Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   internet zugang manchmal blckiert (https://www.trojaner-board.de/138565-internet-zugang-manchmal-blckiert.html)

laurenz 21.07.2013 20:35
internet zugang manchmal blckiert
 
Seit einigen tagen spinnt mein Internet und manchmal muss ich doppel den link eingeben damit Internet Explorer die Seite anzeigt und steam oder anderne Internet nötigen programme starten und manchmal geht garnichts und können sich dann nicht mit dem internet verbinden.

wär nett wenn mir jemmand sagen könnte was ich tun soll danke:dankeschoen:

schrauber 21.07.2013 21:21
hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


laurenz 24.07.2013 17:42
FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-07-2013
Ran by laurenz (administrator) on 24-07-2013 16:34:10
Running from C:\Users\laurenz\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\PROGRA~2\AVG\AVG2013\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe
(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\windows\system32\nvvsvc.exe
(Check Point Software Technologies LTD) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
(Microsoft Corporation) C:\windows\system32\WLANExt.exe
(Check Point Software Technologies) C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
(Check Point Software Technologies) C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Simplygen) C:\Program Files (x86)\Protected Search\ProtectedSearch.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\S-Bar\MSIService.exe
(MSI) C:\Program Files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgemca.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Check Point Software Technologies LTD) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
(Roccat GmbH) C:\Program Files (x86)\ROCCAT\Kova[+] Mouse\Kova[+]Monitor.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2013\avgui.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files (x86)\PCSafeDoctor\pcsafedoctor.exe
(Microsoft Corporation) C:\windows\sysWOW64\wbem\wmiprvse.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\upnpcont.exe
(Microsoft Corporation) C:\Windows\System32\upnpcont.exe
(Microsoft Corporation) C:\windows\system32\msiexec.exe
() C:\Users\laurenz\Desktop\League of Legends\RADS\system\rads_user_kernel.exe
() C:\Users\laurenz\Desktop\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.175\deploy\LoLLauncher.exe
() C:\Users\laurenz\Desktop\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.33\deploy\LolClient.exe
(Microsoft Corporation) C:\windows\system32\taskmgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Uniblue Systems Ltd) C:\Program Files (x86)\Uniblue\SpeedUpMyPC\sump.exe
(Uniblue Systems Ltd) C:\Program Files (x86)\Uniblue\SpeedUpMyPC\spmonitor.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12459112 2012-03-27] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2598696 2012-02-29] (ELAN Microelectronics Corp.)
HKLM\...\Run: [THXCfg64] - C:\windows\system32\RunDLL32.exe [45568 2009-07-14] (Microsoft Corporation)
HKLM\...\Run: [BLEServicesCtrl] - C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [178960 2012-03-15] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] - rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll",TrayApp [x]
HKLM\...\Run: [IntelTBRunOnce] - wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" [x]
HKLM\...\Run: [ISW] - C:\Program Files\CheckPoint\ZAForceField\ForceField.exe [1127592 2012-11-02] (Check Point Software Technologies)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-07-03] (NVIDIA Corporation)
HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\steam.exe [1672616 2013-07-10] (Valve Corporation)
HKCU\...\Run: [Sidebar] - C:\Program Files\Windows Sidebar\sidebar.exe [1475584 2010-11-21] (Microsoft Corporation)
HKCU\...\Run: [Pando Media Booster] - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [x]
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [19603048 2013-06-03] (Skype Technologies S.A.)
HKCU\...\Run: [EADM] - C:\Program Files (x86)\Origin\Origin.exe [3456080 2013-06-29] (Electronic Arts)
HKCU\...\RunOnce: [FlashPlayerUpdate] - C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_11_7_700_224_Plugin.exe -update plugin [814472 2013-06-30] (Adobe Systems Incorporated)
MountPoints2: F - F:\AutoRun.exe
MountPoints2: {e5b09cbe-4690-11e2-a16e-0cd2920187b3} - F:\AutoRun.exe
MountPoints2: {e5b09ccd-4690-11e2-a16e-0cd2920187b3} - F:\AutoRun.exe
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60 [284440 2012-02-01] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] - "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [291608 2012-02-26] (Intel Corporation)
HKLM-x32\...\Run: [THX Audio Control Panel] - "C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe" /r [1517056 2011-08-30] (Creative Technology Ltd)
HKLM-x32\...\Run: [Super-Charger] - C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [502288 2012-01-03] (MSI)
HKLM-x32\...\Run: [YouCam Mirage] - "C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe" [136488 2011-10-13] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] - "C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe" /s [230696 2011-10-13] (CyberLink Corp.)
HKLM-x32\...\Run: [APSDaemon] - Disable_By_"C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [x]
HKLM-x32\...\Run: [ZoneAlarm] - "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe" [73392 2012-11-19] (Check Point Software Technologies LTD)
HKLM-x32\...\Run: [Adobe ARM] - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [RoccatKova+] - "C:\Program Files (x86)\ROCCAT\Kova[+] Mouse\Kova[+]Monitor.EXE" [539688 2011-03-17] (Roccat GmbH)
HKLM-x32\...\Run: [AVG_UI] - "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY [4408368 2013-04-29] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [iTunesHelper] - "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [152392 2013-05-15] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [pcsafedoctor.exe] - C:\Program Files (x86)\PCSafeDoctor\pcsafedoctor.exe [2052608 2012-08-13] ()
AppInit_DLLs: c:\windows\syswow64\nvinit.dll,c:\windows\syswow64\nvinit.dll,C:\windows\SysWOW64\nvinit.dll,C:\windows\system32\nvinitx.dll [97280 2009-07-14] ()
AppInit_DLLs-x32:  [0 ] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe (McAfee, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.certified-toolbar.com?si=43169&tid=3580&ver=3.2&ts=1368335635167&tguid=43169-3580-1368335635167-D41D8CD98F00B204E9800998ECF8427E&st=chrome&q=
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=54BB0CD2920187B4&affID=119357&tt=160713_91114&tsp=4946
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://msi.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,BrowserMngr Start Page = hxxp://search.babylon.com/?affID=110823&tt=120912_cpc_3812_5&babsrc=HP_ss&mntrId=54bb2c940000000000000cd2920187b4
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.certified-toolbar.com?si=43169&tid=3580&ver=3.2&ts=1368335635167&tguid=43169-3580-1368335635167-D41D8CD98F00B204E9800998ECF8427E&st=chrome&q=
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.certified-toolbar.com?si=43169&tid=3580&ver=3.2&ts=1368335635167&tguid=43169-3580-1368335635167-D41D8CD98F00B204E9800998ECF8427E&st=chrome&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.certified-toolbar.com?si=43169&tid=3580&ver=3.2&ts=1368335635167&tguid=43169-3580-1368335635167-D41D8CD98F00B204E9800998ECF8427E&st=chrome&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.certified-toolbar.com?si=43169&tid=3580&ver=3.2&ts=1368335635167&tguid=43169-3580-1368335635167-D41D8CD98F00B204E9800998ECF8427E&st=chrome&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.certified-toolbar.com?si=43169&tid=3580&ver=3.2&ts=1368335635167&tguid=43169-3580-1368335635167-D41D8CD98F00B204E9800998ECF8427E&st=chrome&q=
URLSearchHook: (No Name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} -  No File
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=492&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=5521530430244872&q={searchTerms}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {375A1765-ACEC-4545-A3CB-48D9114789B9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSITDF&pc=MAM3&src=IE-SearchBox
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=492&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=5521530430244872&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://search.certified-toolbar.com?si=43169&st=bs&tid=3580&ver=3.2&ts=1368335635167&tguid=43169-3580-1368335635167-D41D8CD98F00B204E9800998ECF8427E&q={searchTerms}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {375A1765-ACEC-4545-A3CB-48D9114789B9} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSITDF&pc=MAM3&src=IE-SearchBox
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://search.certified-toolbar.com?si=43169&st=bs&tid=3580&ver=3.2&ts=1368335635167&tguid=43169-3580-1368335635167-D41D8CD98F00B204E9800998ECF8427E&q={searchTerms}
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.certified-toolbar.com?si=43169&st=bs&tid=3580&ver=3.2&ts=1368335635167&tguid=43169-3580-1368335635167-D41D8CD98F00B204E9800998ECF8427E&q={searchTerms}
SearchScopes: HKLM-x32 - {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} URL = hxxp://search.iminent.com/?appId=[AppInstanceUid]&ref=toolbox&q={searchTerms}
SearchScopes: HKCU - DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=54BB0CD2920187B4&affID=119357&tt=160713_91114&tsp=4946
SearchScopes: HKCU - BrowserMngrDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=54BB0CD2920187B4&affID=119357&tt=160713_91114&tsp=4946
SearchScopes: HKCU - {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://pandasecurityr.mystart.com/?source=5b97eeb3&v=4_0&tbp=rbox&toolbarid=pandasecuritytb&u=C856BE911F8AEB77028228517852BBE7&q={searchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=492&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&o=APN10645&apn_uid=5521530430244872&q={searchTerms}
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.certified-toolbar.com?si=43169&st=bs&tid=3580&ver=3.2&ts=1368335635167&tguid=43169-3580-1368335635167-D41D8CD98F00B204E9800998ECF8427E&q={searchTerms}
SearchScopes: HKCU - {B651009A-BE4D-4DC5-A66E-1A58DFF5F0C9} URL = hxxp://search.zonealarm.com/search?Source=Browser&oemCode=ZLN116254278027912-1001&toolbarId=base&affiliateId=1001&Lan=de&utid=54bb2c940000000000000cd2920187b4&q={searchTerms}&r=898
SearchScopes: HKCU - {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} URL = hxxp://search.certified-toolbar.com?si=43169&st=bs&tid=3580&ver=3.2&ts=1368335635167&tguid=43169-3580-1368335635167-D41D8CD98F00B204E9800998ECF8427E&q={searchTerms}
SearchScopes: HKCU - {F711C012-8975-4B6B-8BCF-71389267E2CC} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=6f199c5d-5c41-47d6-b659-3572353eaf16&apn_sauid=98F41626-1DC8-420A-A5F0-26272D80522B
BHO: Complitly - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\laurenz\AppData\Roaming\Complitly\64\Complitly64.dll (SimplyGen)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: No Name - Disabled:{11111111-1111-1111-1111-110011441179} -  No File
BHO-x32: No Name - Disabled:{96edaac7-6183-4cb5-8823-b8b12d94f967} -  No File
BHO-x32: No Name - Disabled:{A09AB6EB-31B5-454C-97EC-9B294D92EE2A} -  No File
BHO-x32: No Name - Disabled:{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -  No File
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Complitly - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\laurenz\AppData\Roaming\Complitly\Complitly.dll (SimplyGen)
BHO-x32: Zonealarm Helper Object - {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.6.7.4\bh\zonealarm.dll (Montera Technologeis LTD)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} -  No File
BHO-x32: HomeTab - {96edaac7-6183-4cb5-8823-b8b12d94f967} - C:\Users\laurenz\AppData\Roaming\HomeTab\HomeTab.dll (Simplytech Ltd.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
Toolbar: HKLM-x32 - ZoneAlarm Security Toolbar - {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.6.7.4\zonealarmTlbr.dll (Montera Technologeis LTD)
Toolbar: HKLM-x32 - ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
Toolbar: HKLM-x32 - Panda Security Toolbar - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - C:\Program Files (x86)\pandasecuritytb\pandasecurityDx.dll No File
Toolbar: HKLM-x32 - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} -  No File
Toolbar: HKLM-x32 - HomeTab - {96edaac7-6183-4cb5-8823-b8b12d94f967} - C:\Users\laurenz\AppData\Roaming\HomeTab\HomeTab.dll (Simplytech Ltd.)
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.1.0\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\laurenz\AppData\Roaming\Mozilla\Firefox\Profiles\ac2gl7cx.default
FF Plugin: @adobe.com/FlashPlayer - C:\windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @java.com/DTPlugin,version=10.9.2 - C:\windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.9.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @checkpoint.com/FFApi - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\adawaretb.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\SearchTheWeb.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\Web Search.xml
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Firefox\Extensions: [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] C:\Program Files\CheckPoint\ZAForceField\TrustChecker
FF Extension: No Name - C:\Program Files\CheckPoint\ZAForceField\TrustChecker
FF HKLM-x32\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] C:\Program Files\T-Mobile\InternetManager_H\OCx64\addon
FF HKLM-x32\...\Firefox\Extensions: [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker
FF Extension: ZoneAlarm Security Engine - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker
FF HKLM-x32\...\Firefox\Extensions: [webbooster@iminent.com] C:\Program Files (x86)\Iminent\webbooster@iminent.com
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] C:\ProgramData\AVG Secure Search\FireFoxExt\15.1.0.2
FF Extension: AVG Security Toolbar - C:\ProgramData\AVG Secure Search\FireFoxExt\15.1.0.2
FF HKLM-x32\...\Firefox\Extensions: [jid0-hjoQNmABq6jg91jHpQyvgJUouUP@jetpack] C:\Program Files (x86)\GutscheinFinder\jid0-hjoQNmABq6jg91jHpQyvgJUouUPjetpack.xpi

Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR HKLM-x32\...\Chrome\Extension: [didlmjkkjfegblmkekbhgpefajgikncm] - C:\Program Files (x86)\GutscheinFinder\gutscheincodes.crx
CHR HKLM-x32\...\Chrome\Extension: [djbdlklldbflagkkpaljamjfbpefcbpf] - C:\Program Files (x86)\HomeTab\chrome\HomeTab.crx
CHR HKLM-x32\...\Chrome\Extension: [dlfienamagdnkekbbbocojppncdambda] - C:\Program Files (x86)\Complitly\chrome\ComplitlyChrome.crx
CHR HKLM-x32\...\Chrome\Extension: [ndkhncnongaclekkbelchmeafffimifj] - C:\Users\laurenz\AppData\Local\Giant Savings\Chrome\Giant Savings.crx

==================== Services (Whitelisted) =================

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [4937264 2013-05-14] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [283136 2013-04-18] (AVG Technologies CZ, s.r.o.)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [127320 2012-03-15] ()
R2 IswSvc; C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [827560 2012-11-02] (Check Point Software Technologies)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [162648 2012-03-15] (Intel Corporation)
S3 McComponentHostService; C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe [235216 2013-02-05] (McAfee, Inc.)
R2 Micro Star SCM; C:\Program Files (x86)\S-Bar\MSIService.exe [160768 2012-04-27] (Micro-Star International Co., Ltd.)
R2 MSI Foundation Service; C:\Program Files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe [12800 2010-07-17] (MSI)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [138768 2012-01-03] (MSI)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2012-03-29] ()
S4 SProtection; C:\Program Files (x86)\Common Files\Umbrella\Umbrella.exe [2620016 2013-01-18] (Iminent)
S2 SystemStoreService; C:\Program Files (x86)\SoftwareUpdater\SystemStore.exe [296448 2013-05-06] ()
R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2447440 2012-11-19] (Check Point Software Technologies LTD)
S4 vToolbarUpdater15.1.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.1.0\ToolbarUpdater.exe [1008816 2013-04-27] (AVG Secure Search)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2669840 2012-03-29] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [246072 2013-03-29] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [71480 2013-02-08] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [206136 2013-02-08] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [311096 2013-02-08] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [116536 2013-02-08] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [45880 2013-02-08] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [240952 2013-03-21] (AVG Technologies CZ, s.r.o.)
S4 avgtp; C:\windows\system32\drivers\avgtpx64.sys [40736 2013-04-27] (AVG Technologies)
S3 ipadtst; C:\Program Files (x86)\MSI\Super-Charger\ipadtst_64.sys [17936 2011-12-12] (Windows (R) Win 7 DDK provider)
S3 ipadtst; C:\Program Files (x86)\MSI\Super-Charger\ipadtst_64.sys [17936 2011-12-12] (Windows (R) Win 7 DDK provider)
R2 ISWKL; C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys [33712 2012-11-02] (Check Point Software Technologies)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [611160 2012-11-15] (Kaspersky Lab)
R3 NETwNs64; C:\Windows\System32\DRIVERS\Netwsw00.sys [11471872 2012-03-12] (Intel Corporation)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [14136 2010-01-18] (MSI)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [14136 2010-01-18] (MSI)
R1 Vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [450136 2012-11-01] (Check Point Software Technologies LTD)
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [x]
S3 hwusbdev; system32\DRIVERS\ewusbdev.sys [x]
U0 KL1;
S3 MGHwCtrl; \??\C:\Program Files\MSI\MSI Software Install\MGHwCtrl.sys [x]
S3 RkHit; \??\C:\windows\system32\drivers\RKHit.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-24 16:24 - 2013-07-24 16:24 - 00002514 _____ C:\windows\System32\Tasks\spmonitor
2013-07-24 16:24 - 2013-07-24 16:24 - 00002504 _____ C:\windows\System32\Tasks\SpeedUpMyPC
2013-07-24 16:24 - 2013-07-24 16:24 - 00001096 _____ C:\Users\Public\Desktop\SpeedUpMyPC.lnk
2013-07-24 16:24 - 2013-07-24 16:24 - 00000340 _____ C:\windows\Tasks\spmonitor.job
2013-07-24 16:24 - 2013-07-24 16:24 - 00000262 _____ C:\windows\Tasks\SpeedUpMyPC.job
2013-07-24 16:24 - 2013-07-24 16:24 - 00000000 ____D C:\Users\laurenz\AppData\Roaming\Uniblue
2013-07-24 16:24 - 2013-07-24 16:24 - 00000000 ____D C:\Program Files (x86)\Uniblue
2013-07-24 16:20 - 2013-07-24 16:21 - 00025981 _____ C:\Users\laurenz\Downloads\Addition.txt
2013-07-24 16:19 - 2013-07-24 16:19 - 00000000 ____D C:\FRST
2013-07-24 16:17 - 2013-07-24 16:18 - 01779757 _____ (Farbar) C:\Users\laurenz\Downloads\FRST64.exe
2013-07-24 16:17 - 2013-07-24 16:18 - 01326728 _____ (Uniblue Systems Ltd                                        ) C:\Users\laurenz\Downloads\speedupmypc.exe
2013-07-23 16:21 - 2013-07-23 16:21 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2013-07-23 16:21 - 2013-07-23 16:21 - 00000000 ____D C:\ProgramData\McAfee
2013-07-22 22:46 - 2013-07-22 22:46 - 00003330 _____ C:\windows\System32\Tasks\{ED734C4E-5029-4728-B16E-C37B8F5B3656}
2013-07-22 22:20 - 2013-07-22 22:20 - 00000000 ____D C:\ProgramData\FreeSystemUtilities
2013-07-22 16:34 - 2013-07-22 16:34 - 00059362 _____ C:\AdwCleaner[R2].txt
2013-07-22 16:31 - 2013-07-22 16:33 - 00059301 _____ C:\AdwCleaner[R1].txt
2013-07-22 16:29 - 2013-07-22 16:29 - 00666633 _____ C:\Users\laurenz\Downloads\adwcleaner.exe
2013-07-22 15:10 - 2013-07-22 15:22 - 00000000 ____D C:\windows\system32\MRT
2013-07-22 00:14 - 2013-07-22 00:14 - 00001025 _____ C:\Users\laurenz\Desktop\pcsafedoctor.lnk
2013-07-22 00:14 - 2013-07-22 00:14 - 00000022 _____ C:\windows\tpcsd
2013-07-22 00:14 - 2010-12-30 10:54 - 00034736 _____ C:\windows\SysWOW64\Drivers\RKHit.sys
2013-07-22 00:13 - 2013-07-23 16:34 - 00000000 ____D C:\Program Files (x86)\PCSafeDoctor
2013-07-22 00:05 - 2013-07-22 00:13 - 47286211 _____ (pcsafedoctor.com, Inc.                                      ) C:\Users\laurenz\Downloads\PCSafeDoctor_Setup.exe
2013-07-21 21:51 - 2013-07-21 21:51 - 00000220 _____ C:\Users\laurenz\Desktop\BioShock Infinite.url
2013-07-20 15:26 - 2013-07-22 16:07 - 00000005 _____ C:\Users\laurenz\AppData\Roaming\WBPU-TTL.DAT
2013-07-17 21:07 - 2013-07-17 21:08 - 16590137 _____ C:\Users\laurenz\Downloads\Soartex_Fanver (1).zip
2013-07-17 21:06 - 2013-07-22 22:06 - 00000294 _____ C:\windows\Tasks\DSite.job
2013-07-17 21:06 - 2013-07-17 21:06 - 00003244 _____ C:\windows\System32\Tasks\DSite
2013-07-17 21:06 - 2013-07-17 21:06 - 00000000 ____D C:\Users\laurenz\AppData\Roaming\DSite
2013-07-17 21:04 - 2013-07-17 21:04 - 00793536 _____ C:\Users\laurenz\Downloads\ZipOpenerSetup.exe
2013-07-17 21:02 - 2013-07-17 21:06 - 00003402 _____ C:\windows\System32\Tasks\EPUpdater
2013-07-17 21:02 - 2013-07-17 21:02 - 00000000 ____D C:\Users\laurenz\AppData\Roaming\BabSolution
2013-07-17 21:01 - 2013-07-23 20:51 - 00000378 _____ C:\windows\Tasks\Lyrics-Pal Update.job
2013-07-17 21:01 - 2013-07-17 21:01 - 00003030 _____ C:\windows\System32\Tasks\Lyrics-Pal Update
2013-07-17 21:00 - 2013-07-17 21:00 - 00166672 _____ () C:\Users\laurenz\Downloads\MCPatcher_downloader_by_MCPatcher.exe
2013-07-17 20:45 - 2013-07-17 20:46 - 02570679 _____ C:\Users\laurenz\Downloads\Nicht bestätigt 683617.crdownload
2013-07-17 20:45 - 2013-07-17 20:45 - 02570679 _____ C:\Users\laurenz\Downloads\Nicht bestätigt 777355.crdownload
2013-07-17 20:45 - 2013-07-17 20:45 - 02570679 _____ C:\Users\laurenz\Downloads\Nicht bestätigt 653235.crdownload
2013-07-17 20:36 - 2013-07-17 20:38 - 16590137 _____ C:\Users\laurenz\Downloads\Soartex_Fanver.zip
2013-07-17 20:35 - 2013-07-17 20:35 - 00675988 _____ C:\Users\laurenz\Downloads\Minecraft.exe
2013-07-15 14:07 - 2013-06-12 01:42 - 00391168 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2013-07-15 14:07 - 2013-06-12 01:25 - 00526336 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2013-07-15 14:07 - 2013-06-07 05:22 - 02706432 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2013-07-15 14:07 - 2013-06-07 04:37 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2013-07-15 14:06 - 2013-06-12 01:43 - 14329856 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2013-07-15 14:06 - 2013-06-12 01:43 - 02877440 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2013-07-15 14:06 - 2013-06-12 01:43 - 01767936 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2013-07-15 14:06 - 2013-06-12 01:43 - 01141248 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2013-07-15 14:06 - 2013-06-12 01:43 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2013-07-15 14:06 - 2013-06-12 01:43 - 00493056 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2013-07-15 14:06 - 2013-06-12 01:43 - 00039424 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2013-07-15 14:06 - 2013-06-12 01:42 - 13760512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2013-07-15 14:06 - 2013-06-12 01:42 - 02046976 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2013-07-15 14:06 - 2013-06-12 01:42 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesysprep.dll
2013-07-15 14:06 - 2013-06-12 01:42 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2013-07-15 14:06 - 2013-06-12 01:42 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2013-07-15 14:06 - 2013-06-12 01:26 - 02241024 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2013-07-15 14:06 - 2013-06-12 01:26 - 01365504 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2013-07-15 14:06 - 2013-06-12 01:26 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2013-07-15 14:06 - 2013-06-12 01:25 - 19238912 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2013-07-15 14:06 - 2013-06-12 01:25 - 15404032 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2013-07-15 14:06 - 2013-06-12 01:25 - 03958784 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2013-07-15 14:06 - 2013-06-12 01:25 - 02648576 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2013-07-15 14:06 - 2013-06-12 01:25 - 00855552 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2013-07-15 14:06 - 2013-06-12 01:25 - 00603136 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2013-07-15 14:06 - 2013-06-12 01:25 - 00136704 _____ (Microsoft Corporation) C:\windows\system32\iesysprep.dll
2013-07-15 14:06 - 2013-06-12 01:25 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2013-07-15 14:06 - 2013-06-12 01:25 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2013-07-15 14:06 - 2013-06-12 01:25 - 00039936 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2013-07-15 14:06 - 2013-06-12 00:51 - 00071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-15 14:06 - 2013-06-12 00:50 - 00089600 _____ (Microsoft Corporation) C:\windows\system32\RegisterIEPKEYs.exe
2013-07-10 14:49 - 2013-06-04 08:00 - 00624128 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2013-07-10 14:49 - 2013-06-04 06:53 - 00509440 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2013-07-10 14:49 - 2013-05-06 08:03 - 01887744 _____ (Microsoft Corporation) C:\windows\system32\WMVDECOD.DLL
2013-07-10 14:49 - 2013-05-06 06:56 - 01620480 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVDECOD.DLL
2013-07-10 14:48 - 2013-06-05 05:34 - 03153920 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2013-07-10 14:47 - 2013-04-10 01:34 - 01247744 _____ (Microsoft Corporation) C:\windows\SysWOW64\DWrite.dll
2013-07-10 14:47 - 2013-04-03 00:51 - 01643520 _____ (Microsoft Corporation) C:\windows\system32\DWrite.dll
2013-07-07 17:29 - 2013-07-07 17:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-03 00:50 - 2013-07-03 00:50 - 00000000 ____D C:\windows\SysWOW64\NV
2013-07-03 00:50 - 2013-07-03 00:50 - 00000000 ____D C:\windows\system32\NV
2013-07-03 00:50 - 2013-07-03 00:50 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-07-03 00:45 - 2013-07-03 00:45 - 00263592 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2013-07-03 00:45 - 2013-07-03 00:45 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2013-07-03 00:45 - 2013-07-03 00:45 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2013-07-03 00:45 - 2013-07-03 00:45 - 00096168 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-03 00:44 - 2013-06-21 14:06 - 27781920 _____ (NVIDIA Corporation) C:\windows\system32\nvoglv64.dll
2013-07-03 00:44 - 2013-06-21 14:06 - 25256224 _____ (NVIDIA Corporation) C:\windows\system32\nvcompiler.dll
2013-07-03 00:44 - 2013-06-21 14:06 - 21102368 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvoglv32.dll
2013-07-03 00:44 - 2013-06-21 14:06 - 17560352 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcompiler.dll
2013-07-03 00:44 - 2013-06-21 14:06 - 15920536 _____ (NVIDIA Corporation) C:\windows\system32\nvwgf2umx.dll
2013-07-03 00:44 - 2013-06-21 14:06 - 15144928 _____ (NVIDIA Corporation) C:\windows\system32\nvd3dumx.dll
2013-07-03 00:44 - 2013-06-21 14:06 - 11235104 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvlddmkm.sys
2013-07-03 00:44 - 2013-06-21 14:06 - 09239344 _____ (NVIDIA Corporation) C:\windows\system32\nvcuda.dll
2013-07-03 00:44 - 2013-06-21 14:06 - 07687592 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuda.dll
2013-07-03 00:44 - 2013-06-21 14:06 - 07641832 _____ (NVIDIA Corporation) C:\windows\system32\nvopencl.dll
2013-07-03 00:44 - 2013-06-21 14:06 - 06324360 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvopencl.dll
2013-07-03 00:44 - 2013-06-21 14:06 - 02953504 _____ (NVIDIA Corporation) C:\windows\system32\nvcuvid.dll
2013-07-03 00:44 - 2013-06-21 14:06 - 02777888 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuvid.dll
2013-07-03 00:44 - 2013-06-21 14:06 - 02363680 _____ (NVIDIA Corporation) C:\windows\system32\nvcuvenc.dll
2013-07-03 00:44 - 2013-06-21 14:06 - 02002720 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvcuvenc.dll
2013-07-03 00:44 - 2013-06-21 14:06 - 01832224 _____ (NVIDIA Corporation) C:\windows\system32\nvdispco6432049.dll
2013-07-03 00:44 - 2013-06-21 14:06 - 01511712 _____ (NVIDIA Corporation) C:\windows\system32\nvdispgenco6432049.dll
2013-07-03 00:44 - 2013-06-21 14:06 - 00572704 _____ (NVIDIA Corporation) C:\windows\system32\NvFBC64.dll
2013-07-03 00:44 - 2013-06-21 14:06 - 00570656 _____ (NVIDIA Corporation) C:\windows\system32\NvIFR64.dll
2013-07-03 00:44 - 2013-06-21 14:06 - 00467232 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvIFR.dll
2013-07-03 00:44 - 2013-06-21 14:06 - 00465184 _____ (NVIDIA Corporation) C:\windows\SysWOW64\NvFBC.dll
2013-07-03 00:44 - 2013-06-21 14:06 - 00432928 _____ (NVIDIA Corporation) C:\windows\system32\nvEncodeAPI64.dll
2013-07-03 00:44 - 2013-06-21 14:06 - 00372000 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvEncodeAPI.dll
2013-07-03 00:44 - 2013-06-21 14:06 - 00218592 _____ (NVIDIA Corporation) C:\windows\system32\nvoglshim64.dll
2013-07-03 00:44 - 2013-06-21 14:06 - 00181488 _____ (NVIDIA Corporation) C:\windows\SysWOW64\nvoglshim32.dll
2013-07-03 00:44 - 2013-06-21 14:06 - 00030496 _____ (NVIDIA Corporation) C:\windows\system32\Drivers\nvpciflt.sys
2013-07-03 00:44 - 2013-06-21 14:06 - 00021578 _____ C:\windows\system32\nvinfo.pb
2013-07-02 21:16 - 2013-07-02 21:16 - 00001242 _____ C:\Users\Public\Desktop\SimCity™.lnk
2013-07-02 21:07 - 2013-07-02 21:09 - 00000000 ____D C:\Program Files (x86)\Origin Games
2013-07-02 20:27 - 2013-07-02 20:27 - 00000000 ____D C:\Users\laurenz\Documents\SimCity
2013-07-01 23:18 - 2013-07-01 23:18 - 00002016 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2013-06-30 21:33 - 2013-06-30 22:00 - 00003822 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2013-06-30 21:31 - 2013-07-01 23:18 - 00000000 ____D C:\Program Files (x86)\McAfee Security Scan
2013-06-29 15:48 - 2013-07-02 21:01 - 00000000 ____D C:\Users\laurenz\AppData\Roaming\Origin
2013-06-29 15:48 - 2013-06-29 15:48 - 00000000 ____D C:\Users\laurenz\AppData\Local\Origin
2013-06-29 15:43 - 2013-07-23 16:21 - 00000000 ____D C:\Program Files (x86)\Origin
2013-06-29 15:43 - 2013-07-02 21:28 - 00000000 ____D C:\ProgramData\Electronic Arts
2013-06-29 15:43 - 2013-07-02 20:27 - 00000000 ____D C:\ProgramData\Origin
2013-06-29 15:43 - 2013-06-29 15:43 - 00000949 _____ C:\Users\Public\Desktop\Origin.lnk
2013-06-29 14:48 - 2013-06-29 14:49 - 16959688 _____ (Electronic Arts, Inc.) C:\Users\laurenz\Downloads\OriginThinSetup.exe

==================== One Month Modified Files and Folders =======

2013-07-24 16:24 - 2013-07-24 16:24 - 00002514 _____ C:\windows\System32\Tasks\spmonitor
2013-07-24 16:24 - 2013-07-24 16:24 - 00002504 _____ C:\windows\System32\Tasks\SpeedUpMyPC
2013-07-24 16:24 - 2013-07-24 16:24 - 00001096 _____ C:\Users\Public\Desktop\SpeedUpMyPC.lnk
2013-07-24 16:24 - 2013-07-24 16:24 - 00000340 _____ C:\windows\Tasks\spmonitor.job
2013-07-24 16:24 - 2013-07-24 16:24 - 00000262 _____ C:\windows\Tasks\SpeedUpMyPC.job
2013-07-24 16:24 - 2013-07-24 16:24 - 00000000 ____D C:\Users\laurenz\AppData\Roaming\Uniblue
2013-07-24 16:24 - 2013-07-24 16:24 - 00000000 ____D C:\Program Files (x86)\Uniblue
2013-07-24 16:21 - 2013-07-24 16:20 - 00025981 _____ C:\Users\laurenz\Downloads\Addition.txt
2013-07-24 16:21 - 2012-09-11 19:49 - 00000000 ____D C:\Users\laurenz\AppData\Roaming\Skype
2013-07-24 16:19 - 2013-07-24 16:19 - 00000000 ____D C:\FRST
2013-07-24 16:19 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2013-07-24 16:18 - 2013-07-24 16:17 - 01779757 _____ (Farbar) C:\Users\laurenz\Downloads\FRST64.exe
2013-07-24 16:18 - 2013-07-24 16:17 - 01326728 _____ (Uniblue Systems Ltd                                        ) C:\Users\laurenz\Downloads\speedupmypc.exe
2013-07-24 16:05 - 2012-09-07 17:57 - 01338157 _____ C:\windows\WindowsUpdate.log
2013-07-24 16:00 - 2013-05-22 09:49 - 00004208 _____ C:\windows\System32\Tasks\Software Updater
2013-07-24 16:00 - 2013-05-22 09:49 - 00004190 _____ C:\windows\System32\Tasks\Software Updater Ui
2013-07-24 16:00 - 2012-10-14 15:56 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2013-07-24 15:39 - 2012-10-17 22:00 - 00001112 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-07-24 15:14 - 2012-09-07 18:45 - 00000000 ____D C:\Program Files (x86)\Steam
2013-07-24 14:54 - 2012-10-17 22:00 - 00001108 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-07-24 14:44 - 2012-10-17 21:55 - 00000000 ____D C:\ProgramData\MFAData
2013-07-23 20:51 - 2013-07-17 21:01 - 00000378 _____ C:\windows\Tasks\Lyrics-Pal Update.job
2013-07-23 17:58 - 2013-05-06 22:23 - 00000000 ____D C:\Users\laurenz\Documents\My Games
2013-07-23 17:57 - 2013-06-08 20:53 - 00351761 _____ C:\windows\DirectX.log
2013-07-23 16:34 - 2013-07-22 00:13 - 00000000 ____D C:\Program Files (x86)\PCSafeDoctor
2013-07-23 16:31 - 2009-07-14 06:45 - 00024432 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-23 16:31 - 2009-07-14 06:45 - 00024432 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-23 16:21 - 2013-07-23 16:21 - 00000000 ____D C:\ProgramData\McAfee Security Scan
2013-07-23 16:21 - 2013-07-23 16:21 - 00000000 ____D C:\ProgramData\McAfee
2013-07-23 16:21 - 2013-06-29 15:43 - 00000000 ____D C:\Program Files (x86)\Origin
2013-07-23 16:19 - 2013-05-22 08:24 - 00002016 _____ C:\windows\setupact.log
2013-07-23 16:19 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2013-07-23 16:18 - 2013-05-24 07:10 - 00024076 _____ C:\windows\PFRO.log
2013-07-22 22:46 - 2013-07-22 22:46 - 00003330 _____ C:\windows\System32\Tasks\{ED734C4E-5029-4728-B16E-C37B8F5B3656}
2013-07-22 22:20 - 2013-07-22 22:20 - 00000000 ____D C:\ProgramData\FreeSystemUtilities
2013-07-22 22:20 - 2013-05-06 02:33 - 00002563 _____ C:\Users\Public\Desktop\Free System Utilities.lnk
2013-07-22 22:06 - 2013-07-17 21:06 - 00000294 _____ C:\windows\Tasks\DSite.job
2013-07-22 16:54 - 2012-10-24 15:34 - 00007616 _____ C:\Users\laurenz\AppData\Local\Resmon.ResmonCfg
2013-07-22 16:34 - 2013-07-22 16:34 - 00059362 _____ C:\AdwCleaner[R2].txt
2013-07-22 16:33 - 2013-07-22 16:31 - 00059301 _____ C:\AdwCleaner[R1].txt
2013-07-22 16:29 - 2013-07-22 16:29 - 00666633 _____ C:\Users\laurenz\Downloads\adwcleaner.exe
2013-07-22 16:07 - 2013-07-20 15:26 - 00000005 _____ C:\Users\laurenz\AppData\Roaming\WBPU-TTL.DAT
2013-07-22 15:22 - 2013-07-22 15:10 - 00000000 ____D C:\windows\system32\MRT
2013-07-22 00:14 - 2013-07-22 00:14 - 00001025 _____ C:\Users\laurenz\Desktop\pcsafedoctor.lnk
2013-07-22 00:14 - 2013-07-22 00:14 - 00000022 _____ C:\windows\tpcsd
2013-07-22 00:13 - 2013-07-22 00:05 - 47286211 _____ (pcsafedoctor.com, Inc.                                      ) C:\Users\laurenz\Downloads\PCSafeDoctor_Setup.exe
2013-07-21 21:51 - 2013-07-21 21:51 - 00000220 _____ C:\Users\laurenz\Desktop\BioShock Infinite.url
2013-07-21 21:51 - 2012-09-07 19:20 - 00000000 ____D C:\Users\laurenz\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2013-07-20 15:47 - 2012-09-09 15:25 - 00000000 ____D C:\Users\laurenz\AppData\Roaming\.minecraft
2013-07-17 21:08 - 2013-07-17 21:07 - 16590137 _____ C:\Users\laurenz\Downloads\Soartex_Fanver (1).zip
2013-07-17 21:06 - 2013-07-17 21:06 - 00003244 _____ C:\windows\System32\Tasks\DSite
2013-07-17 21:06 - 2013-07-17 21:06 - 00000000 ____D C:\Users\laurenz\AppData\Roaming\DSite
2013-07-17 21:06 - 2013-07-17 21:02 - 00003402 _____ C:\windows\System32\Tasks\EPUpdater
2013-07-17 21:06 - 2012-09-07 17:59 - 00000000 ____D C:\Users\laurenz
2013-07-17 21:04 - 2013-07-17 21:04 - 00793536 _____ C:\Users\laurenz\Downloads\ZipOpenerSetup.exe
2013-07-17 21:02 - 2013-07-17 21:02 - 00000000 ____D C:\Users\laurenz\AppData\Roaming\BabSolution
2013-07-17 21:01 - 2013-07-17 21:01 - 00003030 _____ C:\windows\System32\Tasks\Lyrics-Pal Update
2013-07-17 21:00 - 2013-07-17 21:00 - 00166672 _____ () C:\Users\laurenz\Downloads\MCPatcher_downloader_by_MCPatcher.exe
2013-07-17 20:46 - 2013-07-17 20:45 - 02570679 _____ C:\Users\laurenz\Downloads\Nicht bestätigt 683617.crdownload
2013-07-17 20:45 - 2013-07-17 20:45 - 02570679 _____ C:\Users\laurenz\Downloads\Nicht bestätigt 777355.crdownload
2013-07-17 20:45 - 2013-07-17 20:45 - 02570679 _____ C:\Users\laurenz\Downloads\Nicht bestätigt 653235.crdownload
2013-07-17 20:38 - 2013-07-17 20:36 - 16590137 _____ C:\Users\laurenz\Downloads\Soartex_Fanver.zip
2013-07-17 20:35 - 2013-07-17 20:35 - 00675988 _____ C:\Users\laurenz\Downloads\Minecraft.exe
2013-07-17 13:33 - 2013-01-14 01:30 - 00000000 ____D C:\Users\laurenz\AppData\Local\PMB Files
2013-07-16 18:39 - 2013-06-05 21:33 - 00001317 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2013-07-16 00:21 - 2013-05-13 02:38 - 00370936 _____ C:\windows\system32\FNTCACHE.DAT
2013-07-16 00:20 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files\Windows Defender
2013-07-16 00:20 - 2009-07-14 07:32 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2013-07-16 00:19 - 2012-09-07 18:11 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-16 00:19 - 2012-05-18 01:54 - 00000000 ____D C:\Program Files\Windows Journal
2013-07-15 14:41 - 2012-10-17 22:06 - 00002153 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-07-15 14:34 - 2013-05-22 09:49 - 00004108 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-07-15 14:34 - 2013-05-22 09:49 - 00003856 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-07-15 14:24 - 2012-10-13 08:13 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-07-15 14:19 - 2012-05-18 02:15 - 00708500 _____ C:\windows\system32\perfh007.dat
2013-07-15 14:19 - 2012-05-18 02:15 - 00152104 _____ C:\windows\system32\perfc007.dat
2013-07-15 14:19 - 2009-07-14 07:13 - 01666120 _____ C:\windows\system32\PerfStringBackup.INI
2013-07-15 13:44 - 2013-03-14 20:58 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-07-15 13:44 - 2013-03-14 20:58 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-07-08 18:34 - 2013-04-27 08:05 - 00000951 _____ C:\Users\Public\Desktop\AVG 2013.lnk
2013-07-07 17:29 - 2013-07-07 17:29 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-03 00:50 - 2013-07-03 00:50 - 00000000 ____D C:\windows\SysWOW64\NV
2013-07-03 00:50 - 2013-07-03 00:50 - 00000000 ____D C:\windows\system32\NV
2013-07-03 00:50 - 2013-07-03 00:50 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
2013-07-03 00:50 - 2012-05-18 19:07 - 00000000 ____D C:\ProgramData\NVIDIA
2013-07-03 00:50 - 2012-05-18 19:06 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2013-07-03 00:45 - 2013-07-03 00:45 - 00263592 _____ (Oracle Corporation) C:\windows\SysWOW64\javaws.exe
2013-07-03 00:45 - 2013-07-03 00:45 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\javaw.exe
2013-07-03 00:45 - 2013-07-03 00:45 - 00175016 _____ (Oracle Corporation) C:\windows\SysWOW64\java.exe
2013-07-03 00:45 - 2013-07-03 00:45 - 00096168 _____ (Oracle Corporation) C:\windows\SysWOW64\WindowsAccessBridge-32.dll
2013-07-03 00:45 - 2012-09-09 15:25 - 00867240 _____ (Oracle Corporation) C:\windows\SysWOW64\npDeployJava1.dll
2013-07-03 00:45 - 2012-09-09 15:25 - 00789416 _____ (Oracle Corporation) C:\windows\SysWOW64\deployJava1.dll
2013-07-02 21:28 - 2013-06-29 15:43 - 00000000 ____D C:\ProgramData\Electronic Arts
2013-07-02 21:16 - 2013-07-02 21:16 - 00001242 _____ C:\Users\Public\Desktop\SimCity™.lnk
2013-07-02 21:09 - 2013-07-02 21:07 - 00000000 ____D C:\Program Files (x86)\Origin Games
2013-07-02 21:01 - 2013-06-29 15:48 - 00000000 ____D C:\Users\laurenz\AppData\Roaming\Origin
2013-07-02 20:27 - 2013-07-02 20:27 - 00000000 ____D C:\Users\laurenz\Documents\SimCity
2013-07-02 20:27 - 2013-06-29 15:43 - 00000000 ____D C:\ProgramData\Origin
2013-07-02 20:22 - 2013-01-14 01:57 - 00025209 ____H C:\windows\SysWOW64\BTImages.dat
2013-07-02 17:44 - 2013-06-05 21:27 - 01622022 _____ C:\windows\SysWOW64\PerfStringBackup.INI
2013-07-01 23:18 - 2013-07-01 23:18 - 00002016 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2013-07-01 23:18 - 2013-06-30 21:31 - 00000000 ____D C:\Program Files (x86)\McAfee Security Scan
2013-06-30 22:00 - 2013-06-30 21:33 - 00003822 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2013-06-30 22:00 - 2012-05-18 19:42 - 00692104 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2013-06-30 22:00 - 2012-05-18 19:42 - 00071048 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-30 21:33 - 2012-09-30 15:30 - 00000000 ____D C:\Users\laurenz\AppData\Local\Adobe
2013-06-29 15:48 - 2013-06-29 15:48 - 00000000 ____D C:\Users\laurenz\AppData\Local\Origin
2013-06-29 15:43 - 2013-06-29 15:43 - 00000949 _____ C:\Users\Public\Desktop\Origin.lnk
2013-06-29 14:49 - 2013-06-29 14:48 - 16959688 _____ (Electronic Arts, Inc.) C:\Users\laurenz\Downloads\OriginThinSetup.exe
2013-06-27 18:01 - 2009-07-14 05:20 - 00000000 ____D C:\windows\system32\NDF
2013-06-24 00:57 - 2012-09-08 13:12 - 78277128 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe

Files to move or delete:
====================
C:\Users\laurenz\lol.launcher.admin.exe
C:\Users\laurenz\lol.launcher.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-04 20:41

==================== End Of Log ============================
--- --- ---

--- --- ---


hier addition:

FRST Additions Logfile:
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-07-2013
Ran by laurenz at 2013-07-24 18:41:34
Running from C:\Users\laurenz\Downloads
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

 
 2013 (Version: 2013.0.3349)
Adobe Flash Player 11 ActiveX (x32 Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (x32 Version: 11.7.700.224)
Adobe Reader X (10.1.7) - Deutsch (x32 Version: 10.1.7)
Age of Empires Online (x32)
ANNO 2070 (x32 Version: 1.0.0.0)
Apple Application Support (x32 Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (x32 Version: 2.1.3.127)
AVG 2013 (Version: 13.0.3204)
AVG 2013 (Version: 13.0.3349)
Battery Calibration (x32 Version: 1.0.1105.1601)
BioShock Infinite (x32)
Bonjour (Version: 3.0.0.10)
Browser Updater 1.1 (x32)
Bundled software uninstaller (x32)
BurnRecovery (x32 Version: 3.0.1103.1801)
Call of Duty: Black Ops - Multiplayer (x32)
Call of Duty: Black Ops (x32)
Call of Duty: Black Ops II - Multiplayer (x32)
Call of Duty: Black Ops II - Zombies (x32)
Call of Duty: Black Ops II (x32)
Call of Duty: Modern Warfare 3 (x32)
Company of Heroes (x32)
Complitly (x32)
Control ActiveX de Windows Live Mesh para conexiones remotas (x32 Version: 15.4.5722.2)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (x32 Version: 15.4.5722.2)
CyberLink YouCam (x32 Version: 3.1.4612)
D3DX10 (x32 Version: 15.4.2368.0902)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)
Dota 2 (x32)
Empire Earth (x32)
ETDWare PS/2-X64 8.0.5.7_WHQL (Version: 8.0.5.7)
Firebird SQL Server - MAGIX Edition (x32 Version: 2.1.27.0)
Free System Utilities (x32 Version: 1.0.0.28)
Free SystemUtilities (x32 Version: 1.0.0.28)
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922)
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922)
Google Chrome (x32 Version: 28.0.1500.72)
Google Drive (x32 Version: 1.10.4769.632)
Google Update Helper (x32 Version: 1.3.21.153)
Iminent (x32 Version: 5.52.31.0)
Intel PROSet Wireless
Intel(R) Manageability Engine Firmware Recovery Agent (x32 Version: 1.0.0.35342)
Intel(R) Management Engine Components (x32 Version: 8.0.4.1441)
Intel(R) OpenCL CPU Runtime (x32)
Intel(R) Processor Graphics (x32 Version: 9.17.10.2932)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (Version: 15.1.0.0096)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (Version: 2.1.1.0153)
Intel(R) Rapid Storage Technology (x32 Version: 11.1.0.1006)
Intel(R) USB 3.0 eXtensible Host Controller Driver (x32 Version: 1.0.4.220)
Intel® PROSet/Wireless WiFi Software (Version: 15.01.1000.0927)
Intel® Trusted Connect Service Client (Version: 1.23.605.1)
iTunes (Version: 11.0.3.42)
Java 7 Update 25 (x32 Version: 7.0.250)
Java 7 Update 9 (64-bit) (Version: 7.0.90)
Java Auto Updater (x32 Version: 2.1.9.5)
Junk Mail filter update (x32 Version: 15.4.3502.0922)
League of Legends (x32 Version: 1.3)
Left 4 Dead 2 (x32)
MAGIX Foto Manager 9 (x32 Version: 7.0.3.118)
MAGIX Music Maker 16 Download-Version (x32 Version: 16.0.3.0)
MAGIX Online Druck Service (x32 Version: 3.4.3.0)
MAGIX Screenshare (x32 Version: 4.3.6.1987)
MAGIX Speed burnR (x32 Version: 7.0.2.6)
MAGIX Video easy SE (x32 Version: 1.0.4.1)
McAfee Security Scan Plus (x32 Version: 3.0.318.3)
Mesh Runtime (x32 Version: 15.4.5722.2)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0)
Microsoft Office 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office 2010 Service Pack 1 (SP1) (x32)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Home and Student 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (x32 Version: 11.0.51106.1)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (x32 Version: 11.0.51106.1)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106)
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106)
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106)
Mozilla Firefox 22.0 (x86 de) (x32 Version: 22.0)
Mozilla Maintenance Service (x32 Version: 22.0)
MSI HOUSE (x32 Version: 10.07.1601)
MSI Software Install (x32 Version: 4.0.1105.1701)
MSVCRT (x32 Version: 15.4.2862.0708)
MSVCRT_amd64 (x32 Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
NVIDIA GeForce Experience 1.5.1 (Version: 1.5.1)
NVIDIA Grafiktreiber 320.49 (Version: 320.49)
NVIDIA Install Application (Version: 2.1002.125.816)
NVIDIA Optimus 6.4.23 (Version: 6.4.23)
NVIDIA PhysX (x32 Version: 9.13.0604)
NVIDIA PhysX-Systemsoftware 9.13.0604 (Version: 9.13.0604)
NVIDIA Systemsteuerung 320.49 (Version: 320.49)
NVIDIA Update 6.4.23 (Version: 6.4.23)
NVIDIA Update Components (Version: 6.4.23)
Orcs Must Die! 2 (x32)
Origin (x32 Version: 9.2.1.4399)
PC Cleaner v3.1 (x32 Version: 3.1)
PCSafeDoctor (x32 Version: 2.0)
PlanetSide 2 (x32)
Prison Architect (x32)
Protected Search 1.1 (x32)
QuickTime (x32 Version: 7.74.80.86)
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922)
Realtek Ethernet Controller Driver (x32 Version: 7.50.1123.2011)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6602)
Realtek PCIE Card Reader (x32 Version: 6.1.7601.92)
ROCCAT Kova[+] Mouse Driver (x32 Version: 1.10)
Saints Row: The Third (x32)
S-Bar (x32 Version: 21.012.04278)
SimCity™ (x32 Version: 1.0.0.0)
Skype Click to Call (x32 Version: 6.3.11079)
Skype™ 6.5 (x32 Version: 6.5.158)
SpeedUpMyPC (x32 Version: 5.3.8.8)
Steam (x32 Version: 1.0.0.0)
Stronghold (x32 Version: 1.20.0000)
Stronghold 2 (x32 Version: 1.40.1000)
Stronghold Crusader Extreme (x32 Version: 1.20.0000)
Stronghold Legends (x32 Version: 1.20.0000)
Super-Charger (x32 Version: 1.2.006)
Team Fortress 2 (x32)
Team Fortress 2 Beta (x32)
Text-To-Speech-Runtime (x32 Version: 1.0.0.0)
THX TruStudio Pro (x32 Version: 1.04.01)
Überwachungstool für die Intel® Turbo-Boost-Technik 2.5 (Version: 2.5.1.0)
Ubisoft Game Launcher (x32 Version: 1.0.0.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (x32 Version: 1)
Update for Microsoft Office 2010 (KB2553065) (x32)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2566458) (x32)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (x32)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition (x32)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (x32)
Visual Studio 2010 x64 Redistributables (Version: 13.0.0.1)
Windows Live (x32 Version: 15.4.3502.0922)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3538.0513)
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Mail (x32 Version: 15.4.3502.0922)
Windows Live Mesh (x32 Version: 15.4.3502.0922)
Windows Live Mesh ActiveX Control for Remote Connections (x32 Version: 15.4.5722.2)
Windows Live Mesh ActiveX control for remote connections (x32 Version: 15.4.5722.2)
Windows Live Messenger (x32 Version: 15.4.3538.0513)
Windows Live MIME IFilter (Version: 15.4.3502.0922)
Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live Remote Client (Version: 15.4.5722.2)
Windows Live Remote Client Resources (Version: 15.4.5722.2)
Windows Live Remote Service (Version: 15.4.5722.2)
Windows Live Remote Service Resources (Version: 15.4.5722.2)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
Windows Live Writer (x32 Version: 15.4.3502.0922)
Windows Live Writer Resources (x32 Version: 15.4.3502.0922)
WinRAR 4.20 (64-Bit) (Version: 4.20.0)
ZoneAlarm Antivirus (x32 Version: 11.0.000.020)
ZoneAlarm Firewall (x32 Version: 11.0.000.020)
ZoneAlarm Free Antivirus + Firewall (x32 Version: 11.0.000.020)
ZoneAlarm LTD Toolbar
ZoneAlarm Security (x32 Version: 11.0.000.020)
ZoneAlarm Security Toolbar  (x32)

==================== Restore Points  =========================

23-07-2013 15:54:23 DirectX wurde installiert
24-07-2013 14:18:39 Uniblue SpeedUpMyPC installation

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {02BC2C5E-B2A1-4E04-8C00-A295979CABDA} - \Advanced System Protector_startup No Task File
Task: {11501A0B-1D22-408F-AAD1-C32C00139297} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-17] (Google Inc.)
Task: {2A03BABE-D686-4E50-81FE-7CFF7959DF6B} - \{9848F1DA-9057-4B9B-BFD5-576EA5986442} No Task File
Task: {35897F51-25D5-4C21-9949-C382AA4CB981} - System32\Tasks\DSite => C:\Users\laurenz\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE No File
Task: {5AE9178A-54DC-46C3-90AB-895CD4FAF188} - System32\Tasks\Software Updater => C:\Program Files (x86)\SoftwareUpdater\SoftwareUpdater.Bootstrapper.exe [2013-07-08] ()
Task: {5D2AED40-73B4-4133-BD4F-5FB203457F4E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-10-17] (Google Inc.)
Task: {64EB4714-51A3-46B9-BE30-6A83D434D50C} - \User_Feed_Synchronization-{B2EBECA6-5FD4-4577-BC4A-C7B2E71F3A84} No Task File
Task: {6570CB1B-F619-4D99-BA17-87CFB3D07C6A} - \SidebarExecute No Task File
Task: {99292503-4B4B-4018-972D-5E03104409B0} - \{F9242452-056E-4482-8C97-1819B0009FE3} No Task File
Task: {A8A2C15D-D66C-4EE3-840D-6D30F59FDBBE} - System32\Tasks\Microsoft\Windows\MUI\Lpksetup => C:\windows\System32\lpksetup.exe [2010-11-21] (Microsoft Corporation)
Task: {B54AAA64-36DD-4FC2-814E-2C6E08822EDB} - System32\Tasks\Software Updater Ui => C:\Program Files (x86)\SoftwareUpdater\SoftwareUpdater.Ui.exe [2013-07-15] ()
Task: {B60BDD60-C3B2-4898-A46B-754172465E77} - System32\Tasks\ProtectedSearch\Protected Search => C:\Program Files (x86)\Protected Search\ProtectedSearch.exe [2013-03-19] (Simplygen)
Task: {B744460B-2654-4C57-8360-3FE2D011BBEE} - System32\Tasks\Lyrics-Pal Update => C:\Program Files (x86)\LyricsPal\Lyrics.exe No File
Task: {BFDC8D68-19BE-43F4-880C-912E04C597F2} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-30] (Adobe Systems Incorporated)
Task: {C8530CF2-D804-4CF6-91C9-09F03DB05283} - System32\Tasks\Freemium1ClickMaint => C:\Program Files (x86)\Covus Freemium\Free System Utilities\1Click.exe [2013-04-11] ()
Task: {D04ABE25-1038-4C9B-B69E-8AA921267616} - \Adobe-Online-Aktualisierungsprogramm No Task File
Task: {D547F041-16DB-4FD7-A1F3-D5D4BBFBEC49} - System32\Tasks\EPUpdater => C:\Users\laurenz\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe [2013-06-06] ()
Task: {E7AA30E0-3930-45D2-A069-38E634D2534E} - System32\Tasks\Browser Updater\Browser Updater => C:\windows\system32\rundll32.exe [2009-07-14] (Microsoft Corporation)
Task: {F3AAA4C9-0C6F-44FF-8E90-A275AECF2D3E} - \Java Update Scheduler No Task File
Task: {FA8DA4FB-882E-4237-8871-7B9C5C802A3D} - System32\Tasks\SpeedUpMyPC => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\sump.exe [2013-06-27] (Uniblue Systems Ltd)
Task: {FC3C749B-70C3-40D0-83AB-365C8E1690E0} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {FE1E2F7D-ADA3-4062-80FE-66A1F7ECE835} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {FF828DB4-AF47-43A1-9709-F8BE5999099C} - System32\Tasks\spmonitor => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\spmonitor.exe [2013-06-27] (Uniblue Systems Ltd)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\DSite.job => ?
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\Lyrics-Pal Update.job => C:\Program Files (x86)\LyricsPal\Lyrics.exe
Task: C:\windows\Tasks\SpeedUpMyPC.job => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\sump.exe
Task: C:\windows\Tasks\spmonitor.job => C:\Program Files (x86)\Uniblue\SpeedUpMyPC\spmonitor.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/24/2013 02:40:33 PM) (Source: MsiInstaller) (User: NT-AUTORITÄT)
Description: Product: Skype Click to Call -- Error 1609. An error occurred while applying security settings. Users is not a valid user or group. This could be a problem with the package, or a problem connecting to a domain controller on the network. Check your network connection and click Retry, or Cancel to end the install. Unable to locate the user's SID, system error 1332(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (07/24/2013 02:39:12 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 58543666

Error: (07/24/2013 02:39:12 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 58543666

Error: (07/24/2013 02:39:12 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/24/2013 02:39:11 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 58542605

Error: (07/24/2013 02:39:11 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 58542605

Error: (07/24/2013 02:39:11 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/23/2013 10:23:51 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 22496

Error: (07/23/2013 10:23:51 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 22496

Error: (07/23/2013 10:23:51 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (07/24/2013 02:40:07 PM) (Source: DCOM) (User: )
Description: {4EB61BAC-A3B6-4760-9581-655041EF4D69}

Error: (07/23/2013 10:23:25 PM) (Source: DCOM) (User: )
Description: {1F87137D-0E7C-44D5-8C73-4EFFB68962F2}

Error: (07/23/2013 04:25:46 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.

Error: (07/23/2013 04:24:25 PM) (Source: Application Popup) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\windows\SysWow64\drivers\RKHit.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (07/23/2013 04:21:34 PM) (Source: Application Popup) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\windows\SysWow64\drivers\RKHit.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.

Error: (07/23/2013 06:33:47 AM) (Source: Service Control Manager) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen:
%%5

Error: (07/23/2013 06:33:45 AM) (Source: DCOM) (User: )
Description: {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C}

Error: (07/23/2013 02:43:06 AM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht vergrößert werden kann.

Error: (07/22/2013 10:36:09 PM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht vergrößert werden kann.

Error: (07/22/2013 05:51:30 PM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht vergrößert werden kann.


Microsoft Office Sessions:
=========================
Error: (07/24/2013 02:40:33 PM) (Source: MsiInstaller)(User: NT-AUTORITÄT)
Description: Product: Skype Click to Call -- Error 1609. An error occurred while applying security settings. Users is not a valid user or group. This could be a problem with the package, or a problem connecting to a domain controller on the network. Check your network connection and click Retry, or Cancel to end the install. Unable to locate the user's SID, system error 1332(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (07/24/2013 02:39:12 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 58543666

Error: (07/24/2013 02:39:12 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 58543666

Error: (07/24/2013 02:39:12 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/24/2013 02:39:11 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 58542605

Error: (07/24/2013 02:39:11 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 58542605

Error: (07/24/2013 02:39:11 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/23/2013 10:23:51 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 22496

Error: (07/23/2013 10:23:51 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 22496

Error: (07/23/2013 10:23:51 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second


CodeIntegrity Errors:
===================================
  Date: 2013-07-24 18:41:06.149
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-23 16:53:38.714
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-23 06:12:56.273
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-23 01:55:43.644
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-22 15:06:05.864
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-22 00:48:40.965
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-22 00:13:38.212
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-21 23:47:12.477
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-21 23:35:20.367
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-21 23:24:55.648
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Percentage of memory in use: 41%
Total physical RAM: 8088.96 MB
Available physical RAM: 4758.76 MB
Total Pagefile: 16176.1 MB
Available Pagefile: 12380.7 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: (OS_Install) (Fixed) (Total:272.09 GB) (Free:6.02 GB) NTFS (Disk=0 Partition=3) ==>[System with boot components (obtained from reading drive)]
Drive d: (Data) (Fixed) (Total:181.4 GB) (Free:181.04 GB) NTFS (Disk=0 Partition=4)
Drive e: (SIMCITY) (CDROM) (Total:1.85 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 04A8E13C)
Partition 1: (Not Active) - (Size=12 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=27)
Partition 3: (Not Active) - (Size=272 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=181 GB) - (Type=07 NTFS)

==================== End Of Log ============================
--- --- ---

schrauber 25.07.2013 06:52
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!
Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.


Alle Zeitangaben in WEZ +1. Es ist jetzt 23:50 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131