasBrowserCompanion\jsloader.dll ( )
BHO: XTTBPos00 Class - {055FD26D-3A88-4e15-963D-DC8493744B1D} -  No File
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: Super Lyrics - {30B87EBD-E91B-498B-B25D-DF116AF00393} - C:\Program Files\Super_Lyrics\124.dll (Super Add-on Software)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Ginyas Browser Companion Verifier - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Program Files\GinyasBrowserCompanion\updatebhoWin32.dll ( )
BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Super Lyrics - {B9020890-9E08-446B-87B0-0C5CD0436D86} - C:\Program Files\Super_Lyrics\116.dll No File
BHO: ST-de3 Toolbar - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files\softonic-de3\prxtbsof0.dll (Conduit Ltd.)
BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" No File
BHO: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: ChromeFrame BHO - {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} - C:\Program Files\Google\Chrome Frame\Application\28.0.1500.72\npchrome_frame.dll (Google Inc.)
BHO: DealPly - {EF7BD87A-8024-11E2-F316-F3E56188709B} - C:\Program Files\DealPly\DealPlyIE.dll (DealPly)
Toolbar: HKLM - ST-de3 Toolbar - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Program Files\softonic-de3\prxtbsof0.dll (Conduit Ltd.)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files\Microsoft\BingBar\BingExt.dll" No File
Toolbar: HKLM - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKCU -No Name - {855F3B16-6D32-4FE6-8A56-BBB695989046} -  No File
Toolbar: HKCU -&Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\Windows\system32\ieframe.dll (Microsoft Corporation)
Toolbar: HKCU -No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} -  No File
Toolbar: HKCU -ST-de3 Toolbar - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - C:\Program Files\softonic-de3\prxtbsof0.dll (Conduit Ltd.)
Toolbar: HKCU -Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\GinyasBrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
Handler: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\GinyasBrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
Handler: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files\Google\Chrome Frame\Application\28.0.1500.72\npchrome_frame.dll (Google Inc.)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msdaipp - No CLSID Value -
Handler: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files\GinyasBrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default
FF user.js: detected! => C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\user.js
FF SelectedSearchEngine: Google.de
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/JavaPlugin,version=10.11.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @real.com/nppl3260;version=16.0.0.282 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/npracplug;version=1.0.0.0 - C:\Program Files\Real\RealArcade\Plugins\Mozilla\npracplug.dll (RealNetworks)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.0.282 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @phonostar.de/radio ffn Rekorder - C:\Program Files\radio ffn Rekorder\npphonostarDetectNP.dll ( )
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Olaf\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF SearchPlugin: C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\searchplugins\conduit.xml
FF SearchPlugin: C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\searchplugins\googlede-pws.xml
FF SearchPlugin: C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\searchplugins\googlede.xml
FF SearchPlugin: C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\searchplugins\icqplugin.xml
FF Extension: No Name - C:\Users\Olaf\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: No Name - C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\Extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com
FF Extension: Ginyas Browser Companion - C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\Extensions\bbrs_002@blabbers.com
FF Extension: Conduit Engine  - C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\Extensions\engine@conduit.com
FF Extension: Babylon - C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\Extensions\ffxtlbr@babylon.com
FF Extension: No Name - C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\Extensions\plugin@starstable.com
FF Extension: No Name - C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\Extensions\toolbar@ask.com
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF Extension: Elf 1.12 Community Toolbar - C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\Extensions\{38542454-dfb6-44f5-b052-d4e071a3d073}(27)
FF Extension: ciuvo-extension - C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\Extensions\ciuvo-extension@icq.de.xpi
FF Extension: plugin - C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\Extensions\plugin@yontoo.com.xpi
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [{34712C68-7391-4c47-94F3-8F88D49AD632}] C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF HKCU\...\Firefox\Extensions: [{F7EC2BAD-F77B-4020-B3C6-58B97D0859E5}] C:\Program Files\Super_Lyrics\116.xpi

Chrome:
=======
CHR Extension: () - C:\Users\Olaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\1.0.5_0\back.html
CHR Extension: (Ginyas Browser Companion) - C:\Users\Olaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodddioamolcibagionmmobehnbhiakf\1.0.5_0
CHR Extension: (DealPly Shopping  ) - C:\Users\Olaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmfnfnpmhcllokmkepffndflpnadjmma\3.5.0.0_0
CHR HKLM\...\Chrome\Extension: [bgnjcnjlaajofpendibcoodneacalfho] - C:\Program Files\Super_Lyrics\124.crx
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx
CHR HKLM\...\Chrome\Extension: [npldjlebaajpmaipffkcmdllphdglkko] - C:\Program Files\OutBrowseToolbar\chrome\OutBrowseToolbar.crx

========================== Services (Whitelisted) =================

S3 AlertService; C:\Program Files\Intel\IntelDH\CCU\AlertService.exe [188416 2006-09-11] (Intel(R) Corporation)
R2 AVP; C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe [221184 2008-05-01] (Kaspersky Lab)
R2 Capture Device Service; C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe [198168 2007-03-06] (InterVideo Inc.)
R2 DQLWinService; C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [208896 2006-09-03] ()
R2 Fabs; C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe [1253376 2009-08-27] (MAGIX AG)
S3 FirebirdServerMAGIXInstance; C:\MAGIX\Common\Database\bin\fbserver.exe [1527900 2005-08-10] (The Firebird Project)
S2 IntelDHSvcConf; C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe [29696 2006-05-10] (Intel(R) Corporation)
S3 ISSM; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe [75264 2006-09-11] (Intel(R) Corporation)
S3 M1 Server; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe [26624 2006-09-01] ()
S3 MCLServiceATL; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe [167936 2006-09-11] (Intel(R) Corporation)
R2 OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [90112 2009-04-30] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] ()
S3 Remote UI Service; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe [544256 2006-09-11] (Intel(R) Corporation)

==================== Drivers (Whitelisted) ====================

R2 ACEDRV07; C:\Windows\system32\drivers\ACEDRV07.sys [101376 2007-09-27] (Protect Software GmbH)
R3 Afc; C:\Windows\System32\drivers\Afc.sys [11776 2005-02-23] (Arcsoft, Inc.)
R1 kl1; C:\Windows\System32\DRIVERS\kl1.sys [110096 2007-10-31] (Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [147984 2007-12-13] (Kaspersky Lab)
R3 pfc; C:\Windows\System32\drivers\pfc.sys [21248 2003-09-20] (Padus, Inc.)
S3 s0017bus; C:\Windows\System32\DRIVERS\s0017bus.sys [90536 2008-05-27] (MCCI Corporation)
S3 s0017mdfl; C:\Windows\System32\DRIVERS\s0017mdfl.sys [15016 2008-05-27] (MCCI Corporation)
S3 s0017mdm; C:\Windows\System32\DRIVERS\s0017mdm.sys [122152 2008-05-27] (MCCI Corporation)
S3 s0017mgmt; C:\Windows\System32\DRIVERS\s0017mgmt.sys [115496 2008-05-27] (MCCI Corporation)
S3 s0017nd5; C:\Windows\System32\DRIVERS\s0017nd5.sys [25768 2008-05-27] (MCCI Corporation)
S3 s0017obex; C:\Windows\System32\DRIVERS\s0017obex.sys [111912 2008-05-27] (MCCI Corporation)
S3 s0017unic; C:\Windows\System32\DRIVERS\s0017unic.sys [117672 2008-05-27] (MCCI Corporation)
R1 SLEE_14_DRIVER; C:\Windows\system32\drivers\Sleen14.sys [72480 2006-11-08] (Softwareentwicklung Remus - ArchiCrypt )
S3 TSHWMDTCP; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys [4608 2006-07-13] ()
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 massfilter; system32\drivers\massfilter.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 ZD1211BU(ZyDAS); system32\DRIVERS\zd1211Bu.sys [x]
S3 ZDPSp60; System32\Drivers\ZDPSp60.sys [x]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [x]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [x]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-22 20:34 - 2013-07-22 20:34 - 00000000 ____D C:\FRST
2013-07-20 23:42 - 2013-07-20 23:42 - 00000931 _____ C:\Users\Olaf\Desktop\Continue Zip Opener Installation.lnk
2013-07-20 23:40 - 2013-07-20 23:40 - 00793536 _____ C:\Users\Olaf\Downloads\ZipOpenerSetup(4).exe
2013-07-20 23:19 - 2013-07-20 23:19 - 00156160 _____ C:\Windows\Minidump\Mini072013-02.dmp
2013-07-20 23:17 - 2013-07-22 20:37 - 00001880 _____ C:\Windows\Tasks\Plus-HD-2.3-chromeinstaller.job
2013-07-20 23:17 - 2013-07-22 20:37 - 00001804 _____ C:\Windows\Tasks\Plus-HD-2.3-firefoxinstaller.job
2013-07-20 23:17 - 2013-07-20 23:17 - 00000000 ____D C:\Program Files\Super_Lyrics
2013-07-20 23:17 - 2013-07-20 23:17 - 00000000 ____D C:\Program Files\Plus-HD-2.3
2013-07-20 23:16 - 2013-07-22 20:39 - 00000374 _____ C:\Windows\Tasks\Super Lyrics Update.job
2013-07-20 23:07 - 2013-07-20 23:07 - 00793536 _____ C:\Users\Olaf\Downloads\ZipOpenerSetup(3).exe
2013-07-20 22:50 - 2013-07-20 23:17 - 00000865 _____ C:\Users\Public\Desktop\Open It!.lnk
2013-07-20 22:50 - 2013-07-20 22:54 - 00000282 _____ C:\Windows\Tasks\DSite.job
2013-07-20 22:49 - 2013-07-20 22:49 - 00001991 _____ C:\Users\Olaf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qtrax Player.lnk
2013-07-20 22:49 - 2013-07-20 22:49 - 00001961 _____ C:\Users\Olaf\Desktop\Qtrax Player.lnk
2013-07-20 22:49 - 2013-07-20 22:49 - 00000000 ____D C:\Users\Olaf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
2013-07-20 22:49 - 2013-07-20 22:49 - 00000000 ____D C:\Users\Olaf\AppData\Roaming\DSite
2013-07-20 22:49 - 2013-07-20 22:49 - 00000000 ____D C:\ProgramData\Babylon
2013-07-20 22:49 - 2013-07-20 22:49 - 00000000 ____D C:\Program Files\OpenIt
2013-07-20 22:49 - 2013-07-20 22:49 - 00000000 ____D C:\Program Files\DealPly
2013-07-20 22:48 - 2013-07-20 22:48 - 00793536 _____ C:\Users\Olaf\Downloads\ZipOpenerSetup(2).exe
2013-07-20 22:41 - 2013-07-20 22:41 - 00793536 _____ C:\Users\Olaf\Downloads\ZipOpenerSetup(1).exe
2013-07-20 22:14 - 2013-07-22 20:38 - 00000372 _____ C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_Olaf.job
2013-07-20 22:11 - 2013-07-20 22:34 - 00000366 _____ C:\Windows\Tasks\ReclaimerUpdateFiles_Olaf.job
2013-07-20 22:11 - 2013-07-20 22:34 - 00000362 _____ C:\Windows\Tasks\ReclaimerUpdateXML_Olaf.job
2013-07-20 20:40 - 2013-07-20 20:40 - 00793536 _____ C:\Users\Olaf\Downloads\ZipOpenerSetup.exe
2013-07-20 19:31 - 2013-07-20 19:32 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-07-20 18:51 - 2013-07-20 18:51 - 00160000 _____ C:\Windows\Minidump\Mini072013-01.dmp
2013-07-20 18:37 - 2013-07-22 20:47 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-20 18:37 - 2013-07-22 20:37 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-20 18:32 - 2013-07-20 18:32 - 02195988 _____ C:\Users\Olaf\Desktop\tdsskiller-2-8-14-0.zip
2013-07-20 18:32 - 2013-07-20 18:32 - 00000000 ____D C:\Users\Olaf\AppData\Roaming\PiccShare
2013-07-20 18:32 - 2013-07-20 18:32 - 00000000 ____D C:\Users\Olaf\AppData\Roaming\Common
2013-07-20 18:29 - 2013-07-20 18:30 - 00393064 _____ (Softonic                                        ) C:\Users\Olaf\Downloads\SoftonicDownloader_fuer_kaspersky-tdsskiller.exe

==================== One Month Modified Files and Folders =======

2013-07-22 20:47 - 2013-07-20 18:37 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-22 20:45 - 2006-11-02 14:37 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-22 20:44 - 2011-12-12 16:11 - 01649139 _____ C:\Windows\WindowsUpdate.log
2013-07-22 20:44 - 2006-11-02 12:33 - 01586480 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-22 20:40 - 2007-06-27 14:40 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-07-22 20:39 - 2013-07-20 23:16 - 00000374 _____ C:\Windows\Tasks\Super Lyrics Update.job
2013-07-22 20:39 - 2013-01-27 13:53 - 00000936 _____ C:\Windows\Tasks\GinyasBrowserCompanion Update Checker.job
2013-07-22 20:38 - 2013-07-20 22:14 - 00000372 _____ C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_Olaf.job
2013-07-22 20:37 - 2013-07-20 23:17 - 00001880 _____ C:\Windows\Tasks\Plus-HD-2.3-chromeinstaller.job
2013-07-22 20:37 - 2013-07-20 23:17 - 00001804 _____ C:\Windows\Tasks\Plus-HD-2.3-firefoxinstaller.job
2013-07-22 20:37 - 2013-07-20 18:37 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-22 20:37 - 2013-01-27 13:53 - 00001052 _____ C:\Windows\Tasks\GinyasBrowserCompanion Stats Report.job
2013-07-22 20:37 - 2013-01-27 13:53 - 00001052 _____ C:\Windows\Tasks\GinyasBrowserCompanion FireFox Watcher.job
2013-07-22 20:37 - 2013-01-27 13:53 - 00001004 _____ C:\Windows\Tasks\GinyasBrowserCompanion Chrome Watcher.job
2013-07-22 20:37 - 2013-01-27 13:53 - 00000000 ____D C:\ProgramData\GinyasBrowserCompanion
2013-07-22 20:37 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-22 20:37 - 2006-11-02 14:47 - 00003696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-22 20:37 - 2006-11-02 14:47 - 00003696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-22 20:36 - 2008-01-08 16:06 - 00000000 ____D C:\ProgramData\NVIDIA
2013-07-22 20:34 - 2013-07-22 20:34 - 00000000 ____D C:\FRST
2013-07-20 23:53 - 2012-04-25 14:17 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-20 23:42 - 2013-07-20 23:42 - 00000931 _____ C:\Users\Olaf\Desktop\Continue Zip Opener Installation.lnk
2013-07-20 23:42 - 2007-04-02 16:15 - 00000000 ___RD C:\Users\Olaf\Desktop
2013-07-20 23:40 - 2013-07-20 23:40 - 00793536 _____ C:\Users\Olaf\Downloads\ZipOpenerSetup(4).exe
2013-07-20 23:25 - 2013-04-13 03:02 - 00000796 _____ C:\Windows\setupact.log
2013-07-20 23:19 - 2013-07-20 23:19 - 00156160 _____ C:\Windows\Minidump\Mini072013-02.dmp
2013-07-20 23:19 - 2013-04-13 13:15 - 413557682 _____ C:\Windows\MEMORY.DMP
2013-07-20 23:19 - 2009-05-13 17:54 - 00000000 ____D C:\Windows\Minidump
2013-07-20 23:17 - 2013-07-20 23:17 - 00000000 ____D C:\Program Files\Super_Lyrics
2013-07-20 23:17 - 2013-07-20 23:17 - 00000000 ____D C:\Program Files\Plus-HD-2.3
2013-07-20 23:17 - 2013-07-20 22:50 - 00000865 _____ C:\Users\Public\Desktop\Open It!.lnk
2013-07-20 23:07 - 2013-07-20 23:07 - 00793536 _____ C:\Users\Olaf\Downloads\ZipOpenerSetup(3).exe
2013-07-20 22:54 - 2013-07-20 22:50 - 00000282 _____ C:\Windows\Tasks\DSite.job
2013-07-20 22:50 - 2006-11-02 13:18 - 00000000 __RHD C:\Users\Public\Desktop
2013-07-20 22:49 - 2013-07-20 22:49 - 00001991 _____ C:\Users\Olaf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qtrax Player.lnk
2013-07-20 22:49 - 2013-07-20 22:49 - 00001961 _____ C:\Users\Olaf\Desktop\Qtrax Player.lnk
2013-07-20 22:49 - 2013-07-20 22:49 - 00000000 ____D C:\Users\Olaf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
2013-07-20 22:49 - 2013-07-20 22:49 - 00000000 ____D C:\Users\Olaf\AppData\Roaming\DSite
2013-07-20 22:49 - 2013-07-20 22:49 - 00000000 ____D C:\ProgramData\Babylon
2013-07-20 22:49 - 2013-07-20 22:49 - 00000000 ____D C:\Program Files\OpenIt
2013-07-20 22:49 - 2013-07-20 22:49 - 00000000 ____D C:\Program Files\DealPly
2013-07-20 22:48 - 2013-07-20 22:48 - 00793536 _____ C:\Users\Olaf\Downloads\ZipOpenerSetup(2).exe
2013-07-20 22:41 - 2013-07-20 22:41 - 00793536 _____ C:\Users\Olaf\Downloads\ZipOpenerSetup(1).exe
2013-07-20 22:34 - 2013-07-20 22:11 - 00000366 _____ C:\Windows\Tasks\ReclaimerUpdateFiles_Olaf.job
2013-07-20 22:34 - 2013-07-20 22:11 - 00000362 _____ C:\Windows\Tasks\ReclaimerUpdateXML_Olaf.job
2013-07-20 22:34 - 2012-05-09 17:31 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-07-20 20:54 - 2009-12-30 18:13 - 2113803808 _____ C:\Windows\system32\Drivers\fidbox.dat
2013-07-20 20:40 - 2013-07-20 20:40 - 00793536 _____ C:\Users\Olaf\Downloads\ZipOpenerSetup.exe
2013-07-20 19:32 - 2013-07-20 19:31 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-07-20 18:56 - 2012-04-25 14:17 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-07-20 18:56 - 2011-08-28 08:50 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-07-20 18:51 - 2013-07-20 18:51 - 00160000 _____ C:\Windows\Minidump\Mini072013-01.dmp
2013-07-20 18:44 - 2013-04-10 15:28 - 00000730 _____ C:\Windows\PFRO.log
2013-07-20 18:41 - 2007-04-02 21:35 - 00000000 ____D C:\Users\Olaf\AppData\Local\Google
2013-07-20 18:38 - 2007-01-20 20:04 - 00000000 ____D C:\Program Files\Google
2013-07-20 18:32 - 2013-07-20 18:32 - 02195988 _____ C:\Users\Olaf\Desktop\tdsskiller-2-8-14-0.zip
2013-07-20 18:32 - 2013-07-20 18:32 - 00000000 ____D C:\Users\Olaf\AppData\Roaming\PiccShare
2013-07-20 18:32 - 2013-07-20 18:32 - 00000000 ____D C:\Users\Olaf\AppData\Roaming\Common
2013-07-20 18:31 - 2006-11-02 13:18 - 00000000 ___RD C:\Users\Public
2013-07-20 18:30 - 2013-07-20 18:29 - 00393064 _____ (Softonic                                        ) C:\Users\Olaf\Downloads\SoftonicDownloader_fuer_kaspersky-tdsskiller.exe

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-22 20:44

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---

--- --- ---

--- --- ---


Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 21-07-2013
Ran by Olaf at 2013-07-22 20:49:39
Running from J:\
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

Adobe Flash Player 11 ActiveX (Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (Version: 11.7.700.224)
Adobe Reader X (10.1.4) - Deutsch (Version: 10.1.4)
Adobe Shockwave Player (Version: 11)
Adobe® Photoshop® Album Starter Edition 3.2 (Version: 3.2.0)
Apple Application Support (Version: 2.3.3)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
ArcSoft Software Suite
Ask Toolbar (Version: 1.15.25.0)
Ask Toolbar Updater (HKCU Version: 1.2.6.36191)
Audacity 1.2.6
Avanquest update (Version: 1.21)
Awakening: Das Königreich der Kobolde Sammleredition
Barbie® als Dornröschen
Big Fish Games: Game Manager (Version: 3.0.1.60)
Bing Bar (Version: 7.0.619.0)
Bonjour (Version: 3.0.0.10)
CCleaner (Version: 2.36)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Corel Applications
Creative DVD Audio Plugin for Audigy Series
D3DX10 (Version: 15.4.2368.0902)
DealPly (remove only) (Version: 4.8.6.1)
DHTML Editing Component (Version: 6.02.0001)
Die Sage von Kolossus (Version: 1.0.0.0)
Die Sims™ 2: Glamour-Accessoires
Driver Genius Professional Edition
Echoes of the Past: Das versteinerte Königshaus
Echoes of the Past: Die Zitadellen der Zeit
Echoes of the Past: Die Zitadellen der Zeit Sammleredition
Facebook Video Calling 1.2.0.287 (Version: 1.2.287)
Firebird SQL Server - MAGIX Edition (Version: 2.1.27.0)
FormatFactory 2.90 (Version: 2.90)
FoxTab PDF Converter
FoxTab PDF Creator
Freddy:Mathematik3/Mathematik4
GinyasBrowserCompanion
Google Chrome Frame (Version: 65.119.72)
Google Update Helper (Version: 1.3.21.153)
Hardware Diagnose Tools (Version: 5.00.4262.12)
Haunted Manor: Der Herr der Spiegel
HP Customer Experience Enhancements (Version: 1.00.0000)
HP Easy Setup - Core (Version: 1.00.0000)
HP Easy Setup - Frontend (Version: 5.00.0000)
HP Picasso Media Center Add-In (Version: 1.0.0)
HP Update (Version: 4.000.005.005)
iCloud (Version: 2.1.1.3)
InstallRTC (Version: 1.0.0)
Intel(R) Matrix Storage Manager
Intel(R) PRO Network Connections Drivers
Intel® Viiv™ Software (Version: 1.6.361.6)
InterActual Player
InterVideo DeviceService (Version: 1.0.0)
InterVideo WinDVD 6 (Version: 6.0-B6.42)
iTunes (Version: 11.0.2.26)
Java 2 Runtime Environment, SE v1.4.2_14 (Version: 1.4.2_14)
Java 7 Update 11 (Version: 7.0.110)
Java Auto Updater (Version: 2.1.9.0)
Java(TM) 6 Update 2 (Version: 1.6.0.20)
Java(TM) 6 Update 29 (Version: 6.0.290)
Java(TM) SE Runtime Environment 6 Update 1 (Version: 1.6.0.10)
Junk Mail filter update (Version: 15.4.3502.0922)
Kaspersky Security Suite CBE (Version: 7.0.1.325)
Konz 2012 (Version: 1.00.0000)
LightScribe  1.4.124.1 (Version: 1.4.124.1)
LUMIX Simple Viewer (Version: 0.99.0000)
MAGIX Foto Clinic 4.5 (D) (Version: 4.5.3.2)
MAGIX Foto Manager 2006 (D) (Version: 3.0.1.71)
MAGIX Fotos auf CD & DVD 5.0 deLuxe (D) (Version: 5.0.0.0)
MAGIX Music Manager (D) (Version: 1.1.1.692)
MAGIX Online Druck Service
MAGIX Screenshare (Version: 4.3.6.1987)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6)
MEDION GoPal Assistant (Version: 6.0.6.11666)
Medion GoPal Assistant 4.03.006 (Version: 4.3.6.0)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 German Language Pack (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2742597)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft LifeCam (Version: 1.40.164.0)
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1)
Microsoft Office XP Professional mit FrontPage (Version: 10.0.6626.0)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual J# .NET Redistributable Package 1.1 (Version: 1.1.4322)
Microsoft Works (Version: 08.05.0822)
Microsoft XML Parser (Version: 8.0.7820.0)
MobileMe Control Panel (Version: 3.1.8.0)
Mozilla Firefox 16.0.2 (x86 de) (Version: 16.0.2)
Mozilla Maintenance Service (Version: 22.0)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Mystery Case Files: Rückkehr nach Ravenhearst ™
Nero 7 Premium (Version: 7.02.1290)
NVIDIA 3D Vision Treiber 311.06 (Version: 311.06)
NVIDIA Display Control Panel (Version: 6.14.12.5896)
NVIDIA Grafiktreiber 311.06 (Version: 311.06)
NVIDIA Install Application (Version: 2.1002.108.688)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.1106)
NVIDIA Systemsteuerung 311.06 (Version: 311.06)
NVIDIA Update 1.11.3 (Version: 1.11.3)
NVIDIA Update Components (Version: 1.11.3)
OcxSetup (Version: 1.0.0)
Open It! (Version: 1.1.1)
Optimierte Multimedia-Tastatur-Lösung
OutBrowse Toolbar
PDFCreator (Version: 1.2.0)
PHOTOfunSTUDIO -viewer- (Version: 1.00.000)
PhotoMail Maker (Version: 1.0.0.1040)
Picasa 3 (Version: 3.9)
Plus-HD-2.3 (Version: 1.27.153.8)
Python 2.4.3 (Version: 2.4.3150)
Qtrax Player
QuickTime (Version: 7.73.80.64)
RAD Video Tools
radio ffn Rekorder Version 3.02.8
RealArcade
RealDownloader (Version: 1.3.0)
RealPlayer (Version: 16.0.0)
Realtek High Definition Audio Driver (Version: 6.0.1.5322)
RealUpgrade 1.1 (Version: 1.1.0)
Recuva (Version: 1.42)
Roxio Express Labeler 3 (Version: 2.1.0)
RTL GAME CENTER (Version: 1.2010.6.23)
Sandlot Games Client Services 1.2.2
Segoe UI (Version: 15.4.2271.0615)
Spelling Dictionaries Support For Adobe Reader 8 (Version: 8.0.0)
Steganos Safe Home 2007 (Version: 9.0.3)
STRATO Backup Manager (Version: 1.0.0)
Super Lyrics
TeamViewer 7 (Version: 7.0.17271)
T-Online WLAN-Access Finder
Turbo Lister 2 (Version: 2.0.0)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
Update for Zip Opener
VideoPad Videobearbeitungs-Software
Visual C++ 9.0 CRT (x86) WinSXS MSM (Version: 9.0)
VLC media player 1.1.11 (Version: 1.1.11)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live Family Safety (Version: 15.4.3555.0308)
Windows Live Fotogalerie (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX control for remote connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Mobile-Gerätecenter (Version: 6.1.6965.0)
Windows Mobile-Gerätecenter: Treiberupdate (Version: 6.1.6965.0)
WinRAR archiver
Wise Registry Cleaner Free 5.8 (Version: 5.8)
Yontoo 1.12.02 (Version: 1.12.02)
 

==================== Restore Points  =========================

20-07-2013 17:00:57 Windows Update
22-07-2013 18:43:58 Windows Update

==================== Hosts content: ==========================

2006-11-02 12:23 - 2006-09-18 23:41 - 00000736 ____A C:\Windows\system32\Drivers\etc\hosts
::1            localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {0568804D-6FDF-46DF-9FF2-1948BB8636AB} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27] (Adobe Systems Incorporated)
Task: {09C0034D-8657-4DE1-8EEC-F9897D5695AA} - System32\Tasks\NCH Software\videopadShakeIcon => C:\Program Files\NCH Software\VideoPad\VideoPad.exe [2013-01-27] (NCH Software)
Task: {0B15B809-99AF-419D-94C0-B1C773C306AD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-07-20] (Google Inc.)
Task: {0E01E7C3-9558-44BA-9FBB-B1B57F5B86F1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {0E96532C-3B2B-44C1-90BA-7F13CA501ED3} - System32\Tasks\Microsoft\Windows\WindowsBackup\CheckFull => C:\Windows\System32\sdclt.exe [2010-12-14] (Microsoft Corporation)
Task: {0F8C0CCF-15B4-4117-9149-EB6B581EA2CD} - System32\Tasks\Plus-HD-2.3-firefoxinstaller => C:\Program Files\Plus-HD-2.3\Plus-HD-2.3-firefoxinstaller.exe [2013-07-20] (Plus HD)
Task: {1512D088-1673-49F7-9770-77BE3DAA0692} - System32\Tasks\Plus-HD-2.3-chromeinstaller => C:\Program Files\Plus-HD-2.3\Plus-HD-2.3-chromeinstaller.exe [2013-07-20] (Plus HD)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {2ED36C22-45D8-432F-A894-17FD629EA9E4} - System32\Tasks\Microsoft\Windows\Defrag\ManualDefrag => C:\Windows\system32\defrag.exe [2008-01-18] (Microsoft Corp.)
Task: {36ED2BA8-29DB-4B76-829A-C9395754ED4F} - System32\Tasks\ReclaimerUpdateXML_Olaf => C:\Users\Olaf\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.50\agent\rnupgagent.exe [2013-07-20] (RealNetworks, Inc.)
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {3D51B747-599F-4056-80E5-59E7C7DEC6B7} - System32\Tasks\User_Feed_Synchronization-{713C853D-16EB-4E3C-9AA1-35C296B67C10} => C:\Windows\system32\msfeedssync.exe [2011-11-06] (Microsoft Corporation)
Task: {43A05BEB-6B12-44F9-9021-56CC2207FB24} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03] (Sun Microsystems, Inc.)
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-18] (Microsoft Corporation)
Task: {4FEFDE2E-CF7B-454E-9CDA-22AA39A7741B} - System32\Tasks\HP-Online-Aktualisierungsprogramm => c:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2005-02-17] (Hewlett-Packard Co.)
Task: {552801B9-5EB1-49A5-AB14-52C2F7D259EF} - System32\Tasks\NCH Software\videopadDowngrade => C:\Program Files\NCH Software\VideoPad\videopad.exe [2013-01-27] (NCH Software)
Task: {562CE0C6-F0A0-4985-9A8C-851DBE47F3B1} - System32\Tasks\BFGLaunch_stone-of-destiny_s2_l2_gF2080T1L2_d167401155[1] => C:\Users\Olaf\AppData\Local\Temp\stone-of-destiny_s2_l2_gF2080T1L2_d167401155[1].exe No File
Task: {5BFFE95E-631C-4DE9-930E-024ADB4F6B14} - System32\Tasks\Steganos Agent => C:\Program Files\Steganos Safe Home\SteganosAgent.exe [2006-12-05] ()
Task: {5DC93932-76CE-4350-ACDF-0FE6C2520EED} - System32\Tasks\GinyasBrowserCompanion Stats Report => C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe [2013-01-16] (Blabbers Communications Ltd)
Task: {61398903-0F8E-447C-98A6-E120573C6E64} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27] (Adobe Systems Incorporated)
Task: {6306DA7D-9019-4042-91FD-1D44D6EB4318} - System32\Tasks\BFGLaunch_fashion-craze_s2_l2_gF2238T1L2_d134644565[1] => C:\Users\Olaf\AppData\Local\Temp\fashion-craze_s2_l2_gF2238T1L2_d134644565[1].exe No File
Task: {6339F7E6-6E06-4F94-8E14-F1D84E8FEA45} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files\Ask.com\UpdateTask.exe [2013-04-25] ()
Task: {6FFE2D14-85FE-4E9F-9208-1484E691B4E7} - System32\Tasks\RNUpgradeHelperLogonPrompt_Olaf => C:\Users\Olaf\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.50\agent\rnupgagent.exe [2013-07-20] (RealNetworks, Inc.)
Task: {720AAE8C-F14F-4C56-82BE-FCB74E1E08C7} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1566220321-2446519374-2048356015-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2012-11-30] (RealNetworks, Inc.)
Task: {73318A8D-623C-4485-AFFC-630891545622} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-20] (Adobe Systems Incorporated)
Task: {7567DA21-7F32-4997-848A-82D04FC183E2} - System32\Tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor => C:\Windows\System32\sdclt.exe [2010-12-14] (Microsoft Corporation)
Task: {7A513F29-5009-421E-86C1-DCC79D76AFA6} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1566220321-2446519374-2048356015-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2012-11-30] (RealNetworks, Inc.)
Task: {7DB83568-6916-4EA2-A28C-45A1FB24A9B4} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1566220321-2446519374-2048356015-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2012-11-30] (RealNetworks, Inc.)
Task: {81685675-E43F-408E-9D63-DAF87BBACD7F} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1566220321-2446519374-2048356015-1001UA => C:\Users\Olaf\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {84AD09F3-0363-4407-BEEA-8C5BD2CC8097} - System32\Tasks\Java => C:\Program Files\Java\jre6\bin\jusched.exe No File
Task: {85DD6276-7838-4232-8FF8-CB15EF58DF2E} - System32\Tasks\Real Player-Online-Aktualisierungsprogramm => c:\program files\real\realplayer\Update\realsched.exe [2013-01-19] (RealNetworks, Inc.)
Task: {87BD1C97-0934-4021-9770-D7B1B1D7BD60} - System32\Tasks\DSite => C:\Users\Olaf\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE [2013-07-20] ()
Task: {8EB3A4B7-9C62-4B08-BBD5-E9D07C405232} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\schtasks.exe [2008-01-18] (Microsoft Corporation)
Task: {935C56FB-D42B-44EE-AC9D-1AA796AE50F5} - System32\Tasks\Microsoft_Hardware_Launch_vVX3000_exe => C:\Windows\vVX3000.exe [2007-04-10] (Microsoft Corporation)
Task: {95203A9F-5EA3-4B81-BFA3-71B4BC5CF928} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => C:\Windows\system32\rundll32.exe [2006-11-02] (Microsoft Corporation)
Task: {9B8ACEE6-311B-49BC-A6BD-AFEACE7ACE22} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1566220321-2446519374-2048356015-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2012-11-30] (RealNetworks, Inc.)
Task: {A61555D3-7840-45C1-A5A9-0D49851DE37A} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\OptinNotification => C:\Windows\System32\wsqmcons.exe [2008-01-18] (Microsoft Corporation)
Task: {ABFD2AB8-A215-4E35-9FD6-B9A5601667D8} - System32\Tasks\BFGLaunch_bfgclient => C:\Program Files\bfgclient\bfgclient.exe [2011-08-19] ()
Task: {ADCC9A85-0C50-4AB5-9E44-4B9F6284A276} - System32\Tasks\Real Networks Scheduler => C:\Program Files\Common Files\Real\Update_OB\realsched.exe No File
Task: {B5BCCCFE-2AC8-4F91-B80E-18A35EA8D9B1} - System32\Tasks\ReclaimerUpdateFiles_Olaf => C:\Users\Olaf\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.50\agent\rnupgagent.exe [2013-07-20] (RealNetworks, Inc.)
Task: {BCFF73AA-4246-4089-9C61-3381A0EC58FC} - System32\Tasks\GinyasBrowserCompanion Chrome Watcher => C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe [2013-01-16] (Blabbers Communications Ltd)
Task: {BF1C88C9-B12C-4864-AE01-6708114BA952} - System32\Tasks\Microsoft\Windows\RestartManager\{FB86C79C-478C-4f3f-ACE2-A09F149B1F14} => C:\Windows\system32\rmclient.exe [2006-11-02] (Microsoft Corporation)
Task: {C3FA9EBC-FB39-4AE9-9E95-815475E63CFD} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files\TuneUp Utilities 2013\OneClick.exe No File
Task: {D5416E71-9E9F-48C1-B2D5-3AB4B800F53D} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {D7AF7F31-F249-44C7-ABA8-F7D445C0B5E0} - System32\Tasks\Super Lyrics Update => C:\Program Files\Super_Lyrics\SuperLupdater.exe [2013-07-18] (Super Add-on Software)
Task: {D9392D60-4567-4574-860C-49D4714A6313} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2008-01-18] (Microsoft Corporation)
Task: {DAB924FD-E6EF-440F-93CD-EFC99231D994} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-07-20] (Google Inc.)
Task: {E3EA736A-C48A-4E4A-915A-621B34A323F4} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {E485A24D-06FF-4DE3-BD7D-6A04AF5C3DDB} - System32\Tasks\GinyasBrowserCompanion Update Checker => C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe [2013-01-16] (Blabbers Communications Ltd)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-05] ()
Task: {E609BE22-FE85-4943-9724-2850F6E23B7B} - System32\Tasks\QtraxPlayer => C:\Program Files\Microsoft Silverlight\sllauncher.exe [2013-01-24] (Microsoft Corporation)
Task: {E8C81B95-6D19-40F4-A23E-AE86EF0ED417} - System32\Tasks\User_Feed_Synchronization-{F658E2FC-1F92-4830-9F47-9F66D638EB43} => C:\Windows\system32\msfeedssync.exe [2011-11-06] (Microsoft Corporation)
Task: {E995E80C-2CFD-4A82-A698-2CEECD3E3F99} - System32\Tasks\GinyasBrowserCompanion FireFox Watcher => C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe [2013-01-16] (Blabbers Communications Ltd)
Task: {EA1D2880-8265-4C27-92EF-B7589412DB10} - System32\Tasks\BFGLaunch_bfgprocess => C:\Program Files\bfgclient\bfgprocess.exe [2011-08-19] ()
Task: {F178D6A1-611D-49EC-9B00-E280E590DCB5} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2008-01-18] (Microsoft Corporation)
Task: {F1A24C80-DAA3-4545-A909-B89B215396B2} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1566220321-2446519374-2048356015-1001Core => C:\Users\Olaf\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {FBA474DB-6165-4651-AC5D-AFE6FC8A7576} - System32\Tasks\RNUpgradeHelperResumePrompt_Olaf => C:\Users\Olaf\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.50\agent\rnupgagent.exe [2013-07-20] (RealNetworks, Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DSite.job => ?
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1566220321-2446519374-2048356015-1001Core.job => C:\Users\Olaf\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1566220321-2446519374-2048356015-1001UA.job => C:\Users\Olaf\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GinyasBrowserCompanion Chrome Watcher.job => C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe
Task: C:\Windows\Tasks\GinyasBrowserCompanion FireFox Watcher.job => C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe
Task: C:\Windows\Tasks\GinyasBrowserCompanion Stats Report.job => C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe
Task: C:\Windows\Tasks\GinyasBrowserCompanion Update Checker.job => C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Plus-HD-2.3-chromeinstaller.job => C:\Program Files\Plus-HD-2.3\Plus-HD-2.3-chromeinstaller.exe
Task: C:\Windows\Tasks\Plus-HD-2.3-firefoxinstaller.job => C:\Program Files\Plus-HD-2.3\Plus-HD-2.3-firefoxinstaller.exe
Task: C:\Windows\Tasks\ReclaimerUpdateFiles_Olaf.job => C:\Users\Olaf\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.50\agent\rnupgagent.exe
Task: C:\Windows\Tasks\ReclaimerUpdateXML_Olaf.job => C:\Users\Olaf\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.50\agent\rnupgagent.exe
Task: C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_Olaf.job => C:\Users\Olaf\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.50\agent\rnupgagent.exe
Task: C:\Windows\Tasks\Super Lyrics Update.job => C:\Program Files\Super_Lyrics\SuperLupdater.exe

==================== Faulty Device Manager Devices =============

Name: Microsoft-ISATAP-Adapter
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft-ISATAP-Adapter #3
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: =========================

Application errors:
==================
Error: (07/22/2013 08:44:01 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description:
Details:
AddCoreCsiFiles : BeginFileEnumeration() failed.

System Error:
Zugriff verweigert

Error: (07/22/2013 08:43:05 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description:
Details:
AddCoreCsiFiles : BeginFileEnumeration() failed.

System Error:
Zugriff verweigert

Error: (07/22/2013 08:32:02 PM) (Source: Application Hang) (User: )
Description: Programm SuperLupdater.exe, Version 1.124.0.0 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen.
Prozess-ID: 6d4
Anfangszeit: 01ce8709786f8537
Zeitpunkt der Beendigung: 0

Error: (07/20/2013 10:11:47 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung tbhcn.exe, Version 1.0.0.5, Zeitstempel 0x50f25761, fehlerhaftes Modul tbhcn.exe, Version 1.0.0.5, Zeitstempel 0x50f25761, Ausnahmecode 0x40000015, Fehleroffset 0x0007a2fd,
Prozess-ID 0x7a8, Anwendungsstartzeit tbhcn.exe0.

Error: (07/20/2013 07:14:42 PM) (Source: Windows Backup) (User: )
Description: Die Dateisicherung ist aufgrund eines Fehlers beim Schreiben in das Sicherungsziel J:\ fehlgeschlagen. Fehler: Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und die Hardwarekonfiguration. (0x81000006)

Error: (07/20/2013 07:00:57 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description:
Details:
AddCoreCsiFiles : BeginFileEnumeration() failed.

System Error:
Zugriff verweigert

Error: (07/20/2013 06:58:55 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description:
Details:
AddCoreCsiFiles : BeginFileEnumeration() failed.

System Error:
Zugriff verweigert

Error: (07/20/2013 06:52:45 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung tbhcn.exe, Version 1.0.0.5, Zeitstempel 0x50f25761, fehlerhaftes Modul tbhcn.exe, Version 1.0.0.5, Zeitstempel 0x50f25761, Ausnahmecode 0x40000015, Fehleroffset 0x0007a2fd,
Prozess-ID 0x924, Anwendungsstartzeit tbhcn.exe0.

Error: (07/20/2013 04:51:31 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung tbhcn.exe, Version 1.0.0.5, Zeitstempel 0x50f25761, fehlerhaftes Modul tbhcn.exe, Version 1.0.0.5, Zeitstempel 0x50f25761, Ausnahmecode 0x40000015, Fehleroffset 0x0007a2fd,
Prozess-ID 0x340, Anwendungsstartzeit tbhcn.exe0.

Error: (07/20/2013 04:51:31 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung tbhcn.exe, Version 1.0.0.5, Zeitstempel 0x50f25761, fehlerhaftes Modul tbhcn.exe, Version 1.0.0.5, Zeitstempel 0x50f25761, Ausnahmecode 0x40000015, Fehleroffset 0x0007a2fd,
Prozess-ID 0x2ac, Anwendungsstartzeit tbhcn.exe0.


System errors:
=============
Error: (07/22/2013 08:41:04 PM) (Source: Service Control Manager) (User: )
Description: NVIDIA Update Service Daemon%%1069

Error: (07/22/2013 08:41:04 PM) (Source: Service Control Manager) (User: )
Description: nvUpdatusService.\UpdatusUser%%1330

Error: (07/22/2013 08:38:57 PM) (Source: Service Control Manager) (User: )
Description: Kaspersky Security Suite CBE

Error: (07/22/2013 08:37:00 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 22.07.2013 um 20:35:33 unerwartet heruntergefahren.

Error: (07/22/2013 08:34:28 PM) (Source: Service Control Manager) (User: )
Description: NVIDIA Update Service Daemon%%1069

Error: (07/22/2013 08:34:28 PM) (Source: Service Control Manager) (User: )
Description: nvUpdatusService.\UpdatusUser%%1330

Error: (07/22/2013 08:31:43 PM) (Source: Service Control Manager) (User: )
Description: Kaspersky Security Suite CBE

Error: (07/21/2013 00:09:47 AM) (Source: Service Control Manager) (User: )
Description: AFD
DfsC
kl1
KLIF
NetBIOS
netbt
nsiproxy
PSched
RasAcd
rdbss
SLEE_14_DRIVER
Smb
spldr
tdx
Wanarpv6

Error: (07/21/2013 00:09:47 AM) (Source: Service Control Manager) (User: )
Description: NetzwerklistendienstNLA (Network Location Awareness)%%1068

Error: (07/21/2013 00:09:47 AM) (Source: Service Control Manager) (User: )
Description: NLA (Network Location Awareness)Netzwerkspeicher-Schnittstellendienst%%1068


Microsoft Office Sessions:
=========================
Error: (07/22/2013 08:44:01 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddCoreCsiFiles : BeginFileEnumeration() failed.

System Error:
Zugriff verweigert

Error: (07/22/2013 08:43:05 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddCoreCsiFiles : BeginFileEnumeration() failed.

System Error:
Zugriff verweigert

Error: (07/22/2013 08:32:02 PM) (Source: Application Hang)(User: )
Description: SuperLupdater.exe1.124.0.06d401ce8709786f85370

Error: (07/20/2013 10:11:47 PM) (Source: Application Error)(User: )
Description: tbhcn.exe1.0.0.550f25761tbhcn.exe1.0.0.550f25761400000150007a2fd7a801ce858559605f98

Error: (07/20/2013 07:14:42 PM) (Source: Windows Backup)(User: )
Description: J:\Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und die Hardwarekonfiguration. (0x81000006)

Error: (07/20/2013 07:00:57 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddCoreCsiFiles : BeginFileEnumeration() failed.

System Error:
Zugriff verweigert

Error: (07/20/2013 06:58:55 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description:
Details:
AddCoreCsiFiles : BeginFileEnumeration() failed.

System Error:
Zugriff verweigert

Error: (07/20/2013 06:52:45 PM) (Source: Application Error)(User: )
Description: tbhcn.exe1.0.0.550f25761tbhcn.exe1.0.0.550f25761400000150007a2fd92401ce8569896f0f36

Error: (07/20/2013 04:51:31 PM) (Source: Application Error)(User: )
Description: tbhcn.exe1.0.0.550f25761tbhcn.exe1.0.0.550f25761400000150007a2fd34001ce85589f093f47

Error: (07/20/2013 04:51:31 PM) (Source: Application Error)(User: )
Description: tbhcn.exe1.0.0.550f25761tbhcn.exe1.0.0.550f25761400000150007a2fd2ac01ce85589ee05a87


==================== Memory info ===========================

Percentage of memory in use: 81%
Total physical RAM: 2558.58 MB
Available physical RAM: 473.83 MB
Total Pagefile: 5345.69 MB
Available Pagefile: 3094.46 MB
Total Virtual: 2047.88 MB
Available Virtual: 1905.16 MB

==================== Drives ================================

Drive c: (HP) (Fixed) (Total:292.8 GB) (Free:107.19 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive j: () (Removable) (Total:7.6 GB) (Free:7.6 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=293 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=5 GB) - (Type=07 NTFS)

========================================================
Disk: 5 (Size: 8 GB) (Disk ID: 73696420)
Partition 1: (Not Active) - (Size=260 GB) - (Type=20)
Partition 2: (Not Active) - (Size=257 GB) - (Type=6B)
Partition 3: (Not Active) - (Size=667 GB) - (Type=53)
Partition 4: (Active) - (Size=10 MB) - (Type=49)

==================== End Of Log ============================

schrauber 22.07.2013 20:35
RegCleanPro hab ich nie erwähnt! Das ist ein FakeTool, löschen! :)
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!
Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Rosanja 22.07.2013 23:49
Ich bekomme gerade eine Krise!

Combofix ist auf dem Desktop, nach vier oder fünfmal Absturz (bzw. festfrieren).
Wie oft hält der PC das an und ausschalten per Schalter aus? Runterfahren kann ich den PC momentan auch nicht, ich muß immer so ausschalten.

Ich habe combofix auch schon geöffnet, es tat sich auch etwas aber es kommen keine Anweisungen und nichts passiert.
Ich habe die Spyware und Malware von Kaspersky deaktiviert. Muss ich noch andere deaktivieren? Windows? ????= kein Plan...lächel!

Gute Nacht bis morgen

schrauber 23.07.2013 09:36
Lass Combofix mal weg.

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

Rosanja 23.07.2013 17:24
Ich habe den Cleaner installiert und den Scan auch ausgeführt,dann kam die Nachricht den Computer neu zu starten das habe ich getan beziehungsweise wollte ich tun, runterfahren hat er sich wieder aufgehängt beziehungsweise festgefahren. Soll ich ihn wieder am Schalter ausstellen? Ich schreibe dir gerade vom Tablet .

Hab den PC einfach wie immer ausgeschaltet.

[CODE]# AdwCleaner v2.306 - Datei am 23/07/2013 um 15:32:36 erstellt
# Aktualisiert am 19/07/2013 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Benutzer : Olaf - OLAF-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Olaf\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
Datei Gelöscht : C:\user.js
Datei Gelöscht : C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\extensions\plugin@yontoo.com.xpi
Datei Gelöscht : C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\searchplugins\Askcom.xml
Datei Gelöscht : C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\searchplugins\Conduit.xml
Datei Gelöscht : C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\searchplugins\icqplugin.xml
Datei Gelöscht : C:\Windows\Tasks\DSite.job
Datei Gelöscht : C:\Windows\Tasks\GinyasBrowserCompanion Chrome Watcher.job
Datei Gelöscht : C:\Windows\Tasks\GinyasBrowserCompanion FireFox Watcher.job
Datei Gelöscht : C:\Windows\Tasks\GinyasBrowserCompanion Stats Report.job
Datei Gelöscht : C:\Windows\Tasks\GinyasBrowserCompanion Update Checker.job
Datei Gelöscht : C:\Windows\tasks\Plus-HD-2.3-chromeinstaller.job
Datei Gelöscht : C:\Windows\Tasks\Plus-HD-2.3-firefoxinstaller.job
Gelöscht mit Neustart : C:\ProgramData\GinyasBrowserCompanion
Ordner Gelöscht : C:\Program Files\Conduit
Ordner Gelöscht : C:\Program Files\DealPly
Ordner Gelöscht : C:\Program Files\DomaIQ Uninstaller
Ordner Gelöscht : C:\Program Files\GinyasBrowserCompanion
Ordner Gelöscht : C:\Program Files\OutBrowseToolbar
Ordner Gelöscht : C:\Program Files\Plus-HD-2.3
Ordner Gelöscht : C:\Program Files\softonic-de3
Ordner Gelöscht : C:\Program Files\Yontoo
Ordner Gelöscht : C:\ProgramData\Ask
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\SpeedMaxPc
Ordner Gelöscht : C:\ProgramData\Tarma Installer
Ordner Gelöscht : C:\Users\Olaf\AppData\Local\Babylon
Ordner Gelöscht : C:\Users\Olaf\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\Olaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodddioamolcibagionmmobehnbhiakf
Ordner Gelöscht : C:\Users\Olaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmfnfnpmhcllokmkepffndflpnadjmma
Ordner Gelöscht : C:\Users\Olaf\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\Olaf\AppData\LocalLow\BabylonToolbar
Ordner Gelöscht : C:\Users\Olaf\AppData\LocalLow\bbrs_002.tb
Ordner Gelöscht : C:\Users\Olaf\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Olaf\AppData\LocalLow\OutBrowseToolbar
Ordner Gelöscht : C:\Users\Olaf\AppData\LocalLow\PriceGong
Ordner Gelöscht : C:\Users\Olaf\AppData\LocalLow\softonic-de3
Ordner Gelöscht : C:\Users\Olaf\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Olaf\AppData\Roaming\DriverCure
Ordner Gelöscht : C:\Users\Olaf\AppData\Roaming\DSite
Ordner Gelöscht : C:\Users\Olaf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
Ordner Gelöscht : C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\Conduit
Ordner Gelöscht : C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\ConduitEngine
Ordner Gelöscht : C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\CT2857572
Ordner Gelöscht : C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\extensions\{38542454-dfb6-44f5-b052-d4e071a3d073}(27)
Ordner Gelöscht : C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\extensions\bbrs_002@blabbers.com
Ordner Gelöscht : C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\extensions\engine@conduit.com
Ordner Gelöscht : C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\extensions\ffxtlbr@babylon.com
Ordner Gelöscht : C:\Users\Olaf\AppData\Roaming\OutBrowseToolbar
Ordner Gelöscht : C:\Users\Olaf\AppData\Roaming\pdfforge
Ordner Gelöscht : C:\Users\Olaf\AppData\Roaming\SpeedMaxPc

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\softonic-de3
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Toolbar
Schlüssel Gelöscht : HKCU\Software\Blabbers
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\DealPly
Schlüssel Gelöscht : HKCU\Software\ICQToolbar
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BE9654C9-9D79-42EC-B55A-3CAEB12DBF58}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{8462c15f-5f80-45c3-85b2-7326ab68a508}_is1
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DealPly
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\GinyasBrowserCompanion
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ICQToolbar
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\softonic-de3 Toolbar
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00CBB66B-1D3B-46D3-9577-323A336ACB50}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{963B125B-8B21-49A2-A3A8-E37092276531}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF7BD87A-8024-11E2-F316-F3E56188709B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00CBB66B-1D3B-46D3-9577-323A336ACB50}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{055FD26D-3A88-4E15-963D-DC8493744B1D}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35D-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF7BD87A-8024-11E2-F316-F3E56188709B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F471B7A6-15D4-49C6-9AFC-F289C2C2683E}
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\SpeedMaxPC
Schlüssel Gelöscht : HKCU\Software\Toolbar
Schlüssel Gelöscht : HKCU\Software\XTTB00001
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\BrowserCompanion
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{20EDC024-43C5-423E-B7F5-FD93523E0D9F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{373ED12D-B306-43AC-9485-A7C5133DC34C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{ED6535E7-F778-48A5-A060-549D30024511}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\tdataprotocol.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\updatebho.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\wit4ie.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00CBB66B-1D3B-46D3-9577-323A336ACB50}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{055FD26D-3A88-4E15-963D-DC8493744B1D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5ACE96C0-C70A-4A4D-AF14-2E7B869345E1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EF7BD87A-8024-11E2-F316-F3E56188709B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F471B7A6-15D4-49C6-9AFC-F289C2C2683E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\base64
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\chrome
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\prox
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\tdataprotocol.CTData
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\tdataprotocol.CTData.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ToolBand.XTTBPos00
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ToolBand.XTTBPos00.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2431245
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{830B56CB-FD22-44AA-9887-7898F4F4158D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{8830DDF0-3042-404D-A62C-384A85E34833}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\updatebho.TimerBHO
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\updatebho.TimerBHO.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wit4ie.WitBHO
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wit4ie.WitBHO.2
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\XTTB00001.IEToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\XTTB00001.IEToolbar.1
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\DealPly
Schlüssel Gelöscht : HKLM\Software\GinyasBrowserCompanion
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\npldjlebaajpmaipffkcmdllphdglkko
Schlüssel Gelöscht : HKLM\Software\ICQ\ICQToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6A872C17-A9B0-451F-9C7F-0BA52BABCD2B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EF084E37-EEC3-48A3-B63D-8076467949F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00CBB66B-1D3B-46D3-9577-323A336ACB50}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4E15-963D-DC8493744B1D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{963B125B-8B21-49A2-A3A8-E37092276531}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF7BD87A-8024-11E2-F316-F3E56188709B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F471B7A6-15D4-49C6-9AFC-F289C2C2683E}
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8462c15f-5f80-45c3-85b2-7326ab68a508}_is1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\GinyasBrowserCompanion
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\softonic-de3 Toolbar
Schlüssel Gelöscht : HKLM\Software\softonic-de3
Schlüssel Gelöscht : HKLM\Software\SpeedMaxPC
Schlüssel Gelöscht : HKLM\Software\Tarma Installer
Schlüssel Gelöscht : HKLM\Software\Toolbar
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}]

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16496

Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://de.ask.com/?l=dis&o=14597 --> hxxp://www.google.com
Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd --> hxxp://www.google.com
Ersetzt : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://start.facemoods.com/?a=ironto&s={searchTerms}&f=4 --> hxxp://www.google.com

-\\ Mozilla Firefox v16.0.2 (de)

Datei : C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\prefs.js

C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\user.js ... Gelöscht !

Gelöscht : user_pref("CT2857572..clientLogIsEnabled", true);
Gelöscht : user_pref("CT2857572..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Gelöscht : user_pref("CT2857572..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Gelöscht : user_pref("CT2857572.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Gelöscht : user_pref("CT2857572.CTID", "CT2857572");
Gelöscht : user_pref("CT2857572.CurrentServerDate", "25-1-2011");
Gelöscht : user_pref("CT2857572.DialogsAlignMode", "LTR");
Gelöscht : user_pref("CT2857572.DownloadReferralCookieData", "{\"BannerName\":\"\",\"BannerTypeId\":\"\",\"Bann[...]
Gelöscht : user_pref("CT2857572.ExternalComponentPollDate129356796046694434", "Sun Jan 23 2011 20:44:46 GMT+010[...]
Gelöscht : user_pref("CT2857572.FirstServerDate", "28-12-2010");
Gelöscht : user_pref("CT2857572.FirstTime", true);
Gelöscht : user_pref("CT2857572.FirstTimeFF3", true);
Gelöscht : user_pref("CT2857572.FixPageNotFoundErrors", true);
Gelöscht : user_pref("CT2857572.GroupingServerCheckInterval", 1440);
Gelöscht : user_pref("CT2857572.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Gelöscht : user_pref("CT2857572.HasUserGlobalKeys", true);
Gelöscht : user_pref("CT2857572.Initialize", true);
Gelöscht : user_pref("CT2857572.InitializeCommonPrefs", true);
Gelöscht : user_pref("CT2857572.InstallationAndCookieDataSentCount", 3);
Gelöscht : user_pref("CT2857572.InstalledDate", "Tue Dec 28 2010 12:46:57 GMT+0100");
Gelöscht : user_pref("CT2857572.InvalidateCache", false);
Gelöscht : user_pref("CT2857572.IsGrouping", false);
Gelöscht : user_pref("CT2857572.IsMulticommunity", false);
Gelöscht : user_pref("CT2857572.IsOpenThankYouPage", true);
Gelöscht : user_pref("CT2857572.IsOpenUninstallPage", true);
Gelöscht : user_pref("CT2857572.LanguagePackLastCheckTime", "Tue Jan 25 2011 13:31:26 GMT+0100");
Gelöscht : user_pref("CT2857572.LanguagePackReloadIntervalMM", 1440);
Gelöscht : user_pref("CT2857572.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Gelöscht : user_pref("CT2857572.LastLogin_3.2.5.2", "Tue Jan 25 2011 16:11:10 GMT+0100");
Gelöscht : user_pref("CT2857572.LatestVersion", "3.2.5.2");
Gelöscht : user_pref("CT2857572.Locale", "en");
Gelöscht : user_pref("CT2857572.MCDetectTooltipHeight", "83");
Gelöscht : user_pref("CT2857572.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Gelöscht : user_pref("CT2857572.MCDetectTooltipWidth", "295");
Gelöscht : user_pref("CT2857572.RadioIsPodcast", false);
Gelöscht : user_pref("CT2857572.RadioLastCheckTime", "Mon Jan 24 2011 20:43:50 GMT+0100");
Gelöscht : user_pref("CT2857572.RadioLastUpdateIPServer", "3");
Gelöscht : user_pref("CT2857572.RadioLastUpdateServer", "129400870958430000");
Gelöscht : user_pref("CT2857572.RadioMediaID", "21753723");
Gelöscht : user_pref("CT2857572.RadioMediaType", "Media Player");
Gelöscht : user_pref("CT2857572.RadioMenuSelectedID", "EBRadioMenu_CT285757221753723");
Gelöscht : user_pref("CT2857572.RadioStationName", "California%20Rock%20-%20Rock");
Gelöscht : user_pref("CT2857572.RadioStationURL", "hxxp://www.feedlive.net/california.asx");
Gelöscht : user_pref("CT2857572.SavedHomepage", "resource:/browserconfig.properties");
Gelöscht : user_pref("CT2857572.SearchFromAddressBarIsInit", true);
Gelöscht : user_pref("CT2857572.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT285[...]
Gelöscht : user_pref("CT2857572.SearchInNewTabEnabled", true);
Gelöscht : user_pref("CT2857572.SearchInNewTabIntervalMM", 1440);
Gelöscht : user_pref("CT2857572.SearchInNewTabLastCheckTime", "Tue Jan 25 2011 13:31:22 GMT+0100");
Gelöscht : user_pref("CT2857572.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Gelöscht : user_pref("CT2857572.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Gelöscht : user_pref("CT2857572.ServiceMapLastCheckTime", "Tue Jan 25 2011 13:31:27 GMT+0100");
Gelöscht : user_pref("CT2857572.SettingsLastCheckTime", "Tue Jan 25 2011 12:11:10 GMT+0100");
Gelöscht : user_pref("CT2857572.SettingsLastUpdate", "1295945223");
Gelöscht : user_pref("CT2857572.ThirdPartyComponentsInterval", 504);
Gelöscht : user_pref("CT2857572.ThirdPartyComponentsLastCheck", "Tue Jan 18 2011 21:21:25 GMT+0100");
Gelöscht : user_pref("CT2857572.ThirdPartyComponentsLastUpdate", "1246790578");
Gelöscht : user_pref("CT2857572.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=[...]
Gelöscht : user_pref("CT2857572.UserID", "UN48267454932709974");
Gelöscht : user_pref("CT2857572.ValidationData_Search", 2);
Gelöscht : user_pref("CT2857572.ValidationData_Toolbar", 2);
Gelöscht : user_pref("CT2857572.WeatherNetwork", "");
Gelöscht : user_pref("CT2857572.WeatherPollDate", "Tue Jan 25 2011 16:11:19 GMT+0100");
Gelöscht : user_pref("CT2857572.WeatherUnit", "C");
Gelöscht : user_pref("CT2857572.alertChannelId", "1249594");
Gelöscht : user_pref("CT2857572.myStuffEnabled", true);
Gelöscht : user_pref("CT2857572.myStuffPublihserMinWidth", 400);
Gelöscht : user_pref("CT2857572.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Gelöscht : user_pref("CT2857572.myStuffServiceIntervalMM", 1440);
Gelöscht : user_pref("CT2857572.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Gelöscht : user_pref("CT2857572.testingCtid", "");
Gelöscht : user_pref("CT2857572.toolbarAppMetaDataLastCheckTime", "Tue Jan 25 2011 13:31:27 GMT+0100");
Gelöscht : user_pref("CT2857572.toolbarContextMenuLastCheckTime", "Tue Dec 28 2010 12:47:31 GMT+0100");
Gelöscht : user_pref("CT2857572.usagesFlag", 2);
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1249594/1245267/DE", "\"0\"[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/DE", "\"0\"")[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2857572", [...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"63428984078257[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=1/11/20[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=12/27/2[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=12/30/2[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2857572/CT2857572[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"634[...]
Gelöscht : user_pref("CommunityToolbar.EngineOwner", "CT2857572");
Gelöscht : user_pref("CommunityToolbar.EngineOwnerGuid", "{38542454-dfb6-44f5-b052-d4e071a3d073}");
Gelöscht : user_pref("CommunityToolbar.EngineOwnerToolbarId", "elf_1.12");
Gelöscht : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Gelöscht : user_pref("CommunityToolbar.OriginalEngineOwner", "CT2857572");
Gelöscht : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{38542454-dfb6-44f5-b052-d4e071a3d073}");
Gelöscht : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "elf_1.12");
Gelöscht : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr[...]
Gelöscht : user_pref("CommunityToolbar.ToolbarsList", "CT2857572,ConduitEngine");
Gelöscht : user_pref("CommunityToolbar.ToolbarsList2", "CT2857572");
Gelöscht : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Gelöscht : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Fri Dec 02 2011 19:58:53 GMT+0100");
Gelöscht : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Gelöscht : user_pref("CommunityToolbar.alert.locale", "en");
Gelöscht : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Gelöscht : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Fri Dec 02 2011 19:58:52 GMT+0100");
Gelöscht : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1313487611");
Gelöscht : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Gelöscht : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Gelöscht : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Gelöscht : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Gelöscht : user_pref("CommunityToolbar.alert.userId", "c747d5b9-8532-4bd7-ae50-a53aeab7eae4");
Gelöscht : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2857572");
Gelöscht : user_pref("ConduitEngine.FirstServerDate", "12/28/2010 14");
Gelöscht : user_pref("ConduitEngine.FirstTime", true);
Gelöscht : user_pref("ConduitEngine.FirstTimeFF3", true);
Gelöscht : user_pref("ConduitEngine.HasUserGlobalKeys", true);
Gelöscht : user_pref("ConduitEngine.Initialize", true);
Gelöscht : user_pref("ConduitEngine.InitializeCommonPrefs", true);
Gelöscht : user_pref("ConduitEngine.InstalledDate", "Tue Dec 28 2010 12:47:31 GMT+0100");
Gelöscht : user_pref("ConduitEngine.IsMulticommunity", false);
Gelöscht : user_pref("ConduitEngine.IsOpenThankYouPage", false);
Gelöscht : user_pref("ConduitEngine.IsOpenUninstallPage", true);
Gelöscht : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Tue Jan 25 2011 13:31:27 GMT+0100");
Gelöscht : user_pref("ConduitEngine.LastLogin_3.2.5.2", "Tue Jan 25 2011 15:11:11 GMT+0100");
Gelöscht : user_pref("ConduitEngine.PublisherContainerWidth", 0);
Gelöscht : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Gelöscht : user_pref("ConduitEngine.SettingsLastCheckTime", "Tue Jan 25 2011 15:11:11 GMT+0100");
Gelöscht : user_pref("ConduitEngine.UserID", "UN42918462876340824");
Gelöscht : user_pref("ConduitEngine.engineLocale", "de");
Gelöscht : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Tue Jan 25 2011 13:31:28 GMT+0100");
Gelöscht : user_pref("ConduitEngine.initDone", true);
Gelöscht : user_pref("ConduitEngine.usagesFlag", 2);
Gelöscht : user_pref("browser.search.defaultthis.engineName", "Elf 1.12 Customized Web Search");
Gelöscht : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2857572&Sea[...]
Gelöscht : user_pref("browser.search.order.1", "Ask.com");
Gelöscht : user_pref("extensions.BabylonToolbar._xpiupdate", true);
Gelöscht : user_pref("extensions.BabylonToolbar.bbDpng", 24);
Gelöscht : user_pref("extensions.BabylonToolbar.lastDP", 24);
Gelöscht : user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "8.0");
Gelöscht : user_pref("extensions.BabylonToolbar.propectorlck", 63279908);
Gelöscht : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Gelöscht : user_pref("extensions.BabylonToolbar_i.babExt", "");
Gelöscht : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=100482");
Gelöscht : user_pref("extensions.BabylonToolbar_i.hardId", "ba071274000000000000001a92486b3f");
Gelöscht : user_pref("extensions.BabylonToolbar_i.id", "ba071274000000000000001a92486b3f");
Gelöscht : user_pref("extensions.BabylonToolbar_i.instlDay", "15348");
Gelöscht : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Gelöscht : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Gelöscht : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Gelöscht : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Gelöscht : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Gelöscht : user_pref("extensions.BabylonToolbar_i.tlbrId", "tb9");
Gelöscht : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Gelöscht : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1721:28:57");
Gelöscht : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Gelöscht : user_pref("extensions.a7125a2857e6847aa9d72e81874f4d47ed3fcdb92135d4a8a8cf611e3b57c5fdacom33426.3342[...]
Gelöscht : user_pref("extensions.a7125a2857e6847aa9d72e81874f4d47ed3fcdb92135d4a8a8cf611e3b57c5fdacom33426.3342[...]
Gelöscht : user_pref("extensions.a7125a2857e6847aa9d72e81874f4d47ed3fcdb92135d4a8a8cf611e3b57c5fdacom33426.3342[...]
Gelöscht : user_pref("extensions.a7125a2857e6847aa9d72e81874f4d47ed3fcdb92135d4a8a8cf611e3b57c5fdacom33426.3342[...]
Gelöscht : user_pref("extensions.a7125a2857e6847aa9d72e81874f4d47ed3fcdb92135d4a8a8cf611e3b57c5fdacom33426.3342[...]
Gelöscht : user_pref("extensions.a7125a2857e6847aa9d72e81874f4d47ed3fcdb92135d4a8a8cf611e3b57c5fdacom33426.3342[...]
Gelöscht : user_pref("extensions.facemoods._xpiupdate", true);
Gelöscht : user_pref("extensions.facemoods.aflt", "_#wbst");
Gelöscht : user_pref("extensions.facemoods.fcmdVrsn", "1.2.7.5.4");
Gelöscht : user_pref("extensions.facemoods.first_time", false);
Gelöscht : user_pref("extensions.facemoods.id", "_#7f6c448f05ce4e3882ea911ea932ab71");
Gelöscht : user_pref("extensions.facemoods.instlDay", "_#15328");
Gelöscht : user_pref("extensions.facemoods.prtnrId", "_#facemoods.com");
Gelöscht : user_pref("extensions.facemoods.sid", "_#7f6c448f05ce4e3882ea911ea932ab71");
Gelöscht : user_pref("extensions.facemoods.update", "_#v1.4.0");
Gelöscht : user_pref("extensions.facemoods.vrsn", "_#1.4.17.5");
Gelöscht : user_pref("extentions.y2layers.defaultEnableAppsList", "DropDownDeals,buzzdock,YontooNewOffers");
Gelöscht : user_pref("extentions.y2layers.installId", "7ba6deed-e39b-496d-bccc-b819e311df9c");
Gelöscht : user_pref("icqtoolbar.showPc", false);

-\\ Google Chrome v [Version kann nicht ermittelt werden]

Datei : C:\Users\Olaf\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [31376 octets] - [23/07/2013 15:27:18]
AdwCleaner[S1].txt - [30222 octets] - [23/07/2013 15:32:36]

########## EOF - C:\AdwCleaner[S1].txt - [30283 octets] ##########
[/CODE

Der San von Junkware Removal Tool lief und was glaubst du....., richtig der Rechner hängt wieder.
Warum friert die Kiste immer ein? Jetzt kommt immer ein blaues Kästchen mit: Achtung Nicht unterstütze Eingabe!

]

Beim San von Junkware Removal Toll hat sich mein Rechner wieder verabschiedet. Warum friert die Kiste andauernd ein???

Ich schicke mal einen Problembericht, vielleicht hilft der dir weiter?

Code:
Beschreibung
Aufgrund eines Videohardwareproblems ist Windows nicht mehr voll funktionsfähig.

Problemsignatur
Problemereignisame:        LiveKernelEvent
Betriebsystemversion:        6.0.6002.2.2.0.768.3
Gebietsschema-ID:        1031

Dateien zur Beschreibung des Problems
WD-20130521-2106.dmp
sysdata.xml
Version.txt

 Temporäre Kopie dieser Dateien anzeigen
Warnung: Wenn das Problem durch einen Virus oder ein sonstiges Sicherheitsrisiko verursacht wurde, kann der Computer durch das Öffnen einer Kopie der Dateien beschädigt werden.

Weitere Informationen über das Problem
BCCode:        117
BCP1:        8F487008
BCP2:        980F6446
BCP3:        00000000
BCP4:        00000000
OS Version:        6_0_6002
Service Pack:        2_0
Product:        768_1
Ich habe noch Mal versucht Junkware Removal Tool zu starten und bei Processe ist er wieder eingefroren, nach 10 Minuten ist der Rechner neu gestartet mit dieser Fehlermeldung:
Code:
Problemsignatur:
  Problemereignisname:        BlueScreen
  Betriebsystemversion:        6.0.6002.2.2.0.768.3
  Gebietsschema-ID:        1031

Zusatzinformationen zum Problem:
  BCCode:        124
  BCP1:        00000000
  BCP2:        90AB9020
  BCP3:        F2000040
  BCP4:        00000800
  OS Version:        6_0_6002
  Service Pack:        2_0
  Product:        768_1

Dateien, die bei der Beschreibung des Problems hilfreich sind:
  C:\Windows\Minidump\Mini072313-01.dmp
  C:\Users\Olaf\AppData\Local\Temp\WER-240257-0.sysdata.xml
  C:\Users\Olaf\AppData\Local\Temp\WERBD65.tmp.version.txt

Lesen Sie unsere Datenschutzrichtlinie:
  hxxp://go.microsoft.com/fwlink/?linkid=50163&clcid=0x0407
FRST log:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 21-07-2013
Ran by Olaf (administrator) on 23-07-2013 18:19:56
Running from C:\Users\Olaf\Desktop
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe
(InterVideo Inc.) C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
() C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
(MAGIX AG) C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
(Hewlett-Packard Company) c:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS32.exe
() C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\tv_w32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Hewlett-Packard Company) C:\hp\support\hpsysdrv.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
() C:\Program Files\Steganos Safe Home\SteganosHotKeyService.exe
(Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
() C:\Program Files\radio ffn Rekorder\phonostarTimer.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(RealNetworks, Inc.) C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Hewlett-Packard Company) C:\hp\kbd\kbd.exe
(Microsoft Corporation) C:\Windows\system32\sdclt.exe

==================== Registry (Whitelisted) ==================

Winlogon\Notify\klogon: C:\Windows\system32\klogon.dll (Kaspersky Lab)
MountPoints2: {f75312be-89cf-11de-a996-001a92486b3f} - J:\Menu.exe
HKU\IUSR_NMPR\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [ 2008-01-18] (Microsoft Corporation)
HKU\IUSR_NMPR\...\Run: [ICQ] - "C:\Program Files\ICQ6\ICQ.exe" silent [x]
HKU\IUSR_NMPR\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [x]
HKU\IUSR_NMPR\...\RunOnce: [ICQ Lite] - C:\Program Files\ICQLite\ICQLite.exe -trayboot [x]
HKU\IUSR_NMPR\...\RunOnce: [DATA BECKER Registrierung] - "C:\Program Files\Internet Explorer\Iexplore.exe" C:\Program Files\DATA BECKER\Visitenkarten-Druckerei 10\Support\Online\index.htm [x]

==================== Internet (Whitelisted) ====================

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_DE&c=71&bd=Pavilion&pf=desktop
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_DE&c=71&bd=Pavilion&pf=desktop
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {99BF4F38-A3A2-412A-996F-AAD9A3406746} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06
SearchScopes: HKCU - {639C8579-AFEB-4039-886E-D4B7612A0244} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=U3&apn_dtid=YYYYYYYYDE&apn_uid=E918B100-3F16-4AFE-9A56-655241D70738&apn_sauid=FA585939-A01E-4CF2-B412-32F822B64359
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: Super Lyrics - {30B87EBD-E91B-498B-B25D-DF116AF00393} - C:\Program Files\Super_Lyrics\125.dll (Super Add-on Software)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Super Lyrics - {B9020890-9E08-446B-87B0-0C5CD0436D86} - C:\Program Files\Super_Lyrics\116.dll No File
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU -&Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\Windows\system32\ieframe.dll (Microsoft Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msdaipp - No CLSID Value -
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default
FF SelectedSearchEngine: Google.de
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/JavaPlugin,version=10.11.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @real.com/nppl3260;version=16.0.0.282 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/npracplug;version=1.0.0.0 - C:\Program Files\Real\RealArcade\Plugins\Mozilla\npracplug.dll (RealNetworks)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.0.282 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @phonostar.de/radio ffn Rekorder - C:\Program Files\radio ffn Rekorder\npphonostarDetectNP.dll ( )
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Olaf\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF SearchPlugin: C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\searchplugins\googlede-pws.xml
FF SearchPlugin: C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\searchplugins\googlede.xml
FF Extension: No Name - C:\Users\Olaf\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: No Name - C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\Extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com
FF Extension: No Name - C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\Extensions\plugin@starstable.com
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF Extension: ciuvo-extension - C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\Extensions\ciuvo-extension@icq.de.xpi
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [{34712C68-7391-4c47-94F3-8F88D49AD632}] C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF HKCU\...\Firefox\Extensions: [{F7EC2BAD-F77B-4020-B3C6-58B97D0859E5}] C:\Program Files\Super_Lyrics\125.xpi
FF Extension: No Name - C:\Program Files\Super_Lyrics\125.xpi

Chrome:
=======
CHR Extension: () - C:\Users\Olaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\1.0.5_0\back.html
CHR HKLM\...\Chrome\Extension: [bgnjcnjlaajofpendibcoodneacalfho] - C:\Program Files\Super_Lyrics\125.crx
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx

========================== Services (Whitelisted) =================

S3 AlertService; C:\Program Files\Intel\IntelDH\CCU\AlertService.exe [188416 2006-09-11] (Intel(R) Corporation)
R2 AVP; C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe [221184 2008-05-01] (Kaspersky Lab)
R2 Capture Device Service; C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe [198168 2007-03-06] (InterVideo Inc.)
R2 DQLWinService; C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [208896 2006-09-03] ()
R2 Fabs; C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe [1253376 2009-08-27] (MAGIX AG)
S3 FirebirdServerMAGIXInstance; C:\MAGIX\Common\Database\bin\fbserver.exe [1527900 2005-08-10] (The Firebird Project)
S2 IntelDHSvcConf; C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe [29696 2006-05-10] (Intel(R) Corporation)
S3 ISSM; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe [75264 2006-09-11] (Intel(R) Corporation)
S3 M1 Server; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe [26624 2006-09-01] ()
S3 MCLServiceATL; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe [167936 2006-09-11] (Intel(R) Corporation)
R2 OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [90112 2009-04-30] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] ()
S3 Remote UI Service; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe [544256 2006-09-11] (Intel(R) Corporation)
S3 stllssvr; "c:\Program Files\Common Files\SureThing Shared\stllssvr.exe" [x]

==================== Drivers (Whitelisted) ====================

R2 ACEDRV07; C:\Windows\system32\drivers\ACEDRV07.sys [101376 2007-09-27] (Protect Software GmbH)
R3 Afc; C:\Windows\System32\drivers\Afc.sys [11776 2005-02-23] (Arcsoft, Inc.)
R1 kl1; C:\Windows\System32\DRIVERS\kl1.sys [110096 2007-10-31] (Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [147984 2007-12-13] (Kaspersky Lab)
R3 pfc; C:\Windows\System32\drivers\pfc.sys [21248 2003-09-20] (Padus, Inc.)
S3 s0017bus; C:\Windows\System32\DRIVERS\s0017bus.sys [90536 2008-05-27] (MCCI Corporation)
S3 s0017mdfl; C:\Windows\System32\DRIVERS\s0017mdfl.sys [15016 2008-05-27] (MCCI Corporation)
S3 s0017mdm; C:\Windows\System32\DRIVERS\s0017mdm.sys [122152 2008-05-27] (MCCI Corporation)
S3 s0017mgmt; C:\Windows\System32\DRIVERS\s0017mgmt.sys [115496 2008-05-27] (MCCI Corporation)
S3 s0017nd5; C:\Windows\System32\DRIVERS\s0017nd5.sys [25768 2008-05-27] (MCCI Corporation)
S3 s0017obex; C:\Windows\System32\DRIVERS\s0017obex.sys [111912 2008-05-27] (MCCI Corporation)
S3 s0017unic; C:\Windows\System32\DRIVERS\s0017unic.sys [117672 2008-05-27] (MCCI Corporation)
R1 SLEE_14_DRIVER; C:\Windows\system32\drivers\Sleen14.sys [72480 2006-11-08] (Softwareentwicklung Remus - ArchiCrypt )
S3 TSHWMDTCP; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys [4608 2006-07-13] ()
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 massfilter; system32\drivers\massfilter.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 ZD1211BU(ZyDAS); system32\DRIVERS\zd1211Bu.sys [x]
S3 ZDPSp60; System32\Drivers\ZDPSp60.sys [x]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [x]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [x]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-23 18:18 - 2013-07-22 20:26 - 01219874 _____ (Farbar) C:\Users\Olaf\Desktop\FRST.exe
2013-07-23 18:09 - 2013-07-23 18:09 - 00155632 _____ C:\Windows\Minidump\Mini072313-01.dmp
2013-07-23 16:25 - 2013-07-23 16:25 - 00000000 ____D C:\Windows\ERUNT
2013-07-23 16:21 - 2013-07-23 16:21 - 00560934 _____ (Oleg N. Scherbakov) C:\Users\Olaf\Desktop\JRT.exe
2013-07-23 15:32 - 2013-07-23 15:38 - 00030353 _____ C:\AdwCleaner[S1].txt
2013-07-23 15:32 - 2013-07-23 15:38 - 00000105 _____ C:\Windows\DeleteOnReboot.bat
2013-07-23 15:27 - 2013-07-23 15:28 - 00031376 _____ C:\AdwCleaner[R1].txt
2013-07-23 15:14 - 2013-07-23 15:14 - 00666633 _____ C:\Users\Olaf\Desktop\adwcleaner.exe
2013-07-23 15:09 - 2013-07-23 15:09 - 00000000 ____D C:\Program Files\Super_Lyrics
2013-07-22 23:36 - 2013-07-22 23:36 - 00000853 _____ C:\Users\Olaf\Desktop\ComboFix(1) - Verknüpfung.lnk
2013-07-22 23:27 - 2013-07-22 23:28 - 05091940 _____ (Swearware) C:\Users\Olaf\Downloads\ComboFix.exe
2013-07-22 22:10 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-07-22 22:10 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-07-22 22:10 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-07-22 22:10 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-07-22 22:10 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-07-22 22:10 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-07-22 22:10 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-07-22 22:10 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-07-22 22:07 - 2013-07-22 22:09 - 00000000 ____D C:\Qoobox
2013-07-22 22:03 - 2013-07-22 22:03 - 00000000 ____D C:\Windows\erdnt
2013-07-22 22:02 - 2013-07-22 23:56 - 00000000 ___SD C:\32788R22FWJFW
2013-07-22 21:07 - 2013-05-29 03:56 - 12333568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-22 21:07 - 2013-05-29 03:50 - 01800704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-22 21:07 - 2013-05-29 03:48 - 09738752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-22 21:07 - 2013-05-29 03:41 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-07-22 21:07 - 2013-05-29 03:41 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-22 21:07 - 2013-05-29 03:41 - 01104384 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-22 21:07 - 2013-05-29 03:40 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-07-22 21:07 - 2013-05-29 03:38 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-22 21:07 - 2013-05-29 03:37 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-07-22 21:07 - 2013-05-29 03:36 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-07-22 21:07 - 2013-05-29 03:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-22 21:07 - 2013-05-29 03:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-22 21:07 - 2013-05-29 03:33 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-22 21:07 - 2013-05-29 03:33 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-22 21:07 - 2013-05-29 03:33 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-07-22 21:07 - 2013-05-29 03:29 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-22 21:06 - 2013-07-22 21:06 - 00050477 _____ C:\Users\Olaf\Downloads\Defogger.exe
2013-07-22 20:34 - 2013-07-22 20:34 - 00000000 ____D C:\FRST
2013-07-20 23:19 - 2013-07-20 23:19 - 00156160 _____ C:\Windows\Minidump\Mini072013-02.dmp
2013-07-20 23:16 - 2013-07-23 18:12 - 00000374 _____ C:\Windows\Tasks\Super Lyrics Update.job
2013-07-20 22:49 - 2013-07-20 22:49 - 00001991 _____ C:\Users\Olaf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qtrax Player.lnk
2013-07-20 22:14 - 2013-07-23 18:11 - 00000372 _____ C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_Olaf.job
2013-07-20 22:11 - 2013-07-22 21:16 - 00000366 _____ C:\Windows\Tasks\ReclaimerUpdateFiles_Olaf.job
2013-07-20 22:11 - 2013-07-20 22:34 - 00000362 _____ C:\Windows\Tasks\ReclaimerUpdateXML_Olaf.job
2013-07-20 19:31 - 2013-07-20 19:32 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-07-20 19:22 - 2013-04-17 14:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2013-07-20 19:20 - 2013-06-04 03:50 - 02049024 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-20 19:20 - 2013-05-08 06:37 - 00905576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-07-20 19:19 - 2013-06-01 06:06 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-20 19:19 - 2013-05-03 00:03 - 03603832 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2013-07-20 19:19 - 2013-05-03 00:03 - 03551096 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-07-20 19:19 - 2013-05-02 06:04 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2013-07-20 19:19 - 2013-05-02 06:03 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\printcom.dll
2013-07-20 19:19 - 2013-04-24 06:00 - 00985600 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-07-20 19:19 - 2013-04-24 06:00 - 00133120 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-07-20 19:19 - 2013-04-24 06:00 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-07-20 19:19 - 2013-04-24 06:00 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2013-07-20 19:19 - 2013-04-24 03:46 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2013-07-20 19:19 - 2013-04-17 13:28 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-07-20 19:19 - 2013-04-17 13:28 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-07-20 19:19 - 2013-04-17 13:28 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-07-20 19:19 - 2013-04-17 13:28 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-07-20 19:19 - 2013-04-17 12:34 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-07-20 19:19 - 2013-04-17 12:33 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-07-20 19:19 - 2013-04-17 12:14 - 00683008 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-07-20 19:19 - 2013-04-17 12:10 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-20 19:19 - 2013-04-17 12:10 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-07-20 19:18 - 2013-05-08 06:04 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-20 18:51 - 2013-07-20 18:51 - 00160000 _____ C:\Windows\Minidump\Mini072013-01.dmp
2013-07-20 18:37 - 2013-07-23 18:09 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-20 18:37 - 2013-07-23 17:47 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-20 18:32 - 2013-07-20 18:32 - 02195988 _____ C:\Users\Olaf\Desktop\tdsskiller-2-8-14-0.zip
2013-07-20 18:32 - 2013-07-20 18:32 - 00000000 ____D C:\Users\Olaf\AppData\Roaming\PiccShare
2013-07-20 18:32 - 2013-07-20 18:32 - 00000000 ____D C:\Users\Olaf\AppData\Roaming\Common
2013-07-20 18:29 - 2013-07-20 18:30 - 00393064 _____ (Softonic                                        ) C:\Users\Olaf\Downloads\SoftonicDownloader_fuer_kaspersky-tdsskiller.exe

==================== One Month Modified Files and Folders =======

2013-07-23 18:18 - 2007-04-02 16:15 - 00000000 ___RD C:\Users\Olaf\Desktop
2013-07-23 18:16 - 2006-11-02 12:33 - 01586480 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-23 18:14 - 2007-06-27 14:40 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-07-23 18:12 - 2013-07-20 23:16 - 00000374 _____ C:\Windows\Tasks\Super Lyrics Update.job
2013-07-23 18:11 - 2013-07-20 22:14 - 00000372 _____ C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_Olaf.job
2013-07-23 18:09 - 2013-07-23 18:09 - 00155632 _____ C:\Windows\Minidump\Mini072313-01.dmp
2013-07-23 18:09 - 2013-07-20 18:37 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-23 18:09 - 2009-05-13 17:54 - 00000000 ____D C:\Windows\Minidump
2013-07-23 18:09 - 2008-01-08 16:06 - 00000000 ____D C:\ProgramData\NVIDIA
2013-07-23 18:09 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-23 18:09 - 2006-11-02 14:47 - 00003696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-23 18:09 - 2006-11-02 14:47 - 00003696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-23 18:08 - 2013-04-13 13:15 - 403665842 _____ C:\Windows\MEMORY.DMP
2013-07-23 18:08 - 2013-04-10 15:28 - 00003668 _____ C:\Windows\PFRO.log
2013-07-23 17:53 - 2012-04-25 14:17 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-23 17:52 - 2007-04-02 21:35 - 00000000 ____D C:\Users\Olaf\AppData\Local\Google
2013-07-23 17:52 - 2007-01-20 20:04 - 00000000 ____D C:\Program Files\Google
2013-07-23 17:47 - 2013-07-20 18:37 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-23 17:42 - 2006-11-02 13:18 - 00000000 __RHD C:\Users\Public\Desktop
2013-07-23 17:38 - 2008-07-29 10:55 - 00000000 ____D C:\Users\Gast\Desktop
2013-07-23 17:38 - 2007-05-12 17:08 - 00000000 ____D C:\Program Files\InterActual
2013-07-23 17:38 - 2007-01-20 19:54 - 00000000 ___RD C:\Users\IUSR_NMPR\Desktop
2013-07-23 17:37 - 2011-05-03 15:47 - 00000000 ____D C:\Program Files\Medion GoPal Assistant
2013-07-23 17:22 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache
2013-07-23 17:10 - 2011-12-12 16:11 - 01957431 _____ C:\Windows\WindowsUpdate.log
2013-07-23 16:25 - 2013-07-23 16:25 - 00000000 ____D C:\Windows\ERUNT
2013-07-23 16:21 - 2013-07-23 16:21 - 00560934 _____ (Oleg N. Scherbakov) C:\Users\Olaf\Desktop\JRT.exe
2013-07-23 15:38 - 2013-07-23 15:32 - 00030353 _____ C:\AdwCleaner[S1].txt
2013-07-23 15:38 - 2013-07-23 15:32 - 00000105 _____ C:\Windows\DeleteOnReboot.bat
2013-07-23 15:33 - 2013-01-27 13:53 - 00000000 ____D C:\ProgramData\GinyasBrowserCompanion
2013-07-23 15:28 - 2013-07-23 15:27 - 00031376 _____ C:\AdwCleaner[R1].txt
2013-07-23 15:23 - 2006-11-02 15:01 - 00032636 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-07-23 15:14 - 2013-07-23 15:14 - 00666633 _____ C:\Users\Olaf\Desktop\adwcleaner.exe
2013-07-23 15:09 - 2013-07-23 15:09 - 00000000 ____D C:\Program Files\Super_Lyrics
2013-07-23 15:09 - 2011-11-23 21:41 - 00001134 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1566220321-2446519374-2048356015-1001UA.job
2013-07-23 15:09 - 2011-11-23 21:41 - 00001112 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1566220321-2446519374-2048356015-1001Core.job
2013-07-23 00:21 - 2007-01-20 19:51 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-07-22 23:56 - 2013-07-22 22:02 - 00000000 ___SD C:\32788R22FWJFW
2013-07-22 23:36 - 2013-07-22 23:36 - 00000853 _____ C:\Users\Olaf\Desktop\ComboFix(1) - Verknüpfung.lnk
2013-07-22 23:28 - 2013-07-22 23:27 - 05091940 _____ (Swearware) C:\Users\Olaf\Downloads\ComboFix.exe
2013-07-22 23:25 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-07-22 23:18 - 2006-11-02 14:47 - 00443208 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-22 23:14 - 2009-12-30 18:13 - 28240388 ___SH C:\Windows\system32\Drivers\fidbox.idx
2013-07-22 23:14 - 2009-12-30 18:13 - 2113803808 _____ C:\Windows\system32\Drivers\fidbox.dat
2013-07-22 23:14 - 2006-11-02 14:37 - 00000000 ____D C:\Windows\system32\XPSViewer
2013-07-22 23:14 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\de-DE
2013-07-22 22:09 - 2013-07-22 22:07 - 00000000 ____D C:\Qoobox
2013-07-22 22:03 - 2013-07-22 22:03 - 00000000 ____D C:\Windows\erdnt
2013-07-22 21:16 - 2013-07-20 22:11 - 00000366 _____ C:\Windows\Tasks\ReclaimerUpdateFiles_Olaf.job
2013-07-22 21:06 - 2013-07-22 21:06 - 00050477 _____ C:\Users\Olaf\Downloads\Defogger.exe
2013-07-22 20:50 - 2012-11-06 23:48 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-22 20:45 - 2006-11-02 14:37 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-22 20:34 - 2013-07-22 20:34 - 00000000 ____D C:\FRST
2013-07-22 20:26 - 2013-07-23 18:18 - 01219874 _____ (Farbar) C:\Users\Olaf\Desktop\FRST.exe
2013-07-20 23:25 - 2013-04-13 03:02 - 00000796 _____ C:\Windows\setupact.log
2013-07-20 23:19 - 2013-07-20 23:19 - 00156160 _____ C:\Windows\Minidump\Mini072013-02.dmp
2013-07-20 22:49 - 2013-07-20 22:49 - 00001991 _____ C:\Users\Olaf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qtrax Player.lnk
2013-07-20 22:34 - 2013-07-20 22:11 - 00000362 _____ C:\Windows\Tasks\ReclaimerUpdateXML_Olaf.job
2013-07-20 22:34 - 2012-05-09 17:31 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-07-20 19:32 - 2013-07-20 19:31 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-07-20 18:56 - 2012-04-25 14:17 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-07-20 18:56 - 2011-08-28 08:50 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-07-20 18:51 - 2013-07-20 18:51 - 00160000 _____ C:\Windows\Minidump\Mini072013-01.dmp
2013-07-20 18:32 - 2013-07-20 18:32 - 02195988 _____ C:\Users\Olaf\Desktop\tdsskiller-2-8-14-0.zip
2013-07-20 18:32 - 2013-07-20 18:32 - 00000000 ____D C:\Users\Olaf\AppData\Roaming\PiccShare
2013-07-20 18:32 - 2013-07-20 18:32 - 00000000 ____D C:\Users\Olaf\AppData\Roaming\Common
2013-07-20 18:31 - 2006-11-02 13:18 - 00000000 ___RD C:\Users\Public
2013-07-20 18:30 - 2013-07-20 18:29 - 00393064 _____ (Softonic                                        ) C:\Users\Olaf\Downloads\SoftonicDownloader_fuer_kaspersky-tdsskiller.exe
2013-06-24 00:16 - 2006-11-02 12:24 - 75699896 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-23 18:21

==================== End Of Log ============================
--- --- ---

--- --- ---

schrauber 23.07.2013 19:05
Zitat:
C:\Windows\Minidump\Mini072313-01.dmp
Diese Datei brauch ich in einem ZIP


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

Rosanja 23.07.2013 20:16
Eset läuft!!!

C:\Windows\Minidump\Mini072313-01.dmp bekomme ich nicht in einen Zipordner!

Ich habe es auch mit Winrar versucht und bekomme diese Meldung:

C:\Users\Olaf\AppData\Local\Temp\Rar$ML26.4934\Mini072313-01.rar: Konnte C:\Windows\Minidump\Mini072313-01.dmp nicht öffnen.
Zugriff verweigert
Wie bekomme ich die Datei in einen Zip?

schrauber 23.07.2013 21:05
Downloade Dir bitte ZipIt2.exe von GravityGripp und speichere die Datei auf dem Desktop
  • Starte die ZipIt2.exe mit Doppelklick.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Kopiere nun folgenden Text in das Skriptfeld von ZipIt.
    Code:
    C:\Windows\Minidump\Mini072313-01.dmp
  • Klicke nun den Zip Button.
Du findest dann eine <Dein Benutzername>.zip Datei auf dem Desktop.[/list]Poste diese .zip Datei als Anhang.
Dateien als Anhang posten ( Schritt 2 )

Rosanja 23.07.2013 21:35
Bekomme die Seite von GravityGripp nicht auf, folgende Meldung
Code:
Fehler: Netzwerk-Zeitüberschreitung     
Der Server unter www.urlhadtodie.com braucht zu lange, um eine Antwort zu senden.

schrauber 24.07.2013 10:43
Seite ist im Moment down. Dann lassen wir das erstmal. Was macht ESET und Securitycheck?

Rosanja 24.07.2013 10:58
ESET lief gestern 4 Stunden und hatte ca 35% gescannt, vier Fehler gefunden (einen Trojaner). Dann war ich leider eine halbe Stunde nicht am Rechner und er war wieder festgefroren. Wenn ich zwischendurch am PC arbeite bzw. die Maus bewege ist alles in Ordnung aber wehe ich bin mal nicht am Platz, dann wird das Bild dunkel und nichts geht mehr. Ich hatte den Bildschirmschoner schon deaktiviert aber dass hat auch nichts gebracht. Ich lass den Scan noch mal neu laufen. Der PC reagiert aber schon viel schneller als vorher. Ich habe noch einige Programme deinstalliert!

schrauber 24.07.2013 11:55
Lass ESET weg, mach nen Vollscan mit deinem AV Programm und poste die Funde, dann Securitycheck und ein frisches FRST log bitte.

Rosanja 24.07.2013 14:22
Securitycheck
Code:
Results of screen317's Security Check version 0.99.70 
 Windows Vista Service Pack 2 x86 (UAC is enabled) 
 Internet Explorer 9 
 Internet Explorer 8 
``````````````Antivirus/Firewall Check:``````````````
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 CCleaner   
 Java(TM) 6 Update 29 
 Java 7 Update 11 
 Java(TM) SE Runtime Environment 6 Update 1
 Java(TM) 6 Update 2 
 Java 2 Runtime Environment, SE v1.4.2_14
 Java version out of Date!
 Adobe Flash Player        11.7.700.224 
 Adobe Reader 8 Adobe Reader out of Date!
 Adobe Reader 10.1.4 Adobe Reader out of Date! 
 Mozilla Firefox 16.0.2 Firefox out of Date! 
````````Process Check: objlist.exe by Laurent```````` 
 Kaspersky Lab Kaspersky Security Suite CBE avp.exe 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  %
````````````````````End of Log``````````````````````
Kaspersky
Code:
gefunden: potentiell gefährliche Software Hidden data sending        Prozess: C:\Program Files\eBay\Turbo Lister2\Tl.exe
gelöscht: trojanisches Programm Trojan.Win32.KillDisk.dw        Datei: C:\Program Files\Lugert Verlag\Forte Free\Update.exe
gefunden: potentiell gefährliche Software Trojan.generic        Prozess: C:\USERS\OLAF\APPDATA\LOCAL\TEMP\0.2542783034437336.EXE
gefunden: potentiell gefährliche Software Worm.P2P.generic        Prozess: C:\USERS\OLAF\APPDATA\LOCAL\TEMP\GUM7313.TMP\FACEBOOKUPDATE.EXE
gefunden: potentiell gefährliche Software Worm.P2P.generic        Prozess: C:\USERS\OLAF\APPDATA\LOCAL\TEMP\GUM7187.TMP\FACEBOOKUPDATE.EXE
gefunden: potentiell gefährliche Software Trojan.generic        Prozess: C:\USERS\OLAF\APPDATA\LOCAL\TEMP\GUM7187.TMP\FACEBOOKUPDATE.EXE
gelöscht: trojanisches Programm Trojan-Ransom.Win32.Gimemo.uof        E-Mail-Anhang: [From:ricoshea@centurylink.net][Subject:Tanja Rose deine Premiummitgliedschaft Nr 86715337][Time:2012/05/20 14:35:46]\Kunde9465374002.zip/Kunde9465374002.exe
gefunden: potentiell gefährliche Software Hidden data sending        Prozess: C:\Users\Olaf\Downloads\avc-free(1).exe
verboten: Phishing-Adresse hxxp://*.battlestar-galactica.bigpoint.com/*        URL: hxxp://de.battlestar-galactica.bigpoint.com/16?aid=1422&aip=${aip}
gefunden: potentiell gefährliche Software Hidden data sending        Prozess: C:\Users\Olaf\Downloads\VideoSpin_2_0_Setup.exe
gefunden: potentiell gefährliche Software Hidden data sending        Prozess: C:\Users\Olaf\Downloads\vppsetup.exe
verboten: Phishing-Adresse hxxp://*.battlestar-galactica.bigpoint.com/*        URL: hxxp://de.battlestar-galactica.bigpoint.com/big/bgo_01_de/?aid=1422&zanpid=18973783C1305740427T1730710747912526850
gefunden: Virus Heur.Invader (Modifikation)        URL: hxxp://download.bleepingcomputer.com/sUBs/ComboFix.exe//UPX//FileKill.3XE
nicht gefunden: Virus Heur.Invader (Modifikation)        Datei: c:\users\olaf\downloads\combofix.exe//UPX//FileKill.3XE
nicht gefunden: Virus Heur.Invader (Modifikation)        Datei: c:\users\olaf\downloads\combofix.exe//UPX//catchme.3XE
FRST

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 21-07-2013
Ran by Olaf (administrator) on 24-07-2013 15:21:02
Running from C:\Users\Olaf\Desktop
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe
(InterVideo Inc.) C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
() C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
(MAGIX AG) C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
(Hewlett-Packard Company) c:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS32.exe
() C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\tv_w32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Hewlett-Packard Company) C:\hp\support\hpsysdrv.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
() C:\Program Files\Steganos Safe Home\SteganosHotKeyService.exe
(Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
() C:\Program Files\radio ffn Rekorder\phonostarTimer.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Company) C:\hp\kbd\kbd.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
() C:\Users\Olaf\Desktop\SecurityCheck.exe
(Microsoft Corporation) C:\Windows\system32\cmd.exe
(Microsoft Corporation) C:\Windows\system32\sdclt.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(RealNetworks, Inc.) C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe

==================== Registry (Whitelisted) ==================

Winlogon\Notify\klogon: C:\Windows\system32\klogon.dll (Kaspersky Lab)
MountPoints2: {f75312be-89cf-11de-a996-001a92486b3f} - J:\Menu.exe
HKU\IUSR_NMPR\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [ 2008-01-18] (Microsoft Corporation)
HKU\IUSR_NMPR\...\Run: [ICQ] - "C:\Program Files\ICQ6\ICQ.exe" silent [x]
HKU\IUSR_NMPR\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [x]
HKU\IUSR_NMPR\...\RunOnce: [ICQ Lite] - C:\Program Files\ICQLite\ICQLite.exe -trayboot [x]
HKU\IUSR_NMPR\...\RunOnce: [DATA BECKER Registrierung] - "C:\Program Files\Internet Explorer\Iexplore.exe" C:\Program Files\DATA BECKER\Visitenkarten-Druckerei 10\Support\Online\index.htm [x]

==================== Internet (Whitelisted) ====================

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_DE&c=71&bd=Pavilion&pf=desktop
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_DE&c=71&bd=Pavilion&pf=desktop
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {99BF4F38-A3A2-412A-996F-AAD9A3406746} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06
SearchScopes: HKCU - {639C8579-AFEB-4039-886E-D4B7612A0244} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=U3&apn_dtid=YYYYYYYYDE&apn_uid=E918B100-3F16-4AFE-9A56-655241D70738&apn_sauid=FA585939-A01E-4CF2-B412-32F822B64359
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: Super Lyrics - {30B87EBD-E91B-498B-B25D-DF116AF00393} - C:\Program Files\Super_Lyrics\125.dll (Super Add-on Software)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Super Lyrics - {B9020890-9E08-446B-87B0-0C5CD0436D86} - C:\Program Files\Super_Lyrics\116.dll No File
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU -&Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\Windows\system32\ieframe.dll (Microsoft Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msdaipp - No CLSID Value -
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default
FF SelectedSearchEngine: Google.de
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/JavaPlugin,version=10.11.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @real.com/nppl3260;version=16.0.0.282 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/npracplug;version=1.0.0.0 - C:\Program Files\Real\RealArcade\Plugins\Mozilla\npracplug.dll (RealNetworks)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.0.282 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @phonostar.de/radio ffn Rekorder - C:\Program Files\radio ffn Rekorder\npphonostarDetectNP.dll ( )
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Olaf\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF SearchPlugin: C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\searchplugins\googlede-pws.xml
FF SearchPlugin: C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\searchplugins\googlede.xml
FF Extension: No Name - C:\Users\Olaf\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: No Name - C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\Extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com
FF Extension: No Name - C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\Extensions\plugin@starstable.com
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF Extension: ciuvo-extension - C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\Extensions\ciuvo-extension@icq.de.xpi
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [{34712C68-7391-4c47-94F3-8F88D49AD632}] C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF HKCU\...\Firefox\Extensions: [{F7EC2BAD-F77B-4020-B3C6-58B97D0859E5}] C:\Program Files\Super_Lyrics\125.xpi
FF Extension: No Name - C:\Program Files\Super_Lyrics\125.xpi

Chrome:
=======
CHR Extension: () - C:\Users\Olaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\1.0.5_0\back.html
CHR HKLM\...\Chrome\Extension: [bgnjcnjlaajofpendibcoodneacalfho] - C:\Program Files\Super_Lyrics\125.crx
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx

========================== Services (Whitelisted) =================

S3 AlertService; C:\Program Files\Intel\IntelDH\CCU\AlertService.exe [188416 2006-09-11] (Intel(R) Corporation)
R2 AVP; C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe [221184 2008-05-01] (Kaspersky Lab)
R2 Capture Device Service; C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe [198168 2007-03-06] (InterVideo Inc.)
R2 DQLWinService; C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [208896 2006-09-03] ()
R2 Fabs; C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe [1253376 2009-08-27] (MAGIX AG)
S3 FirebirdServerMAGIXInstance; C:\MAGIX\Common\Database\bin\fbserver.exe [1527900 2005-08-10] (The Firebird Project)
S2 IntelDHSvcConf; C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe [29696 2006-05-10] (Intel(R) Corporation)
S3 ISSM; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe [75264 2006-09-11] (Intel(R) Corporation)
S3 M1 Server; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe [26624 2006-09-01] ()
S3 MCLServiceATL; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe [167936 2006-09-11] (Intel(R) Corporation)
R2 OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [90112 2009-04-30] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] ()
S3 Remote UI Service; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe [544256 2006-09-11] (Intel(R) Corporation)
S3 stllssvr; "c:\Program Files\Common Files\SureThing Shared\stllssvr.exe" [x]

==================== Drivers (Whitelisted) ====================

R2 ACEDRV07; C:\Windows\system32\drivers\ACEDRV07.sys [101376 2007-09-27] (Protect Software GmbH)
R3 Afc; C:\Windows\System32\drivers\Afc.sys [11776 2005-02-23] (Arcsoft, Inc.)
R1 kl1; C:\Windows\System32\DRIVERS\kl1.sys [110096 2007-10-31] (Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [147984 2007-12-13] (Kaspersky Lab)
R3 pfc; C:\Windows\System32\drivers\pfc.sys [21248 2003-09-20] (Padus, Inc.)
S3 s0017bus; C:\Windows\System32\DRIVERS\s0017bus.sys [90536 2008-05-27] (MCCI Corporation)
S3 s0017mdfl; C:\Windows\System32\DRIVERS\s0017mdfl.sys [15016 2008-05-27] (MCCI Corporation)
S3 s0017mdm; C:\Windows\System32\DRIVERS\s0017mdm.sys [122152 2008-05-27] (MCCI Corporation)
S3 s0017mgmt; C:\Windows\System32\DRIVERS\s0017mgmt.sys [115496 2008-05-27] (MCCI Corporation)
S3 s0017nd5; C:\Windows\System32\DRIVERS\s0017nd5.sys [25768 2008-05-27] (MCCI Corporation)
S3 s0017obex; C:\Windows\System32\DRIVERS\s0017obex.sys [111912 2008-05-27] (MCCI Corporation)
S3 s0017unic; C:\Windows\System32\DRIVERS\s0017unic.sys [117672 2008-05-27] (MCCI Corporation)
R1 SLEE_14_DRIVER; C:\Windows\system32\drivers\Sleen14.sys [72480 2006-11-08] (Softwareentwicklung Remus - ArchiCrypt )
S3 TSHWMDTCP; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys [4608 2006-07-13] ()
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 massfilter; system32\drivers\massfilter.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 ZD1211BU(ZyDAS); system32\DRIVERS\zd1211Bu.sys [x]
S3 ZDPSp60; System32\Drivers\ZDPSp60.sys [x]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [x]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [x]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-23 21:19 - 2013-07-23 21:19 - 00891062 _____ C:\Users\Olaf\Desktop\SecurityCheck.exe
2013-07-23 20:32 - 2013-07-23 20:32 - 00000000 ____D C:\Program Files\ESET
2013-07-23 20:31 - 2013-07-23 20:31 - 02347384 _____ (ESET) C:\Users\Olaf\Downloads\esetsmartinstaller_enu.exe
2013-07-23 18:43 - 2013-07-23 18:43 - 00000000 ____D C:\2e25bc9a05b08dace7427c46ed41c1
2013-07-23 18:36 - 2013-07-23 18:36 - 00377856 _____ C:\Users\Olaf\Desktop\gmer_2.1.19163.exe
2013-07-23 18:34 - 2013-07-23 18:34 - 00602112 _____ (OldTimer Tools) C:\Users\Olaf\Desktop\OTL.exe
2013-07-23 18:18 - 2013-07-22 20:26 - 01219874 _____ (Farbar) C:\Users\Olaf\Desktop\FRST.exe
2013-07-23 18:09 - 2013-07-23 18:09 - 00155632 _____ C:\Windows\Minidump\Mini072313-01.dmp
2013-07-23 16:25 - 2013-07-23 16:25 - 00000000 ____D C:\Windows\ERUNT
2013-07-23 16:21 - 2013-07-23 16:21 - 00560934 _____ (Oleg N. Scherbakov) C:\Users\Olaf\Desktop\JRT.exe
2013-07-23 15:32 - 2013-07-23 15:38 - 00030353 _____ C:\AdwCleaner[S1].txt
2013-07-23 15:32 - 2013-07-23 15:38 - 00000105 _____ C:\Windows\DeleteOnReboot.bat
2013-07-23 15:27 - 2013-07-23 15:28 - 00031376 _____ C:\AdwCleaner[R1].txt
2013-07-23 15:14 - 2013-07-23 15:14 - 00666633 _____ C:\Users\Olaf\Desktop\adwcleaner.exe
2013-07-23 15:09 - 2013-07-23 15:09 - 00000000 ____D C:\Program Files\Super_Lyrics
2013-07-22 23:36 - 2013-07-22 23:36 - 00000853 _____ C:\Users\Olaf\Desktop\ComboFix(1) - Verknüpfung.lnk
2013-07-22 23:27 - 2013-07-22 23:28 - 05091940 _____ (Swearware) C:\Users\Olaf\Downloads\ComboFix.exe
2013-07-22 22:10 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-07-22 22:10 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-07-22 22:10 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-07-22 22:10 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-07-22 22:10 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-07-22 22:10 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-07-22 22:10 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-07-22 22:10 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-07-22 22:07 - 2013-07-22 22:09 - 00000000 ____D C:\Qoobox
2013-07-22 22:03 - 2013-07-22 22:03 - 00000000 ____D C:\Windows\erdnt
2013-07-22 22:02 - 2013-07-22 23:56 - 00000000 ___SD C:\32788R22FWJFW
2013-07-22 21:07 - 2013-05-29 03:56 - 12333568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-22 21:07 - 2013-05-29 03:50 - 01800704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-22 21:07 - 2013-05-29 03:48 - 09738752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-22 21:07 - 2013-05-29 03:41 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-07-22 21:07 - 2013-05-29 03:41 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-22 21:07 - 2013-05-29 03:41 - 01104384 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-22 21:07 - 2013-05-29 03:40 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-07-22 21:07 - 2013-05-29 03:38 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-22 21:07 - 2013-05-29 03:37 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-07-22 21:07 - 2013-05-29 03:36 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-07-22 21:07 - 2013-05-29 03:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-22 21:07 - 2013-05-29 03:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-22 21:07 - 2013-05-29 03:33 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-22 21:07 - 2013-05-29 03:33 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-22 21:07 - 2013-05-29 03:33 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-07-22 21:07 - 2013-05-29 03:29 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-22 21:06 - 2013-07-22 21:06 - 00050477 _____ C:\Users\Olaf\Downloads\Defogger.exe
2013-07-22 20:34 - 2013-07-22 20:34 - 00000000 ____D C:\FRST
2013-07-20 23:19 - 2013-07-20 23:19 - 00156160 _____ C:\Windows\Minidump\Mini072013-02.dmp
2013-07-20 23:16 - 2013-07-24 14:46 - 00000374 _____ C:\Windows\Tasks\Super Lyrics Update.job
2013-07-20 22:49 - 2013-07-20 22:49 - 00001991 _____ C:\Users\Olaf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qtrax Player.lnk
2013-07-20 22:14 - 2013-07-24 14:44 - 00000372 _____ C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_Olaf.job
2013-07-20 22:11 - 2013-07-23 22:16 - 00000362 _____ C:\Windows\Tasks\ReclaimerUpdateXML_Olaf.job
2013-07-20 22:11 - 2013-07-22 21:16 - 00000366 _____ C:\Windows\Tasks\ReclaimerUpdateFiles_Olaf.job
2013-07-20 19:31 - 2013-07-20 19:32 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-07-20 19:22 - 2013-04-17 14:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2013-07-20 19:20 - 2013-06-04 03:50 - 02049024 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-20 19:20 - 2013-05-08 06:37 - 00905576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-07-20 19:19 - 2013-06-01 06:06 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-20 19:19 - 2013-05-03 00:03 - 03603832 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2013-07-20 19:19 - 2013-05-03 00:03 - 03551096 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-07-20 19:19 - 2013-05-02 06:04 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2013-07-20 19:19 - 2013-05-02 06:03 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\printcom.dll
2013-07-20 19:19 - 2013-04-24 06:00 - 00985600 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-07-20 19:19 - 2013-04-24 06:00 - 00133120 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-07-20 19:19 - 2013-04-24 06:00 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-07-20 19:19 - 2013-04-24 06:00 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2013-07-20 19:19 - 2013-04-24 03:46 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2013-07-20 19:19 - 2013-04-17 13:28 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-07-20 19:19 - 2013-04-17 13:28 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-07-20 19:19 - 2013-04-17 13:28 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-07-20 19:19 - 2013-04-17 13:28 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-07-20 19:19 - 2013-04-17 12:34 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-07-20 19:19 - 2013-04-17 12:33 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-07-20 19:19 - 2013-04-17 12:14 - 00683008 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-07-20 19:19 - 2013-04-17 12:10 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-20 19:19 - 2013-04-17 12:10 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-07-20 19:18 - 2013-05-08 06:04 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-20 18:51 - 2013-07-20 18:51 - 00160000 _____ C:\Windows\Minidump\Mini072013-01.dmp
2013-07-20 18:37 - 2013-07-24 14:47 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-20 18:37 - 2013-07-24 14:44 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-20 18:32 - 2013-07-20 18:32 - 02195988 _____ C:\Users\Olaf\Desktop\tdsskiller-2-8-14-0.zip
2013-07-20 18:32 - 2013-07-20 18:32 - 00000000 ____D C:\Users\Olaf\AppData\Roaming\PiccShare
2013-07-20 18:32 - 2013-07-20 18:32 - 00000000 ____D C:\Users\Olaf\AppData\Roaming\Common
2013-07-20 18:29 - 2013-07-20 18:30 - 00393064 _____ (Softonic                                        ) C:\Users\Olaf\Downloads\SoftonicDownloader_fuer_kaspersky-tdsskiller.exe

==================== One Month Modified Files and Folders =======

2013-07-24 15:09 - 2011-11-23 21:41 - 00001134 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1566220321-2446519374-2048356015-1001UA.job
2013-07-24 15:09 - 2011-11-23 21:41 - 00001112 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1566220321-2446519374-2048356015-1001Core.job
2013-07-24 14:58 - 2011-12-12 16:11 - 02048337 _____ C:\Windows\WindowsUpdate.log
2013-07-24 14:54 - 2007-04-02 16:15 - 00000000 ___RD C:\Users\Olaf\Desktop
2013-07-24 14:53 - 2012-04-25 14:17 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-24 14:51 - 2006-11-02 12:33 - 01586480 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-24 14:47 - 2013-07-20 18:37 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-24 14:47 - 2007-06-27 14:40 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-07-24 14:46 - 2013-07-20 23:16 - 00000374 _____ C:\Windows\Tasks\Super Lyrics Update.job
2013-07-24 14:44 - 2013-07-20 22:14 - 00000372 _____ C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_Olaf.job
2013-07-24 14:44 - 2013-07-20 18:37 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-24 14:44 - 2008-01-08 16:06 - 00000000 ____D C:\ProgramData\NVIDIA
2013-07-24 14:44 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-24 14:44 - 2006-11-02 14:47 - 00003696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-24 14:44 - 2006-11-02 14:47 - 00003696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-24 01:18 - 2009-12-30 18:13 - 2666201056 _____ C:\Windows\system32\Drivers\fidbox.dat
2013-07-24 00:16 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-07-23 22:16 - 2013-07-20 22:11 - 00000362 _____ C:\Windows\Tasks\ReclaimerUpdateXML_Olaf.job
2013-07-23 21:19 - 2013-07-23 21:19 - 00891062 _____ C:\Users\Olaf\Desktop\SecurityCheck.exe
2013-07-23 20:32 - 2013-07-23 20:32 - 00000000 ____D C:\Program Files\ESET
2013-07-23 20:31 - 2013-07-23 20:31 - 02347384 _____ (ESET) C:\Users\Olaf\Downloads\esetsmartinstaller_enu.exe
2013-07-23 18:43 - 2013-07-23 18:43 - 00000000 ____D C:\2e25bc9a05b08dace7427c46ed41c1
2013-07-23 18:36 - 2013-07-23 18:36 - 00377856 _____ C:\Users\Olaf\Desktop\gmer_2.1.19163.exe
2013-07-23 18:34 - 2013-07-23 18:34 - 00602112 _____ (OldTimer Tools) C:\Users\Olaf\Desktop\OTL.exe
2013-07-23 18:09 - 2013-07-23 18:09 - 00155632 _____ C:\Windows\Minidump\Mini072313-01.dmp
2013-07-23 18:09 - 2009-05-13 17:54 - 00000000 ____D C:\Windows\Minidump
2013-07-23 18:08 - 2013-04-13 13:15 - 403665842 _____ C:\Windows\MEMORY.DMP
2013-07-23 18:08 - 2013-04-10 15:28 - 00003668 _____ C:\Windows\PFRO.log
2013-07-23 17:52 - 2007-04-02 21:35 - 00000000 ____D C:\Users\Olaf\AppData\Local\Google
2013-07-23 17:52 - 2007-01-20 20:04 - 00000000 ____D C:\Program Files\Google
2013-07-23 17:42 - 2006-11-02 13:18 - 00000000 __RHD C:\Users\Public\Desktop
2013-07-23 17:38 - 2008-07-29 10:55 - 00000000 ____D C:\Users\Gast\Desktop
2013-07-23 17:38 - 2007-05-12 17:08 - 00000000 ____D C:\Program Files\InterActual
2013-07-23 17:38 - 2007-01-20 19:54 - 00000000 ___RD C:\Users\IUSR_NMPR\Desktop
2013-07-23 17:37 - 2011-05-03 15:47 - 00000000 ____D C:\Program Files\Medion GoPal Assistant
2013-07-23 17:22 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache
2013-07-23 16:25 - 2013-07-23 16:25 - 00000000 ____D C:\Windows\ERUNT
2013-07-23 16:21 - 2013-07-23 16:21 - 00560934 _____ (Oleg N. Scherbakov) C:\Users\Olaf\Desktop\JRT.exe
2013-07-23 15:38 - 2013-07-23 15:32 - 00030353 _____ C:\AdwCleaner[S1].txt
2013-07-23 15:38 - 2013-07-23 15:32 - 00000105 _____ C:\Windows\DeleteOnReboot.bat
2013-07-23 15:33 - 2013-01-27 13:53 - 00000000 ____D C:\ProgramData\GinyasBrowserCompanion
2013-07-23 15:28 - 2013-07-23 15:27 - 00031376 _____ C:\AdwCleaner[R1].txt
2013-07-23 15:23 - 2006-11-02 15:01 - 00032636 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-07-23 15:14 - 2013-07-23 15:14 - 00666633 _____ C:\Users\Olaf\Desktop\adwcleaner.exe
2013-07-23 15:09 - 2013-07-23 15:09 - 00000000 ____D C:\Program Files\Super_Lyrics
2013-07-23 00:21 - 2007-01-20 19:51 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-07-22 23:56 - 2013-07-22 22:02 - 00000000 ___SD C:\32788R22FWJFW
2013-07-22 23:36 - 2013-07-22 23:36 - 00000853 _____ C:\Users\Olaf\Desktop\ComboFix(1) - Verknüpfung.lnk
2013-07-22 23:28 - 2013-07-22 23:27 - 05091940 _____ (Swearware) C:\Users\Olaf\Downloads\ComboFix.exe
2013-07-22 23:18 - 2006-11-02 14:47 - 00443208 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-22 23:14 - 2009-12-30 18:13 - 28240388 ___SH C:\Windows\system32\Drivers\fidbox.idx
2013-07-22 23:14 - 2006-11-02 14:37 - 00000000 ____D C:\Windows\system32\XPSViewer
2013-07-22 23:14 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\de-DE
2013-07-22 22:09 - 2013-07-22 22:07 - 00000000 ____D C:\Qoobox
2013-07-22 22:03 - 2013-07-22 22:03 - 00000000 ____D C:\Windows\erdnt
2013-07-22 21:16 - 2013-07-20 22:11 - 00000366 _____ C:\Windows\Tasks\ReclaimerUpdateFiles_Olaf.job
2013-07-22 21:06 - 2013-07-22 21:06 - 00050477 _____ C:\Users\Olaf\Downloads\Defogger.exe
2013-07-22 20:50 - 2012-11-06 23:48 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-22 20:45 - 2006-11-02 14:37 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-22 20:34 - 2013-07-22 20:34 - 00000000 ____D C:\FRST
2013-07-22 20:26 - 2013-07-23 18:18 - 01219874 _____ (Farbar) C:\Users\Olaf\Desktop\FRST.exe
2013-07-20 23:25 - 2013-04-13 03:02 - 00000796 _____ C:\Windows\setupact.log
2013-07-20 23:19 - 2013-07-20 23:19 - 00156160 _____ C:\Windows\Minidump\Mini072013-02.dmp
2013-07-20 22:49 - 2013-07-20 22:49 - 00001991 _____ C:\Users\Olaf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qtrax Player.lnk
2013-07-20 22:34 - 2012-05-09 17:31 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-07-20 19:32 - 2013-07-20 19:31 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-07-20 18:56 - 2012-04-25 14:17 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-07-20 18:56 - 2011-08-28 08:50 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-07-20 18:51 - 2013-07-20 18:51 - 00160000 _____ C:\Windows\Minidump\Mini072013-01.dmp
2013-07-20 18:32 - 2013-07-20 18:32 - 02195988 _____ C:\Users\Olaf\Desktop\tdsskiller-2-8-14-0.zip
2013-07-20 18:32 - 2013-07-20 18:32 - 00000000 ____D C:\Users\Olaf\AppData\Roaming\PiccShare
2013-07-20 18:32 - 2013-07-20 18:32 - 00000000 ____D C:\Users\Olaf\AppData\Roaming\Common
2013-07-20 18:31 - 2006-11-02 13:18 - 00000000 ___RD C:\Users\Public
2013-07-20 18:30 - 2013-07-20 18:29 - 00393064 _____ (Softonic                                        ) C:\Users\Olaf\Downloads\SoftonicDownloader_fuer_kaspersky-tdsskiller.exe
2013-06-24 00:16 - 2006-11-02 12:24 - 75699896 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-24 14:52

==================== End Of Log ============================
--- --- ---

schrauber 24.07.2013 15:51
Java, Adobe Reader und Firefox updaten.

Downloade Dir bitte TFC ( von Oldtimer ) und speichere die Datei auf dem Desktop.
Schließe nun alle offenen Programme und trenne Dich von dem Internet.
Doppelklick auf die TFC.exe und drücke auf Start.
Sollte TFC nicht alle Dateien löschen können wird es einen Neustart verlangen. Dies bitte zulassen.


Noch Probleme? :)

Rosanja 24.07.2013 17:12
TFC hat 520Mb temp gelöscht. Das ist bestimmt viel oder? Mal sehen ob ich den Broser jetzt ohne festfrieren (wie sagt man in Computersprache?) beendet bekomme. Kann dass schon die Lösung sein?

Hier noch FRST
FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 21-07-2013
Ran by Olaf (administrator) on 24-07-2013 18:07:04
Running from C:\Users\Olaf\Desktop
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(InterVideo Inc.) C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
() C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
(MAGIX AG) C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
(Hewlett-Packard Company) c:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS32.exe
() C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(RealNetworks, Inc.) C:\Program Files\RealNetworks\RealDownloader\recordingmanager.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe
(Microsoft Corporation) C:\Windows\system32\msfeedssync.exe

==================== Registry (Whitelisted) ==================

Winlogon\Notify\klogon: C:\Windows\system32\klogon.dll (Kaspersky Lab)
MountPoints2: {f75312be-89cf-11de-a996-001a92486b3f} - J:\Menu.exe
HKU\IUSR_NMPR\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [ 2008-01-18] (Microsoft Corporation)
HKU\IUSR_NMPR\...\Run: [ICQ] - "C:\Program Files\ICQ6\ICQ.exe" silent [x]
HKU\IUSR_NMPR\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [x]
HKU\IUSR_NMPR\...\RunOnce: [ICQ Lite] - C:\Program Files\ICQLite\ICQLite.exe -trayboot [x]
HKU\IUSR_NMPR\...\RunOnce: [DATA BECKER Registrierung] - "C:\Program Files\Internet Explorer\Iexplore.exe" C:\Program Files\DATA BECKER\Visitenkarten-Druckerei 10\Support\Online\index.htm [x]

==================== Internet (Whitelisted) ====================

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_DE&c=71&bd=Pavilion&pf=desktop
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_DE&c=71&bd=Pavilion&pf=desktop
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {99BF4F38-A3A2-412A-996F-AAD9A3406746} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06
SearchScopes: HKCU - {639C8579-AFEB-4039-886E-D4B7612A0244} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=U3&apn_dtid=YYYYYYYYDE&apn_uid=E918B100-3F16-4AFE-9A56-655241D70738&apn_sauid=FA585939-A01E-4CF2-B412-32F822B64359
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: Super Lyrics - {30B87EBD-E91B-498B-B25D-DF116AF00393} - C:\Program Files\Super_Lyrics\125.dll (Super Add-on Software)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Super Lyrics - {B9020890-9E08-446B-87B0-0C5CD0436D86} - C:\Program Files\Super_Lyrics\116.dll No File
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU -&Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\Windows\system32\ieframe.dll (Microsoft Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msdaipp - No CLSID Value -
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default
FF SelectedSearchEngine: Google.de
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/JavaPlugin,version=10.11.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @real.com/nppl3260;version=16.0.0.282 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/npracplug;version=1.0.0.0 - C:\Program Files\Real\RealArcade\Plugins\Mozilla\npracplug.dll (RealNetworks)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.0.282 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @phonostar.de/radio ffn Rekorder - C:\Program Files\radio ffn Rekorder\npphonostarDetectNP.dll ( )
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Olaf\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF SearchPlugin: C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\searchplugins\googlede-pws.xml
FF SearchPlugin: C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\searchplugins\googlede.xml
FF Extension: No Name - C:\Users\Olaf\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: No Name - C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\Extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com
FF Extension: No Name - C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\Extensions\plugin@starstable.com
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF Extension: ciuvo-extension - C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\Extensions\ciuvo-extension@icq.de.xpi
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [{34712C68-7391-4c47-94F3-8F88D49AD632}] C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF HKCU\...\Firefox\Extensions: [{F7EC2BAD-F77B-4020-B3C6-58B97D0859E5}] C:\Program Files\Super_Lyrics\125.xpi
FF Extension: No Name - C:\Program Files\Super_Lyrics\125.xpi

Chrome:
=======
CHR Extension: () - C:\Users\Olaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\1.0.5_0\back.html
CHR HKLM\...\Chrome\Extension: [bgnjcnjlaajofpendibcoodneacalfho] - C:\Program Files\Super_Lyrics\125.crx
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx

========================== Services (Whitelisted) =================

S3 AlertService; C:\Program Files\Intel\IntelDH\CCU\AlertService.exe [188416 2006-09-11] (Intel(R) Corporation)
R2 AVP; C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe [221184 2008-05-01] (Kaspersky Lab)
R2 Capture Device Service; C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe [198168 2007-03-06] (InterVideo Inc.)
R2 DQLWinService; C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [208896 2006-09-03] ()
R2 Fabs; C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe [1253376 2009-08-27] (MAGIX AG)
S3 FirebirdServerMAGIXInstance; C:\MAGIX\Common\Database\bin\fbserver.exe [1527900 2005-08-10] (The Firebird Project)
S2 IntelDHSvcConf; C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe [29696 2006-05-10] (Intel(R) Corporation)
S3 ISSM; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe [75264 2006-09-11] (Intel(R) Corporation)
S3 M1 Server; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe [26624 2006-09-01] ()
S3 MCLServiceATL; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe [167936 2006-09-11] (Intel(R) Corporation)
R2 OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [90112 2009-04-30] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] ()
S3 Remote UI Service; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe [544256 2006-09-11] (Intel(R) Corporation)
S3 stllssvr; "c:\Program Files\Common Files\SureThing Shared\stllssvr.exe" [x]

==================== Drivers (Whitelisted) ====================

R2 ACEDRV07; C:\Windows\system32\drivers\ACEDRV07.sys [101376 2007-09-27] (Protect Software GmbH)
R3 Afc; C:\Windows\System32\drivers\Afc.sys [11776 2005-02-23] (Arcsoft, Inc.)
R1 kl1; C:\Windows\System32\DRIVERS\kl1.sys [110096 2007-10-31] (Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [147984 2007-12-13] (Kaspersky Lab)
R3 pfc; C:\Windows\System32\drivers\pfc.sys [21248 2003-09-20] (Padus, Inc.)
S3 s0017bus; C:\Windows\System32\DRIVERS\s0017bus.sys [90536 2008-05-27] (MCCI Corporation)
S3 s0017mdfl; C:\Windows\System32\DRIVERS\s0017mdfl.sys [15016 2008-05-27] (MCCI Corporation)
S3 s0017mdm; C:\Windows\System32\DRIVERS\s0017mdm.sys [122152 2008-05-27] (MCCI Corporation)
S3 s0017mgmt; C:\Windows\System32\DRIVERS\s0017mgmt.sys [115496 2008-05-27] (MCCI Corporation)
S3 s0017nd5; C:\Windows\System32\DRIVERS\s0017nd5.sys [25768 2008-05-27] (MCCI Corporation)
S3 s0017obex; C:\Windows\System32\DRIVERS\s0017obex.sys [111912 2008-05-27] (MCCI Corporation)
S3 s0017unic; C:\Windows\System32\DRIVERS\s0017unic.sys [117672 2008-05-27] (MCCI Corporation)
R1 SLEE_14_DRIVER; C:\Windows\system32\drivers\Sleen14.sys [72480 2006-11-08] (Softwareentwicklung Remus - ArchiCrypt )
S3 TSHWMDTCP; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys [4608 2006-07-13] ()
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 massfilter; system32\drivers\massfilter.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 ZD1211BU(ZyDAS); system32\DRIVERS\zd1211Bu.sys [x]
S3 ZDPSp60; System32\Drivers\ZDPSp60.sys [x]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [x]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [x]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-24 17:24 - 2013-07-24 17:24 - 00448512 _____ (OldTimer Tools) C:\Users\Olaf\Desktop\TFC.exe
2013-07-23 21:19 - 2013-07-23 21:19 - 00891062 _____ C:\Users\Olaf\Desktop\SecurityCheck.exe
2013-07-23 20:32 - 2013-07-23 20:32 - 00000000 ____D C:\Program Files\ESET
2013-07-23 20:31 - 2013-07-23 20:31 - 02347384 _____ (ESET) C:\Users\Olaf\Downloads\esetsmartinstaller_enu.exe
2013-07-23 18:43 - 2013-07-23 18:43 - 00000000 ____D C:\2e25bc9a05b08dace7427c46ed41c1
2013-07-23 18:36 - 2013-07-23 18:36 - 00377856 _____ C:\Users\Olaf\Desktop\gmer_2.1.19163.exe
2013-07-23 18:34 - 2013-07-23 18:34 - 00602112 _____ (OldTimer Tools) C:\Users\Olaf\Desktop\OTL.exe
2013-07-23 18:18 - 2013-07-22 20:26 - 01219874 _____ (Farbar) C:\Users\Olaf\Desktop\FRST.exe
2013-07-23 18:09 - 2013-07-23 18:09 - 00155632 _____ C:\Windows\Minidump\Mini072313-01.dmp
2013-07-23 16:25 - 2013-07-23 16:25 - 00000000 ____D C:\Windows\ERUNT
2013-07-23 16:21 - 2013-07-23 16:21 - 00560934 _____ (Oleg N. Scherbakov) C:\Users\Olaf\Desktop\JRT.exe
2013-07-23 15:32 - 2013-07-23 15:38 - 00030353 _____ C:\AdwCleaner[S1].txt
2013-07-23 15:32 - 2013-07-23 15:38 - 00000105 _____ C:\Windows\DeleteOnReboot.bat
2013-07-23 15:27 - 2013-07-23 15:28 - 00031376 _____ C:\AdwCleaner[R1].txt
2013-07-23 15:14 - 2013-07-23 15:14 - 00666633 _____ C:\Users\Olaf\Desktop\adwcleaner.exe
2013-07-23 15:09 - 2013-07-23 15:09 - 00000000 ____D C:\Program Files\Super_Lyrics
2013-07-22 23:36 - 2013-07-22 23:36 - 00000853 _____ C:\Users\Olaf\Desktop\ComboFix(1) - Verknüpfung.lnk
2013-07-22 23:27 - 2013-07-22 23:28 - 05091940 _____ (Swearware) C:\Users\Olaf\Downloads\ComboFix.exe
2013-07-22 22:10 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-07-22 22:10 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-07-22 22:10 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-07-22 22:10 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-07-22 22:10 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-07-22 22:10 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-07-22 22:10 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-07-22 22:10 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-07-22 22:07 - 2013-07-22 22:09 - 00000000 ____D C:\Qoobox
2013-07-22 22:03 - 2013-07-22 22:03 - 00000000 ____D C:\Windows\erdnt
2013-07-22 22:02 - 2013-07-22 23:56 - 00000000 ___SD C:\32788R22FWJFW
2013-07-22 21:07 - 2013-05-29 03:56 - 12333568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-22 21:07 - 2013-05-29 03:50 - 01800704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-22 21:07 - 2013-05-29 03:48 - 09738752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-22 21:07 - 2013-05-29 03:41 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-07-22 21:07 - 2013-05-29 03:41 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-22 21:07 - 2013-05-29 03:41 - 01104384 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-22 21:07 - 2013-05-29 03:40 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-07-22 21:07 - 2013-05-29 03:38 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-22 21:07 - 2013-05-29 03:37 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-07-22 21:07 - 2013-05-29 03:36 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-07-22 21:07 - 2013-05-29 03:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-22 21:07 - 2013-05-29 03:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-22 21:07 - 2013-05-29 03:33 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-22 21:07 - 2013-05-29 03:33 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-22 21:07 - 2013-05-29 03:33 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-07-22 21:07 - 2013-05-29 03:29 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-22 21:06 - 2013-07-22 21:06 - 00050477 _____ C:\Users\Olaf\Downloads\Defogger.exe
2013-07-22 20:34 - 2013-07-22 20:34 - 00000000 ____D C:\FRST
2013-07-20 23:19 - 2013-07-20 23:19 - 00156160 _____ C:\Windows\Minidump\Mini072013-02.dmp
2013-07-20 23:16 - 2013-07-24 17:44 - 00000374 _____ C:\Windows\Tasks\Super Lyrics Update.job
2013-07-20 22:49 - 2013-07-20 22:49 - 00001991 _____ C:\Users\Olaf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qtrax Player.lnk
2013-07-20 22:14 - 2013-07-24 17:42 - 00000372 _____ C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_Olaf.job
2013-07-20 22:11 - 2013-07-23 22:16 - 00000362 _____ C:\Windows\Tasks\ReclaimerUpdateXML_Olaf.job
2013-07-20 22:11 - 2013-07-22 21:16 - 00000366 _____ C:\Windows\Tasks\ReclaimerUpdateFiles_Olaf.job
2013-07-20 19:31 - 2013-07-20 19:32 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-07-20 19:22 - 2013-04-17 14:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2013-07-20 19:20 - 2013-06-04 03:50 - 02049024 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-20 19:20 - 2013-05-08 06:37 - 00905576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-07-20 19:19 - 2013-06-01 06:06 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-20 19:19 - 2013-05-03 00:03 - 03603832 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2013-07-20 19:19 - 2013-05-03 00:03 - 03551096 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-07-20 19:19 - 2013-05-02 06:04 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2013-07-20 19:19 - 2013-05-02 06:03 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\printcom.dll
2013-07-20 19:19 - 2013-04-24 06:00 - 00985600 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-07-20 19:19 - 2013-04-24 06:00 - 00133120 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-07-20 19:19 - 2013-04-24 06:00 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-07-20 19:19 - 2013-04-24 06:00 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2013-07-20 19:19 - 2013-04-24 03:46 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2013-07-20 19:19 - 2013-04-17 13:28 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-07-20 19:19 - 2013-04-17 13:28 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-07-20 19:19 - 2013-04-17 13:28 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-07-20 19:19 - 2013-04-17 13:28 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-07-20 19:19 - 2013-04-17 12:34 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-07-20 19:19 - 2013-04-17 12:33 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-07-20 19:19 - 2013-04-17 12:14 - 00683008 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-07-20 19:19 - 2013-04-17 12:10 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-20 19:19 - 2013-04-17 12:10 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-07-20 19:18 - 2013-05-08 06:04 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-20 18:51 - 2013-07-20 18:51 - 00160000 _____ C:\Windows\Minidump\Mini072013-01.dmp
2013-07-20 18:37 - 2013-07-24 17:47 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-20 18:37 - 2013-07-24 17:42 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-20 18:32 - 2013-07-20 18:32 - 02195988 _____ C:\Users\Olaf\Desktop\tdsskiller-2-8-14-0.zip
2013-07-20 18:32 - 2013-07-20 18:32 - 00000000 ____D C:\Users\Olaf\AppData\Roaming\PiccShare
2013-07-20 18:32 - 2013-07-20 18:32 - 00000000 ____D C:\Users\Olaf\AppData\Roaming\Common
2013-07-20 18:29 - 2013-07-20 18:30 - 00393064 _____ (Softonic                                        ) C:\Users\Olaf\Downloads\SoftonicDownloader_fuer_kaspersky-tdsskiller.exe

==================== One Month Modified Files and Folders =======

2013-07-24 18:09 - 2011-11-23 21:41 - 00001134 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1566220321-2446519374-2048356015-1001UA.job
2013-07-24 18:07 - 2007-04-02 16:15 - 00000000 ___RD C:\Users\Olaf\Desktop
2013-07-24 18:06 - 2007-06-27 14:40 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-07-24 17:53 - 2012-04-25 14:17 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-24 17:49 - 2006-11-02 12:33 - 01586480 _____ C:\Windows\system32\PerfStringBackup.INI
2013-07-24 17:47 - 2013-07-20 18:37 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-24 17:44 - 2013-07-20 23:16 - 00000374 _____ C:\Windows\Tasks\Super Lyrics Update.job
2013-07-24 17:42 - 2013-07-20 22:14 - 00000372 _____ C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_Olaf.job
2013-07-24 17:42 - 2013-07-20 18:37 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-24 17:42 - 2008-01-08 16:06 - 00000000 ____D C:\ProgramData\NVIDIA
2013-07-24 17:42 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-07-24 17:42 - 2006-11-02 14:47 - 00003696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-24 17:42 - 2006-11-02 14:47 - 00003696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-24 17:24 - 2013-07-24 17:24 - 00448512 _____ (OldTimer Tools) C:\Users\Olaf\Desktop\TFC.exe
2013-07-24 17:17 - 2011-12-12 16:11 - 02072194 _____ C:\Windows\WindowsUpdate.log
2013-07-24 15:09 - 2011-11-23 21:41 - 00001112 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1566220321-2446519374-2048356015-1001Core.job
2013-07-24 01:18 - 2009-12-30 18:13 - 2666201056 _____ C:\Windows\system32\Drivers\fidbox.dat
2013-07-24 00:16 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-07-23 22:16 - 2013-07-20 22:11 - 00000362 _____ C:\Windows\Tasks\ReclaimerUpdateXML_Olaf.job
2013-07-23 21:19 - 2013-07-23 21:19 - 00891062 _____ C:\Users\Olaf\Desktop\SecurityCheck.exe
2013-07-23 20:32 - 2013-07-23 20:32 - 00000000 ____D C:\Program Files\ESET
2013-07-23 20:31 - 2013-07-23 20:31 - 02347384 _____ (ESET) C:\Users\Olaf\Downloads\esetsmartinstaller_enu.exe
2013-07-23 18:43 - 2013-07-23 18:43 - 00000000 ____D C:\2e25bc9a05b08dace7427c46ed41c1
2013-07-23 18:36 - 2013-07-23 18:36 - 00377856 _____ C:\Users\Olaf\Desktop\gmer_2.1.19163.exe
2013-07-23 18:34 - 2013-07-23 18:34 - 00602112 _____ (OldTimer Tools) C:\Users\Olaf\Desktop\OTL.exe
2013-07-23 18:09 - 2013-07-23 18:09 - 00155632 _____ C:\Windows\Minidump\Mini072313-01.dmp
2013-07-23 18:09 - 2009-05-13 17:54 - 00000000 ____D C:\Windows\Minidump
2013-07-23 18:08 - 2013-04-13 13:15 - 403665842 _____ C:\Windows\MEMORY.DMP
2013-07-23 18:08 - 2013-04-10 15:28 - 00003668 _____ C:\Windows\PFRO.log
2013-07-23 17:52 - 2007-04-02 21:35 - 00000000 ____D C:\Users\Olaf\AppData\Local\Google
2013-07-23 17:52 - 2007-01-20 20:04 - 00000000 ____D C:\Program Files\Google
2013-07-23 17:42 - 2006-11-02 13:18 - 00000000 __RHD C:\Users\Public\Desktop
2013-07-23 17:38 - 2008-07-29 10:55 - 00000000 ____D C:\Users\Gast\Desktop
2013-07-23 17:38 - 2007-05-12 17:08 - 00000000 ____D C:\Program Files\InterActual
2013-07-23 17:38 - 2007-01-20 19:54 - 00000000 ___RD C:\Users\IUSR_NMPR\Desktop
2013-07-23 17:37 - 2011-05-03 15:47 - 00000000 ____D C:\Program Files\Medion GoPal Assistant
2013-07-23 17:22 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache
2013-07-23 16:25 - 2013-07-23 16:25 - 00000000 ____D C:\Windows\ERUNT
2013-07-23 16:21 - 2013-07-23 16:21 - 00560934 _____ (Oleg N. Scherbakov) C:\Users\Olaf\Desktop\JRT.exe
2013-07-23 15:38 - 2013-07-23 15:32 - 00030353 _____ C:\AdwCleaner[S1].txt
2013-07-23 15:38 - 2013-07-23 15:32 - 00000105 _____ C:\Windows\DeleteOnReboot.bat
2013-07-23 15:33 - 2013-01-27 13:53 - 00000000 ____D C:\ProgramData\GinyasBrowserCompanion
2013-07-23 15:28 - 2013-07-23 15:27 - 00031376 _____ C:\AdwCleaner[R1].txt
2013-07-23 15:23 - 2006-11-02 15:01 - 00032636 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-07-23 15:14 - 2013-07-23 15:14 - 00666633 _____ C:\Users\Olaf\Desktop\adwcleaner.exe
2013-07-23 15:09 - 2013-07-23 15:09 - 00000000 ____D C:\Program Files\Super_Lyrics
2013-07-23 00:21 - 2007-01-20 19:51 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-07-22 23:56 - 2013-07-22 22:02 - 00000000 ___SD C:\32788R22FWJFW
2013-07-22 23:36 - 2013-07-22 23:36 - 00000853 _____ C:\Users\Olaf\Desktop\ComboFix(1) - Verknüpfung.lnk
2013-07-22 23:28 - 2013-07-22 23:27 - 05091940 _____ (Swearware) C:\Users\Olaf\Downloads\ComboFix.exe
2013-07-22 23:18 - 2006-11-02 14:47 - 00443208 _____ C:\Windows\system32\FNTCACHE.DAT
2013-07-22 23:14 - 2009-12-30 18:13 - 28240388 ___SH C:\Windows\system32\Drivers\fidbox.idx
2013-07-22 23:14 - 2006-11-02 14:37 - 00000000 ____D C:\Windows\system32\XPSViewer
2013-07-22 23:14 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\de-DE
2013-07-22 22:09 - 2013-07-22 22:07 - 00000000 ____D C:\Qoobox
2013-07-22 22:03 - 2013-07-22 22:03 - 00000000 ____D C:\Windows\erdnt
2013-07-22 21:16 - 2013-07-20 22:11 - 00000366 _____ C:\Windows\Tasks\ReclaimerUpdateFiles_Olaf.job
2013-07-22 21:06 - 2013-07-22 21:06 - 00050477 _____ C:\Users\Olaf\Downloads\Defogger.exe
2013-07-22 20:50 - 2012-11-06 23:48 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-22 20:45 - 2006-11-02 14:37 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-22 20:34 - 2013-07-22 20:34 - 00000000 ____D C:\FRST
2013-07-22 20:26 - 2013-07-23 18:18 - 01219874 _____ (Farbar) C:\Users\Olaf\Desktop\FRST.exe
2013-07-20 23:25 - 2013-04-13 03:02 - 00000796 _____ C:\Windows\setupact.log
2013-07-20 23:19 - 2013-07-20 23:19 - 00156160 _____ C:\Windows\Minidump\Mini072013-02.dmp
2013-07-20 22:49 - 2013-07-20 22:49 - 00001991 _____ C:\Users\Olaf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qtrax Player.lnk
2013-07-20 22:34 - 2012-05-09 17:31 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-07-20 19:32 - 2013-07-20 19:31 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-07-20 18:56 - 2012-04-25 14:17 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-07-20 18:56 - 2011-08-28 08:50 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-07-20 18:51 - 2013-07-20 18:51 - 00160000 _____ C:\Windows\Minidump\Mini072013-01.dmp
2013-07-20 18:32 - 2013-07-20 18:32 - 02195988 _____ C:\Users\Olaf\Desktop\tdsskiller-2-8-14-0.zip
2013-07-20 18:32 - 2013-07-20 18:32 - 00000000 ____D C:\Users\Olaf\AppData\Roaming\PiccShare
2013-07-20 18:32 - 2013-07-20 18:32 - 00000000 ____D C:\Users\Olaf\AppData\Roaming\Common
2013-07-20 18:31 - 2006-11-02 13:18 - 00000000 ___RD C:\Users\Public
2013-07-20 18:30 - 2013-07-20 18:29 - 00393064 _____ (Softonic                                        ) C:\Users\Olaf\Downloads\SoftonicDownloader_fuer_kaspersky-tdsskiller.exe
2013-06-24 00:16 - 2006-11-02 12:24 - 75699896 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-24 17:57

==================== End Of Log ============================
--- --- ---

--- --- ---


--- --- ---
was ist mit dieser Datei?
Code:
C:\Windows\Minidump\Mini072313-01.dmp
Browser beendet und er hängt....würg.
Schreibe gerade vom Teblet .
Du bist mich also noch nicht los...lach, ich hab mich auch schon richtig an dich gewöhnt :-)

schrauber 24.07.2013 21:33
Welcher Browser? Versuch mal einen andern, gleiches Problem? :)

Rosanja 28.07.2013 20:21
Hallo Schrauber, bin wieder da. Firefox und Internetexplorer lassen sich beide nicht schließen, dann ist wieder stillstand. Ich habe auch versucht Picasa zu starten, leider auch ohne Erfolg (stillstand). Die Meldung tcbhn kommt auf jeden Fall nicht mehr. Aber warum friert der PC immer ein?????????? Wenn ich arbeite geht er aber wenn ich mehr als 15 Min nicht dran bin, steht das Bild wieder! Hast du eine Idee womit es zusammen hängt? Bis bald Gruß Tanja

schrauber 29.07.2013 08:20
Downloade dir bitte Windows Repair (All In One) von hier.

Rosanja 05.08.2013 22:06
Ich habe das Programm zweimal durchlaufen lassen! Beim automatischem runterfahren hat er sich wieder aufgehängt und eigenständig wieder hochgefahren nach Bestätigung "Windows normal starten".

Hier ein neues FRST:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 21-07-2013 (ATTENTION: FRST version is 15 days old)
Ran by Olaf (administrator) on 05-08-2013 21:50:20
Running from C:\Users\Olaf\Desktop
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe
(InterVideo Inc.) C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
() C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
(Microsoft Corporation) C:\Windows\ehome\ehRecvr.exe
(Microsoft Corporation) C:\Windows\ehome\ehsched.exe
(MAGIX AG) C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
(Hewlett-Packard Company) c:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS32.exe
() C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\TeamViewer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\tv_w32.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Hewlett-Packard Company) C:\hp\support\hpsysdrv.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
() C:\Program Files\Steganos Safe Home\SteganosHotKeyService.exe
(Kaspersky Lab) C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
() C:\Program Files\radio ffn Rekorder\phonostarTimer.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Company) C:\hp\kbd\kbd.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Microsoft Corporation) C:\Windows\system32\sdclt.exe
(Microsoft Corporation) C:\Windows\ehome\mcupdate.EXE

==================== Registry (Whitelisted) ==================

Winlogon\Notify\klogon: C:\Windows\system32\klogon.dll (Kaspersky Lab)
MountPoints2: {f75312be-89cf-11de-a996-001a92486b3f} - J:\Menu.exe
HKU\IUSR_NMPR\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [ 2008-01-18] (Microsoft Corporation)
HKU\IUSR_NMPR\...\Run: [ICQ] - "C:\Program Files\ICQ6\ICQ.exe" silent [x]
HKU\IUSR_NMPR\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [x]
HKU\IUSR_NMPR\...\RunOnce: [ICQ Lite] - C:\Program Files\ICQLite\ICQLite.exe -trayboot [x]
HKU\IUSR_NMPR\...\RunOnce: [DATA BECKER Registrierung] - "C:\Program Files\Internet Explorer\Iexplore.exe" C:\Program Files\DATA BECKER\Visitenkarten-Druckerei 10\Support\Online\index.htm [x]

==================== Internet (Whitelisted) ====================

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_DE&c=71&bd=Pavilion&pf=desktop
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_DE&c=71&bd=Pavilion&pf=desktop
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {99BF4F38-A3A2-412A-996F-AAD9A3406746} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06
SearchScopes: HKCU - {639C8579-AFEB-4039-886E-D4B7612A0244} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=U3&apn_dtid=YYYYYYYYDE&apn_uid=E918B100-3F16-4AFE-9A56-655241D70738&apn_sauid=FA585939-A01E-4CF2-B412-32F822B64359
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: Super Lyrics - {30B87EBD-E91B-498B-B25D-DF116AF00393} - C:\Program Files\Super_Lyrics\125.dll (Super Add-on Software)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Super Lyrics - {B9020890-9E08-446B-87B0-0C5CD0436D86} - C:\Program Files\Super_Lyrics\116.dll No File
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU -&Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\Windows\system32\ieframe.dll (Microsoft Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msdaipp - No CLSID Value -
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default
FF SelectedSearchEngine: Google.de
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/JavaPlugin,version=10.11.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @real.com/nppl3260;version=16.0.0.282 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/npracplug;version=1.0.0.0 - C:\Program Files\Real\RealArcade\Plugins\Mozilla\npracplug.dll (RealNetworks)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.0.282 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @phonostar.de/radio ffn Rekorder - C:\Program Files\radio ffn Rekorder\npphonostarDetectNP.dll ( )
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Olaf\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF SearchPlugin: C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\searchplugins\googlede-pws.xml
FF SearchPlugin: C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\searchplugins\googlede.xml
FF Extension: No Name - C:\Users\Olaf\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: No Name - C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\Extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com
FF Extension: No Name - C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\Extensions\plugin@starstable.com
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF Extension: ciuvo-extension - C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\Extensions\ciuvo-extension@icq.de.xpi
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [{34712C68-7391-4c47-94F3-8F88D49AD632}] C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKCU\...\Firefox\Extensions: [{F7EC2BAD-F77B-4020-B3C6-58B97D0859E5}] C:\Program Files\Super_Lyrics\125.xpi
FF Extension: No Name - C:\Program Files\Super_Lyrics\125.xpi

Chrome:
=======
CHR Extension: () - C:\Users\Olaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\1.0.5_0\back.html
CHR HKLM\...\Chrome\Extension: [bgnjcnjlaajofpendibcoodneacalfho] - C:\Program Files\Super_Lyrics\125.crx
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx

========================== Services (Whitelisted) =================

S3 AlertService; C:\Program Files\Intel\IntelDH\CCU\AlertService.exe [188416 2006-09-11] (Intel(R) Corporation)
R2 AVP; C:\Program Files\Kaspersky Lab\Kaspersky Security Suite CBE\avp.exe [221184 2008-05-01] (Kaspersky Lab)
R2 Capture Device Service; C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe [198168 2007-03-06] (InterVideo Inc.)
R2 DQLWinService; C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [208896 2006-09-03] ()
R2 Fabs; C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe [1253376 2009-08-27] (MAGIX AG)
S3 FirebirdServerMAGIXInstance; C:\MAGIX\Common\Database\bin\fbserver.exe [1527900 2005-08-10] (The Firebird Project)
S2 IntelDHSvcConf; C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe [29696 2006-05-10] (Intel(R) Corporation)
S3 ISSM; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe [75264 2006-09-11] (Intel(R) Corporation)
S3 M1 Server; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe [26624 2006-09-01] ()
S3 MCLServiceATL; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe [167936 2006-09-11] (Intel(R) Corporation)
R2 OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [90112 2009-04-30] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] ()
S3 Remote UI Service; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe [544256 2006-09-11] (Intel(R) Corporation)
S3 stllssvr; "c:\Program Files\Common Files\SureThing Shared\stllssvr.exe" [x]

==================== Drivers (Whitelisted) ====================

R2 ACEDRV07; C:\Windows\system32\drivers\ACEDRV07.sys [101376 2007-09-27] (Protect Software GmbH)
R3 Afc; C:\Windows\System32\drivers\Afc.sys [11776 2005-02-23] (Arcsoft, Inc.)
R1 kl1; C:\Windows\System32\DRIVERS\kl1.sys [110096 2007-10-31] (Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [147984 2007-12-13] (Kaspersky Lab)
R3 pfc; C:\Windows\System32\drivers\pfc.sys [21248 2003-09-20] (Padus, Inc.)
S3 s0017bus; C:\Windows\System32\DRIVERS\s0017bus.sys [90536 2008-05-27] (MCCI Corporation)
S3 s0017mdfl; C:\Windows\System32\DRIVERS\s0017mdfl.sys [15016 2008-05-27] (MCCI Corporation)
S3 s0017mdm; C:\Windows\System32\DRIVERS\s0017mdm.sys [122152 2008-05-27] (MCCI Corporation)
S3 s0017mgmt; C:\Windows\System32\DRIVERS\s0017mgmt.sys [115496 2008-05-27] (MCCI Corporation)
S3 s0017nd5; C:\Windows\System32\DRIVERS\s0017nd5.sys [25768 2008-05-27] (MCCI Corporation)
S3 s0017obex; C:\Windows\System32\DRIVERS\s0017obex.sys [111912 2008-05-27] (MCCI Corporation)
S3 s0017unic; C:\Windows\System32\DRIVERS\s0017unic.sys [117672 2008-05-27] (MCCI Corporation)
R1 SLEE_14_DRIVER; C:\Windows\system32\drivers\Sleen14.sys [72480 2006-11-08] (Softwareentwicklung Remus - ArchiCrypt )
S3 TSHWMDTCP; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys [4608 2006-07-13] ()
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 massfilter; system32\drivers\massfilter.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 ZD1211BU(ZyDAS); system32\DRIVERS\zd1211Bu.sys [x]
S3 ZDPSp60; System32\Drivers\ZDPSp60.sys [x]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [x]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [x]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-05 21:31 - 2013-08-05 21:31 - 00155712 _____ C:\Windows\Minidump\Mini080513-01.dmp
2013-07-31 17:59 - 2013-07-31 17:59 - 00000207 _____ C:\Windows\tweaking.com-regbackup-OLAF-PC-Microsoft®-Windows-Vista™-Home-Premium-(32-Bit).dat
2013-07-31 17:57 - 2013-07-31 17:57 - 00000000 ____D C:\RegBackup
2013-07-30 15:50 - 2013-08-05 21:27 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE
2013-07-30 15:49 - 2011-10-24 13:35 - 00000000 ____D C:\Users\Olaf\Downloads\Tweaking.com - Windows Repair
2013-07-30 15:47 - 2013-07-30 15:47 - 00000000 ____D C:\Users\Olaf\Desktop\tweaking.com_windows_repair_aio
2013-07-30 15:45 - 2013-07-30 15:45 - 00000000 ____D C:\Users\Olaf\Downloads\tweaking.com_windows_repair_aio
2013-07-30 15:40 - 2013-07-30 15:40 - 03517580 _____ C:\Users\Olaf\Downloads\tweaking.com_windows_repair_aio.zip
2013-07-30 15:34 - 2013-07-30 15:34 - 00139496 _____ C:\Windows\Minidump\Mini073013-01.dmp
2013-07-24 17:24 - 2013-07-24 17:24 - 00448512 _____ (OldTimer Tools) C:\Users\Olaf\Desktop\TFC.exe
2013-07-23 21:19 - 2013-07-23 21:19 - 00891062 _____ C:\Users\Olaf\Desktop\SecurityCheck.exe
2013-07-23 20:32 - 2013-07-23 20:32 - 00000000 ____D C:\Program Files\ESET
2013-07-23 20:31 - 2013-07-23 20:31 - 02347384 _____ (ESET) C:\Users\Olaf\Downloads\esetsmartinstaller_enu.exe
2013-07-23 18:43 - 2013-07-23 18:43 - 00000000 ____D C:\2e25bc9a05b08dace7427c46ed41c1
2013-07-23 18:36 - 2013-07-23 18:36 - 00377856 _____ C:\Users\Olaf\Desktop\gmer_2.1.19163.exe
2013-07-23 18:34 - 2013-07-23 18:34 - 00602112 _____ (OldTimer Tools) C:\Users\Olaf\Desktop\OTL.exe
2013-07-23 18:18 - 2013-07-22 20:26 - 01219874 _____ (Farbar) C:\Users\Olaf\Desktop\FRST.exe
2013-07-23 18:09 - 2013-07-23 18:09 - 00155632 _____ C:\Windows\Minidump\Mini072313-01.dmp
2013-07-23 16:25 - 2013-07-23 16:25 - 00000000 ____D C:\Windows\ERUNT
2013-07-23 16:21 - 2013-07-23 16:21 - 00560934 _____ (Oleg N. Scherbakov) C:\Users\Olaf\Desktop\JRT.exe
2013-07-23 15:32 - 2013-07-23 15:38 - 00030353 _____ C:\AdwCleaner[S1].txt
2013-07-23 15:32 - 2013-07-23 15:38 - 00000105 _____ C:\Windows\DeleteOnReboot.bat
2013-07-23 15:27 - 2013-07-23 15:28 - 00031376 _____ C:\AdwCleaner[R1].txt
2013-07-23 15:14 - 2013-07-23 15:14 - 00666633 _____ C:\Users\Olaf\Desktop\adwcleaner.exe
2013-07-23 15:09 - 2013-07-23 15:09 - 00000000 ____D C:\Program Files\Super_Lyrics
2013-07-22 23:36 - 2013-07-22 23:36 - 00000853 _____ C:\Users\Olaf\Desktop\ComboFix(1) - Verknüpfung.lnk
2013-07-22 23:27 - 2013-07-22 23:28 - 05091940 _____ (Swearware) C:\Users\Olaf\Downloads\ComboFix.exe
2013-07-22 22:10 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-07-22 22:10 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-07-22 22:10 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-07-22 22:10 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-07-22 22:10 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-07-22 22:10 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-07-22 22:10 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-07-22 22:10 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-07-22 22:07 - 2013-07-22 22:09 - 00000000 ____D C:\Qoobox
2013-07-22 22:03 - 2013-07-22 22:03 - 00000000 ____D C:\Windows\erdnt
2013-07-22 22:02 - 2013-07-22 23:56 - 00000000 ___SD C:\32788R22FWJFW
2013-07-22 21:07 - 2013-05-29 03:56 - 12333568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-22 21:07 - 2013-05-29 03:50 - 01800704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-22 21:07 - 2013-05-29 03:48 - 09738752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-22 21:07 - 2013-05-29 03:41 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-07-22 21:07 - 2013-05-29 03:41 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-22 21:07 - 2013-05-29 03:41 - 01104384 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-22 21:07 - 2013-05-29 03:40 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-07-22 21:07 - 2013-05-29 03:38 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-22 21:07 - 2013-05-29 03:37 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-07-22 21:07 - 2013-05-29 03:36 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-07-22 21:07 - 2013-05-29 03:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-22 21:07 - 2013-05-29 03:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-22 21:07 - 2013-05-29 03:33 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-22 21:07 - 2013-05-29 03:33 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-22 21:07 - 2013-05-29 03:33 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-07-22 21:07 - 2013-05-29 03:29 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-22 21:06 - 2013-07-22 21:06 - 00050477 _____ C:\Users\Olaf\Downloads\Defogger.exe
2013-07-22 20:34 - 2013-07-22 20:34 - 00000000 ____D C:\FRST
2013-07-20 23:19 - 2013-07-20 23:19 - 00156160 _____ C:\Windows\Minidump\Mini072013-02.dmp
2013-07-20 23:16 - 2013-08-05 21:33 - 00000374 _____ C:\Windows\Tasks\Super Lyrics Update.job
2013-07-20 22:49 - 2013-07-20 22:49 - 00001991 _____ C:\Users\Olaf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qtrax Player.lnk
2013-07-20 19:31 - 2013-07-20 19:32 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-07-20 19:22 - 2013-04-17 14:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2013-07-20 19:20 - 2013-06-04 03:50 - 02049024 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-20 19:20 - 2013-05-08 06:37 - 00905576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-07-20 19:19 - 2013-06-01 06:06 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-20 19:19 - 2013-05-03 00:03 - 03603832 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2013-07-20 19:19 - 2013-05-03 00:03 - 03551096 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-07-20 19:19 - 2013-05-02 06:04 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2013-07-20 19:19 - 2013-05-02 06:03 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\printcom.dll
2013-07-20 19:19 - 2013-04-24 06:00 - 00985600 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-07-20 19:19 - 2013-04-24 06:00 - 00133120 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-07-20 19:19 - 2013-04-24 06:00 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-07-20 19:19 - 2013-04-24 06:00 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2013-07-20 19:19 - 2013-04-24 03:46 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2013-07-20 19:19 - 2013-04-17 13:28 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-07-20 19:19 - 2013-04-17 13:28 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-07-20 19:19 - 2013-04-17 13:28 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-07-20 19:19 - 2013-04-17 13:28 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-07-20 19:19 - 2013-04-17 12:34 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-07-20 19:19 - 2013-04-17 12:33 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-07-20 19:19 - 2013-04-17 12:14 - 00683008 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-07-20 19:19 - 2013-04-17 12:10 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-20 19:19 - 2013-04-17 12:10 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-07-20 19:18 - 2013-05-08 06:04 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-20 18:51 - 2013-07-20 18:51 - 00160000 _____ C:\Windows\Minidump\Mini072013-01.dmp
2013-07-20 18:37 - 2013-08-05 21:47 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-20 18:37 - 2013-08-05 21:31 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-20 18:32 - 2013-07-20 18:32 - 02195988 _____ C:\Users\Olaf\Desktop\tdsskiller-2-8-14-0.zip
2013-07-20 18:32 - 2013-07-20 18:32 - 00000000 ____D C:\Users\Olaf\AppData\Roaming\PiccShare
2013-07-20 18:32 - 2013-07-20 18:32 - 00000000 ____D C:\Users\Olaf\AppData\Roaming\Common
2013-07-20 18:29 - 2013-07-20 18:30 - 00393064 _____ (Softonic                                        ) C:\Users\Olaf\Downloads\SoftonicDownloader_fuer_kaspersky-tdsskiller.exe

==================== One Month Modified Files and Folders =======

2013-08-05 21:53 - 2012-04-25 14:17 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-05 21:50 - 2007-04-02 16:15 - 00000000 ___RD C:\Users\Olaf\Desktop
2013-08-05 21:47 - 2013-07-20 18:37 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-05 21:39 - 2006-11-02 12:33 - 01586480 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-05 21:36 - 2007-06-27 14:40 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-08-05 21:35 - 2007-04-02 16:27 - 00146568 _____ C:\Users\Olaf\AppData\Local\GDIPFONTCACHEV1.DAT
2013-08-05 21:33 - 2013-07-20 23:16 - 00000374 _____ C:\Windows\Tasks\Super Lyrics Update.job
2013-08-05 21:32 - 2006-11-02 14:47 - 00443208 _____ C:\Windows\system32\FNTCACHE.DAT
2013-08-05 21:32 - 2006-11-02 14:47 - 00003696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-05 21:32 - 2006-11-02 14:47 - 00003696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-05 21:31 - 2013-08-05 21:31 - 00155712 _____ C:\Windows\Minidump\Mini080513-01.dmp
2013-08-05 21:31 - 2013-07-20 18:37 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-05 21:31 - 2013-04-13 13:15 - 295539634 _____ C:\Windows\MEMORY.DMP
2013-08-05 21:31 - 2013-04-10 15:28 - 00004364 _____ C:\Windows\PFRO.log
2013-08-05 21:31 - 2009-05-13 17:54 - 00000000 ____D C:\Windows\Minidump
2013-08-05 21:31 - 2008-01-08 16:06 - 00000000 ____D C:\ProgramData\NVIDIA
2013-08-05 21:31 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-05 21:31 - 2006-11-02 14:37 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-08-05 21:27 - 2013-07-30 15:50 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE
2013-08-05 21:25 - 2011-12-12 16:11 - 01501267 _____ C:\Windows\WindowsUpdate.log
2013-08-05 21:09 - 2011-11-23 21:41 - 00001134 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1566220321-2446519374-2048356015-1001UA.job
2013-08-03 15:09 - 2011-11-23 21:41 - 00001112 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1566220321-2446519374-2048356015-1001Core.job
2013-08-03 14:48 - 2007-07-10 16:43 - 03716436 _____ C:\Users\Mariessa\01 Heul Doch.wma
2013-07-31 17:59 - 2013-07-31 17:59 - 00000207 _____ C:\Windows\tweaking.com-regbackup-OLAF-PC-Microsoft®-Windows-Vista™-Home-Premium-(32-Bit).dat
2013-07-31 17:57 - 2013-07-31 17:57 - 00000000 ____D C:\RegBackup
2013-07-30 15:47 - 2013-07-30 15:47 - 00000000 ____D C:\Users\Olaf\Desktop\tweaking.com_windows_repair_aio
2013-07-30 15:45 - 2013-07-30 15:45 - 00000000 ____D C:\Users\Olaf\Downloads\tweaking.com_windows_repair_aio
2013-07-30 15:40 - 2013-07-30 15:40 - 03517580 _____ C:\Users\Olaf\Downloads\tweaking.com_windows_repair_aio.zip
2013-07-30 15:34 - 2013-07-30 15:34 - 00139496 _____ C:\Windows\Minidump\Mini073013-01.dmp
2013-07-24 17:24 - 2013-07-24 17:24 - 00448512 _____ (OldTimer Tools) C:\Users\Olaf\Desktop\TFC.exe
2013-07-24 01:18 - 2009-12-30 18:13 - 2666201056 _____ C:\Windows\system32\Drivers\fidbox.dat
2013-07-24 00:16 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-07-23 21:19 - 2013-07-23 21:19 - 00891062 _____ C:\Users\Olaf\Desktop\SecurityCheck.exe
2013-07-23 20:32 - 2013-07-23 20:32 - 00000000 ____D C:\Program Files\ESET
2013-07-23 20:31 - 2013-07-23 20:31 - 02347384 _____ (ESET) C:\Users\Olaf\Downloads\esetsmartinstaller_enu.exe
2013-07-23 18:43 - 2013-07-23 18:43 - 00000000 ____D C:\2e25bc9a05b08dace7427c46ed41c1
2013-07-23 18:36 - 2013-07-23 18:36 - 00377856 _____ C:\Users\Olaf\Desktop\gmer_2.1.19163.exe
2013-07-23 18:34 - 2013-07-23 18:34 - 00602112 _____ (OldTimer Tools) C:\Users\Olaf\Desktop\OTL.exe
2013-07-23 18:09 - 2013-07-23 18:09 - 00155632 _____ C:\Windows\Minidump\Mini072313-01.dmp
2013-07-23 17:52 - 2007-04-02 21:35 - 00000000 ____D C:\Users\Olaf\AppData\Local\Google
2013-07-23 17:52 - 2007-01-20 20:04 - 00000000 ____D C:\Program Files\Google
2013-07-23 17:42 - 2006-11-02 13:18 - 00000000 __RHD C:\Users\Public\Desktop
2013-07-23 17:38 - 2008-07-29 10:55 - 00000000 ____D C:\Users\Gast\Desktop
2013-07-23 17:38 - 2007-05-12 17:08 - 00000000 ____D C:\Program Files\InterActual
2013-07-23 17:38 - 2007-01-20 19:54 - 00000000 ___RD C:\Users\IUSR_NMPR\Desktop
2013-07-23 17:37 - 2011-05-03 15:47 - 00000000 ____D C:\Program Files\Medion GoPal Assistant
2013-07-23 17:22 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache
2013-07-23 16:25 - 2013-07-23 16:25 - 00000000 ____D C:\Windows\ERUNT
2013-07-23 16:21 - 2013-07-23 16:21 - 00560934 _____ (Oleg N. Scherbakov) C:\Users\Olaf\Desktop\JRT.exe
2013-07-23 15:38 - 2013-07-23 15:32 - 00030353 _____ C:\AdwCleaner[S1].txt
2013-07-23 15:38 - 2013-07-23 15:32 - 00000105 _____ C:\Windows\DeleteOnReboot.bat
2013-07-23 15:33 - 2013-01-27 13:53 - 00000000 ____D C:\ProgramData\GinyasBrowserCompanion
2013-07-23 15:28 - 2013-07-23 15:27 - 00031376 _____ C:\AdwCleaner[R1].txt
2013-07-23 15:23 - 2006-11-02 15:01 - 00032636 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-07-23 15:14 - 2013-07-23 15:14 - 00666633 _____ C:\Users\Olaf\Desktop\adwcleaner.exe
2013-07-23 15:09 - 2013-07-23 15:09 - 00000000 ____D C:\Program Files\Super_Lyrics
2013-07-23 00:21 - 2007-01-20 19:51 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-07-22 23:56 - 2013-07-22 22:02 - 00000000 ___SD C:\32788R22FWJFW
2013-07-22 23:36 - 2013-07-22 23:36 - 00000853 _____ C:\Users\Olaf\Desktop\ComboFix(1) - Verknüpfung.lnk
2013-07-22 23:28 - 2013-07-22 23:27 - 05091940 _____ (Swearware) C:\Users\Olaf\Downloads\ComboFix.exe
2013-07-22 23:14 - 2009-12-30 18:13 - 28240388 ___SH C:\Windows\system32\Drivers\fidbox.idx
2013-07-22 23:14 - 2006-11-02 14:37 - 00000000 ____D C:\Windows\system32\XPSViewer
2013-07-22 23:14 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\de-DE
2013-07-22 22:09 - 2013-07-22 22:07 - 00000000 ____D C:\Qoobox
2013-07-22 22:03 - 2013-07-22 22:03 - 00000000 ____D C:\Windows\erdnt
2013-07-22 21:06 - 2013-07-22 21:06 - 00050477 _____ C:\Users\Olaf\Downloads\Defogger.exe
2013-07-22 20:50 - 2012-11-06 23:48 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-22 20:45 - 2006-11-02 14:37 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-22 20:34 - 2013-07-22 20:34 - 00000000 ____D C:\FRST
2013-07-22 20:26 - 2013-07-23 18:18 - 01219874 _____ (Farbar) C:\Users\Olaf\Desktop\FRST.exe
2013-07-20 23:25 - 2013-04-13 03:02 - 00000796 _____ C:\Windows\setupact.log
2013-07-20 23:19 - 2013-07-20 23:19 - 00156160 _____ C:\Windows\Minidump\Mini072013-02.dmp
2013-07-20 22:49 - 2013-07-20 22:49 - 00001991 _____ C:\Users\Olaf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qtrax Player.lnk
2013-07-20 22:34 - 2012-05-09 17:31 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-07-20 19:32 - 2013-07-20 19:31 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-07-20 18:56 - 2012-04-25 14:17 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-07-20 18:56 - 2011-08-28 08:50 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-07-20 18:51 - 2013-07-20 18:51 - 00160000 _____ C:\Windows\Minidump\Mini072013-01.dmp
2013-07-20 18:32 - 2013-07-20 18:32 - 02195988 _____ C:\Users\Olaf\Desktop\tdsskiller-2-8-14-0.zip
2013-07-20 18:32 - 2013-07-20 18:32 - 00000000 ____D C:\Users\Olaf\AppData\Roaming\PiccShare
2013-07-20 18:32 - 2013-07-20 18:32 - 00000000 ____D C:\Users\Olaf\AppData\Roaming\Common
2013-07-20 18:31 - 2006-11-02 13:18 - 00000000 ___RD C:\Users\Public
2013-07-20 18:30 - 2013-07-20 18:29 - 00393064 _____ (Softonic                                        ) C:\Users\Olaf\Downloads\SoftonicDownloader_fuer_kaspersky-tdsskiller.exe

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-08-05 21:49

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---


PC hat sich gerade wieder verabschiedet, die Fehlermeldung lautet:
Code:
Problemsignatur:
  Problemereignisname:        BlueScreen
  Betriebsystemversion:        6.0.6002.2.2.0.768.3
  Gebietsschema-ID:        1031

Zusatzinformationen zum Problem:
  BCCode:        124
  BCP1:        00000000
  BCP2:        900FC3F0
  BCP3:        F2000040
  BCP4:        00000800
  OS Version:        6_0_6002
  Service Pack:        2_0
  Product:        768_1

Dateien, die bei der Beschreibung des Problems hilfreich sind:
  C:\Windows\Minidump\Mini080513-01.dmp
  C:\Users\Olaf\AppData\Local\Temp\WER-177014-0.sysdata.xml
  C:\Users\Olaf\AppData\Local\Temp\WERCA.tmp.version.txt

Lesen Sie unsere Datenschutzrichtlinie:
  hxxp://go.microsoft.com/fwlink/?linkid=50163&clcid=0x0407
Welche Sicherheitssoftware soll ich installieren? Kaspersky ist veraltet und ich bekomme keinen neuen Schlüssel!

schrauber 06.08.2013 16:21
Das AV Programm. Die sorgen oft für Stress. Wenn Du das bezahlt hast bekommste auch nen Schlüssel, neu kaufen brauchst nit, gibt dutzend Freeware-Alternativen.

Rosanja 06.08.2013 20:26
Welches Av kannst du empfehlen ?

schrauber 07.08.2013 10:26
Emsisoft oder Avast :)

Rosanja 10.08.2013 16:02
Emsisoft ist installiert und Googlecrome als neuer Browser!
Ich kann immer noch nicht runterfahren oder neustarten. Und Programme frieren immer noch ab und an ein. :-(

Was kann ich noch machen?

ein frisches FRST
FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 21-07-2013 (ATTENTION: FRST version is 20 days old)
Ran by Olaf (administrator) on 10-08-2013 17:05:12
Running from C:\Users\Olaf\Desktop
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Emsisoft GmbH) C:\Program Files\Emsisoft Anti-Malware\a2service.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(InterVideo Inc.) C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
() C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
(Microsoft Corporation) C:\Windows\ehome\ehRecvr.exe
(Microsoft Corporation) C:\Windows\ehome\ehsched.exe
(MAGIX AG) C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
(Hewlett-Packard Company) c:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS32.exe
() C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(Iminent) C:\Program Files\Common Files\Umbrella\umbrella.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\TeamViewer.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Hewlett-Packard Company) C:\hp\support\hpsysdrv.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
() C:\Program Files\Steganos Safe Home\SteganosHotKeyService.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\tv_w32.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
(Hewlett-Packard Company) C:\hp\kbd\kbd.exe
(Microsoft Corporation) C:\Windows\system32\msiexec.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\system32\sdclt.exe

==================== Registry (Whitelisted) ==================

MountPoints2: {f75312be-89cf-11de-a996-001a92486b3f} - J:\Menu.exe
HKU\IUSR_NMPR\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [ 2008-01-18] (Microsoft Corporation)
HKU\IUSR_NMPR\...\Run: [ICQ] - "C:\Program Files\ICQ6\ICQ.exe" silent [x]
HKU\IUSR_NMPR\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [x]
HKU\IUSR_NMPR\...\RunOnce: [ICQ Lite] - C:\Program Files\ICQLite\ICQLite.exe -trayboot [x]
HKU\IUSR_NMPR\...\RunOnce: [DATA BECKER Registrierung] - "C:\Program Files\Internet Explorer\Iexplore.exe" C:\Program Files\DATA BECKER\Visitenkarten-Druckerei 10\Support\Online\index.htm [x]

==================== Internet (Whitelisted) ====================

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_DE&c=71&bd=Pavilion&pf=desktop
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_DE&c=71&bd=Pavilion&pf=desktop
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {99BF4F38-A3A2-412A-996F-AAD9A3406746} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06
SearchScopes: HKCU - {639C8579-AFEB-4039-886E-D4B7612A0244} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=U3&apn_dtid=YYYYYYYYDE&apn_uid=E918B100-3F16-4AFE-9A56-655241D70738&apn_sauid=FA585939-A01E-4CF2-B412-32F822B64359
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: Super Lyrics - {30B87EBD-E91B-498B-B25D-DF116AF00393} - C:\Program Files\Super_Lyrics\125.dll (Super Add-on Software)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Super Lyrics - {B9020890-9E08-446B-87B0-0C5CD0436D86} - C:\Program Files\Super_Lyrics\116.dll No File
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU -&Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\Windows\system32\ieframe.dll (Microsoft Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msdaipp - No CLSID Value -
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default
FF user.js: detected! => C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\user.js
FF SelectedSearchEngine: Google.de
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/JavaPlugin,version=10.11.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @real.com/nppl3260;version=16.0.0.282 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/npracplug;version=1.0.0.0 - C:\Program Files\Real\RealArcade\Plugins\Mozilla\npracplug.dll (RealNetworks)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.0.282 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @phonostar.de/radio ffn Rekorder - C:\Program Files\radio ffn Rekorder\npphonostarDetectNP.dll ( )
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Olaf\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF SearchPlugin: C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\searchplugins\googlede-pws.xml
FF SearchPlugin: C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\searchplugins\googlede.xml
FF Extension: No Name - C:\Users\Olaf\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: No Name - C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\Extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com
FF Extension: No Name - C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\Extensions\plugin@starstable.com
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF Extension: ciuvo-extension - C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\Extensions\ciuvo-extension@icq.de.xpi
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [{34712C68-7391-4c47-94F3-8F88D49AD632}] C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKCU\...\Firefox\Extensions: [{F7EC2BAD-F77B-4020-B3C6-58B97D0859E5}] C:\Program Files\Super_Lyrics\125.xpi
FF Extension: No Name - C:\Program Files\Super_Lyrics\125.xpi

Chrome:
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\28.0.1500.95\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Shockwave for Director) - C:\Program Files\Mozilla Firefox\plugins\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (RealArcade Mozilla Plugin) - C:\Program Files\Mozilla Firefox\plugins\npracplug.dll (RealNetworks)
CHR Plugin: (RealPlayer Download Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprpplugin.dll (RealPlayer)
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Java(TM) Platform SE 7 U11) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (phonostar Detector) - C:\Program Files\radio ffn Rekorder\npphonostarDetectNP.dll ( )
CHR Plugin: (RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Plugin: (RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
CHR Plugin: (RealDownloader Plugin) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Olaf\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (Docs) - C:\Users\Olaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0
CHR Extension: (Google Drive) - C:\Users\Olaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0
CHR Extension: (Super Lyrics) - C:\Users\Olaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjcnjlaajofpendibcoodneacalfho\1.125_0
CHR Extension: (YouTube) - C:\Users\Olaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: (Google Search) - C:\Users\Olaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0
CHR Extension: (RealDownloader) - C:\Users\Olaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.0_0
CHR Extension: (Gmail) - C:\Users\Olaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM\...\Chrome\Extension: [bgnjcnjlaajofpendibcoodneacalfho] - C:\Program Files\Super_Lyrics\125.crx
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx

========================== Services (Whitelisted) =================

R2 a2AntiMalware; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [2938408 2013-07-02] (Emsisoft GmbH)
S3 AlertService; C:\Program Files\Intel\IntelDH\CCU\AlertService.exe [188416 2006-09-11] (Intel(R) Corporation)
R2 Capture Device Service; C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe [198168 2007-03-06] (InterVideo Inc.)
R2 DQLWinService; C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [208896 2006-09-03] ()
R2 Fabs; C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe [1253376 2009-08-27] (MAGIX AG)
S3 FirebirdServerMAGIXInstance; C:\MAGIX\Common\Database\bin\fbserver.exe [1527900 2005-08-10] (The Firebird Project)
S2 IntelDHSvcConf; C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe [29696 2006-05-10] (Intel(R) Corporation)
S3 ISSM; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe [75264 2006-09-11] (Intel(R) Corporation)
S3 M1 Server; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe [26624 2006-09-01] ()
S3 MCLServiceATL; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe [167936 2006-09-11] (Intel(R) Corporation)
R2 OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [90112 2009-04-30] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] ()
S3 Remote UI Service; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe [544256 2006-09-11] (Intel(R) Corporation)
R2 SProtection; C:\Program Files\Common Files\Umbrella\umbrella.exe [2864448 2013-08-05] (Iminent)
S3 stllssvr; "c:\Program Files\Common Files\SureThing Shared\stllssvr.exe" [x]

==================== Drivers (Whitelisted) ====================

S3 a2acc; C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2accx86.sys [54072 2012-04-30] (Emsisoft GmbH)
R1 A2DDA; C:\Program Files\Emsisoft Anti-Malware\a2ddax86.sys [22056 2013-03-28] (Emsisoft GmbH)
R2 ACEDRV07; C:\Windows\system32\drivers\ACEDRV07.sys [101376 2007-09-27] (Protect Software GmbH)
R3 Afc; C:\Windows\System32\drivers\Afc.sys [11776 2005-02-23] (Arcsoft, Inc.)
S3 cleanhlp; C:\Program Files\Emsisoft Anti-Malware\cleanhlp32.sys [50208 2013-07-02] (Emsisoft GmbH)
R3 pfc; C:\Windows\System32\drivers\pfc.sys [21248 2003-09-20] (Padus, Inc.)
S3 s0017bus; C:\Windows\System32\DRIVERS\s0017bus.sys [90536 2008-05-27] (MCCI Corporation)
S3 s0017mdfl; C:\Windows\System32\DRIVERS\s0017mdfl.sys [15016 2008-05-27] (MCCI Corporation)
S3 s0017mdm; C:\Windows\System32\DRIVERS\s0017mdm.sys [122152 2008-05-27] (MCCI Corporation)
S3 s0017mgmt; C:\Windows\System32\DRIVERS\s0017mgmt.sys [115496 2008-05-27] (MCCI Corporation)
S3 s0017nd5; C:\Windows\System32\DRIVERS\s0017nd5.sys [25768 2008-05-27] (MCCI Corporation)
S3 s0017obex; C:\Windows\System32\DRIVERS\s0017obex.sys [111912 2008-05-27] (MCCI Corporation)
S3 s0017unic; C:\Windows\System32\DRIVERS\s0017unic.sys [117672 2008-05-27] (MCCI Corporation)
R1 SLEE_14_DRIVER; C:\Windows\system32\drivers\Sleen14.sys [72480 2006-11-08] (Softwareentwicklung Remus - ArchiCrypt )
S3 TSHWMDTCP; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys [4608 2006-07-13] ()
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 massfilter; system32\drivers\massfilter.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 ZD1211BU(ZyDAS); system32\DRIVERS\zd1211Bu.sys [x]
S3 ZDPSp60; System32\Drivers\ZDPSp60.sys [x]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [x]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [x]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-10 14:37 - 2013-08-10 14:37 - 00000850 _____ C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2013-08-10 14:35 - 2013-08-10 15:24 - 00000000 ____D C:\Program Files\Emsisoft Anti-Malware
2013-08-10 14:35 - 2013-08-10 14:35 - 00001933 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-08-10 14:35 - 2013-08-10 14:35 - 00000000 ____D C:\Users\Olaf\Downloads\Documents\Anti-Malware
2013-08-10 14:30 - 2013-08-10 14:34 - 187662064 _____ (Emsisoft GmbH                                              ) C:\Users\Olaf\Downloads\EmsisoftAntiMalwareSetup.exe
2013-08-05 22:38 - 2013-08-05 22:38 - 00000000 ____D C:\Users\Olaf\AppData\Roaming\Iminent
2013-08-05 22:38 - 2013-08-05 22:38 - 00000000 ____D C:\ProgramData\Iminent
2013-08-05 22:20 - 2013-08-05 22:20 - 00000611 _____ C:\Windows\system32\InstallUtil.InstallLog
2013-08-05 22:19 - 2013-08-10 10:21 - 00000000 ____D C:\Program Files\Common Files\Umbrella
2013-08-05 22:19 - 2013-08-05 22:20 - 00000000 ____D C:\Program Files\Iminent
2013-08-05 22:13 - 2013-08-05 22:13 - 00288672 _____ C:\Users\Olaf\Downloads\Adobe%20Reader.exe
2013-08-05 22:11 - 2013-08-05 22:11 - 03400936 _____ C:\Users\Olaf\Downloads\installer_pdf_reader_Deutsch.exe
2013-08-05 21:31 - 2013-08-05 21:31 - 00155712 _____ C:\Windows\Minidump\Mini080513-01.dmp
2013-07-31 17:59 - 2013-07-31 17:59 - 00000207 _____ C:\Windows\tweaking.com-regbackup-OLAF-PC-Microsoft®-Windows-Vista™-Home-Premium-(32-Bit).dat
2013-07-31 17:57 - 2013-07-31 17:57 - 00000000 ____D C:\RegBackup
2013-07-30 15:50 - 2013-08-05 21:27 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE
2013-07-30 15:49 - 2011-10-24 13:35 - 00000000 ____D C:\Users\Olaf\Downloads\Tweaking.com - Windows Repair
2013-07-30 15:47 - 2013-07-30 15:47 - 00000000 ____D C:\Users\Olaf\Desktop\tweaking.com_windows_repair_aio
2013-07-30 15:45 - 2013-07-30 15:45 - 00000000 ____D C:\Users\Olaf\Downloads\tweaking.com_windows_repair_aio
2013-07-30 15:40 - 2013-07-30 15:40 - 03517580 _____ C:\Users\Olaf\Downloads\tweaking.com_windows_repair_aio.zip
2013-07-30 15:34 - 2013-07-30 15:34 - 00139496 _____ C:\Windows\Minidump\Mini073013-01.dmp
2013-07-24 17:24 - 2013-07-24 17:24 - 00448512 _____ (OldTimer Tools) C:\Users\Olaf\Desktop\TFC.exe
2013-07-23 21:19 - 2013-07-23 21:19 - 00891062 _____ C:\Users\Olaf\Desktop\SecurityCheck.exe
2013-07-23 20:31 - 2013-07-23 20:31 - 02347384 _____ (ESET) C:\Users\Olaf\Downloads\esetsmartinstaller_enu.exe
2013-07-23 18:43 - 2013-07-23 18:43 - 00000000 ____D C:\2e25bc9a05b08dace7427c46ed41c1
2013-07-23 18:36 - 2013-07-23 18:36 - 00377856 _____ C:\Users\Olaf\Desktop\gmer_2.1.19163.exe
2013-07-23 18:34 - 2013-07-23 18:34 - 00602112 _____ (OldTimer Tools) C:\Users\Olaf\Desktop\OTL.exe
2013-07-23 18:18 - 2013-07-22 20:26 - 01219874 _____ (Farbar) C:\Users\Olaf\Desktop\FRST.exe
2013-07-23 18:09 - 2013-07-23 18:09 - 00155632 _____ C:\Windows\Minidump\Mini072313-01.dmp
2013-07-23 16:25 - 2013-07-23 16:25 - 00000000 ____D C:\Windows\ERUNT
2013-07-23 16:21 - 2013-07-23 16:21 - 00560934 _____ (Oleg N. Scherbakov) C:\Users\Olaf\Desktop\JRT.exe
2013-07-23 15:32 - 2013-07-23 15:38 - 00030353 _____ C:\AdwCleaner[S1].txt
2013-07-23 15:32 - 2013-07-23 15:38 - 00000105 _____ C:\Windows\DeleteOnReboot.bat
2013-07-23 15:27 - 2013-07-23 15:28 - 00031376 _____ C:\AdwCleaner[R1].txt
2013-07-23 15:14 - 2013-07-23 15:14 - 00666633 _____ C:\Users\Olaf\Desktop\adwcleaner.exe
2013-07-23 15:09 - 2013-07-23 15:09 - 00000000 ____D C:\Program Files\Super_Lyrics
2013-07-22 23:36 - 2013-07-22 23:36 - 00000853 _____ C:\Users\Olaf\Desktop\ComboFix(1) - Verknüpfung.lnk
2013-07-22 23:27 - 2013-07-22 23:28 - 05091940 _____ (Swearware) C:\Users\Olaf\Downloads\ComboFix.exe
2013-07-22 22:10 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-07-22 22:10 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-07-22 22:10 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-07-22 22:10 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-07-22 22:10 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-07-22 22:10 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-07-22 22:10 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-07-22 22:10 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-07-22 22:07 - 2013-07-22 22:09 - 00000000 ____D C:\Qoobox
2013-07-22 22:03 - 2013-07-22 22:03 - 00000000 ____D C:\Windows\erdnt
2013-07-22 22:02 - 2013-07-22 23:56 - 00000000 ___SD C:\32788R22FWJFW
2013-07-22 21:07 - 2013-05-29 03:56 - 12333568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-22 21:07 - 2013-05-29 03:50 - 01800704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-22 21:07 - 2013-05-29 03:48 - 09738752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-22 21:07 - 2013-05-29 03:41 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-07-22 21:07 - 2013-05-29 03:41 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-22 21:07 - 2013-05-29 03:41 - 01104384 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-22 21:07 - 2013-05-29 03:40 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-07-22 21:07 - 2013-05-29 03:38 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-22 21:07 - 2013-05-29 03:37 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-07-22 21:07 - 2013-05-29 03:36 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-07-22 21:07 - 2013-05-29 03:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-22 21:07 - 2013-05-29 03:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-22 21:07 - 2013-05-29 03:33 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-22 21:07 - 2013-05-29 03:33 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-22 21:07 - 2013-05-29 03:33 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-07-22 21:07 - 2013-05-29 03:29 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-22 21:06 - 2013-07-22 21:06 - 00050477 _____ C:\Users\Olaf\Downloads\Defogger.exe
2013-07-22 20:34 - 2013-07-22 20:34 - 00000000 ____D C:\FRST
2013-07-20 23:19 - 2013-07-20 23:19 - 00156160 _____ C:\Windows\Minidump\Mini072013-02.dmp
2013-07-20 23:16 - 2013-08-10 16:50 - 00000374 _____ C:\Windows\Tasks\Super Lyrics Update.job
2013-07-20 22:49 - 2013-07-20 22:49 - 00001991 _____ C:\Users\Olaf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qtrax Player.lnk
2013-07-20 19:31 - 2013-07-20 19:32 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-07-20 19:22 - 2013-04-17 14:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2013-07-20 19:20 - 2013-06-04 03:50 - 02049024 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-20 19:20 - 2013-05-08 06:37 - 00905576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-07-20 19:19 - 2013-06-01 06:06 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-20 19:19 - 2013-05-03 00:03 - 03603832 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2013-07-20 19:19 - 2013-05-03 00:03 - 03551096 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-07-20 19:19 - 2013-05-02 06:04 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2013-07-20 19:19 - 2013-05-02 06:03 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\printcom.dll
2013-07-20 19:19 - 2013-04-24 06:00 - 00985600 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-07-20 19:19 - 2013-04-24 06:00 - 00133120 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-07-20 19:19 - 2013-04-24 06:00 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-07-20 19:19 - 2013-04-24 06:00 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2013-07-20 19:19 - 2013-04-24 03:46 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2013-07-20 19:19 - 2013-04-17 13:28 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-07-20 19:19 - 2013-04-17 13:28 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-07-20 19:19 - 2013-04-17 13:28 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-07-20 19:19 - 2013-04-17 13:28 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-07-20 19:19 - 2013-04-17 12:34 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-07-20 19:19 - 2013-04-17 12:33 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-07-20 19:19 - 2013-04-17 12:14 - 00683008 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-07-20 19:19 - 2013-04-17 12:10 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-20 19:19 - 2013-04-17 12:10 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-07-20 19:18 - 2013-05-08 06:04 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-20 18:51 - 2013-07-20 18:51 - 00160000 _____ C:\Windows\Minidump\Mini072013-01.dmp
2013-07-20 18:37 - 2013-08-10 16:50 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-20 18:37 - 2013-08-10 15:47 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-20 18:32 - 2013-07-20 18:32 - 02195988 _____ C:\Users\Olaf\Desktop\tdsskiller-2-8-14-0.zip
2013-07-20 18:32 - 2013-07-20 18:32 - 00000000 ____D C:\Users\Olaf\AppData\Roaming\PiccShare
2013-07-20 18:32 - 2013-07-20 18:32 - 00000000 ____D C:\Users\Olaf\AppData\Roaming\Common
2013-07-20 18:29 - 2013-07-20 18:30 - 00393064 _____ (Softonic                                        ) C:\Users\Olaf\Downloads\SoftonicDownloader_fuer_kaspersky-tdsskiller.exe

==================== One Month Modified Files and Folders =======

2013-08-10 17:04 - 2007-04-02 16:15 - 00000000 ___RD C:\Users\Olaf\Desktop
2013-08-10 16:57 - 2006-11-02 12:33 - 01586480 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-10 16:53 - 2012-04-25 14:17 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-10 16:53 - 2011-12-12 16:11 - 01734657 _____ C:\Windows\WindowsUpdate.log
2013-08-10 16:50 - 2013-07-20 23:16 - 00000374 _____ C:\Windows\Tasks\Super Lyrics Update.job
2013-08-10 16:50 - 2013-07-20 18:37 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-10 16:50 - 2008-01-08 16:06 - 00000000 ____D C:\ProgramData\NVIDIA
2013-08-10 16:50 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-10 16:50 - 2006-11-02 14:47 - 00003696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-10 16:50 - 2006-11-02 14:47 - 00003696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-10 16:50 - 2006-11-02 14:37 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-08-10 15:47 - 2013-07-20 18:37 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-10 15:24 - 2013-08-10 14:35 - 00000000 ____D C:\Program Files\Emsisoft Anti-Malware
2013-08-10 15:23 - 2013-04-10 15:28 - 00006374 _____ C:\Windows\PFRO.log
2013-08-10 15:09 - 2011-11-23 21:41 - 00001134 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1566220321-2446519374-2048356015-1001UA.job
2013-08-10 15:09 - 2011-11-23 21:41 - 00001112 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1566220321-2446519374-2048356015-1001Core.job
2013-08-10 14:37 - 2013-08-10 14:37 - 00000850 _____ C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2013-08-10 14:37 - 2006-11-02 13:18 - 00000000 __RHD C:\Users\Public\Desktop
2013-08-10 14:35 - 2013-08-10 14:35 - 00001933 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-08-10 14:35 - 2013-08-10 14:35 - 00000000 ____D C:\Users\Olaf\Downloads\Documents\Anti-Malware
2013-08-10 14:34 - 2013-08-10 14:30 - 187662064 _____ (Emsisoft GmbH                                              ) C:\Users\Olaf\Downloads\EmsisoftAntiMalwareSetup.exe
2013-08-10 14:34 - 2007-01-20 20:04 - 00000000 ____D C:\Program Files\Google
2013-08-10 11:56 - 2007-06-27 14:40 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-08-10 10:21 - 2013-08-05 22:19 - 00000000 ____D C:\Program Files\Common Files\Umbrella
2013-08-05 22:38 - 2013-08-05 22:38 - 00000000 ____D C:\Users\Olaf\AppData\Roaming\Iminent
2013-08-05 22:38 - 2013-08-05 22:38 - 00000000 ____D C:\ProgramData\Iminent
2013-08-05 22:20 - 2013-08-05 22:20 - 00000611 _____ C:\Windows\system32\InstallUtil.InstallLog
2013-08-05 22:20 - 2013-08-05 22:19 - 00000000 ____D C:\Program Files\Iminent
2013-08-05 22:16 - 2007-04-12 17:11 - 00000000 ____D C:\Users\Olaf\AppData\Local\Adobe
2013-08-05 22:13 - 2013-08-05 22:13 - 00288672 _____ C:\Users\Olaf\Downloads\Adobe%20Reader.exe
2013-08-05 22:11 - 2013-08-05 22:11 - 03400936 _____ C:\Users\Olaf\Downloads\installer_pdf_reader_Deutsch.exe
2013-08-05 21:35 - 2007-04-02 16:27 - 00146568 _____ C:\Users\Olaf\AppData\Local\GDIPFONTCACHEV1.DAT
2013-08-05 21:32 - 2006-11-02 14:47 - 00443208 _____ C:\Windows\system32\FNTCACHE.DAT
2013-08-05 21:31 - 2013-08-05 21:31 - 00155712 _____ C:\Windows\Minidump\Mini080513-01.dmp
2013-08-05 21:31 - 2013-04-13 13:15 - 295539634 _____ C:\Windows\MEMORY.DMP
2013-08-05 21:31 - 2009-05-13 17:54 - 00000000 ____D C:\Windows\Minidump
2013-08-05 21:27 - 2013-07-30 15:50 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE
2013-08-03 14:48 - 2007-07-10 16:43 - 03716436 _____ C:\Users\Mariessa\01 Heul Doch.wma
2013-07-31 17:59 - 2013-07-31 17:59 - 00000207 _____ C:\Windows\tweaking.com-regbackup-OLAF-PC-Microsoft®-Windows-Vista™-Home-Premium-(32-Bit).dat
2013-07-31 17:57 - 2013-07-31 17:57 - 00000000 ____D C:\RegBackup
2013-07-30 15:47 - 2013-07-30 15:47 - 00000000 ____D C:\Users\Olaf\Desktop\tweaking.com_windows_repair_aio
2013-07-30 15:45 - 2013-07-30 15:45 - 00000000 ____D C:\Users\Olaf\Downloads\tweaking.com_windows_repair_aio
2013-07-30 15:40 - 2013-07-30 15:40 - 03517580 _____ C:\Users\Olaf\Downloads\tweaking.com_windows_repair_aio.zip
2013-07-30 15:34 - 2013-07-30 15:34 - 00139496 _____ C:\Windows\Minidump\Mini073013-01.dmp
2013-07-24 17:24 - 2013-07-24 17:24 - 00448512 _____ (OldTimer Tools) C:\Users\Olaf\Desktop\TFC.exe
2013-07-24 00:16 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-07-23 21:19 - 2013-07-23 21:19 - 00891062 _____ C:\Users\Olaf\Desktop\SecurityCheck.exe
2013-07-23 20:31 - 2013-07-23 20:31 - 02347384 _____ (ESET) C:\Users\Olaf\Downloads\esetsmartinstaller_enu.exe
2013-07-23 18:43 - 2013-07-23 18:43 - 00000000 ____D C:\2e25bc9a05b08dace7427c46ed41c1
2013-07-23 18:36 - 2013-07-23 18:36 - 00377856 _____ C:\Users\Olaf\Desktop\gmer_2.1.19163.exe
2013-07-23 18:34 - 2013-07-23 18:34 - 00602112 _____ (OldTimer Tools) C:\Users\Olaf\Desktop\OTL.exe
2013-07-23 18:09 - 2013-07-23 18:09 - 00155632 _____ C:\Windows\Minidump\Mini072313-01.dmp
2013-07-23 17:52 - 2007-04-02 21:35 - 00000000 ____D C:\Users\Olaf\AppData\Local\Google
2013-07-23 17:38 - 2008-07-29 10:55 - 00000000 ____D C:\Users\Gast\Desktop
2013-07-23 17:38 - 2007-05-12 17:08 - 00000000 ____D C:\Program Files\InterActual
2013-07-23 17:38 - 2007-01-20 19:54 - 00000000 ___RD C:\Users\IUSR_NMPR\Desktop
2013-07-23 17:37 - 2011-05-03 15:47 - 00000000 ____D C:\Program Files\Medion GoPal Assistant
2013-07-23 17:22 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache
2013-07-23 16:25 - 2013-07-23 16:25 - 00000000 ____D C:\Windows\ERUNT
2013-07-23 16:21 - 2013-07-23 16:21 - 00560934 _____ (Oleg N. Scherbakov) C:\Users\Olaf\Desktop\JRT.exe
2013-07-23 15:38 - 2013-07-23 15:32 - 00030353 _____ C:\AdwCleaner[S1].txt
2013-07-23 15:38 - 2013-07-23 15:32 - 00000105 _____ C:\Windows\DeleteOnReboot.bat
2013-07-23 15:33 - 2013-01-27 13:53 - 00000000 ____D C:\ProgramData\GinyasBrowserCompanion
2013-07-23 15:28 - 2013-07-23 15:27 - 00031376 _____ C:\AdwCleaner[R1].txt
2013-07-23 15:23 - 2006-11-02 15:01 - 00032636 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-07-23 15:14 - 2013-07-23 15:14 - 00666633 _____ C:\Users\Olaf\Desktop\adwcleaner.exe
2013-07-23 15:09 - 2013-07-23 15:09 - 00000000 ____D C:\Program Files\Super_Lyrics
2013-07-23 00:21 - 2007-01-20 19:51 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-07-22 23:56 - 2013-07-22 22:02 - 00000000 ___SD C:\32788R22FWJFW
2013-07-22 23:36 - 2013-07-22 23:36 - 00000853 _____ C:\Users\Olaf\Desktop\ComboFix(1) - Verknüpfung.lnk
2013-07-22 23:28 - 2013-07-22 23:27 - 05091940 _____ (Swearware) C:\Users\Olaf\Downloads\ComboFix.exe
2013-07-22 23:14 - 2006-11-02 14:37 - 00000000 ____D C:\Windows\system32\XPSViewer
2013-07-22 23:14 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\de-DE
2013-07-22 22:09 - 2013-07-22 22:07 - 00000000 ____D C:\Qoobox
2013-07-22 22:03 - 2013-07-22 22:03 - 00000000 ____D C:\Windows\erdnt
2013-07-22 21:06 - 2013-07-22 21:06 - 00050477 _____ C:\Users\Olaf\Downloads\Defogger.exe
2013-07-22 20:50 - 2012-11-06 23:48 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-22 20:45 - 2006-11-02 14:37 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-22 20:34 - 2013-07-22 20:34 - 00000000 ____D C:\FRST
2013-07-22 20:26 - 2013-07-23 18:18 - 01219874 _____ (Farbar) C:\Users\Olaf\Desktop\FRST.exe
2013-07-20 23:25 - 2013-04-13 03:02 - 00000796 _____ C:\Windows\setupact.log
2013-07-20 23:19 - 2013-07-20 23:19 - 00156160 _____ C:\Windows\Minidump\Mini072013-02.dmp
2013-07-20 22:49 - 2013-07-20 22:49 - 00001991 _____ C:\Users\Olaf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qtrax Player.lnk
2013-07-20 19:32 - 2013-07-20 19:31 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-07-20 18:56 - 2012-04-25 14:17 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-07-20 18:56 - 2011-08-28 08:50 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-07-20 18:51 - 2013-07-20 18:51 - 00160000 _____ C:\Windows\Minidump\Mini072013-01.dmp
2013-07-20 18:32 - 2013-07-20 18:32 - 02195988 _____ C:\Users\Olaf\Desktop\tdsskiller-2-8-14-0.zip
2013-07-20 18:32 - 2013-07-20 18:32 - 00000000 ____D C:\Users\Olaf\AppData\Roaming\PiccShare
2013-07-20 18:32 - 2013-07-20 18:32 - 00000000 ____D C:\Users\Olaf\AppData\Roaming\Common
2013-07-20 18:31 - 2006-11-02 13:18 - 00000000 ___RD C:\Users\Public
2013-07-20 18:30 - 2013-07-20 18:29 - 00393064 _____ (Softonic                                        ) C:\Users\Olaf\Downloads\SoftonicDownloader_fuer_kaspersky-tdsskiller.exe

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-08-10 16:56

==================== End Of Log ============================
--- --- ---


Gruß Tanja

schrauber 10.08.2013 21:24
Zitat:
Ich kann immer noch nicht runterfahren oder neustarten.
dann würde der Rechner ja gar nicht laufen :). Beschreib das mal bitte genauer.

Rosanja 10.08.2013 22:58
Beim arbeiten in verschiedene Programmen z.B. Windows mediaplayer bleibt der Bildschirm stehen und es passiert nichts mehr. Dann Schalte ich den Computer am Schalter aus. Beim erneuten hochfahren kommt ein schwarzes Bild, wo ich den Pc aus dem normalen Modus starte. Wenn ich den Broser beenden möchte friert er wieder ein. Wenn ich keinen Browser geöffnet habe und den Pc herrunterfahren will, friert er wieder ein. Auch wenn ich mal den 20 bis 30 Min nicht am Rechner bin, habe ich nur noch ein schwarzes Bild und nichts geht mehr. Ich beende den Pc ausschliesslich mit dem Schalter. Ich weiss nicht wie lange der Pc das noch aushält?

schrauber 11.08.2013 08:21
Ich hab glaub schonmal gefragt, aber hast Du ne DVD von Windows? Das klingt so als müsste man ne Rep-Install machen.

Öffne bitte mal FRST, setz nen Haken bei Addditional und scanne, poste beide Logfiles.

Rosanja 11.08.2013 12:35
Ich habe den PC damals beim Aldi gekauft und es war alles Installiert, ein Bekannter hat mir alles angeschlossen, deshalb weiss ich nicht ob es eine DVD gab. Ich habe alles durchsucht und leider keine für Vista gefunden. Aber eine CD mit Office XP Windows für den PC meiner Tochter. Nur zur Info ich habe eine Externe Festplatte darauf sind alle meine Sicherungen! Könnte ich Vister deinstallieren und XP draufspielen? Wie bekomme ich Firefox gelöscht? Ich habe mir Chrome runtergeladen!

FRST:
Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 21-07-2013
Ran by Olaf at 2013-08-11 13:30:42
Running from C:\Users\Olaf\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

Adobe Flash Player 11 ActiveX (Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (Version: 11.7.700.224)
Adobe Reader X (10.1.4) - Deutsch (Version: 10.1.4)
Adobe Shockwave Player (Version: 11)
Adobe® Photoshop® Album Starter Edition 3.2 (Version: 3.2.0)
Apple Application Support (Version: 2.3.3)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
ArcSoft Software Suite
Audacity 1.2.6
Avanquest update (Version: 1.21)
Big Fish Games: Game Manager (Version: 3.0.1.60)
Bonjour (Version: 3.0.0.10)
CCleaner (Version: 2.36)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
Corel Applications
Creative DVD Audio Plugin for Audigy Series
D3DX10 (Version: 15.4.2368.0902)
DHTML Editing Component (Version: 6.02.0001)
Driver Genius Professional Edition
Echoes of the Past: Das versteinerte K&ouml;nigshaus
Echoes of the Past: Die Zitadellen der Zeit
Echoes of the Past: Die Zitadellen der Zeit Sammleredition
Emsisoft Anti-Malware (Version: 8.0)
Facebook Video Calling 1.2.0.287 (Version: 1.2.287)
Firebird SQL Server - MAGIX Edition (Version: 2.1.27.0)
FormatFactory 2.90 (Version: 2.90)
Google Chrome (Version: 28.0.1500.95)
Google Update Helper (Version: 1.3.21.153)
Hardware Diagnose Tools (Version: 5.00.4262.12)
HP Customer Experience Enhancements (Version: 1.00.0000)
HP Easy Setup - Core (Version: 1.00.0000)
HP Easy Setup - Frontend (Version: 5.00.0000)
HP Picasso Media Center Add-In (Version: 1.0.0)
HP Update (Version: 4.000.005.005)
iCloud (Version: 2.1.1.3)
Iminent (Version: 6.27.21.0)
InstallRTC (Version: 1.0.0)
Intel(R) Matrix Storage Manager
Intel(R) PRO Network Connections Drivers
Intel® Viiv™ Software (Version: 1.6.361.6)
InterVideo DeviceService (Version: 1.0.0)
InterVideo WinDVD 6 (Version: 6.0-B6.42)
iTunes (Version: 11.0.2.26)
Java 2 Runtime Environment, SE v1.4.2_14 (Version: 1.4.2_14)
Java 7 Update 11 (Version: 7.0.110)
Java Auto Updater (Version: 2.1.9.0)
Java(TM) 6 Update 2 (Version: 1.6.0.20)
Java(TM) 6 Update 29 (Version: 6.0.290)
Java(TM) SE Runtime Environment 6 Update 1 (Version: 1.6.0.10)
Junk Mail filter update (Version: 15.4.3502.0922)
LightScribe  1.4.124.1 (Version: 1.4.124.1)
LUMIX Simple Viewer (Version: 0.99.0000)
MAGIX Foto Clinic 4.5 (D) (Version: 4.5.3.2)
MAGIX Foto Manager 2006 (D) (Version: 3.0.1.71)
MAGIX Fotos auf CD & DVD 5.0 deLuxe (D) (Version: 5.0.0.0)
MAGIX Music Manager (D) (Version: 1.1.1.692)
MAGIX Online Druck Service
MAGIX Screenshare (Version: 4.3.6.1987)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6)
Mesh Runtime (Version: 15.4.5722.2)
Messenger Companion (Version: 15.4.3502.0922)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 German Language Pack (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2833941)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft LifeCam (Version: 1.40.164.0)
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1)
Microsoft Office XP Professional mit FrontPage (Version: 10.0.6626.0)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual J# .NET Redistributable Package 1.1 (Version: 1.1.4322)
Microsoft Works (Version: 08.05.0822)
Microsoft XML Parser (Version: 8.0.7820.0)
MobileMe Control Panel (Version: 3.1.8.0)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
Nero 7 Premium (Version: 7.02.1290)
NVIDIA 3D Vision Treiber 311.06 (Version: 311.06)
NVIDIA Display Control Panel (Version: 6.14.12.5896)
NVIDIA Grafiktreiber 311.06 (Version: 311.06)
NVIDIA Install Application (Version: 2.1002.108.688)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.1106)
NVIDIA Systemsteuerung 311.06 (Version: 311.06)
NVIDIA Update 1.11.3 (Version: 1.11.3)
NVIDIA Update Components (Version: 1.11.3)
OcxSetup (Version: 1.0.0)
Optimierte Multimedia-Tastatur-Lösung
PHOTOfunSTUDIO -viewer- (Version: 1.00.000)
PhotoMail Maker (Version: 1.0.0.1040)
Picasa 3 (Version: 3.9)
Plus-HD-2.3 (Version: 1.27.153.8)
Python 2.4.3 (Version: 2.4.3150)
QuickTime (Version: 7.73.80.64)
radio ffn Rekorder Version 3.02.8
RealArcade
RealDownloader (Version: 1.3.0)
RealPlayer (Version: 16.0.0)
Realtek High Definition Audio Driver (Version: 6.0.1.5322)
RealUpgrade 1.1 (Version: 1.1.0)
RTL GAME CENTER (Version: 1.2010.6.23)
Sandlot Games Client Services 1.2.2
Segoe UI (Version: 15.4.2271.0615)
Spelling Dictionaries Support For Adobe Reader 8 (Version: 8.0.0)
Steganos Safe Home 2007 (Version: 9.0.3)
STRATO Backup Manager (Version: 1.0.0)
Super Lyrics
TeamViewer 7 (Version: 7.0.17271)
T-Online WLAN-Access Finder
Turbo Lister 2 (Version: 2.0.0)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (Version: 1)
VideoPad Videobearbeitungs-Software
Visual C++ 9.0 CRT (x86) WinSXS MSM (Version: 9.0)
VLC media player 1.1.11 (Version: 1.1.11)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live Family Safety (Version: 15.4.3555.0308)
Windows Live Fotogalerie (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Mail (Version: 15.4.3502.0922)
Windows Live Mesh (Version: 15.4.3502.0922)
Windows Live Mesh ActiveX control for remote connections (Version: 15.4.5722.2)
Windows Live Messenger (Version: 15.4.3538.0513)
Windows Live Messenger Companion Core (Version: 15.4.3502.0922)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Live Writer (Version: 15.4.3502.0922)
Windows Live Writer Resources (Version: 15.4.3502.0922)
Windows Mobile-Gerätecenter (Version: 6.1.6965.0)
Windows Mobile-Gerätecenter: Treiberupdate (Version: 6.1.6965.0)
WinRAR archiver
 

==================== Restore Points  =========================

20-07-2013 17:00:57 Windows Update
22-07-2013 18:43:58 Windows Update
22-07-2013 22:21:08 Entfernt Konz 2012
22-07-2013 22:22:06 Removed Bing Bar
22-07-2013 22:26:46 Removed Ask Toolbar.
23-07-2013 15:36:29 Removed MEDION GoPal Assistant
23-07-2013 15:43:05 Removed Nero 7 Premium. Available with Windows Installer version 1.2 and later.
23-07-2013 15:52:22 Removed Google Chrome Frame
28-07-2013 14:07:58 Windows Update
28-07-2013 17:02:33 Windows-Sicherung
31-07-2013 15:57:19 Tweaking.com - Windows Repair
03-08-2013 11:48:20 Windows Update
05-08-2013 19:53:57 Windows-Sicherung
10-08-2013 09:43:48 Windows Update
10-08-2013 10:14:23 Removed Nero 7 Premium. Available with Windows Installer version 1.2 and later.
10-08-2013 14:56:26 Removed Nero 7 Premium. Available with Windows Installer version 1.2 and later.

==================== Hosts content: ==========================

2006-11-02 12:23 - 2006-09-18 23:41 - 00000736 ____A C:\Windows\system32\Drivers\etc\hosts
::1            localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {0568804D-6FDF-46DF-9FF2-1948BB8636AB} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27] (Adobe Systems Incorporated)
Task: {09C0034D-8657-4DE1-8EEC-F9897D5695AA} - System32\Tasks\NCH Software\videopadShakeIcon => C:\Program Files\NCH Software\VideoPad\VideoPad.exe [2013-01-27] (NCH Software)
Task: {0B15B809-99AF-419D-94C0-B1C773C306AD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-07-20] (Google Inc.)
Task: {0E01E7C3-9558-44BA-9FBB-B1B57F5B86F1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {0E96532C-3B2B-44C1-90BA-7F13CA501ED3} - System32\Tasks\Microsoft\Windows\WindowsBackup\CheckFull => C:\Windows\System32\sdclt.exe [2010-12-14] (Microsoft Corporation)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {2ED36C22-45D8-432F-A894-17FD629EA9E4} - System32\Tasks\Microsoft\Windows\Defrag\ManualDefrag => C:\Windows\system32\defrag.exe [2008-01-18] (Microsoft Corp.)
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {3D51B747-599F-4056-80E5-59E7C7DEC6B7} - System32\Tasks\User_Feed_Synchronization-{713C853D-16EB-4E3C-9AA1-35C296B67C10} => C:\Windows\system32\msfeedssync.exe [2011-11-06] (Microsoft Corporation)
Task: {43A05BEB-6B12-44F9-9021-56CC2207FB24} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2012-07-03] (Sun Microsystems, Inc.)
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-18] (Microsoft Corporation)
Task: {4CE713F7-3F24-4204-8A06-7F57389A912D} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2008-01-18] (Microsoft Corporation)
Task: {4FEFDE2E-CF7B-454E-9CDA-22AA39A7741B} - System32\Tasks\HP-Online-Aktualisierungsprogramm => c:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2005-02-17] (Hewlett-Packard Co.)
Task: {552801B9-5EB1-49A5-AB14-52C2F7D259EF} - System32\Tasks\NCH Software\videopadDowngrade => C:\Program Files\NCH Software\VideoPad\videopad.exe [2013-01-27] (NCH Software)
Task: {562CE0C6-F0A0-4985-9A8C-851DBE47F3B1} - System32\Tasks\BFGLaunch_stone-of-destiny_s2_l2_gF2080T1L2_d167401155[1] => C:\Users\Olaf\AppData\Local\Temp\stone-of-destiny_s2_l2_gF2080T1L2_d167401155[1].exe No File
Task: {5BFFE95E-631C-4DE9-930E-024ADB4F6B14} - System32\Tasks\Steganos Agent => C:\Program Files\Steganos Safe Home\SteganosAgent.exe [2006-12-05] ()
Task: {61398903-0F8E-447C-98A6-E120573C6E64} - System32\Tasks\Adobe Reader and Acrobat Manager => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-07-27] (Adobe Systems Incorporated)
Task: {6306DA7D-9019-4042-91FD-1D44D6EB4318} - System32\Tasks\BFGLaunch_fashion-craze_s2_l2_gF2238T1L2_d134644565[1] => C:\Users\Olaf\AppData\Local\Temp\fashion-craze_s2_l2_gF2238T1L2_d134644565[1].exe No File
Task: {720AAE8C-F14F-4C56-82BE-FCB74E1E08C7} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1566220321-2446519374-2048356015-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2012-11-30] (RealNetworks, Inc.)
Task: {73318A8D-623C-4485-AFFC-630891545622} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-20] (Adobe Systems Incorporated)
Task: {7567DA21-7F32-4997-848A-82D04FC183E2} - System32\Tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor => C:\Windows\System32\sdclt.exe [2010-12-14] (Microsoft Corporation)
Task: {7A513F29-5009-421E-86C1-DCC79D76AFA6} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1566220321-2446519374-2048356015-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2012-11-30] (RealNetworks, Inc.)
Task: {7DB83568-6916-4EA2-A28C-45A1FB24A9B4} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1566220321-2446519374-2048356015-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2012-11-30] (RealNetworks, Inc.)
Task: {81685675-E43F-408E-9D63-DAF87BBACD7F} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1566220321-2446519374-2048356015-1001UA => C:\Users\Olaf\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: {84AD09F3-0363-4407-BEEA-8C5BD2CC8097} - System32\Tasks\Java => C:\Program Files\Java\jre6\bin\jusched.exe No File
Task: {85DD6276-7838-4232-8FF8-CB15EF58DF2E} - System32\Tasks\Real Player-Online-Aktualisierungsprogramm => c:\program files\real\realplayer\Update\realsched.exe [2013-01-19] (RealNetworks, Inc.)
Task: {87BD1C97-0934-4021-9770-D7B1B1D7BD60} - System32\Tasks\DSite => C:\Users\Olaf\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE No File
Task: {8B480174-D82C-4A8B-87BA-E31D091FBEE8} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => c:\program files\windows defender\MpCmdRun.exe [2008-01-18] (Microsoft Corporation)
Task: {8EB3A4B7-9C62-4B08-BBD5-E9D07C405232} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\schtasks.exe [2008-01-18] (Microsoft Corporation)
Task: {935C56FB-D42B-44EE-AC9D-1AA796AE50F5} - System32\Tasks\Microsoft_Hardware_Launch_vVX3000_exe => C:\Windows\vVX3000.exe [2007-04-10] (Microsoft Corporation)
Task: {95203A9F-5EA3-4B81-BFA3-71B4BC5CF928} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => C:\Windows\system32\rundll32.exe [2006-11-02] (Microsoft Corporation)
Task: {9B8ACEE6-311B-49BC-A6BD-AFEACE7ACE22} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1566220321-2446519374-2048356015-1001 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2012-11-30] (RealNetworks, Inc.)
Task: {A61555D3-7840-45C1-A5A9-0D49851DE37A} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\OptinNotification => C:\Windows\System32\wsqmcons.exe [2008-01-18] (Microsoft Corporation)
Task: {ABFD2AB8-A215-4E35-9FD6-B9A5601667D8} - System32\Tasks\BFGLaunch_bfgclient => C:\Program Files\bfgclient\bfgclient.exe [2011-08-19] ()
Task: {ADCC9A85-0C50-4AB5-9E44-4B9F6284A276} - System32\Tasks\Real Networks Scheduler => C:\Program Files\Common Files\Real\Update_OB\realsched.exe No File
Task: {BF1C88C9-B12C-4864-AE01-6708114BA952} - System32\Tasks\Microsoft\Windows\RestartManager\{FB86C79C-478C-4f3f-ACE2-A09F149B1F14} => C:\Windows\system32\rmclient.exe [2006-11-02] (Microsoft Corporation)
Task: {C3FA9EBC-FB39-4AE9-9E95-815475E63CFD} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files\TuneUp Utilities 2013\OneClick.exe No File
Task: {D5416E71-9E9F-48C1-B2D5-3AB4B800F53D} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {D7AF7F31-F249-44C7-ABA8-F7D445C0B5E0} - System32\Tasks\Super Lyrics Update => C:\Program Files\Super_Lyrics\SuperLupdater.exe [2013-07-22] (Super Add-on Software)
Task: {DAB924FD-E6EF-440F-93CD-EFC99231D994} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-07-20] (Google Inc.)
Task: {E3EA736A-C48A-4E4A-915A-621B34A323F4} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-05] ()
Task: {E609BE22-FE85-4943-9724-2850F6E23B7B} - System32\Tasks\QtraxPlayer => C:\Program Files\Microsoft Silverlight\sllauncher.exe [2013-05-13] (Microsoft Corporation)
Task: {E8C81B95-6D19-40F4-A23E-AE86EF0ED417} - System32\Tasks\User_Feed_Synchronization-{F658E2FC-1F92-4830-9F47-9F66D638EB43} => C:\Windows\system32\msfeedssync.exe [2011-11-06] (Microsoft Corporation)
Task: {EA1D2880-8265-4C27-92EF-B7589412DB10} - System32\Tasks\BFGLaunch_bfgprocess => C:\Program Files\bfgclient\bfgprocess.exe [2011-08-19] ()
Task: {F1A24C80-DAA3-4545-A909-B89B215396B2} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1566220321-2446519374-2048356015-1001Core => C:\Users\Olaf\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-12] (Facebook Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1566220321-2446519374-2048356015-1001Core.job => C:\Users\Olaf\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1566220321-2446519374-2048356015-1001UA.job => C:\Users\Olaf\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Super Lyrics Update.job => C:\Program Files\Super_Lyrics\SuperLupdater.exe

==================== Faulty Device Manager Devices =============

Name: Microsoft-ISATAP-Adapter
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver

Name: Microsoft-ISATAP-Adapter #3
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: =========================

Application errors:
==================
Error: (08/10/2013 09:01:45 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (08/10/2013 09:01:45 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (08/10/2013 08:47:53 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (08/10/2013 08:47:53 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (08/10/2013 04:51:33 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (08/10/2013 04:51:33 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (08/10/2013 00:54:25 PM) (Source: Windows Search Service) (User: )
Description: Eintrag <C:\USERS\OLAF\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\5S97VOZC.DEFAULT\CACHE\3\DB> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
        Ein an das System angeschlossenes Gerät funktioniert nicht.  (0x8007001f)

Error: (08/10/2013 00:54:25 PM) (Source: Windows Search Service) (User: )
Description: Eintrag <C:\USERS\OLAF\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\5S97VOZC.DEFAULT\CACHE\3\DB> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
        Ein an das System angeschlossenes Gerät funktioniert nicht.  (0x8007001f)

Error: (08/10/2013 00:54:25 PM) (Source: Windows Search Service) (User: )
Description: Eintrag <C:\USERS\OLAF\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\5S97VOZC.DEFAULT\CACHE\3\AA> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
        Ein an das System angeschlossenes Gerät funktioniert nicht.  (0x8007001f)

Error: (08/10/2013 00:54:25 PM) (Source: Windows Search Service) (User: )
Description: Eintrag <C:\USERS\OLAF\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\5S97VOZC.DEFAULT\CACHE\3\AA> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
        Ein an das System angeschlossenes Gerät funktioniert nicht.  (0x8007001f)


System errors:
=============
Error: (08/11/2013 01:16:16 PM) (Source: Service Control Manager) (User: )
Description: NVIDIA Update Service Daemon%%1069

Error: (08/11/2013 01:16:16 PM) (Source: Service Control Manager) (User: )
Description: nvUpdatusService.\UpdatusUser%%1330

Error: (08/11/2013 01:15:02 PM) (Source: Service Control Manager) (User: )
Description: Net.Tcp-ListeneradapterNet.Tcp-Portfreigabedienst%%1058

Error: (08/11/2013 01:15:02 PM) (Source: Service Control Manager) (User: )
Description: Net.Pipe-Listeneradapterwas

Error: (08/11/2013 01:15:02 PM) (Source: Service Control Manager) (User: )
Description: Net.Msmq-Listeneradaptermsmq

Error: (08/11/2013 01:14:07 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D215781D-019E-4FA0-903D-0CDCDE13A4F5}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)

Error: (08/11/2013 01:13:51 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 10.08.2013 um 21:06:24 unerwartet heruntergefahren.

Error: (08/10/2013 09:03:31 PM) (Source: Service Control Manager) (User: )
Description: NVIDIA Update Service Daemon%%1069

Error: (08/10/2013 09:03:31 PM) (Source: Service Control Manager) (User: )
Description: nvUpdatusService.\UpdatusUser%%1330

Error: (08/10/2013 09:01:55 PM) (Source: Service Control Manager) (User: )
Description: Net.Tcp-ListeneradapterNet.Tcp-Portfreigabedienst%%1058


Microsoft Office Sessions:
=========================
Error: (08/10/2013 09:01:45 PM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}\recordingmanager.exe

Error: (08/10/2013 09:01:45 PM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}\recordingmanager.exe

Error: (08/10/2013 08:47:53 PM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}\recordingmanager.exe

Error: (08/10/2013 08:47:53 PM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}\recordingmanager.exe

Error: (08/10/2013 04:51:33 PM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}\recordingmanager.exe

Error: (08/10/2013 04:51:33 PM) (Source: SideBySide)(User: )
Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}\recordingmanager.exe

Error: (08/10/2013 00:54:25 PM) (Source: Windows Search Service)(User: )
Description: Kontext:  Anwendung, SystemIndex Katalog


Details:
        Ein an das System angeschlossenes Gerät funktioniert nicht.  (0x8007001f)
C:\USERS\OLAF\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\5S97VOZC.DEFAULT\CACHE\3\DB

Error: (08/10/2013 00:54:25 PM) (Source: Windows Search Service)(User: )
Description: Kontext:  Anwendung, SystemIndex Katalog


Details:
        Ein an das System angeschlossenes Gerät funktioniert nicht.  (0x8007001f)
C:\USERS\OLAF\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\5S97VOZC.DEFAULT\CACHE\3\DB

Error: (08/10/2013 00:54:25 PM) (Source: Windows Search Service)(User: )
Description: Kontext:  Anwendung, SystemIndex Katalog


Details:
        Ein an das System angeschlossenes Gerät funktioniert nicht.  (0x8007001f)
C:\USERS\OLAF\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\5S97VOZC.DEFAULT\CACHE\3\AA

Error: (08/10/2013 00:54:25 PM) (Source: Windows Search Service)(User: )
Description: Kontext:  Anwendung, SystemIndex Katalog


Details:
        Ein an das System angeschlossenes Gerät funktioniert nicht.  (0x8007001f)
C:\USERS\OLAF\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\5S97VOZC.DEFAULT\CACHE\3\AA


==================== Memory info ===========================

Percentage of memory in use: 53%
Total physical RAM: 2558.58 MB
Available physical RAM: 1193.02 MB
Total Pagefile: 5351.68 MB
Available Pagefile: 3875.03 MB
Total Virtual: 2047.88 MB
Available Virtual: 1905.57 MB

==================== Drives ================================

Drive c: (HP) (Fixed) (Total:292.8 GB) (Free:83.75 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive j: (Elements) (Fixed) (Total:1397.26 GB) (Free:1057.89 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=293 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=5 GB) - (Type=07 NTFS)

========================================================
Disk: 5 (MBR Code: Windows XP) (Size: 1397 GB) (Disk ID: 00111F03)
Partition 1: (Not Active) - (Size=-698724909056) - (Type=07 NTFS)

==================== End Of Log ============================

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 21-07-2013 (ATTENTION: FRST version is 21 days old)
Ran by Olaf (administrator) on 11-08-2013 13:29:13
Running from C:\Users\Olaf\Desktop
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Emsisoft GmbH) C:\Program Files\Emsisoft Anti-Malware\a2service.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(InterVideo Inc.) C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
() C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
(Microsoft Corporation) C:\Windows\ehome\ehRecvr.exe
(Microsoft Corporation) C:\Windows\ehome\ehsched.exe
(MAGIX AG) C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
(Hewlett-Packard Company) c:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS32.exe
() C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(Iminent) C:\Program Files\Common Files\Umbrella\umbrella.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Hewlett-Packard Company) C:\hp\support\hpsysdrv.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
() C:\Program Files\Steganos Safe Home\SteganosHotKeyService.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\TeamViewer.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\tv_w32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Hewlett-Packard Company) C:\hp\kbd\kbd.exe
(Microsoft Corporation) C:\Windows\system32\sdclt.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe

==================== Registry (Whitelisted) ==================

MountPoints2: {f75312be-89cf-11de-a996-001a92486b3f} - J:\Menu.exe
HKU\IUSR_NMPR\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [ 2008-01-18] (Microsoft Corporation)
HKU\IUSR_NMPR\...\Run: [ICQ] - "C:\Program Files\ICQ6\ICQ.exe" silent [x]
HKU\IUSR_NMPR\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [x]
HKU\IUSR_NMPR\...\RunOnce: [ICQ Lite] - C:\Program Files\ICQLite\ICQLite.exe -trayboot [x]
HKU\IUSR_NMPR\...\RunOnce: [DATA BECKER Registrierung] - "C:\Program Files\Internet Explorer\Iexplore.exe" C:\Program Files\DATA BECKER\Visitenkarten-Druckerei 10\Support\Online\index.htm [x]

==================== Internet (Whitelisted) ====================

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_DE&c=71&bd=Pavilion&pf=desktop
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_DE&c=71&bd=Pavilion&pf=desktop
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {99BF4F38-A3A2-412A-996F-AAD9A3406746} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06
SearchScopes: HKCU - {639C8579-AFEB-4039-886E-D4B7612A0244} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=U3&apn_dtid=YYYYYYYYDE&apn_uid=E918B100-3F16-4AFE-9A56-655241D70738&apn_sauid=FA585939-A01E-4CF2-B412-32F822B64359
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: Super Lyrics - {30B87EBD-E91B-498B-B25D-DF116AF00393} - C:\Program Files\Super_Lyrics\125.dll (Super Add-on Software)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Super Lyrics - {B9020890-9E08-446B-87B0-0C5CD0436D86} - C:\Program Files\Super_Lyrics\116.dll No File
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU -&Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\Windows\system32\ieframe.dll (Microsoft Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msdaipp - No CLSID Value -
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default
FF user.js: detected! => C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\user.js
FF SelectedSearchEngine: Google.de
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/JavaPlugin,version=10.11.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @real.com/nppl3260;version=16.0.0.282 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/npracplug;version=1.0.0.0 - C:\Program Files\Real\RealArcade\Plugins\Mozilla\npracplug.dll (RealNetworks)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.0.282 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @phonostar.de/radio ffn Rekorder - C:\Program Files\radio ffn Rekorder\npphonostarDetectNP.dll ( )
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Olaf\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF SearchPlugin: C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\searchplugins\googlede-pws.xml
FF SearchPlugin: C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\searchplugins\googlede.xml
FF Extension: No Name - C:\Users\Olaf\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: No Name - C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\Extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com
FF Extension: No Name - C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\Extensions\plugin@starstable.com
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF Extension: ciuvo-extension - C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\Extensions\ciuvo-extension@icq.de.xpi
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [{34712C68-7391-4c47-94F3-8F88D49AD632}] C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKCU\...\Firefox\Extensions: [{F7EC2BAD-F77B-4020-B3C6-58B97D0859E5}] C:\Program Files\Super_Lyrics\125.xpi
FF Extension: No Name - C:\Program Files\Super_Lyrics\125.xpi

Chrome:
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\28.0.1500.95\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Shockwave for Director) - C:\Program Files\Mozilla Firefox\plugins\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (RealArcade Mozilla Plugin) - C:\Program Files\Mozilla Firefox\plugins\npracplug.dll (RealNetworks)
CHR Plugin: (RealPlayer Download Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprpplugin.dll (RealPlayer)
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Java(TM) Platform SE 7 U11) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (phonostar Detector) - C:\Program Files\radio ffn Rekorder\npphonostarDetectNP.dll ( )
CHR Plugin: (RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Plugin: (RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
CHR Plugin: (RealDownloader Plugin) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Olaf\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (Docs) - C:\Users\Olaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0
CHR Extension: (Google Drive) - C:\Users\Olaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0
CHR Extension: (Super Lyrics) - C:\Users\Olaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjcnjlaajofpendibcoodneacalfho\1.125_0
CHR Extension: (YouTube) - C:\Users\Olaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: (Google Search) - C:\Users\Olaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0
CHR Extension: (RealDownloader) - C:\Users\Olaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.0_0
CHR Extension: (Gmail) - C:\Users\Olaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM\...\Chrome\Extension: [bgnjcnjlaajofpendibcoodneacalfho] - C:\Program Files\Super_Lyrics\125.crx
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx

========================== Services (Whitelisted) =================

R2 a2AntiMalware; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [2938408 2013-07-02] (Emsisoft GmbH)
S3 AlertService; C:\Program Files\Intel\IntelDH\CCU\AlertService.exe [188416 2006-09-11] (Intel(R) Corporation)
R2 Capture Device Service; C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe [198168 2007-03-06] (InterVideo Inc.)
R2 DQLWinService; C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [208896 2006-09-03] ()
R2 Fabs; C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe [1253376 2009-08-27] (MAGIX AG)
S3 FirebirdServerMAGIXInstance; C:\MAGIX\Common\Database\bin\fbserver.exe [1527900 2005-08-10] (The Firebird Project)
S2 IntelDHSvcConf; C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe [29696 2006-05-10] (Intel(R) Corporation)
S3 ISSM; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe [75264 2006-09-11] (Intel(R) Corporation)
S3 M1 Server; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe [26624 2006-09-01] ()
S3 MCLServiceATL; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe [167936 2006-09-11] (Intel(R) Corporation)
R2 OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [90112 2009-04-30] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] ()
S3 Remote UI Service; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe [544256 2006-09-11] (Intel(R) Corporation)
R2 SProtection; C:\Program Files\Common Files\Umbrella\umbrella.exe [2864448 2013-08-05] (Iminent)
S3 stllssvr; "c:\Program Files\Common Files\SureThing Shared\stllssvr.exe" [x]

==================== Drivers (Whitelisted) ====================

S3 a2acc; C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2accx86.sys [54072 2012-04-30] (Emsisoft GmbH)
R1 A2DDA; C:\Program Files\Emsisoft Anti-Malware\a2ddax86.sys [22056 2013-03-28] (Emsisoft GmbH)
R2 ACEDRV07; C:\Windows\system32\drivers\ACEDRV07.sys [101376 2007-09-27] (Protect Software GmbH)
R3 Afc; C:\Windows\System32\drivers\Afc.sys [11776 2005-02-23] (Arcsoft, Inc.)
S3 cleanhlp; C:\Program Files\Emsisoft Anti-Malware\cleanhlp32.sys [50208 2013-07-02] (Emsisoft GmbH)
R3 pfc; C:\Windows\System32\drivers\pfc.sys [21248 2003-09-20] (Padus, Inc.)
S3 s0017bus; C:\Windows\System32\DRIVERS\s0017bus.sys [90536 2008-05-27] (MCCI Corporation)
S3 s0017mdfl; C:\Windows\System32\DRIVERS\s0017mdfl.sys [15016 2008-05-27] (MCCI Corporation)
S3 s0017mdm; C:\Windows\System32\DRIVERS\s0017mdm.sys [122152 2008-05-27] (MCCI Corporation)
S3 s0017mgmt; C:\Windows\System32\DRIVERS\s0017mgmt.sys [115496 2008-05-27] (MCCI Corporation)
S3 s0017nd5; C:\Windows\System32\DRIVERS\s0017nd5.sys [25768 2008-05-27] (MCCI Corporation)
S3 s0017obex; C:\Windows\System32\DRIVERS\s0017obex.sys [111912 2008-05-27] (MCCI Corporation)
S3 s0017unic; C:\Windows\System32\DRIVERS\s0017unic.sys [117672 2008-05-27] (MCCI Corporation)
R1 SLEE_14_DRIVER; C:\Windows\system32\drivers\Sleen14.sys [72480 2006-11-08] (Softwareentwicklung Remus - ArchiCrypt )
S3 TSHWMDTCP; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys [4608 2006-07-13] ()
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 massfilter; system32\drivers\massfilter.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 ZD1211BU(ZyDAS); system32\DRIVERS\zd1211Bu.sys [x]
S3 ZDPSp60; System32\Drivers\ZDPSp60.sys [x]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [x]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [x]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-10 14:37 - 2013-08-10 14:37 - 00000850 _____ C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2013-08-10 14:35 - 2013-08-10 21:06 - 00000000 ____D C:\Program Files\Emsisoft Anti-Malware
2013-08-10 14:35 - 2013-08-10 14:35 - 00001933 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-08-10 14:35 - 2013-08-10 14:35 - 00000000 ____D C:\Users\Olaf\Downloads\Documents\Anti-Malware
2013-08-10 14:30 - 2013-08-10 14:34 - 187662064 _____ (Emsisoft GmbH                                              ) C:\Users\Olaf\Downloads\EmsisoftAntiMalwareSetup.exe
2013-08-05 22:38 - 2013-08-05 22:38 - 00000000 ____D C:\Users\Olaf\AppData\Roaming\Iminent
2013-08-05 22:38 - 2013-08-05 22:38 - 00000000 ____D C:\ProgramData\Iminent
2013-08-05 22:20 - 2013-08-05 22:20 - 00000611 _____ C:\Windows\system32\InstallUtil.InstallLog
2013-08-05 22:19 - 2013-08-10 10:21 - 00000000 ____D C:\Program Files\Common Files\Umbrella
2013-08-05 22:19 - 2013-08-05 22:20 - 00000000 ____D C:\Program Files\Iminent
2013-08-05 22:13 - 2013-08-05 22:13 - 00288672 _____ C:\Users\Olaf\Downloads\Adobe%20Reader.exe
2013-08-05 22:11 - 2013-08-05 22:11 - 03400936 _____ C:\Users\Olaf\Downloads\installer_pdf_reader_Deutsch.exe
2013-08-05 21:31 - 2013-08-05 21:31 - 00155712 _____ C:\Windows\Minidump\Mini080513-01.dmp
2013-07-31 17:59 - 2013-07-31 17:59 - 00000207 _____ C:\Windows\tweaking.com-regbackup-OLAF-PC-Microsoft®-Windows-Vista™-Home-Premium-(32-Bit).dat
2013-07-31 17:57 - 2013-07-31 17:57 - 00000000 ____D C:\RegBackup
2013-07-30 15:50 - 2013-08-05 21:27 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE
2013-07-30 15:49 - 2011-10-24 13:35 - 00000000 ____D C:\Users\Olaf\Downloads\Tweaking.com - Windows Repair
2013-07-30 15:47 - 2013-07-30 15:47 - 00000000 ____D C:\Users\Olaf\Desktop\tweaking.com_windows_repair_aio
2013-07-30 15:45 - 2013-07-30 15:45 - 00000000 ____D C:\Users\Olaf\Downloads\tweaking.com_windows_repair_aio
2013-07-30 15:40 - 2013-07-30 15:40 - 03517580 _____ C:\Users\Olaf\Downloads\tweaking.com_windows_repair_aio.zip
2013-07-30 15:34 - 2013-07-30 15:34 - 00139496 _____ C:\Windows\Minidump\Mini073013-01.dmp
2013-07-24 17:24 - 2013-07-24 17:24 - 00448512 _____ (OldTimer Tools) C:\Users\Olaf\Desktop\TFC.exe
2013-07-23 21:19 - 2013-07-23 21:19 - 00891062 _____ C:\Users\Olaf\Desktop\SecurityCheck.exe
2013-07-23 20:31 - 2013-07-23 20:31 - 02347384 _____ (ESET) C:\Users\Olaf\Downloads\esetsmartinstaller_enu.exe
2013-07-23 18:43 - 2013-07-23 18:43 - 00000000 ____D C:\2e25bc9a05b08dace7427c46ed41c1
2013-07-23 18:36 - 2013-07-23 18:36 - 00377856 _____ C:\Users\Olaf\Desktop\gmer_2.1.19163.exe
2013-07-23 18:34 - 2013-07-23 18:34 - 00602112 _____ (OldTimer Tools) C:\Users\Olaf\Desktop\OTL.exe
2013-07-23 18:18 - 2013-07-22 20:26 - 01219874 _____ (Farbar) C:\Users\Olaf\Desktop\FRST.exe
2013-07-23 18:09 - 2013-07-23 18:09 - 00155632 _____ C:\Windows\Minidump\Mini072313-01.dmp
2013-07-23 16:25 - 2013-07-23 16:25 - 00000000 ____D C:\Windows\ERUNT
2013-07-23 16:21 - 2013-07-23 16:21 - 00560934 _____ (Oleg N. Scherbakov) C:\Users\Olaf\Desktop\JRT.exe
2013-07-23 15:32 - 2013-07-23 15:38 - 00030353 _____ C:\AdwCleaner[S1].txt
2013-07-23 15:32 - 2013-07-23 15:38 - 00000105 _____ C:\Windows\DeleteOnReboot.bat
2013-07-23 15:27 - 2013-07-23 15:28 - 00031376 _____ C:\AdwCleaner[R1].txt
2013-07-23 15:14 - 2013-07-23 15:14 - 00666633 _____ C:\Users\Olaf\Desktop\adwcleaner.exe
2013-07-23 15:09 - 2013-07-23 15:09 - 00000000 ____D C:\Program Files\Super_Lyrics
2013-07-22 23:36 - 2013-07-22 23:36 - 00000853 _____ C:\Users\Olaf\Desktop\ComboFix(1) - Verknüpfung.lnk
2013-07-22 23:27 - 2013-07-22 23:28 - 05091940 _____ (Swearware) C:\Users\Olaf\Downloads\ComboFix.exe
2013-07-22 22:10 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-07-22 22:10 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-07-22 22:10 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-07-22 22:10 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-07-22 22:10 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-07-22 22:10 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-07-22 22:10 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-07-22 22:10 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-07-22 22:07 - 2013-07-22 22:09 - 00000000 ____D C:\Qoobox
2013-07-22 22:03 - 2013-07-22 22:03 - 00000000 ____D C:\Windows\erdnt
2013-07-22 22:02 - 2013-07-22 23:56 - 00000000 ___SD C:\32788R22FWJFW
2013-07-22 21:07 - 2013-05-29 03:56 - 12333568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-22 21:07 - 2013-05-29 03:50 - 01800704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-22 21:07 - 2013-05-29 03:48 - 09738752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-22 21:07 - 2013-05-29 03:41 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-07-22 21:07 - 2013-05-29 03:41 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-22 21:07 - 2013-05-29 03:41 - 01104384 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-22 21:07 - 2013-05-29 03:40 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-07-22 21:07 - 2013-05-29 03:38 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-22 21:07 - 2013-05-29 03:37 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-07-22 21:07 - 2013-05-29 03:36 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-07-22 21:07 - 2013-05-29 03:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-22 21:07 - 2013-05-29 03:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-22 21:07 - 2013-05-29 03:33 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-22 21:07 - 2013-05-29 03:33 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-22 21:07 - 2013-05-29 03:33 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-07-22 21:07 - 2013-05-29 03:29 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-22 21:06 - 2013-07-22 21:06 - 00050477 _____ C:\Users\Olaf\Downloads\Defogger.exe
2013-07-22 20:34 - 2013-07-22 20:34 - 00000000 ____D C:\FRST
2013-07-20 23:19 - 2013-07-20 23:19 - 00156160 _____ C:\Windows\Minidump\Mini072013-02.dmp
2013-07-20 23:16 - 2013-08-11 13:14 - 00000374 _____ C:\Windows\Tasks\Super Lyrics Update.job
2013-07-20 22:49 - 2013-07-20 22:49 - 00001991 _____ C:\Users\Olaf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qtrax Player.lnk
2013-07-20 19:31 - 2013-07-20 19:32 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-07-20 19:22 - 2013-04-17 14:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2013-07-20 19:20 - 2013-06-04 03:50 - 02049024 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-20 19:20 - 2013-05-08 06:37 - 00905576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-07-20 19:19 - 2013-06-01 06:06 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-20 19:19 - 2013-05-03 00:03 - 03603832 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2013-07-20 19:19 - 2013-05-03 00:03 - 03551096 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-07-20 19:19 - 2013-05-02 06:04 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2013-07-20 19:19 - 2013-05-02 06:03 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\printcom.dll
2013-07-20 19:19 - 2013-04-24 06:00 - 00985600 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-07-20 19:19 - 2013-04-24 06:00 - 00133120 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-07-20 19:19 - 2013-04-24 06:00 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-07-20 19:19 - 2013-04-24 06:00 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2013-07-20 19:19 - 2013-04-24 03:46 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2013-07-20 19:19 - 2013-04-17 13:28 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-07-20 19:19 - 2013-04-17 13:28 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-07-20 19:19 - 2013-04-17 13:28 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-07-20 19:19 - 2013-04-17 13:28 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-07-20 19:19 - 2013-04-17 12:34 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-07-20 19:19 - 2013-04-17 12:33 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-07-20 19:19 - 2013-04-17 12:14 - 00683008 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-07-20 19:19 - 2013-04-17 12:10 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-20 19:19 - 2013-04-17 12:10 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-07-20 19:18 - 2013-05-08 06:04 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-20 18:51 - 2013-07-20 18:51 - 00160000 _____ C:\Windows\Minidump\Mini072013-01.dmp
2013-07-20 18:37 - 2013-08-11 13:14 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-20 18:37 - 2013-08-10 20:47 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-20 18:32 - 2013-07-20 18:32 - 02195988 _____ C:\Users\Olaf\Desktop\tdsskiller-2-8-14-0.zip
2013-07-20 18:32 - 2013-07-20 18:32 - 00000000 ____D C:\Users\Olaf\AppData\Roaming\PiccShare
2013-07-20 18:32 - 2013-07-20 18:32 - 00000000 ____D C:\Users\Olaf\AppData\Roaming\Common
2013-07-20 18:29 - 2013-07-20 18:30 - 00393064 _____ (Softonic                                        ) C:\Users\Olaf\Downloads\SoftonicDownloader_fuer_kaspersky-tdsskiller.exe

==================== One Month Modified Files and Folders =======

2013-08-11 13:29 - 2007-04-02 16:15 - 00000000 ___RD C:\Users\Olaf\Desktop
2013-08-11 13:21 - 2006-11-02 12:33 - 01586480 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-11 13:17 - 2011-12-12 16:11 - 01768361 _____ C:\Windows\WindowsUpdate.log
2013-08-11 13:14 - 2013-07-20 23:16 - 00000374 _____ C:\Windows\Tasks\Super Lyrics Update.job
2013-08-11 13:14 - 2013-07-20 18:37 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-11 13:14 - 2006-11-02 14:47 - 00003696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-11 13:14 - 2006-11-02 14:47 - 00003696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-11 13:14 - 2006-11-02 14:37 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-08-11 13:13 - 2008-01-08 16:06 - 00000000 ____D C:\ProgramData\NVIDIA
2013-08-11 13:13 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-10 21:06 - 2013-08-10 14:35 - 00000000 ____D C:\Program Files\Emsisoft Anti-Malware
2013-08-10 21:06 - 2006-11-02 15:01 - 00032636 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-08-10 20:53 - 2012-04-25 14:17 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-10 20:47 - 2013-07-20 18:37 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-10 15:23 - 2013-04-10 15:28 - 00006374 _____ C:\Windows\PFRO.log
2013-08-10 15:09 - 2011-11-23 21:41 - 00001134 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1566220321-2446519374-2048356015-1001UA.job
2013-08-10 15:09 - 2011-11-23 21:41 - 00001112 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1566220321-2446519374-2048356015-1001Core.job
2013-08-10 14:37 - 2013-08-10 14:37 - 00000850 _____ C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2013-08-10 14:37 - 2006-11-02 13:18 - 00000000 __RHD C:\Users\Public\Desktop
2013-08-10 14:35 - 2013-08-10 14:35 - 00001933 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-08-10 14:35 - 2013-08-10 14:35 - 00000000 ____D C:\Users\Olaf\Downloads\Documents\Anti-Malware
2013-08-10 14:34 - 2013-08-10 14:30 - 187662064 _____ (Emsisoft GmbH                                              ) C:\Users\Olaf\Downloads\EmsisoftAntiMalwareSetup.exe
2013-08-10 14:34 - 2007-01-20 20:04 - 00000000 ____D C:\Program Files\Google
2013-08-10 11:56 - 2007-06-27 14:40 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-08-10 10:21 - 2013-08-05 22:19 - 00000000 ____D C:\Program Files\Common Files\Umbrella
2013-08-05 22:38 - 2013-08-05 22:38 - 00000000 ____D C:\Users\Olaf\AppData\Roaming\Iminent
2013-08-05 22:38 - 2013-08-05 22:38 - 00000000 ____D C:\ProgramData\Iminent
2013-08-05 22:20 - 2013-08-05 22:20 - 00000611 _____ C:\Windows\system32\InstallUtil.InstallLog
2013-08-05 22:20 - 2013-08-05 22:19 - 00000000 ____D C:\Program Files\Iminent
2013-08-05 22:16 - 2007-04-12 17:11 - 00000000 ____D C:\Users\Olaf\AppData\Local\Adobe
2013-08-05 22:13 - 2013-08-05 22:13 - 00288672 _____ C:\Users\Olaf\Downloads\Adobe%20Reader.exe
2013-08-05 22:11 - 2013-08-05 22:11 - 03400936 _____ C:\Users\Olaf\Downloads\installer_pdf_reader_Deutsch.exe
2013-08-05 21:35 - 2007-04-02 16:27 - 00146568 _____ C:\Users\Olaf\AppData\Local\GDIPFONTCACHEV1.DAT
2013-08-05 21:32 - 2006-11-02 14:47 - 00443208 _____ C:\Windows\system32\FNTCACHE.DAT
2013-08-05 21:31 - 2013-08-05 21:31 - 00155712 _____ C:\Windows\Minidump\Mini080513-01.dmp
2013-08-05 21:31 - 2013-04-13 13:15 - 295539634 _____ C:\Windows\MEMORY.DMP
2013-08-05 21:31 - 2009-05-13 17:54 - 00000000 ____D C:\Windows\Minidump
2013-08-05 21:27 - 2013-07-30 15:50 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE
2013-08-03 14:48 - 2007-07-10 16:43 - 03716436 _____ C:\Users\Mariessa\01 Heul Doch.wma
2013-07-31 17:59 - 2013-07-31 17:59 - 00000207 _____ C:\Windows\tweaking.com-regbackup-OLAF-PC-Microsoft®-Windows-Vista™-Home-Premium-(32-Bit).dat
2013-07-31 17:57 - 2013-07-31 17:57 - 00000000 ____D C:\RegBackup
2013-07-30 15:47 - 2013-07-30 15:47 - 00000000 ____D C:\Users\Olaf\Desktop\tweaking.com_windows_repair_aio
2013-07-30 15:45 - 2013-07-30 15:45 - 00000000 ____D C:\Users\Olaf\Downloads\tweaking.com_windows_repair_aio
2013-07-30 15:40 - 2013-07-30 15:40 - 03517580 _____ C:\Users\Olaf\Downloads\tweaking.com_windows_repair_aio.zip
2013-07-30 15:34 - 2013-07-30 15:34 - 00139496 _____ C:\Windows\Minidump\Mini073013-01.dmp
2013-07-24 17:24 - 2013-07-24 17:24 - 00448512 _____ (OldTimer Tools) C:\Users\Olaf\Desktop\TFC.exe
2013-07-24 00:16 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-07-23 21:19 - 2013-07-23 21:19 - 00891062 _____ C:\Users\Olaf\Desktop\SecurityCheck.exe
2013-07-23 20:31 - 2013-07-23 20:31 - 02347384 _____ (ESET) C:\Users\Olaf\Downloads\esetsmartinstaller_enu.exe
2013-07-23 18:43 - 2013-07-23 18:43 - 00000000 ____D C:\2e25bc9a05b08dace7427c46ed41c1
2013-07-23 18:36 - 2013-07-23 18:36 - 00377856 _____ C:\Users\Olaf\Desktop\gmer_2.1.19163.exe
2013-07-23 18:34 - 2013-07-23 18:34 - 00602112 _____ (OldTimer Tools) C:\Users\Olaf\Desktop\OTL.exe
2013-07-23 18:09 - 2013-07-23 18:09 - 00155632 _____ C:\Windows\Minidump\Mini072313-01.dmp
2013-07-23 17:52 - 2007-04-02 21:35 - 00000000 ____D C:\Users\Olaf\AppData\Local\Google
2013-07-23 17:38 - 2008-07-29 10:55 - 00000000 ____D C:\Users\Gast\Desktop
2013-07-23 17:38 - 2007-05-12 17:08 - 00000000 ____D C:\Program Files\InterActual
2013-07-23 17:38 - 2007-01-20 19:54 - 00000000 ___RD C:\Users\IUSR_NMPR\Desktop
2013-07-23 17:37 - 2011-05-03 15:47 - 00000000 ____D C:\Program Files\Medion GoPal Assistant
2013-07-23 17:22 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache
2013-07-23 16:25 - 2013-07-23 16:25 - 00000000 ____D C:\Windows\ERUNT
2013-07-23 16:21 - 2013-07-23 16:21 - 00560934 _____ (Oleg N. Scherbakov) C:\Users\Olaf\Desktop\JRT.exe
2013-07-23 15:38 - 2013-07-23 15:32 - 00030353 _____ C:\AdwCleaner[S1].txt
2013-07-23 15:38 - 2013-07-23 15:32 - 00000105 _____ C:\Windows\DeleteOnReboot.bat
2013-07-23 15:33 - 2013-01-27 13:53 - 00000000 ____D C:\ProgramData\GinyasBrowserCompanion
2013-07-23 15:28 - 2013-07-23 15:27 - 00031376 _____ C:\AdwCleaner[R1].txt
2013-07-23 15:14 - 2013-07-23 15:14 - 00666633 _____ C:\Users\Olaf\Desktop\adwcleaner.exe
2013-07-23 15:09 - 2013-07-23 15:09 - 00000000 ____D C:\Program Files\Super_Lyrics
2013-07-23 00:21 - 2007-01-20 19:51 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-07-22 23:56 - 2013-07-22 22:02 - 00000000 ___SD C:\32788R22FWJFW
2013-07-22 23:36 - 2013-07-22 23:36 - 00000853 _____ C:\Users\Olaf\Desktop\ComboFix(1) - Verknüpfung.lnk
2013-07-22 23:28 - 2013-07-22 23:27 - 05091940 _____ (Swearware) C:\Users\Olaf\Downloads\ComboFix.exe
2013-07-22 23:14 - 2006-11-02 14:37 - 00000000 ____D C:\Windows\system32\XPSViewer
2013-07-22 23:14 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\de-DE
2013-07-22 22:09 - 2013-07-22 22:07 - 00000000 ____D C:\Qoobox
2013-07-22 22:03 - 2013-07-22 22:03 - 00000000 ____D C:\Windows\erdnt
2013-07-22 21:06 - 2013-07-22 21:06 - 00050477 _____ C:\Users\Olaf\Downloads\Defogger.exe
2013-07-22 20:50 - 2012-11-06 23:48 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-22 20:45 - 2006-11-02 14:37 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-22 20:34 - 2013-07-22 20:34 - 00000000 ____D C:\FRST
2013-07-22 20:26 - 2013-07-23 18:18 - 01219874 _____ (Farbar) C:\Users\Olaf\Desktop\FRST.exe
2013-07-20 23:25 - 2013-04-13 03:02 - 00000796 _____ C:\Windows\setupact.log
2013-07-20 23:19 - 2013-07-20 23:19 - 00156160 _____ C:\Windows\Minidump\Mini072013-02.dmp
2013-07-20 22:49 - 2013-07-20 22:49 - 00001991 _____ C:\Users\Olaf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qtrax Player.lnk
2013-07-20 19:32 - 2013-07-20 19:31 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-07-20 18:56 - 2012-04-25 14:17 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-07-20 18:56 - 2011-08-28 08:50 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-07-20 18:51 - 2013-07-20 18:51 - 00160000 _____ C:\Windows\Minidump\Mini072013-01.dmp
2013-07-20 18:32 - 2013-07-20 18:32 - 02195988 _____ C:\Users\Olaf\Desktop\tdsskiller-2-8-14-0.zip
2013-07-20 18:32 - 2013-07-20 18:32 - 00000000 ____D C:\Users\Olaf\AppData\Roaming\PiccShare
2013-07-20 18:32 - 2013-07-20 18:32 - 00000000 ____D C:\Users\Olaf\AppData\Roaming\Common
2013-07-20 18:31 - 2006-11-02 13:18 - 00000000 ___RD C:\Users\Public
2013-07-20 18:30 - 2013-07-20 18:29 - 00393064 _____ (Softonic                                        ) C:\Users\Olaf\Downloads\SoftonicDownloader_fuer_kaspersky-tdsskiller.exe

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-08-11 13:22

==================== End Of Log ============================
--- --- ---


Liebe Grüße

Tanja

schrauber 11.08.2013 16:35
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
MountPoints2: {f75312be-89cf-11de-a996-001a92486b3f} - J:\Menu.exe
SearchScopes: HKCU - {639C8579-AFEB-4039-886E-D4B7612A0244} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=U3&apn_dtid=YYYYYYYYDE&apn_uid=E918B100-3F16-4AFE-9A56-655241D70738&apn_sauid=FA585939-A01E-4CF2-B412-32F822B64359
BHO: Super Lyrics - {B9020890-9E08-446B-87B0-0C5CD0436D86} - C:\Program Files\Super_Lyrics\116.dll No File
CHR Extension: (Super Lyrics) - C:\Users\Olaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjcnjlaajofpendibcoodneacalfho\1.125_0
CHR HKLM\...\Chrome\Extension: [bgnjcnjlaajofpendibcoodneacalfho] - C:\Program Files\Super_Lyrics\125.crx
R2 SProtection; C:\Program Files\Common Files\Umbrella\umbrella.exe [2864448 2013-08-05] (Iminent)
S3 stllssvr; "c:\Program Files\Common Files\SureThing Shared\stllssvr.exe" [x]
C:\Program Files\Common Files\Umbrella
2013-08-05 22:38 - 2013-08-05 22:38 - 00000000 ____D C:\Users\Olaf\AppData\Roaming\Iminent
2013-08-05 22:38 - 2013-08-05 22:38 - 00000000 ____D C:\ProgramData\Iminent
2013-08-05 22:20 - 2013-08-05 22:20 - 00000611 _____ C:\Windows\system32\InstallUtil.InstallLog
2013-08-05 22:19 - 2013-08-10 10:21 - 00000000 ____D C:\Program Files\Common Files\Umbrella
2013-08-05 22:19 - 2013-08-05 22:20 - 00000000 ____D C:\Program Files\Iminent
2013-07-23 15:09 - 2013-07-23 15:09 - 00000000 ____D C:\Program Files\Super_Lyrics
2013-07-20 23:16 - 2013-08-11 13:14 - 00000374 _____ C:\Windows\Tasks\Super Lyrics Update.job
2013-08-10 10:21 - 2013-08-05 22:19 - 00000000 ____D C:\Program Files\Common Files\Umbrella
2013-08-05 22:38 - 2013-08-05 22:38 - 00000000 ____D C:\Users\Olaf\AppData\Roaming\Iminent
2013-08-05 22:38 - 2013-08-05 22:38 - 00000000 ____D C:\ProgramData\Iminent
2013-08-05 22:20 - 2013-08-05 22:20 - 00000611 _____ C:\Windows\system32\InstallUtil.InstallLog
2013-08-05 22:20 - 2013-08-05 22:19 - 00000000 ____D C:\Program Files\Iminent
2013-07-23 15:33 - 2013-01-27 13:53 - 00000000 ____D C:\ProgramData\GinyasBrowserCompanion
2013-07-23 15:09 - 2013-07-23 15:09 - 00000000 ____D C:\Program Files\Super_Lyrics

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.




Revo Uninstaller Pro - Uninstall Software, Remove Programs easily, Forced Uninstall, Leftovers Uninstaller
Benutz das zum restlosen Entfernen von Firefox. Ebenso bitte alles von Nvidia deinstallieren und dann neu installieren.

Rosanja 12.08.2013 16:29
Hab alles so gemacht wie du gesagt hast. Es kommt folgende Meldung:
Looks you don´t know what to do. To prevent damage to the system the tool will exit.
Wenn ich OK drücke passiert nichts.
??????????

schrauber 12.08.2013 17:40
wann kommt die Meldung?

Rosanja 13.08.2013 15:15
nachdem ich den Fix Button gedrückt habe!

schrauber 13.08.2013 18:13
FRST löschen, neu laden. Überprüf deine fixlist, die muss so aussehen wie oben, dann nochmal probieren.

Rosanja 14.08.2013 18:06
Hab es hinbekommen, beim ersten Mal habe ich einen Fehler gemacht!
Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 13-08-2013 01
Ran by Olaf at 2013-08-14 18:42:03 Run:2
Running from C:\Users\Olaf\Downloads
Boot Mode: Normal

==============================================

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f75312be-89cf-11de-a996-001a92486b3f} => Key not found.
HKCR\CLSID\{f75312be-89cf-11de-a996-001a92486b3f} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{639C8579-AFEB-4039-886E-D4B7612A0244} => Key not found.
HKCR\Wow6432Node\CLSID\{639C8579-AFEB-4039-886E-D4B7612A0244} => Key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B9020890-9E08-446B-87B0-0C5CD0436D86} => Key not found.
HKCR\CLSID\{B9020890-9E08-446B-87B0-0C5CD0436D86} => Key not found.
C:\Users\Olaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjcnjlaajofpendibcoodneacalfho directory not found.
HKLM\SOFTWARE\Google\Chrome\Extensions\bgnjcnjlaajofpendibcoodneacalfho => Key not found.
"C:\Program Files\Super_Lyrics\125.crx" => File/Directory not found.
SProtection => Service not found.
stllssvr => Service not found.
"C:\Program Files\Common Files\Umbrella" => File/Directory not found.
"C:\Users\Olaf\AppData\Roaming\Iminent" => File/Directory not found.
"C:\ProgramData\Iminent" => File/Directory not found.
"C:\Windows\system32\InstallUtil.InstallLog" => File/Directory not found.
"C:\Program Files\Common Files\Umbrella" => File/Directory not found.
"C:\Program Files\Iminent" => File/Directory not found.
"C:\Program Files\Super_Lyrics" => File/Directory not found.
"C:\Windows\Tasks\Super Lyrics Update.job" => File/Directory not found.
"C:\Program Files\Common Files\Umbrella" => File/Directory not found.
"C:\Users\Olaf\AppData\Roaming\Iminent" => File/Directory not found.
"C:\ProgramData\Iminent" => File/Directory not found.
"C:\Windows\system32\InstallUtil.InstallLog" => File/Directory not found.
"C:\Program Files\Iminent" => File/Directory not found.
"C:\ProgramData\GinyasBrowserCompanion" => File/Directory not found.
"C:\Program Files\Super_Lyrics" => File/Directory not found.

==== End of Fixlog ====

schrauber 15.08.2013 08:14
Frisches FRST Scanlog bitte. Noch Probleme? :)

Rosanja 15.08.2013 15:19
Eben hatte ich ein ganz buntes Pixelbild und einen Absturz (ich wollte während des Scans ins Internet.

Fehler:
Code:
Problemsignatur:
  Problemereignisname:        BlueScreen
  Betriebsystemversion:        6.0.6002.2.2.0.768.3
  Gebietsschema-ID:        1031

Zusatzinformationen zum Problem:
  BCCode:        116
  BCP1:        8FC20008
  BCP2:        98F5C8D4
  BCP3:        C000009A
  BCP4:        00000004
  OS Version:        6_0_6002
  Service Pack:        2_0
  Product:        768_1

Dateien, die bei der Beschreibung des Problems hilfreich sind:
  C:\Windows\Minidump\Mini081513-01.dmp
  C:\Users\Olaf\AppData\Local\Temp\WER-317228-0.sysdata.xml
  C:\Users\Olaf\AppData\Local\Temp\WER909B.tmp.version.txt

Lesen Sie unsere Datenschutzrichtlinie:
  hxxp://go.microsoft.com/fwlink/?linkid=50163&clcid=0x0407
FRST:


FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-08-2013 01
Ran by Olaf (administrator) on 15-08-2013 16:11:25
Running from C:\Users\Olaf\Downloads
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Emsisoft GmbH) C:\Program Files\Emsisoft Anti-Malware\a2service.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(InterVideo Inc.) C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
() C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
(Microsoft Corporation) C:\Windows\ehome\ehRecvr.exe
(Microsoft Corporation) C:\Windows\ehome\ehsched.exe
(MAGIX AG) C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
(Hewlett-Packard Company) c:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS32.exe
() C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Hewlett-Packard Company) C:\hp\support\hpsysdrv.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
() C:\Program Files\Steganos Safe Home\SteganosHotKeyService.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\TeamViewer.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Hewlett-Packard Company) C:\hp\kbd\kbd.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\tv_w32.exe
(Microsoft Corporation) \\?\C:\Windows\system32\wbem\WMIADAP.EXE

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-18] (Microsoft Corporation)
HKLM\...\Run: [hpsysdrv] - c:\hp\support\hpsysdrv.exe [65536 2006-09-28] (Hewlett-Packard Company)
HKLM\...\Run: [IAAnotif] - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [151552 2006-09-29] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [3784704 2006-11-09] (Realtek Semiconductor)
HKLM\...\Run: [SAFEHOME HotKeys] - C:\Program Files\Steganos Safe Home\SteganosHotKeyService.exe [25088 2006-12-05] ()
HKLM\...\Run: [KBD] - C:\HP\KBD\KbdStub.EXE [65536 2006-12-08] ()
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-01-28] (Apple Inc.)
HKLM\...\Run: [Windows Mobile Device Center] - C:\Windows\WindowsMobile\wmdc.exe [648072 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [TkBellExe] - C:\Program Files\Real\RealPlayer\update\realsched.exe [295072 2013-01-19] (RealNetworks, Inc.)
HKLM\...\Run: [emsisoft anti-malware] - C:\Program Files\Emsisoft Anti-Malware\a2guard.exe [2928040 2013-07-02] (Emsisoft GmbH)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [125952 2008-01-18] (Microsoft Corporation)
HKCU\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-18] (Microsoft Corporation)
HKU\Default\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)
HKU\Default User\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)
HKU\IUSR_NMPR\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)
HKU\IUSR_NMPR\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [ 2008-01-18] (Microsoft Corporation)
HKU\IUSR_NMPR\...\Run: [ICQ] - "C:\Program Files\ICQ6\ICQ.exe" silent [x]
HKU\IUSR_NMPR\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [x]
HKU\IUSR_NMPR\...\RunOnce: [ICQ Lite] - C:\Program Files\ICQLite\ICQLite.exe -trayboot [x]
HKU\IUSR_NMPR\...\RunOnce: [DATA BECKER Registrierung] - C:\Program Files\Internet Explorer\Iexplore.exe [ 2013-05-29] (Microsoft Corporation)
HKU\UpdatusUser\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)
HKU\UpdatusUser.Olaf-PC\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_DE&c=71&bd=Pavilion&pf=desktop
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=DE_DE&c=71&bd=Pavilion&pf=desktop
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {99BF4F38-A3A2-412A-996F-AAD9A3406746} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: Super Lyrics - {30B87EBD-E91B-498B-B25D-DF116AF00393} - C:\Program Files\Super_Lyrics\125.dll No File
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU -&Links - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\Windows\system32\ieframe.dll (Microsoft Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msdaipp - No CLSID Value -
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default
FF user.js: detected! => C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\user.js
FF SelectedSearchEngine: Google.de
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin: @java.com/JavaPlugin,version=10.11.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @real.com/nppl3260;version=16.0.0.282 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/npracplug;version=1.0.0.0 - C:\Program Files\Real\RealArcade\Plugins\Mozilla\npracplug.dll (RealNetworks)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.0.282 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @phonostar.de/radio ffn Rekorder - C:\Program Files\radio ffn Rekorder\npphonostarDetectNP.dll ( )
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Olaf\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF SearchPlugin: C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\searchplugins\googlede-pws.xml
FF SearchPlugin: C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\searchplugins\googlede.xml
FF Extension: No Name - C:\Users\Olaf\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: No Name - C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\Extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com
FF Extension: No Name - C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\Extensions\plugin@starstable.com
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF Extension: ciuvo-extension - C:\Users\Olaf\AppData\Roaming\Mozilla\Firefox\Profiles\5s97vozc.default\Extensions\ciuvo-extension@icq.de.xpi
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}
FF Extension: Default - C:\Program Files\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [{34712C68-7391-4c47-94F3-8F88D49AD632}] C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKCU\...\Firefox\Extensions: [{F7EC2BAD-F77B-4020-B3C6-58B97D0859E5}] C:\Program Files\Super_Lyrics\125.xpi

Chrome:
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files\Google\Chrome\Application\28.0.1500.95\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\28.0.1500.95\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Shockwave for Director) - C:\Program Files\Mozilla Firefox\plugins\np32dsw.dll (Adobe Systems, Inc.)
CHR Plugin: (RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll (Apple Inc.)
CHR Plugin: (RealArcade Mozilla Plugin) - C:\Program Files\Mozilla Firefox\plugins\npracplug.dll (RealNetworks)
CHR Plugin: (RealPlayer Download Plugin) - C:\Program Files\Mozilla Firefox\plugins\nprpplugin.dll (RealPlayer)
CHR Plugin: (Picasa) - C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Java(TM) Platform SE 7 U11) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Microsoft Office Live Plug-in for Firefox) - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Windows Live\u0099 Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (phonostar Detector) - C:\Program Files\radio ffn Rekorder\npphonostarDetectNP.dll ( )
CHR Plugin: (RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Plugin: (RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit) ) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
CHR Plugin: (RealDownloader Plugin) - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Olaf\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
CHR Plugin: (Silverlight Plug-In) - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
CHR Plugin: (Windows Presentation Foundation) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
CHR Extension: (Google Docs) - C:\Users\Olaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Olaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Olaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Olaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (RealDownloader) - C:\Users\Olaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.0_0
CHR Extension: (Gmail) - C:\Users\Olaf\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx

========================== Services (Whitelisted) =================

R2 a2AntiMalware; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [2938408 2013-07-02] (Emsisoft GmbH)
S3 AlertService; C:\Program Files\Intel\IntelDH\CCU\AlertService.exe [188416 2006-09-11] (Intel(R) Corporation)
R2 Capture Device Service; C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe [198168 2007-03-06] (InterVideo Inc.)
R2 DQLWinService; C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [208896 2006-09-03] ()
R2 Fabs; C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe [1253376 2009-08-27] (MAGIX AG)
S3 FirebirdServerMAGIXInstance; C:\MAGIX\Common\Database\bin\fbserver.exe [1527900 2005-08-10] (The Firebird Project)
S2 IntelDHSvcConf; C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe [29696 2006-05-10] (Intel(R) Corporation)
S3 ISSM; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe [75264 2006-09-11] (Intel(R) Corporation)
S3 M1 Server; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe [26624 2006-09-01] ()
S3 MCLServiceATL; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe [167936 2006-09-11] (Intel(R) Corporation)
R2 OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [90112 2009-04-30] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] ()
S3 Remote UI Service; C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe [544256 2006-09-11] (Intel(R) Corporation)

==================== Drivers (Whitelisted) ====================

S3 a2acc; C:\PROGRAM FILES\EMSISOFT ANTI-MALWARE\a2accx86.sys [54072 2012-04-30] (Emsisoft GmbH)
R1 A2DDA; C:\Program Files\Emsisoft Anti-Malware\a2ddax86.sys [22056 2013-03-28] (Emsisoft GmbH)
R2 ACEDRV07; C:\Windows\system32\drivers\ACEDRV07.sys [101376 2007-09-27] (Protect Software GmbH)
R3 Afc; C:\Windows\System32\drivers\Afc.sys [11776 2005-02-23] (Arcsoft, Inc.)
S3 cleanhlp; C:\Program Files\Emsisoft Anti-Malware\cleanhlp32.sys [50208 2013-07-02] (Emsisoft GmbH)
R3 pfc; C:\Windows\System32\drivers\pfc.sys [21248 2003-09-20] (Padus, Inc.)
S3 s0017bus; C:\Windows\System32\DRIVERS\s0017bus.sys [90536 2008-05-27] (MCCI Corporation)
S3 s0017mdfl; C:\Windows\System32\DRIVERS\s0017mdfl.sys [15016 2008-05-27] (MCCI Corporation)
S3 s0017mdm; C:\Windows\System32\DRIVERS\s0017mdm.sys [122152 2008-05-27] (MCCI Corporation)
S3 s0017mgmt; C:\Windows\System32\DRIVERS\s0017mgmt.sys [115496 2008-05-27] (MCCI Corporation)
S3 s0017nd5; C:\Windows\System32\DRIVERS\s0017nd5.sys [25768 2008-05-27] (MCCI Corporation)
S3 s0017obex; C:\Windows\System32\DRIVERS\s0017obex.sys [111912 2008-05-27] (MCCI Corporation)
S3 s0017unic; C:\Windows\System32\DRIVERS\s0017unic.sys [117672 2008-05-27] (MCCI Corporation)
R1 SLEE_14_DRIVER; C:\Windows\system32\drivers\Sleen14.sys [72480 2006-11-08] (Softwareentwicklung Remus - ArchiCrypt )
S3 TSHWMDTCP; C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\TSHWMDTCP.sys [4608 2006-07-13] ()
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 massfilter; system32\drivers\massfilter.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 ZD1211BU(ZyDAS); system32\DRIVERS\zd1211Bu.sys [x]
S3 ZDPSp60; System32\Drivers\ZDPSp60.sys [x]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [x]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [x]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-08-13 19:55 - 2013-08-13 19:55 - 00000814 _____ C:\Users\Olaf\Desktop\FRST.exe.lnk
2013-08-13 19:53 - 2013-08-13 19:53 - 01068613 _____ (Farbar) C:\Users\Olaf\Downloads\FRST.exe
2013-08-12 15:50 - 2013-08-12 15:50 - 13381491 _____ C:\Users\Olaf\Downloads\Tanja (1).zip
2013-08-12 15:38 - 2013-08-12 15:39 - 13381491 _____ C:\Users\Olaf\Downloads\Tanja.zip
2013-08-10 14:37 - 2013-08-10 14:37 - 00000850 _____ C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2013-08-10 14:35 - 2013-08-13 19:01 - 00000000 ____D C:\Program Files\Emsisoft Anti-Malware
2013-08-10 14:35 - 2013-08-10 14:35 - 00001933 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-08-10 14:35 - 2013-08-10 14:35 - 00000000 ____D C:\Users\Olaf\Downloads\Documents\Anti-Malware
2013-08-10 14:30 - 2013-08-10 14:34 - 187662064 _____ (Emsisoft GmbH                                              ) C:\Users\Olaf\Downloads\EmsisoftAntiMalwareSetup.exe
2013-08-05 22:13 - 2013-08-05 22:13 - 00288672 _____ C:\Users\Olaf\Downloads\Adobe%20Reader.exe
2013-08-05 22:11 - 2013-08-05 22:11 - 03400936 _____ C:\Users\Olaf\Downloads\installer_pdf_reader_Deutsch.exe
2013-08-05 21:31 - 2013-08-05 21:31 - 00155712 _____ C:\Windows\Minidump\Mini080513-01.dmp
2013-07-31 17:59 - 2013-07-31 17:59 - 00000207 _____ C:\Windows\tweaking.com-regbackup-OLAF-PC-Microsoft®-Windows-Vista™-Home-Premium-(32-Bit).dat
2013-07-31 17:57 - 2013-07-31 17:57 - 00000000 ____D C:\RegBackup
2013-07-30 15:50 - 2013-08-05 21:27 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE
2013-07-30 15:49 - 2011-10-24 13:35 - 00000000 ____D C:\Users\Olaf\Downloads\Tweaking.com - Windows Repair
2013-07-30 15:47 - 2013-07-30 15:47 - 00000000 ____D C:\Users\Olaf\Desktop\tweaking.com_windows_repair_aio
2013-07-30 15:45 - 2013-07-30 15:45 - 00000000 ____D C:\Users\Olaf\Downloads\tweaking.com_windows_repair_aio
2013-07-30 15:40 - 2013-07-30 15:40 - 03517580 _____ C:\Users\Olaf\Downloads\tweaking.com_windows_repair_aio.zip
2013-07-30 15:34 - 2013-07-30 15:34 - 00139496 _____ C:\Windows\Minidump\Mini073013-01.dmp
2013-07-24 17:24 - 2013-07-24 17:24 - 00448512 _____ (OldTimer Tools) C:\Users\Olaf\Desktop\TFC.exe
2013-07-23 21:19 - 2013-07-23 21:19 - 00891062 _____ C:\Users\Olaf\Desktop\SecurityCheck.exe
2013-07-23 20:31 - 2013-07-23 20:31 - 02347384 _____ (ESET) C:\Users\Olaf\Downloads\esetsmartinstaller_enu.exe
2013-07-23 18:43 - 2013-07-23 18:43 - 00000000 ____D C:\2e25bc9a05b08dace7427c46ed41c1
2013-07-23 18:36 - 2013-07-23 18:36 - 00377856 _____ C:\Users\Olaf\Desktop\gmer_2.1.19163.exe
2013-07-23 18:34 - 2013-07-23 18:34 - 00602112 _____ (OldTimer Tools) C:\Users\Olaf\Desktop\OTL.exe
2013-07-23 18:09 - 2013-07-23 18:09 - 00155632 _____ C:\Windows\Minidump\Mini072313-01.dmp
2013-07-23 16:25 - 2013-07-23 16:25 - 00000000 ____D C:\Windows\ERUNT
2013-07-23 16:21 - 2013-07-23 16:21 - 00560934 _____ (Oleg N. Scherbakov) C:\Users\Olaf\Desktop\JRT.exe
2013-07-23 15:32 - 2013-07-23 15:38 - 00030353 _____ C:\AdwCleaner[S1].txt
2013-07-23 15:32 - 2013-07-23 15:38 - 00000105 _____ C:\Windows\DeleteOnReboot.bat
2013-07-23 15:27 - 2013-07-23 15:28 - 00031376 _____ C:\AdwCleaner[R1].txt
2013-07-23 15:14 - 2013-07-23 15:14 - 00666633 _____ C:\Users\Olaf\Desktop\adwcleaner.exe
2013-07-22 23:36 - 2013-07-22 23:36 - 00000853 _____ C:\Users\Olaf\Desktop\ComboFix(1) - Verknüpfung.lnk
2013-07-22 23:27 - 2013-07-22 23:28 - 05091940 _____ (Swearware) C:\Users\Olaf\Downloads\ComboFix.exe
2013-07-22 22:10 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2013-07-22 22:10 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2013-07-22 22:10 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-07-22 22:10 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-07-22 22:10 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-07-22 22:10 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2013-07-22 22:10 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2013-07-22 22:10 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2013-07-22 22:07 - 2013-07-22 22:09 - 00000000 ____D C:\Qoobox
2013-07-22 22:03 - 2013-07-22 22:03 - 00000000 ____D C:\Windows\erdnt
2013-07-22 22:02 - 2013-07-22 23:56 - 00000000 ___SD C:\32788R22FWJFW
2013-07-22 21:07 - 2013-05-29 03:56 - 12333568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-07-22 21:07 - 2013-05-29 03:50 - 01800704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-07-22 21:07 - 2013-05-29 03:48 - 09738752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-07-22 21:07 - 2013-05-29 03:41 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-07-22 21:07 - 2013-05-29 03:41 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-07-22 21:07 - 2013-05-29 03:41 - 01104384 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-07-22 21:07 - 2013-05-29 03:40 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-07-22 21:07 - 2013-05-29 03:38 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-07-22 21:07 - 2013-05-29 03:37 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-07-22 21:07 - 2013-05-29 03:36 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-07-22 21:07 - 2013-05-29 03:35 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-07-22 21:07 - 2013-05-29 03:35 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-07-22 21:07 - 2013-05-29 03:33 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-07-22 21:07 - 2013-05-29 03:33 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-07-22 21:07 - 2013-05-29 03:33 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-07-22 21:07 - 2013-05-29 03:29 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-07-22 21:06 - 2013-07-22 21:06 - 00050477 _____ C:\Users\Olaf\Downloads\Defogger.exe
2013-07-22 20:34 - 2013-08-12 16:45 - 00000000 ____D C:\FRST
2013-07-20 23:19 - 2013-07-20 23:19 - 00156160 _____ C:\Windows\Minidump\Mini072013-02.dmp
2013-07-20 22:49 - 2013-07-20 22:49 - 00001991 _____ C:\Users\Olaf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qtrax Player.lnk
2013-07-20 19:31 - 2013-07-20 19:32 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-07-20 19:22 - 2013-04-17 14:30 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2013-07-20 19:20 - 2013-06-04 03:50 - 02049024 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-07-20 19:20 - 2013-05-08 06:37 - 00905576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-07-20 19:19 - 2013-06-01 06:06 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2013-07-20 19:19 - 2013-05-03 00:03 - 03603832 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2013-07-20 19:19 - 2013-05-03 00:03 - 03551096 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-07-20 19:19 - 2013-05-02 06:04 - 00443904 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2013-07-20 19:19 - 2013-05-02 06:03 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\printcom.dll
2013-07-20 19:19 - 2013-04-24 06:00 - 00985600 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-07-20 19:19 - 2013-04-24 06:00 - 00133120 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-07-20 19:19 - 2013-04-24 06:00 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-07-20 19:19 - 2013-04-24 06:00 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2013-07-20 19:19 - 2013-04-24 03:46 - 00812544 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2013-07-20 19:19 - 2013-04-17 13:28 - 01029120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2013-07-20 19:19 - 2013-04-17 13:28 - 00219648 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-07-20 19:19 - 2013-04-17 13:28 - 00189952 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2013-07-20 19:19 - 2013-04-17 13:28 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-07-20 19:19 - 2013-04-17 12:34 - 01172480 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-07-20 19:19 - 2013-04-17 12:33 - 00486400 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-07-20 19:19 - 2013-04-17 12:14 - 00683008 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-07-20 19:19 - 2013-04-17 12:10 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-07-20 19:19 - 2013-04-17 12:10 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-07-20 19:18 - 2013-05-08 06:04 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-07-20 18:51 - 2013-07-20 18:51 - 00160000 _____ C:\Windows\Minidump\Mini072013-01.dmp
2013-07-20 18:37 - 2013-08-15 16:04 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-20 18:37 - 2013-08-15 15:47 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-20 18:32 - 2013-07-20 18:32 - 02195988 _____ C:\Users\Olaf\Desktop\tdsskiller-2-8-14-0.zip
2013-07-20 18:32 - 2013-07-20 18:32 - 00000000 ____D C:\Users\Olaf\AppData\Roaming\PiccShare
2013-07-20 18:32 - 2013-07-20 18:32 - 00000000 ____D C:\Users\Olaf\AppData\Roaming\Common
2013-07-20 18:29 - 2013-07-20 18:30 - 00393064 _____ (Softonic                                        ) C:\Users\Olaf\Downloads\SoftonicDownloader_fuer_kaspersky-tdsskiller.exe

==================== One Month Modified Files and Folders =======

2013-08-15 16:04 - 2013-08-15 16:04 - 00201176 _____ C:\Windows\Minidump\Mini081513-01.dmp
2013-08-15 16:04 - 2013-07-20 18:37 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-08-15 16:04 - 2009-05-13 17:54 - 00000000 ____D C:\Windows\Minidump
2013-08-15 16:04 - 2008-01-08 16:06 - 00000000 ____D C:\ProgramData\NVIDIA
2013-08-15 16:04 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-15 16:04 - 2006-11-02 14:47 - 00003696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-15 16:04 - 2006-11-02 14:47 - 00003696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-15 16:04 - 2006-11-02 14:37 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-08-15 16:03 - 2013-04-13 13:15 - 391700939 _____ C:\Windows\MEMORY.DMP
2013-08-15 15:53 - 2012-04-25 14:17 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-15 15:47 - 2013-07-20 18:37 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-08-15 15:26 - 2006-11-02 12:33 - 01586480 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-15 15:24 - 2011-12-12 16:11 - 01918268 _____ C:\Windows\WindowsUpdate.log
2013-08-14 21:09 - 2011-11-23 21:41 - 00001134 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1566220321-2446519374-2048356015-1001UA.job
2013-08-13 19:55 - 2013-08-13 19:55 - 00000814 _____ C:\Users\Olaf\Desktop\FRST.exe.lnk
2013-08-13 19:53 - 2013-08-13 19:53 - 01068613 _____ (Farbar) C:\Users\Olaf\Downloads\FRST.exe
2013-08-13 19:01 - 2013-08-10 14:35 - 00000000 ____D C:\Program Files\Emsisoft Anti-Malware
2013-08-12 16:45 - 2013-07-22 20:34 - 00000000 ____D C:\FRST
2013-08-12 15:50 - 2013-08-12 15:50 - 13381491 _____ C:\Users\Olaf\Downloads\Tanja (1).zip
2013-08-12 15:39 - 2013-08-12 15:38 - 13381491 _____ C:\Users\Olaf\Downloads\Tanja.zip
2013-08-12 15:09 - 2011-11-23 21:41 - 00001112 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1566220321-2446519374-2048356015-1001Core.job
2013-08-10 21:06 - 2006-11-02 15:01 - 00032636 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-08-10 15:23 - 2013-04-10 15:28 - 00006374 _____ C:\Windows\PFRO.log
2013-08-10 14:37 - 2013-08-10 14:37 - 00000850 _____ C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2013-08-10 14:35 - 2013-08-10 14:35 - 00001933 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-08-10 14:35 - 2013-08-10 14:35 - 00000000 ____D C:\Users\Olaf\Downloads\Documents\Anti-Malware
2013-08-10 14:34 - 2013-08-10 14:30 - 187662064 _____ (Emsisoft GmbH                                              ) C:\Users\Olaf\Downloads\EmsisoftAntiMalwareSetup.exe
2013-08-10 14:34 - 2007-01-20 20:04 - 00000000 ____D C:\Program Files\Google
2013-08-10 11:56 - 2007-06-27 14:40 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2013-08-05 22:16 - 2007-04-12 17:11 - 00000000 ____D C:\Users\Olaf\AppData\Local\Adobe
2013-08-05 22:13 - 2013-08-05 22:13 - 00288672 _____ C:\Users\Olaf\Downloads\Adobe%20Reader.exe
2013-08-05 22:11 - 2013-08-05 22:11 - 03400936 _____ C:\Users\Olaf\Downloads\installer_pdf_reader_Deutsch.exe
2013-08-05 21:35 - 2007-04-02 16:27 - 00146568 _____ C:\Users\Olaf\AppData\Local\GDIPFONTCACHEV1.DAT
2013-08-05 21:32 - 2006-11-02 14:47 - 00443208 _____ C:\Windows\system32\FNTCACHE.DAT
2013-08-05 21:31 - 2013-08-05 21:31 - 00155712 _____ C:\Windows\Minidump\Mini080513-01.dmp
2013-08-05 21:27 - 2013-07-30 15:50 - 00181064 _____ (Sysinternals) C:\Windows\PSEXESVC.EXE
2013-08-03 14:48 - 2007-07-10 16:43 - 03716436 _____ C:\Users\Mariessa\01 Heul Doch.wma
2013-07-31 17:59 - 2013-07-31 17:59 - 00000207 _____ C:\Windows\tweaking.com-regbackup-OLAF-PC-Microsoft®-Windows-Vista™-Home-Premium-(32-Bit).dat
2013-07-31 17:57 - 2013-07-31 17:57 - 00000000 ____D C:\RegBackup
2013-07-30 15:47 - 2013-07-30 15:47 - 00000000 ____D C:\Users\Olaf\Desktop\tweaking.com_windows_repair_aio
2013-07-30 15:45 - 2013-07-30 15:45 - 00000000 ____D C:\Users\Olaf\Downloads\tweaking.com_windows_repair_aio
2013-07-30 15:40 - 2013-07-30 15:40 - 03517580 _____ C:\Users\Olaf\Downloads\tweaking.com_windows_repair_aio.zip
2013-07-30 15:34 - 2013-07-30 15:34 - 00139496 _____ C:\Windows\Minidump\Mini073013-01.dmp
2013-07-24 17:24 - 2013-07-24 17:24 - 00448512 _____ (OldTimer Tools) C:\Users\Olaf\Desktop\TFC.exe
2013-07-24 00:16 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-07-23 21:19 - 2013-07-23 21:19 - 00891062 _____ C:\Users\Olaf\Desktop\SecurityCheck.exe
2013-07-23 20:31 - 2013-07-23 20:31 - 02347384 _____ (ESET) C:\Users\Olaf\Downloads\esetsmartinstaller_enu.exe
2013-07-23 18:43 - 2013-07-23 18:43 - 00000000 ____D C:\2e25bc9a05b08dace7427c46ed41c1
2013-07-23 18:36 - 2013-07-23 18:36 - 00377856 _____ C:\Users\Olaf\Desktop\gmer_2.1.19163.exe
2013-07-23 18:34 - 2013-07-23 18:34 - 00602112 _____ (OldTimer Tools) C:\Users\Olaf\Desktop\OTL.exe
2013-07-23 18:09 - 2013-07-23 18:09 - 00155632 _____ C:\Windows\Minidump\Mini072313-01.dmp
2013-07-23 17:52 - 2007-04-02 21:35 - 00000000 ____D C:\Users\Olaf\AppData\Local\Google
2013-07-23 17:38 - 2007-05-12 17:08 - 00000000 ____D C:\Program Files\InterActual
2013-07-23 17:37 - 2011-05-03 15:47 - 00000000 ____D C:\Program Files\Medion GoPal Assistant
2013-07-23 17:22 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache
2013-07-23 16:25 - 2013-07-23 16:25 - 00000000 ____D C:\Windows\ERUNT
2013-07-23 16:21 - 2013-07-23 16:21 - 00560934 _____ (Oleg N. Scherbakov) C:\Users\Olaf\Desktop\JRT.exe
2013-07-23 15:38 - 2013-07-23 15:32 - 00030353 _____ C:\AdwCleaner[S1].txt
2013-07-23 15:38 - 2013-07-23 15:32 - 00000105 _____ C:\Windows\DeleteOnReboot.bat
2013-07-23 15:28 - 2013-07-23 15:27 - 00031376 _____ C:\AdwCleaner[R1].txt
2013-07-23 15:14 - 2013-07-23 15:14 - 00666633 _____ C:\Users\Olaf\Desktop\adwcleaner.exe
2013-07-23 00:21 - 2007-01-20 19:51 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2013-07-22 23:56 - 2013-07-22 22:02 - 00000000 ___SD C:\32788R22FWJFW
2013-07-22 23:36 - 2013-07-22 23:36 - 00000853 _____ C:\Users\Olaf\Desktop\ComboFix(1) - Verknüpfung.lnk
2013-07-22 23:28 - 2013-07-22 23:27 - 05091940 _____ (Swearware) C:\Users\Olaf\Downloads\ComboFix.exe
2013-07-22 23:14 - 2006-11-02 14:37 - 00000000 ____D C:\Windows\system32\XPSViewer
2013-07-22 23:14 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\de-DE
2013-07-22 22:09 - 2013-07-22 22:07 - 00000000 ____D C:\Qoobox
2013-07-22 22:03 - 2013-07-22 22:03 - 00000000 ____D C:\Windows\erdnt
2013-07-22 21:06 - 2013-07-22 21:06 - 00050477 _____ C:\Users\Olaf\Downloads\Defogger.exe
2013-07-22 20:50 - 2012-11-06 23:48 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-22 20:45 - 2006-11-02 14:37 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-20 23:25 - 2013-04-13 03:02 - 00000796 _____ C:\Windows\setupact.log
2013-07-20 23:19 - 2013-07-20 23:19 - 00156160 _____ C:\Windows\Minidump\Mini072013-02.dmp
2013-07-20 22:49 - 2013-07-20 22:49 - 00001991 _____ C:\Users\Olaf\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Qtrax Player.lnk
2013-07-20 19:32 - 2013-07-20 19:31 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-07-20 18:56 - 2012-04-25 14:17 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-07-20 18:56 - 2011-08-28 08:50 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-07-20 18:51 - 2013-07-20 18:51 - 00160000 _____ C:\Windows\Minidump\Mini072013-01.dmp
2013-07-20 18:32 - 2013-07-20 18:32 - 02195988 _____ C:\Users\Olaf\Desktop\tdsskiller-2-8-14-0.zip
2013-07-20 18:32 - 2013-07-20 18:32 - 00000000 ____D C:\Users\Olaf\AppData\Roaming\PiccShare
2013-07-20 18:32 - 2013-07-20 18:32 - 00000000 ____D C:\Users\Olaf\AppData\Roaming\Common
2013-07-20 18:31 - 2006-11-02 13:18 - 00000000 ___RD C:\Users\Public
2013-07-20 18:30 - 2013-07-20 18:29 - 00393064 _____ (Softonic                                        ) C:\Users\Olaf\Downloads\SoftonicDownloader_fuer_kaspersky-tdsskiller.exe

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-08-15 16:11

==================== End Of Log ============================
--- --- ---

schrauber 15.08.2013 18:49
Zitat:
C:\Windows\Minidump\Mini081513-01.dmp
Diese Datei brauch ich. Als ZIP anhängen bitte.


Alle Zeitangaben in WEZ +1. Es ist jetzt 06:36 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131