Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   doppelt unterstrichene markierte Wörter auf Websites und Werbebuttoms (https://www.trojaner-board.de/142192-doppelt-unterstrichene-markierte-woerter-websites-werbebuttoms.html)

Tosca78 27.09.2013 17:18
doppelt unterstrichene markierte Wörter auf Websites und Werbebuttoms
 
Hallo guten Abend,
ich habe zwar die diversen Forenbeiträge zu diesem Thema bereits gelesen komme aber irgendwie nicht klar. Auf dem Läppi meiner Frau sind überall diese markierten und unterstrichenen Wörter wenn man mit der Maus nur drüber geht gehen da sehr merkwürdige Websites auf die man dann kaum noch zu bekommt. Wenn man surft erscheinen überall Werbebanner, sodass es nahezu unmöglich ist mal etwas zu lesen weil man nur noch damit beschäftigt ist andere Seiten und Werbung zu schliessen. Ich habe bereit die Programme runter geladen die in den anderen Beiträgen beschrieben waren und hänge die Dateien hier an in der Hoffnung das mir jemand helfen kann.

Beste Grüße

schrauber 27.09.2013 18:01
Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.


So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

Tosca78 27.09.2013 19:22
ich hoffe das ist so richtig


Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-09-2013
Ran by Büro at 2013-09-27 18:01:18
Running from C:\Users\Büro\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Internet Security (Enabled - Up to date) {2B2D1395-420B-D5C9-657E-930FE358FC3C}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Internet Security (Enabled - Up to date) {904CF271-6431-DA47-5FCE-A87D98DFB681}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
FW: avast! Internet Security (Enabled) {131692B0-0864-D491-4E21-3A3A1D8BBB47}

==================== Installed Programs ======================

64 Bit HP CIO Components Installer (Version: 7.2.8)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.168)
Adobe Reader XI (11.0.03) - Deutsch (x32 Version: 11.0.03)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98)
Aloha TriPeaks (x32 Version: 2.2.0.98)
AMD APP SDK Runtime (Version: 10.0.938.2)
AMD Catalyst Install Manager (Version: 8.0.881.0)
Apple Application Support (x32 Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (x32 Version: 2.1.3.127)
avast! Internet Security (x32 Version: 8.0.1497.0)
Battlelog Web Plugins (x32 Version: 2.1.3)
Bejeweled 3 (x32 Version: 2.2.0.98)
Bonjour (Version: 3.0.0.10)
BufferChm (x32 Version: 140.0.298.000)
Build-a-lot: On Vacation (x32 Version: 2.2.0.110)
BURY Time Suite 1.29 (x32 Version: 1.29)
C4700 (x32 Version: 140.0.851.000)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center (x32 Version: 2012.0806.1156.19437)
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.0806.1156.19437)
Catalyst Control Center InstallProxy (x32 Version: 2012.0806.1156.19437)
Catalyst Control Center Localization All (x32 Version: 2012.0806.1156.19437)
CCC Help Chinese Standard (x32 Version: 2012.0806.1155.19437)
CCC Help Chinese Traditional (x32 Version: 2012.0806.1155.19437)
CCC Help Czech (x32 Version: 2012.0806.1155.19437)
CCC Help Danish (x32 Version: 2012.0806.1155.19437)
CCC Help Dutch (x32 Version: 2012.0806.1155.19437)
CCC Help English (x32 Version: 2012.0806.1155.19437)
CCC Help Finnish (x32 Version: 2012.0806.1155.19437)
CCC Help French (x32 Version: 2012.0806.1155.19437)
CCC Help German (x32 Version: 2012.0806.1155.19437)
CCC Help Greek (x32 Version: 2012.0806.1155.19437)
CCC Help Hungarian (x32 Version: 2012.0806.1155.19437)
CCC Help Italian (x32 Version: 2012.0806.1155.19437)
CCC Help Japanese (x32 Version: 2012.0806.1155.19437)
CCC Help Korean (x32 Version: 2012.0806.1155.19437)
CCC Help Norwegian (x32 Version: 2012.0806.1155.19437)
CCC Help Polish (x32 Version: 2012.0806.1155.19437)
CCC Help Portuguese (x32 Version: 2012.0806.1155.19437)
CCC Help Russian (x32 Version: 2012.0806.1155.19437)
CCC Help Spanish (x32 Version: 2012.0806.1155.19437)
CCC Help Swedish (x32 Version: 2012.0806.1155.19437)
CCC Help Thai (x32 Version: 2012.0806.1155.19437)
CCC Help Turkish (x32 Version: 2012.0806.1155.19437)
ccc-utility64 (Version: 2012.0806.1156.19437)
Chronicles of Albian (x32 Version: 2.2.0.110)
Chuzzle Deluxe (x32 Version: 2.2.0.95)
Cities XL Platinum (x32 Version: 1.0.0)
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.110)
CyberLink Power2Go 8 (x32 Version: 8.0.0.1923)
CyberLink PowerDVD (x32 Version: 9.0.5601.52)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (x32)
Destinations (x32 Version: 140.0.253.000)
DeviceDiscovery (x32 Version: 140.0.298.000)
Diff Doc (x32)
ESN Sonar (x32 Version: 0.70.4)
FATE (x32 Version: 2.2.0.97)
FDUx86 (x32 Version: 1.0.0)
Free YouTube Download version 3.2.5.628 (x32 Version: 3.2.5.628)
GIMP 2.8.4 (Version: 2.8.4)
Google Chrome (x32 Version: 29.0.1547.76)
Google Drive (x32 Version: 1.11.4865.2530)
Google Update Helper (x32 Version: 1.3.21.153)
GPBaseService2 (x32 Version: 140.0.297.000)
Heroes of Hellas 3: Athens (x32 Version: 2.2.0.110)
HP Customer Participation Program 14.0 (Version: 14.0)
HP Imaging Device Functions 14.0 (Version: 14.0)
HP Photosmart C4700 All-in-One Driver 14.0 Rel. 6 (Version: 14.0)
HP Photosmart C4700 All-in-One Driver Software 14.0 Rel. 6 (Version: 14.0)
HP Product Detection (x32 Version: 11.15.0005)
HP Solution Center 14.0 (Version: 14.0)
HP Update (x32 Version: 5.002.006.003)
HPPhotoGadget (x32 Version: 140.0.524.000)
HPProductAssistant (x32 Version: 140.0.298.000)
HPSSupply (x32 Version: 140.0.297.000)
Inkscape 0.48.4 (x32 Version: 0.48.4)
Intel AppUp(SM) center (x32 Version: 03.05.11)
Intel(R) Management Engine Components (x32 Version: 8.1.0.1252)
Intel(R) Rapid Storage Technology (x32 Version: 11.5.3.1004)
Intel® Trusted Connect Service Client (Version: 1.24.388.1)
Interaktive Sprachreise - Intensivkurs English (x32)
iTunes (Version: 11.1.0.126)
Java 7 Update 10 (64-bit) (Version: 7.0.100)
Java Auto Updater (x32 Version: 2.1.6.0)
Java(TM) 7 Update 5 (x32 Version: 7.0.50)
KUx86 (x32 Version: 1.0.0)
Luxor HD (x32 Version: 2.2.0.110)
Mahjongg Artifacts (x32 Version: 2.2.0.110)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
MarketResearch (x32 Version: 140.0.212.000)
Medal of Honor Airborne (x32 Version: 1.0.1.0)
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0)
Microsoft Office (x32 Version: 14.0.6120.5004)
Microsoft Office 2010 Service Pack 1 (SP1) (x32)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Home and Student 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Single Image 2010 (x32 Version: 14.0.6029.1000)
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.6029.1000)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Mobile Master Copy Station (x32 Version: 8.5.9)
Mobile Master Copy Station 8.5.9 (x32 Version: 8.5.9)
Mozilla Firefox 24.0 (x86 de) (x32 Version: 24.0)
Mozilla Maintenance Service (x32 Version: 24.0)
Mozilla Thunderbird 17.0.8 (x86 de) (x32 Version: 17.0.8)
Mystery of Mortlake Mansion (x32 Version: 2.2.0.98)
Mystery P.I. - The London Caper (x32 Version: 2.2.0.95)
Network64 (Version: 140.0.306.000)
NVIDIA PhysX (x32 Version: 9.09.0203)
Origin (x32 Version: 9.1.15.109)
PDF24 Creator 5.3.0 (x32)
PDFCreator (x32 Version: 1.5.1)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98)
PlayMemories Home (x32 Version: 6.3.02.07270)
Polar Bowler (x32 Version: 2.2.0.97)
PS_AIO_06_C4700_SW_Min (x32 Version: 140.0.863.000)
Qualcomm Atheros Bluetooth Suite (64) (Version: 8.0.0.212)
QuickTransfer (x32 Version: 140.0.98.000)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6695)
Realtek PCIE Card Reader (x32 Version: 6.1.8400.28121)
Remote Keyboard (x32 Version: 1.2.0.09270)
Restore (x32 Version: 1.0.0)
Scan (x32 Version: 140.0.253.000)
SCS Shortcut (x32 Version: 1.0)
Shared C Run-time for x64 (Version: 10.0.0)
Shop for HP Supplies (Version: 14.0)
Silent Hunter 5 (x32 Version: 1.2.0)
Skiregion Simulator 2012 (x32 Version: 1.0)
Sniper: Ghost Warrior - Dedicated Server (x32)
Sniper: Ghost Warrior (x32)
SolutionCenter (x32 Version: 140.0.299.000)
Sony PC Companion 2.10.174 (x32 Version: 2.10.174)
Spybot - Search & Destroy (x32 Version: 2.0.12)
SSLx64 (Version: 1.0.0)
SSLx86 (x32 Version: 1.0.0)
Status (x32 Version: 140.0.342.000)
Steam (x32 Version: 1.0.0.0)
Synaptics Pointing Device Driver (Version: 16.2.16.2)
Toolbox (x32 Version: 140.0.596.000)
TrayApp (x32 Version: 140.0.297.000)
Ubisoft Game Launcher (x32 Version: 1.0.0.0)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (x32)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553065) (x32)
Update for Microsoft Office 2010 (KB2553157) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2566458) (x32)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2589370) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2760758) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition (x32)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition (x32)
Update for Microsoft OneNote 2010 (KB2810072) 32-Bit Edition (x32)
Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition (x32)
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition (x32)
Update for Microsoft PowerPoint 2010 (KB2553145) 32-Bit Edition (x32)
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition (x32)
Update Installer for WildTangent Games App (x32)
VAIO - Remote-Tastatur (x32 Version: 1.2.0.09270)
VAIO - Xperia Link (x32 Version: 1.0.0.08170)
VAIO Care (Version: 8.0.0.08150)
VAIO Control Center (x32 Version: 6.0.0.08200)
VAIO Data Restore Tool (x32 Version: 1.10.0.07270)
VAIO Easy Connect (x32 Version: 1.2.0.08150)
VAIO Gate (x32 Version: 3.0.0.08140)
VAIO Gate Default (x32 Version: 3.0.0.08060)
VAIO Gesture Control (x32 Version: 2.0.0.08240)
VAIO Image Optimizer (x32 Version: 3.0.00.08170)
VAIO Improvement (x32 Version: 2.0.0.08090)
VAIO Media Server Settings (Version: 1.0.0.08240)
VAIO Movie Creator Template Data (x32 Version: 4.0.00.08170)
VAIO Update (x32 Version: 6.3.0.08010)
VAIO*CPU-Lüfterdiagnose (x32 Version: 1.1.0.09200)
VAIO-Handbuch (x32 Version: 3.0.0.08100)
VAIO-Support für Übertragungen (x32 Version: 1.8.0.08212)
VCCx64 (Version: 1.0.0)
VCCx86 (x32 Version: 1.0.0)
VGClientX64 (Version: 1.0.0)
VHD (x32 Version: 1.0.0)
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98)
VIx64 (Version: 1.0.0)
VIx86 (x32 Version: 1.0.0)
VMLx86 (x32 Version: 1.0.0)
VPMx64 (Version: 1.0.0)
VSSTx64 (Version: 1.0.0)
VSSTx86 (x32 Version: 1.0.0)
VU5x64 (Version: 1.0.0)
VU5x86 (x32 Version: 1.0.0)
VUx64 (Version: 1.0.0)
VUx86 (x32 Version: 1.0.0)
VWSTx86 (x32 Version: 1.0.0)
WebReg (x32 Version: 140.0.297.017)
WildTangent Games App (x32 Version: 4.0.8.7)
WildTangent-Spiele (x32 Version: 1.0.3.0)
WinRAR 4.20 (64-Bit) (Version: 4.20.0)
World of Tanks (x32)
World of Warplanes (x32)
XperiaLinkx86 (x32 Version: 1.0.0)

==================== Restore Points  =========================

11-09-2013 16:32:42 Windows Update
18-09-2013 10:34:36 Installiert VAIO Update
27-09-2013 13:35:09 Removed iTunes
27-09-2013 13:36:15 Removed iTunes

==================== Hosts content: ==========================

2012-07-26 07:26 - 2012-12-14 19:19 - 00444830 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1        www.007guard.com
127.0.0.1        007guard.com
127.0.0.1        008i.com
127.0.0.1        www.008k.com
127.0.0.1        008k.com
127.0.0.1        www.00hq.com
127.0.0.1        00hq.com
127.0.0.1        010402.com
127.0.0.1        www.032439.com
127.0.0.1        032439.com
127.0.0.1        www.0scan.com
127.0.0.1        0scan.com
127.0.0.1        www.1000gratisproben.com
127.0.0.1        1000gratisproben.com
127.0.0.1        1001namen.com
127.0.0.1        www.1001namen.com
127.0.0.1        100888290cs.com
127.0.0.1        www.100888290cs.com
127.0.0.1        www.100sexlinks.com
127.0.0.1        100sexlinks.com
127.0.0.1        www.10sek.com
127.0.0.1        10sek.com
127.0.0.1        www.1-2005-search.com
127.0.0.1        1-2005-search.com
127.0.0.1        www.123fporn.info
127.0.0.1        123fporn.info
127.0.0.1        123haustiereundmehr.com
127.0.0.1        www.123haustiereundmehr.com
127.0.0.1        123moviedownload.com

There are 1000 more lines.


==================== Scheduled Tasks (whitelisted) =============

Task: {010C2C6E-24EB-4BB6-B2F3-77FAE8BA9D5F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-08] (Google Inc.)
Task: {083A0650-E15B-4204-8243-A48C140BFBC5} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {120D81DA-0E98-4442-BEA8-0B3BD2F57B35} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementMonitorUser => C:\Program Files\Sony\VAIO Improvement\vim.exe [2013-04-03] (Sony Corporation)
Task: {1935451F-6565-4043-9BE4-854B6D78F2AC} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-08-15] (Sony Corporation)
Task: {19694259-3BEA-4C8B-9C2E-1349FCBCE4C3} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient
Task: {34447E47-662D-42DD-9B15-2342D960929F} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-08-18] (Sony Corporation)
Task: {3B974C2D-863F-4C1E-90D1-D8FCB40EBF47} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-08-15] (Sony Corporation)
Task: {3DAE85BE-3CE4-4FBE-98FC-AAC32FD54597} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {414C6809-CEE1-4951-BE0D-0CE4E3AC65FA} - System32\Tasks\Sony Corporation\VAIO Update\Launch Application => C:\Program Files\SONY\VAIO Update\ShellExeProxy.exe [2013-08-01] (Sony Corporation)
Task: {44415A50-06CE-498F-9AC6-001CCEC897A5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-10] (Adobe Systems Incorporated)
Task: {528F0345-1DEF-4F67-BB9E-75058A08D281} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2012-08-09] (Sony Corporation)
Task: {57E8C5B2-1C8D-4F3A-8E53-767C31EACA05} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-08-18] (Sony Corporation)
Task: {6D306725-406E-45DC-9B0D-95208DEBC094} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2013-08-01] (Sony Corporation)
Task: {8711B4BE-F269-4670-9ECB-39BB43D764AC} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-08-15] (Sony Corporation)
Task: {9544B13E-F6A9-4889-86D7-56406C16AB0C} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-08-14] (Sony Corporation)
Task: {96835185-82D4-47A4-85AE-670A85013A02} - System32\Tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask => C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe [2012-08-04] (Sony Corporation)
Task: {A2079CCC-10E6-4008-9896-CA7C4603744F} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-08-15] (Sony Corporation)
Task: {AF109D9D-40B7-41BF-A17F-68D8ED185224} - System32\Tasks\Sony Corporation\VAIO Care\CRMReminder => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-08-15] (Sony Corporation)
Task: {B4C4D398-55B7-467D-8792-5F5BFE7AC362} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {B4CCC428-8BFA-4AE2-A145-4F9478CC59BC} - System32\Tasks\VHDInformationCheck => C:\Program Files (x86)\Sony\VAIO Recovery\plugins\InformationCheck.exe [2012-07-31] (Sony Corporation)
Task: {C545C579-485E-452E-ABAC-92742F5179F3} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-08] (CyberLink)
Task: {CE24313A-DC6D-4D08-98B5-F7B6E19D16B5} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementMonitorSystem => C:\Program Files\Sony\VAIO Improvement\vim.exe [2013-04-03] (Sony Corporation)
Task: {CF793676-9820-48BD-BDC7-6B990D6BC525} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2013-08-01] (Sony Corporation)
Task: {D214E362-9F65-4767-ACBB-488C48D71225} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {DAD8C0CD-3173-4E67-A497-0D39F10A1F3F} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2013-08-16] (Microsoft Corporation)
Task: {E7F2CB83-AD96-45A9-BB19-D15A18B89128} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2013-08-30] (AVAST Software)
Task: {E85A9541-D42C-4627-A6FE-710584944ED7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-04-08] (Google Inc.)
Task: {EB8BEBBD-25F5-42DC-85A8-1FCD3D96DBFF} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-07-24] (CyberLink Corp.)
Task: {ECD073EA-1FDC-4693-8B2B-86BE18E68B3F} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe
Task: {F4C391F6-1ADB-4A24-A2A4-BE65FD71EF07} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-08-15] (Sony Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-09-27 13:59 - 2013-09-27 12:14 - 02100736 _____ () C:\Program Files\AVAST Software\Avast\defs\13092701\algo.dll
2013-09-13 19:51 - 2013-09-13 19:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-09-13 19:51 - 2013-09-13 19:51 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-12-14 17:42 - 2012-11-13 15:06 - 00108960 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2012-12-14 17:42 - 2012-11-13 15:06 - 00158624 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2012-12-14 17:42 - 2012-11-13 15:06 - 00416160 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2012-12-14 17:42 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2012-12-14 17:42 - 2012-11-13 15:06 - 00528288 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\JSDialogPack150.bpl
2012-09-23 23:16 - 2012-06-25 10:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2013-09-03 18:19 - 2012-04-30 11:57 - 00039936 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll
2013-09-03 18:19 - 2013-05-17 10:51 - 00207872 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll
2011-07-07 14:54 - 2011-07-07 14:54 - 00233984 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\Report.dll
2013-09-03 18:19 - 2013-05-20 12:58 - 00620718 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\sqlite3.dll
2013-09-03 18:19 - 2010-01-11 16:44 - 00053248 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\VObject.dll
2013-05-14 09:38 - 2013-05-14 09:38 - 00607744 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PhoneUpdate.dll
2013-01-08 17:03 - 2013-01-08 17:03 - 00086016 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\CalEngine.dll
2012-04-04 14:33 - 2012-04-04 14:33 - 00139776 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\CAgdLNotes.dll
2013-01-08 17:02 - 2013-01-08 17:02 - 00163840 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\CAgdOutlook.dll
2012-07-26 11:51 - 2012-07-26 11:51 - 00208896 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\VistaCalendar.dll
2012-09-23 23:58 - 2012-06-25 15:47 - 00891392 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtNetwork4.dll
2012-09-23 23:58 - 2012-06-25 15:47 - 02281984 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtCore4.dll
2012-09-23 23:58 - 2012-06-25 15:47 - 00015872 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\featureController.dll
2012-09-23 23:58 - 2012-06-25 15:47 - 00062976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\osEvents.dll
2012-09-23 23:58 - 2012-06-25 15:47 - 00322048 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\log4cplus.dll
2012-09-23 23:58 - 2012-06-25 15:47 - 00339456 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtXml4.dll
2012-09-23 23:58 - 2012-06-25 15:47 - 00400384 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\sqlite3.dll
2012-09-23 23:58 - 2012-06-25 15:47 - 00195584 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\libgsoap.dll
2012-09-23 23:58 - 2012-06-25 15:47 - 00062464 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\zlib1.dll
2012-09-23 23:58 - 2012-06-25 15:47 - 00443904 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\deviceProfile.dll
2012-09-23 23:58 - 2012-06-25 15:47 - 00019456 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\eventsSender.dll
2012-09-23 23:58 - 2012-06-25 15:47 - 00060928 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManagerStarter.dll
2012-12-14 17:42 - 2012-11-13 15:06 - 00554400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\VirtualTreesDXE150.bpl
2012-09-24 00:08 - 2012-06-08 05:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 11:34 - 2012-06-08 11:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2013-09-19 15:54 - 2013-09-19 15:55 - 03279768 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-09-11 22:38 - 2013-09-04 20:10 - 00327680 _____ () C:\Games\World_of_Tanks\voip.dll
2013-07-31 19:10 - 2013-07-16 09:35 - 00270336 _____ () C:\Games\World_of_Tanks\libcurl.dll
2013-07-31 19:10 - 2013-07-16 09:35 - 00321520 _____ () C:\Games\World_of_Tanks\ortp.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== Faulty Device Manager Devices =============

Name: Photosmart C4700 series
Description: Photosmart C4700 series
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Photosmart C4700 series
Description: Photosmart C4700 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Realtek PCIE CardReader
Description: Realtek PCIE CardReader
Class Guid: {4d36e970-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek Semiconduct Corp.
Service: RSPCIESTOR
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: WAN-Miniport (Netzwerkmonitor)
Description: WAN-Miniport (Netzwerkmonitor)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: =========================

Application errors:
==================
Error: (09/27/2013 03:39:30 PM) (Source: Microsoft-Windows-RestartManager) (User: Maik)
Description: Die Anwendung oder der Dienst "Apple Mobile Device" konnte nicht neu gestartet werden.

Error: (09/27/2013 03:26:18 PM) (Source: MsiInstaller) (User: Maik)
Description: Produkt: iTunes -- Fehler 1704. Eine Installation von Microsoft Office Office 64-bit Components 2010 ist im Augenblick unterbrochen. Sie müssen die von dieser Installation vorgenommenen Änderungen rückgängig machen, bevor Sie den Vorgang fortsetzen können. Möchten Sie diese Änderungen rückgängig machen?

Error: (09/27/2013 03:15:13 PM) (Source: Application Hang) (User: )
Description: Programm firefox.exe, Version 24.0.0.5001 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 21a8

Startzeit: 01ceb63296b9c0e9

Endzeit: 4567

Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Berichts-ID: c97aef1b-2776-11e3-bebd-083e8eb8cdb4

Vollständiger Name des fehlerhaften Pakets:

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (09/27/2013 03:10:18 PM) (Source: MsiInstaller) (User: Maik)
Description: Produkt: iTunes -- Fehler 1500. Im Augenblick wird eine weitere Installation ausgeführt. Sie müssen erst die zweite Installation abschließen, bevor Sie diese Installation fortsetzen können.

Error: (09/27/2013 03:10:15 PM) (Source: MsiInstaller) (User: Maik)
Description: Produkt: iTunes -- Fehler 1500. Im Augenblick wird eine weitere Installation ausgeführt. Sie müssen erst die zweite Installation abschließen, bevor Sie diese Installation fortsetzen können.

Error: (09/27/2013 03:08:09 PM) (Source: MsiInstaller) (User: Maik)
Description: Produkt: iTunes -- Fehler 1500. Im Augenblick wird eine weitere Installation ausgeführt. Sie müssen erst die zweite Installation abschließen, bevor Sie diese Installation fortsetzen können.

Error: (09/27/2013 03:08:00 PM) (Source: MsiInstaller) (User: Maik)
Description: Produkt: iTunes -- Fehler 1500. Im Augenblick wird eine weitere Installation ausgeführt. Sie müssen erst die zweite Installation abschließen, bevor Sie diese Installation fortsetzen können.

Error: (09/27/2013 03:05:55 PM) (Source: MsiInstaller) (User: Maik)
Description: Produkt: iTunes -- Fehler 1500. Im Augenblick wird eine weitere Installation ausgeführt. Sie müssen erst die zweite Installation abschließen, bevor Sie diese Installation fortsetzen können.

Error: (09/27/2013 03:04:27 PM) (Source: MsiInstaller) (User: Maik)
Description: Produkt: iTunes -- Fehler 1500. Im Augenblick wird eine weitere Installation ausgeführt. Sie müssen erst die zweite Installation abschließen, bevor Sie diese Installation fortsetzen können.

Error: (09/27/2013 10:24:15 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2391


System errors:
=============
Error: (09/27/2013 05:34:11 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT-AUTORITÄT)
Description: 0xc000014d0

Error: (09/27/2013 05:24:10 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070652 fehlgeschlagen: Update für Microsoft Visio Viewer 2010 (KB2810066) 32-Bit-Edition

Error: (09/27/2013 05:23:32 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070652 fehlgeschlagen: Update für Microsoft Office 2010 (KB2760598) 32-Bit-Edition

Error: (09/27/2013 05:23:32 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070652 fehlgeschlagen: Definitionsupdate für Microsoft Office 2010 (KB982726) 32-Bit-Edition

Error: (09/27/2013 05:23:25 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070652 fehlgeschlagen: Update für Microsoft Office 2010 (KB2589375) 32-Bit-Edition

Error: (09/27/2013 05:23:25 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070652 fehlgeschlagen: Update für Microsoft OneNote 2010 (KB2810072) 32-Bit-Edition

Error: (09/27/2013 03:39:30 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Apple Mobile Device" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (09/27/2013 03:39:30 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Apple Mobile Device erreicht.

Error: (09/27/2013 03:20:29 PM) (Source: Microsoft-Windows-Kernel-General) (User: NT-AUTORITÄT)
Description: 0xc000014d0

Error: (09/27/2013 03:21:15 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎27.‎09.‎2013 um 15:16:24 unerwartet heruntergefahren.


Microsoft Office Sessions:
=========================
Error: (09/27/2013 03:39:30 PM) (Source: Microsoft-Windows-RestartManager)(User: Maik)
Description: 0AppleMobileDeviceService.exeApple Mobile Device03026217820400

Error: (09/27/2013 03:26:18 PM) (Source: MsiInstaller)(User: Maik)
Description: Produkt: iTunes -- Fehler 1704. Eine Installation von Microsoft Office Office 64-bit Components 2010 ist im Augenblick unterbrochen. Sie müssen die von dieser Installation vorgenommenen Änderungen rückgängig machen, bevor Sie den Vorgang fortsetzen können. Möchten Sie diese Änderungen rückgängig machen?(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (09/27/2013 03:15:13 PM) (Source: Application Hang)(User: )
Description: firefox.exe24.0.0.500121a801ceb63296b9c0e94567C:\Program Files (x86)\Mozilla Firefox\firefox.exec97aef1b-2776-11e3-bebd-083e8eb8cdb4

Error: (09/27/2013 03:10:18 PM) (Source: MsiInstaller)(User: Maik)
Description: Produkt: iTunes -- Fehler 1500. Im Augenblick wird eine weitere Installation ausgeführt. Sie müssen erst die zweite Installation abschließen, bevor Sie diese Installation fortsetzen können.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (09/27/2013 03:10:15 PM) (Source: MsiInstaller)(User: Maik)
Description: Produkt: iTunes -- Fehler 1500. Im Augenblick wird eine weitere Installation ausgeführt. Sie müssen erst die zweite Installation abschließen, bevor Sie diese Installation fortsetzen können.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (09/27/2013 03:08:09 PM) (Source: MsiInstaller)(User: Maik)
Description: Produkt: iTunes -- Fehler 1500. Im Augenblick wird eine weitere Installation ausgeführt. Sie müssen erst die zweite Installation abschließen, bevor Sie diese Installation fortsetzen können.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (09/27/2013 03:08:00 PM) (Source: MsiInstaller)(User: Maik)
Description: Produkt: iTunes -- Fehler 1500. Im Augenblick wird eine weitere Installation ausgeführt. Sie müssen erst die zweite Installation abschließen, bevor Sie diese Installation fortsetzen können.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (09/27/2013 03:05:55 PM) (Source: MsiInstaller)(User: Maik)
Description: Produkt: iTunes -- Fehler 1500. Im Augenblick wird eine weitere Installation ausgeführt. Sie müssen erst die zweite Installation abschließen, bevor Sie diese Installation fortsetzen können.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (09/27/2013 03:04:27 PM) (Source: MsiInstaller)(User: Maik)
Description: Produkt: iTunes -- Fehler 1500. Im Augenblick wird eine weitere Installation ausgeführt. Sie müssen erst die zweite Installation abschließen, bevor Sie diese Installation fortsetzen können.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (09/27/2013 10:24:15 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2391


==================== Memory info ===========================

Percentage of memory in use: 36%
Total physical RAM: 6091.27 MB
Available physical RAM: 3867.96 MB
Total Pagefile: 12235.27 MB
Available Pagefile: 9665.91 MB
Total Virtual: 8192 MB
Available Virtual: 8191.75 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:662.54 GB) (Free:501.97 GB) NTFS
Drive f: (FAT_38e0) (Fixed) (Total:232.88 GB) (Free:192.06 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 699 GB) (Disk ID: 9171CA6D)

Partition: GPT Partition Type
========================================================
Disk: 1 (Size: 233 GB) (Disk ID: 691F2642)
Partition 1: (Not Active) - (Size=233 GB) - (Type=07 NTFS)

==================== End Of Log ============================
und hier Nummer 2


Code:
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.09.27.03

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16660
Büro :: MAIK [Administrator]

27.09.2013 15:35:30
mbam-log-2013-09-27 (15-35-30).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|F:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 507483
Laufzeit: 1 Stunde(n), 45 Minute(n), 37 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 12
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{60703C1E-E93C-B563-8B49-E031C10136FF} (PUP.Optional.Tarma.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\DataMngr_Toolbar (PUP.Optional.DataMngr.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\Software\1ClickDownload (PUP.Optional.1ClickDownload.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\Software\DataMngr (PUP.Optional.DataMngr.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\Software\delta LTD (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\Software\BabSolution\Updater (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\Software\InstalledBrowserExtensions\Plus HD (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Plus-HD-3.7 (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Google\Chrome\Extensions\bgnnidmnbdkmhfkjgdnngciimpdgohok (PUP.Optional.ATDheNetTVAp.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{20E7BC40-33F6-4A81-9D52-B58349326206} (PUP.Optional.DownLoadAndSA) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Plus-HD-3.7 (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 1
HKLM\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Daten: 11111111 -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 14
C:\Users\Büro\AppData\Roaming\Babylon (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\Download and Sa (PUP.Optional.DownLoadAndSA) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\Download and Sa\data (PUP.Optional.DownLoadAndSA) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Büro\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Büro\AppData\Roaming\OpenCandy\A4561B110FC541119568D8A7BB640EA6 (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Büro\AppData\Roaming\OpenCandy\DDB0544982DF46A6B8CD6593928BDE4A (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Büro\AppData\Local\Temp\mt_ffx\Delta (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Büro\AppData\Local\Temp\mt_ffx\Delta\delta (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Büro\AppData\Local\Temp\mt_ffx\Delta\delta\1.8.21.5 (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Plus-HD-3.7 (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Büro\AppData\Local\Temp\ct3244149 (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Büro\AppData\Local\Temp\ct3244149\xpi (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Büro\AppData\Local\Temp\ct3244149\xpi\defaults (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Büro\AppData\Local\Temp\ct3244149\xpi\defaults\preferences (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateien: 53
C:\Program Files (x86)\Plus-HD-3.7\Plus-HD-3.7-bg.exe (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Plus-HD-3.7\Plus-HD-3.7-bho.dll (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Plus-HD-3.7\Plus-HD-3.7-buttonutil.exe (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Plus-HD-3.7\Plus-HD-3.7-buttonutil64.exe (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Plus-HD-3.7\Plus-HD-3.7-chromeinstaller.exe (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Plus-HD-3.7\Plus-HD-3.7-codedownloader.exe (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Plus-HD-3.7\Plus-HD-3.7-enabler.exe (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Plus-HD-3.7\Plus-HD-3.7-firefoxinstaller.exe (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Plus-HD-3.7\Plus-HD-3.7-updater.exe (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Plus-HD-3.7\utils.exe (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\InstallMate\{A4F7960B-45B2-4DEB-AF00-0D907F14B4FD}\Setup.exe (PUP.Optional.Tarma.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\InstallMate\{A4F7960B-45B2-4DEB-AF00-0D907F14B4FD}\TsuDll.dll (PUP.Optional.Tarma.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Büro\AppData\Local\Temp\126w+rIW.exe.part (Adware.DomaIQ) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Büro\AppData\Local\Temp\72AAB040-BAB0-7891-80A0-4583B642EEBC\Latest\BabMaint.exe (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Büro\AppData\Local\Temp\72AAB040-BAB0-7891-80A0-4583B642EEBC\Latest\BExternal.dll (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Büro\AppData\Local\Temp\72AAB040-BAB0-7891-80A0-4583B642EEBC\Latest\ccp.exe (PUP.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Büro\AppData\Local\Temp\72AAB040-BAB0-7891-80A0-4583B642EEBC\Latest\CrxInstaller.dll (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Büro\AppData\Local\Temp\72AAB040-BAB0-7891-80A0-4583B642EEBC\Latest\Setup.exe (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Büro\AppData\Roaming\OpenCandy\A4561B110FC541119568D8A7BB640EA6\DeltaTB.exe (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Büro\Desktop\diverses\alter Läppi\diverses\ADLSoft_UnCompressor.exe (Adware.Agent) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Büro\Downloads\iLividSetup.exe (PUP.Optional.Bandoo) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Büro\Downloads\MyPhoneExplorer_Setup_v1.8.5.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Büro\Downloads\setup.exe (PUP.Optional.Installex) -> Erfolgreich gelöscht und in Quarantäne gestellt.
F:\diverses\diverses\ADLSoft_UnCompressor.exe (Adware.Agent) -> Erfolgreich gelöscht und in Quarantäne gestellt.
F:\games\Silent Hunter 5 v1.15 + 4 Trainer.exe (HackTool.GamesCheat) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Windows\Tasks\Plus-HD-3.7-chromeinstaller.job (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Windows\Tasks\Plus-HD-3.7-codedownloader.job (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Windows\Tasks\Plus-HD-3.7-enabler.job (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Windows\Tasks\Plus-HD-3.7-firefoxinstaller.job (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Windows\Tasks\Plus-HD-3.7-updater.job (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Büro\AppData\Roaming\Babylon\log_file.txt (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\Download and Sa\50c2151cdb92a.ocx (PUP.Optional.DownLoadAndSA) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\Download and Sa\50c2151cdb962.html (PUP.Optional.DownLoadAndSA) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\Download and Sa\50c2151cdb99b.js (PUP.Optional.DownLoadAndSA) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\Download and Sa\50c21656b35a6.ocx (PUP.Optional.DownLoadAndSA) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\Download and Sa\50c21656b35de.html (PUP.Optional.DownLoadAndSA) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\Download and Sa\50c21656b3619.js (PUP.Optional.DownLoadAndSA) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\Download and Sa\fpckkcpapmclmeaogjhccdjjnmcofiog.crx (PUP.Optional.DownLoadAndSA) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\Download and Sa\oefkakjpkkiiagdjjoecnnmblilbakbm.crx (PUP.Optional.DownLoadAndSA) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\Download and Sa\settings.ini (PUP.Optional.DownLoadAndSA) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\Download and Sa\uninstall.exe (PUP.Optional.DownLoadAndSA) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\Download and Sa\data\50c21656b3619.js (PUP.Optional.DownLoadAndSA) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\ProgramData\Download and Sa\data\jsondb.js (PUP.Optional.DownLoadAndSA) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Büro\AppData\Roaming\OpenCandy\DDB0544982DF46A6B8CD6593928BDE4A\TuneUpUtilities2013-2200217_de-DE.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Plus-HD-3.7\37212.crx (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Plus-HD-3.7\37212.xpi (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Plus-HD-3.7\background.html (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Plus-HD-3.7\Installer.log (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Plus-HD-3.7\Plus-HD-3.7-buttonutil.dll (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Plus-HD-3.7\Plus-HD-3.7-buttonutil64.dll (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Plus-HD-3.7\Plus-HD-3.7-helper.exe (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Plus-HD-3.7\Plus-HD-3.7.ico (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Plus-HD-3.7\Uninstall.exe (PUP.Optional.PlusHD.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
Habe jetzt auch nochmal adwcleaner drüber laufen lassen, hoffe das war kein Fehler.


Code:
# AdwCleaner v3.005 - Bericht erstellt am 27/09/2013 um 20:09:57
# Updated 22/09/2013 von Xplode
# Betriebssystem : Windows 8  (64 bits)
# Benutzername : Büro - MAIK
# Gestartet von : C:\Users\Büro\Downloads\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\clsoft ltd
Ordner Gelöscht : C:\ProgramData\Premium
Ordner Gelöscht : C:\ProgramData\StarApp
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Download and Sa
Ordner Gelöscht : C:\Users\BRO~1\AppData\Local\Temp\OCS
Ordner Gelöscht : C:\Users\Büro\AppData\LocalLow\Download and Sa
Ordner Gelöscht : C:\Users\Büro\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\Büro\AppData\Roaming\pdfforge
Ordner Gelöscht : C:\Users\Büro\AppData\Roaming\SendSpace
Ordner Gelöscht : C:\Users\Büro\AppData\Roaming\Mozilla\Firefox\Profiles\hly0mlf8.default\jetpack
Datei Gelöscht : C:\Users\Büro\AppData\Roaming\Mozilla\Firefox\Profiles\hly0mlf8.default\Extensions\freehdsport@freehdsport.tv.xpi
Datei Gelöscht : C:\Users\Büro\AppData\Roaming\Mozilla\Firefox\Profiles\hly0mlf8.default\searchplugins\Babylon.xml
Datei Gelöscht : C:\Users\Büro\AppData\Roaming\Mozilla\Firefox\Profiles\hly0mlf8.default\searchplugins\Conduit.xml
Datei Gelöscht : C:\Users\Büro\AppData\Roaming\Mozilla\Firefox\Profiles\hly0mlf8.default\searchplugins\delta.xml
Datei Gelöscht : C:\Users\Büro\AppData\Roaming\Mozilla\Firefox\Profiles\hly0mlf8.default\user.js

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{ACAA314B-EEBA-48E4-AD47-84E31C44796C}]
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\YontooIEClient.Layers
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\YontooIEClient.Layers.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\5e57d6dcb53aea46
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2413}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2413}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2413}
Schlüssel Gelöscht : HKCU\Software\BabSolution
Schlüssel Gelöscht : HKCU\Software\InstalledBrowserExtensions
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\wscontb
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\Iminent
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1

***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16688

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]

-\\ Mozilla Firefox v24.0 (de)

[ Datei : C:\Users\Büro\AppData\Roaming\Mozilla\Firefox\Profiles\hly0mlf8.default\prefs.js ]

Zeile gelöscht : user_pref("browser.search.defaultthis.engineName", "WhiteSmoke US New Customized Web Search");
Zeile gelöscht : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3244149&SearchSource=3&q={searchTerms}");
Zeile gelöscht : user_pref("extensions.ade9372bdc6d646909bf6238a8622d6b109af4fd964cf4b1b94641de3f20e38f7com37212.37212.backgroundjs", "\n\n/*****************************************************************************[...]
Zeile gelöscht : user_pref("extensions.ade9372bdc6d646909bf6238a8622d6b109af4fd964cf4b1b94641de3f20e38f7com37212.37212.internaldb.cache/2a71b3b28494cf1854d333288ccc18ba_DE.value", "%22var%20cat_2a71b3b28494cf1854d3332[...]
Zeile gelöscht : user_pref("extensions.ade9372bdc6d646909bf6238a8622d6b109af4fd964cf4b1b94641de3f20e38f7com37212.37212.internaldb.cache/3518e1eac042730aa1274618984462b3_DE.value", "%22var%20cat_3518e1eac042730aa127461[...]
Zeile gelöscht : user_pref("extensions.ade9372bdc6d646909bf6238a8622d6b109af4fd964cf4b1b94641de3f20e38f7com37212.37212.internaldb.cache/5cdf8a7ef2ec84abac286c67587b78d9.value", "%22function%20tcmMarkWindow%28a%29%7Bva[...]
Zeile gelöscht : user_pref("extensions.ade9372bdc6d646909bf6238a8622d6b109af4fd964cf4b1b94641de3f20e38f7com37212.37212.internaldb.cache/d5baae4ef839769f8eb7e9f9d82d8a40_DE.value", "%22var%20cat_d5baae4ef839769f8eb7e9f[...]
Zeile gelöscht : user_pref("extensions.ade9372bdc6d646909bf6238a8622d6b109af4fd964cf4b1b94641de3f20e38f7com37212.37212.plugins.plugin_13.name", "CrossriderAppUtils");
Zeile gelöscht : user_pref("extensions.ade9372bdc6d646909bf6238a8622d6b109af4fd964cf4b1b94641de3f20e38f7com37212.37212.plugins.plugin_14.name", "CrossriderUtils");
Zeile gelöscht : user_pref("extensions.ade9372bdc6d646909bf6238a8622d6b109af4fd964cf4b1b94641de3f20e38f7com37212.37212.plugins.plugin_78.name", "CrossriderInfo");
Zeile gelöscht : user_pref("extensions.crossrider.bic", "140e50b7bcbcec97f9acf5bfddf5c6f3");
Zeile gelöscht : user_pref("extensions.delta.admin", false);
Zeile gelöscht : user_pref("extensions.delta.aflt", "babsst");
Zeile gelöscht : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Zeile gelöscht : user_pref("extensions.delta.autoRvrt", "false");
Zeile gelöscht : user_pref("extensions.delta.bbDpng", "11");
Zeile gelöscht : user_pref("extensions.delta.cntry", "DE");
Zeile gelöscht : user_pref("extensions.delta.dfltLng", "de");
Zeile gelöscht : user_pref("extensions.delta.excTlbr", false);
Zeile gelöscht : user_pref("extensions.delta.ffxUnstlRst", true);
Zeile gelöscht : user_pref("extensions.delta.hdrMd5", "8837C1A5D20F19C5E8D907584AA387E0");
Zeile gelöscht : user_pref("extensions.delta.id", "5a851667000000000000083e8eb8cdb4");
Zeile gelöscht : user_pref("extensions.delta.instlDay", "15897");
Zeile gelöscht : user_pref("extensions.delta.instlRef", "sst");
Zeile gelöscht : user_pref("extensions.delta.lastVrsnTs", "1.8.21.59:09:47");
Zeile gelöscht : user_pref("extensions.delta.newTab", false);
Zeile gelöscht : user_pref("extensions.delta.prdct", "delta");
Zeile gelöscht : user_pref("extensions.delta.prtnrId", "delta");
Zeile gelöscht : user_pref("extensions.delta.rvrt", "false");
Zeile gelöscht : user_pref("extensions.delta.sg", "azb");
Zeile gelöscht : user_pref("extensions.delta.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.delta.tlbrId", "base");
Zeile gelöscht : user_pref("extensions.delta.tlbrSrchUrl", "");
Zeile gelöscht : user_pref("extensions.delta.vrsn", "1.8.21.5");
Zeile gelöscht : user_pref("extensions.delta.vrsnTs", "1.8.21.59:09:47");
Zeile gelöscht : user_pref("extensions.delta.vrsni", "1.8.21.5");
Zeile gelöscht : user_pref("extensions.delta_i.babExt", "");
Zeile gelöscht : user_pref("extensions.delta_i.babTrack", "affID=121563&tt=040713_rdrctful&tsp=4940");
Zeile gelöscht : user_pref("extensions.delta_i.srcExt", "ss");
Zeile gelöscht : user_pref("extentions.y2layers.defaultEnableAppsList", "twittube,buzzdock,YontooNewOffers");
Zeile gelöscht : user_pref("extentions.y2layers.installId", "7645f76f-3b7c-40b6-a691-b779b6b5237b");

-\\ Google Chrome v29.0.1547.76

[ Datei : C:\Users\Büro\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht : homepage

*************************

AdwCleaner[R0].txt - [18087 octets] - [27/09/2013 20:03:25]
AdwCleaner[S0].txt - [17110 octets] - [27/09/2013 20:09:57]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [17171 octets] ##########
Probleme sind allerdings noch die gleichen........

schrauber 28.09.2013 15:07

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

Tosca78 28.09.2013 19:00
So wie gewünscht die andere folgt gleich

Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.3 (09.27.2013:1)
OS: Windows 8 x64
Ran by Bro on 28.09.2013 at 19:44:07,33
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-555147751-3048471492-2092455339-1001\Software\SweetIM



~~~ Files



~~~ Folders

Failed to delete: [Folder] "C:\ProgramData\cloud software ltd"
Failed to delete: [Folder] "C:\Program Files (x86)\firstrowsportapp.com"



~~~ FireFox

Successfully deleted: [Folder] C:\Users\Bro\AppData\Roaming\mozilla\firefox\profiles\hly0mlf8.default\extensions\de9372bd-c6d6-4690-9bf6-238a8622d6b1@09af4fd9-64cf-4b1b-9464-1de3f20e38f7.com
Successfully deleted the following from C:\Users\Bro\AppData\Roaming\mozilla\firefox\profiles\hly0mlf8.default\prefs.js

user_pref("extensions.ade9372bdc6d646909bf6238a8622d6b109af4fd964cf4b1b94641de3f20e38f7com37212.37212.internaldb.cache/530e52021dc20843b1aa62957edeb9f8.value", "%22var%20adsDe
user_pref("extensions.ade9372bdc6d646909bf6238a8622d6b109af4fd964cf4b1b94641de3f20e38f7com37212.37212.internaldb.cache/833447eaff04548ccb80787286a7cad9_DE.value", "%22var%20ca
Emptied folder: C:\Users\Bro\AppData\Roaming\mozilla\firefox\profiles\hly0mlf8.default\minidumps [7 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 28.09.2013 at 19:54:04,44
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
und hier noch die FRST

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-09-2013
Ran by Büro (administrator) on MAIK on 28-09-2013 19:57:56
Running from C:\Users\Büro\Downloads
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Bury GmbH & Co. KG) C:\Program Files (x86)\BURY Time Suite\BuryLoggerSyncService.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(Firebird Project) C:\Program Files (x86)\FirebirdSQL\bin\fbguard.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Firebird Project) C:\Program Files (x86)\FirebirdSQL\bin\fbserver.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Grain Media, Inc.) C:\Users\Büro\AppData\Local\Temp\dlusb_launcherC120.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
(Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Corporation) C:\Windows\system32\msiexec.exe
(Microsoft Corporation) C:\Windows\syswow64\MsiExec.exe
(Microsoft Corporation) C:\Windows\System32\MsiExec.exe
(Microsoft Corporation) C:\Windows\WinStore\WSHost.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Thisisu) C:\Users\Büro\Downloads\JRT.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-08-20] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2930488 2012-09-27] (Synaptics Incorporated)
HKLM\...\Run: [BtTray] - C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [765056 2012-10-09] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-10-09] (Atheros Communications)
HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1811368 2013-09-06] (Valve Corporation)
HKCU\...\Run: [Spybot-S&D Cleaning] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [3713032 2012-11-13] (Safer-Networking Ltd.)
HKCU\...\Run: [DoUSBC120] - C:\Users\BRO~1\AppData\Local\Temp\dlusb_launcherC120.exe [110592 2011-10-06] (Grain Media, Inc.) <===== ATTENTION
HKCU\...\Run: [Sony PC Companion] - C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [449248 2013-05-29] (Sony)
MountPoints2: {46c3f8b1-05c1-11e2-be6a-806e6f6e6963} - "D:\START.exe" index.html
MountPoints2: {9d119ed0-e4d4-11e2-beaf-083e8eb8cdb4} - "E:\AutoRun.exe"
MountPoints2: {9d11a468-e4d4-11e2-beaf-083e8eb8cdb4} - "E:\AutoRun.exe"
MountPoints2: {ec0884c6-a661-11e2-be9c-083e8eb8cdb4} - "E:\dlusb_launcherC120.exe"
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ISBMgr.exe] - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-18] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] - C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [724576 2012-07-27] (Sony Corporation)
HKLM-x32\...\Run: [Intel AppUp(SM) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [152896 2012-06-25] (Intel Corporation)
HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [3825176 2012-11-13] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-08-30] (AVAST Software)
HKLM-x32\...\Run: [PDFPrint] - C:\Program Files (x86)\PDF24\pdf24.exe [162856 2013-02-19] (Geek Software GmbH)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-09-17] (Apple Inc.)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com
URLSearchHook: (No Name) - {3B81079D-2AC9-425f-A494-A1C7D93AFA3C} -  No File
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2413} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E62696E672E636F6D2F7365617263683F713D7B7365617263685465726D737D26666F726D3D4C454E4446382670633D4D414C4E267372633D49452D536561726368426F78&st={searchTerms}&clid=47702a1e-f753-4103-9f70-7d92c2a2d2af&pid=netzwelt&k=0
SearchScopes: HKCU - {1A7C8232-0186-44D0-8B84-9436B14703B5} URL = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=47702a1e-f753-4103-9f70-7d92c2a2d2af&pid=netzwelt&mode=bounce&k=0
SearchScopes: HKCU - {313352A6-21C4-4D58-9590-588272D08F4B} URL = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=47702a1e-f753-4103-9f70-7d92c2a2d2af&pid=netzwelt&mode=bounce&k=0
SearchScopes: HKCU - {4383C211-0BF7-465D-8F8A-2309CAD463ED} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q312&_nkw={searchTerms}
SearchScopes: HKCU - {9D0523C8-B48E-49A7-977C-ED200AB2934F} URL = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=47702a1e-f753-4103-9f70-7d92c2a2d2af&pid=netzwelt&mode=bounce&k=0
SearchScopes: HKCU - {A1AB15D2-0325-4F8B-9816-491AEEF6C6DD} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASEJS
SearchScopes: HKCU - {A6FC23A0-CDAE-46B1-BFBE-AE697D60714A} URL = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=47702a1e-f753-4103-9f70-7d92c2a2d2af&pid=netzwelt&mode=bounce&k=0
SearchScopes: HKCU - {C70D2AAE-CBC7-421F-9EBC-D90F492D7678} URL = hxxp://de.search.yahoo.com.anonymize-me.de/?anonymto=687474703A2F2F64652E7365617263682E7961686F6F2E636F6D2F7365617263683F66723D6368722D677265656E747265655F69652665693D7574662D3826696C633D313226747970653D32343435303626703D7B7365617263685465726D737D&st={searchTerms}&clid=47702a1e-f753-4103-9f70-7d92c2a2d2af&pid=netzwelt&k=0
SearchScopes: HKCU - {EAFF01AE-2338-4682-8332-B3CF14C795D5} URL = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=47702a1e-f753-4103-9f70-7d92c2a2d2af&pid=netzwelt&mode=bounce&k=0
SearchScopes: HKCU - {F0158379-7E7D-4AB2-9051-587667442EAF} URL = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=47702a1e-f753-4103-9f70-7d92c2a2d2af&pid=netzwelt&mode=bounce&k=0
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: No Name - {D558163C-D11E-1BAA-D2FD-4EC7302DD35E} -  No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Büro\AppData\Roaming\Mozilla\Firefox\Profiles\hly0mlf8.default
FF NewTab: hxxp://www.google.com/firefox
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin: @java.com/DTPlugin,version=10.10.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.10.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.3 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.5.0 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.5.0 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: HP Detect - C:\Users\Büro\AppData\Roaming\Mozilla\Firefox\Profiles\hly0mlf8.default\Extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Intel Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U5) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Uplay PC) - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
CHR Plugin: (WildTangent Games App V2 Presence Detector) - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll No File
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.50.6) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Extension: (Google Docs) - C:\Users\BRO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\BRO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\BRO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\BRO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Download and Sa) - C:\Users\BRO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpckkcpapmclmeaogjhccdjjnmcofiog\7.1_0
CHR Extension: (Plus-HD-3.7) - C:\Users\BRO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgdgpogmpcjffpmdkoedclegjohlepii\1.23.7_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\BRO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Download and Sa) - C:\Users\BRO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\oefkakjpkkiiagdjjoecnnmblilbakbm\7.1_0
CHR Extension: (Gmail) - C:\Users\BRO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [fpckkcpapmclmeaogjhccdjjnmcofiog] - C:\ProgramData\Download and Sa\fpckkcpapmclmeaogjhccdjjnmcofiog.crx
CHR HKLM-x32\...\Chrome\Extension: [oefkakjpkkiiagdjjoecnnmblilbakbm] - C:\ProgramData\Download and Sa\oefkakjpkkiiagdjjoecnnmblilbakbm.crx
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [219776 2012-10-09] (Qualcomm Atheros Commnucations)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [137960 2013-08-30] (AVAST Software)
R2 BuryLoggerSyncService; C:\Program Files (x86)\BURY Time Suite\BuryLoggerSyncService.exe [107520 2011-03-08] (Bury GmbH & Co. KG)
R2 FirebirdGuardianBURYTIMESUITE; C:\Program Files (x86)\FirebirdSQL\bin\fbguard.exe [81920 2010-04-19] (Firebird Project)
R3 FirebirdServerBURYTIMESUITE; C:\Program Files (x86)\FirebirdSQL\bin\fbserver.exe [2723840 2010-04-19] (Firebird Project)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [623784 2012-08-18] (Sony Corporation)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474208 2012-07-27] (Sony Corporation)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [156672 2012-08-06] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1103392 2012-11-13] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1369624 2012-11-13] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [168384 2012-11-13] (Safer-Networking Ltd.)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2012-08-08] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1368624 2013-08-01] (Sony Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-10-09] (Atheros)
S4 McOobeSv2; "C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc [x]

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-08-30] (AVAST Software)
R1 aswFW; C:\Windows\System32\Drivers\aswFW.sys [131232 2013-08-30] (AVAST Software)
R0 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [22600 2013-08-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-08-30] (AVAST Software)
R1 aswNdisFlt; C:\Windows\system32\DRIVERS\aswNdisFlt.sys [276992 2013-08-30] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-08-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-08-30] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-30] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-30] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-08-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [204880 2013-08-30] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-08-20] (Advanced Micro Devices)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-10-09] (Qualcomm Atheros)
R3 BTATH_VDP; C:\Windows\system32\drivers\btath_vdp.sys [427416 2012-10-09] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44344 2012-09-27] (Synaptics Incorporated)
R3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-11] (Sony Corporation)
S3 WUDFWpdComp; C:\Windows\system32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation)
S3 hwdatacard; \SystemRoot\system32\DRIVERS\ewusbmdm.sys [x]
S3 pccsmcfd; \SystemRoot\system32\DRIVERS\pccsmcfdx64.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-28 19:54 - 2013-09-28 19:54 - 00001741 _____ C:\Users\Büro\Desktop\JRT.txt
2013-09-28 19:43 - 2013-09-28 19:43 - 01030305 _____ (Thisisu) C:\Users\Büro\Downloads\JRT.exe
2013-09-28 19:43 - 2013-09-28 19:43 - 00000000 ____D C:\Windows\ERUNT
2013-09-27 20:03 - 2013-09-27 20:10 - 00000000 ____D C:\AdwCleaner
2013-09-27 20:01 - 2013-09-27 20:01 - 01042066 _____ C:\Users\Büro\Downloads\adwcleaner.exe
2013-09-27 18:02 - 2013-09-27 18:02 - 00035596 _____ C:\Users\Büro\Desktop\Addition.txt
2013-09-27 18:01 - 2013-09-27 18:01 - 00035596 _____ C:\Users\Büro\Downloads\Addition.txt
2013-09-27 17:59 - 2013-09-27 17:59 - 00000000 ____D C:\FRST
2013-09-27 17:58 - 2013-09-27 17:58 - 01953854 _____ (Farbar) C:\Users\Büro\Downloads\FRST64.exe
2013-09-27 17:36 - 2013-09-05 22:09 - 00694232 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-27 17:36 - 2013-09-05 22:09 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-27 15:50 - 2013-09-27 15:50 - 00001743 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-09-27 15:50 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2013-09-27 15:48 - 2013-09-27 15:50 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-09-27 15:48 - 2013-09-27 15:50 - 00000000 ____D C:\Program Files\iTunes
2013-09-27 15:48 - 2013-09-27 15:50 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-09-27 15:48 - 2013-09-27 15:48 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2013-09-27 15:48 - 2013-09-27 15:48 - 00000000 ____D C:\Program Files\iPod
2013-09-27 15:48 - 2013-09-27 15:48 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2013-09-27 15:47 - 2013-09-27 15:47 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-09-27 15:47 - 2013-09-27 15:47 - 00000000 ____D C:\Program Files\Bonjour
2013-09-27 15:47 - 2013-09-27 15:47 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-09-27 15:44 - 2013-09-27 15:46 - 97176400 _____ (Apple Inc.) C:\Users\Büro\Downloads\iTunes64Setup(2).exe
2013-09-27 15:16 - 2013-09-27 15:16 - 00023712 _____ C:\Users\Büro\Desktop\Kopie von Team Akademie Leipzigaktuell.xlsx
2013-09-27 15:05 - 2013-09-27 15:05 - 00001069 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-09-27 15:05 - 2013-09-27 15:05 - 00000000 ____D C:\Users\Büro\AppData\Roaming\Malwarebytes
2013-09-27 15:05 - 2013-09-27 15:05 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-27 15:05 - 2013-09-27 15:05 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-27 15:05 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-09-27 15:04 - 2013-09-27 15:03 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Büro\Downloads\mbam-setup-1.75.0.1300.exe
2013-09-19 15:54 - 2013-09-19 15:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-18 12:24 - 2013-09-18 12:24 - 00356648 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-11 16:54 - 2013-08-16 07:39 - 02371728 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll
2013-09-11 16:54 - 2013-08-16 07:32 - 00209200 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2013-09-11 16:54 - 2013-08-16 07:22 - 04917760 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2013-09-11 16:54 - 2013-08-16 07:21 - 03275776 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2013-09-11 16:54 - 2013-08-16 07:21 - 01621504 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2013-09-11 16:54 - 2013-08-16 07:21 - 01164288 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2013-09-11 16:54 - 2013-08-16 07:21 - 00773120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2013-09-11 16:54 - 2013-08-16 07:21 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2013-09-11 16:54 - 2013-08-16 07:21 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2013-09-11 16:54 - 2013-08-16 07:21 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\WSSync.dll
2013-09-11 16:54 - 2013-08-16 07:21 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll
2013-09-11 16:54 - 2013-08-16 07:20 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2013-09-11 16:54 - 2013-08-16 00:43 - 00628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2013-09-11 16:54 - 2013-08-16 00:43 - 00562688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2013-09-11 16:54 - 2013-08-16 00:43 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSSync.dll
2013-09-11 16:54 - 2013-08-16 00:43 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2013-09-11 16:54 - 2013-08-16 00:42 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppc.dll
2013-09-11 16:53 - 2013-08-16 07:41 - 00058200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dam.sys
2013-09-11 16:53 - 2013-08-16 07:39 - 00059416 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2013-09-11 16:53 - 2013-08-16 07:22 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2013-09-11 16:53 - 2013-08-16 07:21 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2013-09-11 16:53 - 2013-08-16 07:21 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\WSClient.dll
2013-09-11 16:53 - 2013-08-16 07:21 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2013-09-11 16:53 - 2013-08-16 07:21 - 00174592 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2013-09-11 16:53 - 2013-08-16 07:21 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-09-11 16:53 - 2013-08-16 07:21 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2013-09-11 16:53 - 2013-08-16 07:21 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2013-09-11 16:53 - 2013-08-16 07:21 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\setupcln.dll
2013-09-11 16:53 - 2013-08-16 07:21 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2013-09-11 16:53 - 2013-08-16 07:21 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2013-09-11 16:53 - 2013-08-16 00:43 - 00167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSClient.dll
2013-09-11 16:53 - 2013-08-16 00:43 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2013-09-11 16:53 - 2013-08-16 00:43 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-09-11 16:53 - 2013-08-16 00:43 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2013-09-11 16:53 - 2013-08-16 00:43 - 00083968 _____ C:\Windows\SysWOW64\OEMLicense.dll
2013-09-11 16:53 - 2013-08-16 00:43 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2013-09-11 16:53 - 2013-08-16 00:43 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2013-09-11 16:53 - 2013-08-16 00:42 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupcln.dll
2013-09-11 16:51 - 2013-08-21 06:12 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-11 16:51 - 2013-08-21 06:12 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-11 16:51 - 2013-08-21 06:11 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-11 16:51 - 2013-08-21 06:11 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-11 16:51 - 2013-08-21 06:11 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-11 16:51 - 2013-08-21 06:11 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-11 16:51 - 2013-08-21 06:11 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-11 16:51 - 2013-08-21 06:11 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2013-09-11 16:51 - 2013-08-21 06:11 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-11 16:51 - 2013-08-21 06:11 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-11 16:51 - 2013-08-21 06:11 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-11 16:51 - 2013-08-21 06:11 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-11 16:51 - 2013-08-21 06:11 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2013-09-11 16:51 - 2013-08-21 06:11 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-11 16:51 - 2013-08-21 06:11 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-11 16:51 - 2013-08-21 04:34 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-11 16:51 - 2013-08-21 04:06 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-11 16:51 - 2013-08-21 04:06 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-11 16:51 - 2013-08-21 04:06 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2013-09-11 16:51 - 2013-08-21 04:05 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-11 16:51 - 2013-08-21 04:05 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-11 16:51 - 2013-08-21 04:05 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-11 16:51 - 2013-08-21 04:05 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-11 16:51 - 2013-08-21 04:05 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-11 16:51 - 2013-08-21 04:05 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-11 16:51 - 2013-08-21 04:05 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-11 16:51 - 2013-08-21 04:05 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-11 16:51 - 2013-08-21 04:05 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-11 16:51 - 2013-08-21 04:05 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-11 16:51 - 2013-08-21 03:43 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-11 16:51 - 2013-08-21 01:52 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2013-09-11 16:51 - 2013-08-07 07:15 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll
2013-09-11 16:51 - 2013-08-03 06:30 - 04038144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-11 16:49 - 2013-07-09 10:04 - 00120144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpioclx.sys
2013-09-11 16:49 - 2013-07-09 08:18 - 00439488 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2013-09-11 16:49 - 2013-07-09 06:25 - 00385768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2013-09-11 16:49 - 2013-07-09 05:57 - 00245760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationApi.dll
2013-09-11 16:49 - 2013-07-09 00:46 - 00543744 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll
2013-09-11 16:49 - 2013-07-09 00:46 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
2013-09-11 16:49 - 2013-07-09 00:46 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Wwanadvui.dll
2013-09-11 16:49 - 2013-07-09 00:45 - 00312832 _____ (Microsoft Corporation) C:\Windows\system32\LocationApi.dll
2013-09-11 16:49 - 2013-07-06 02:16 - 01025024 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2013-09-11 16:49 - 2013-07-03 02:23 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2013-09-11 16:49 - 2013-07-03 02:23 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
2013-09-11 16:49 - 2013-07-03 02:22 - 02839552 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2013-09-11 16:49 - 2013-07-03 02:22 - 01300480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-09-11 16:49 - 2013-07-03 02:11 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2013-09-11 16:49 - 2013-07-03 02:11 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2013-09-11 16:49 - 2013-07-03 02:10 - 02273792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2013-09-11 16:49 - 2013-07-02 00:08 - 00387583 _____ C:\Windows\system32\ApnDatabase.xml
2013-09-11 16:49 - 2013-07-01 00:30 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\openfiles.exe
2013-09-11 16:49 - 2013-07-01 00:29 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\openfiles.exe
2013-09-11 16:49 - 2013-06-29 08:15 - 00195416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2013-09-11 16:49 - 2013-06-29 08:15 - 00125784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2013-09-11 16:49 - 2013-06-29 07:43 - 00327512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2013-09-11 16:49 - 2013-06-29 03:12 - 01022464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-09-11 16:49 - 2013-06-26 05:01 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2013-09-11 16:49 - 2013-06-26 04:59 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys
2013-09-11 16:49 - 2013-06-25 00:54 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2013-09-11 16:49 - 2013-06-25 00:54 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2013-09-11 16:49 - 2013-06-25 00:54 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2013-09-11 16:49 - 2013-06-19 07:36 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\winmmbase.dll
2013-09-11 16:49 - 2013-06-19 07:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll
2013-09-11 16:49 - 2013-06-19 00:38 - 00160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmmbase.dll
2013-09-11 16:49 - 2013-06-19 00:38 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll
2013-09-11 16:49 - 2013-06-12 01:43 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2013-09-11 16:49 - 2013-06-12 01:26 - 00230912 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2013-09-11 16:49 - 2013-06-10 23:17 - 00096512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2013-09-11 16:49 - 2013-06-10 21:16 - 00888832 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-09-11 16:49 - 2013-06-10 21:15 - 01156096 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-09-11 16:49 - 2013-06-10 21:15 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2013-09-11 16:49 - 2013-06-10 21:15 - 00381952 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-09-11 16:49 - 2013-06-10 21:10 - 00702464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-09-11 16:49 - 2013-06-10 21:10 - 00245248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-09-11 16:49 - 2013-06-06 10:03 - 00119040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2013-09-11 09:13 - 2013-09-11 09:13 - 00000722 _____ C:\Users\Public\Desktop\World of Warplanes.lnk
2013-09-11 09:10 - 2013-09-11 09:10 - 08775080 _____ (Wargaming.net                                              ) C:\Users\Büro\Downloads\WoWP_internet_install_eu.exe
2013-09-11 08:56 - 2013-09-11 08:56 - 00000172 _____ C:\Users\Büro\Downloads\wot_pref.zip
2013-09-03 18:31 - 2013-09-03 18:31 - 00000023 _____ C:\Users\Büro\Downloads\listpack.txt
2013-09-03 18:31 - 2013-09-03 18:31 - 00000023 _____ C:\Users\Büro\Downloads\list.txt
2013-09-03 18:30 - 2013-09-03 18:30 - 00034696 _____ C:\Users\Büro\Downloads\samsungdrv.exe
2013-09-03 18:25 - 2013-09-03 18:25 - 00000000 ____D C:\Users\Büro\AppData\Local\Sony
2013-09-03 18:20 - 2013-09-19 09:22 - 00001986 _____ C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2013-09-03 18:19 - 2013-09-03 18:19 - 00000000 ____D C:\ProgramData\Sony
2013-09-03 18:17 - 2013-09-03 18:18 - 27723672 _____ (Sony Mobile Communications                                  ) C:\Users\Büro\Downloads\Sony PC Companion_2.10.165_Web.exe
2013-09-03 18:10 - 2013-09-03 18:10 - 06395919 _____ C:\Users\Büro\Downloads\X10_mini_drivers.zip
2013-09-03 18:07 - 2013-09-03 18:31 - 00000000 _____ C:\Users\Büro\Downloads\backup.ab
2013-09-03 18:06 - 2013-09-03 18:14 - 00000000 _____ C:\Users\Büro\Downloads\androidbackup.abt
2013-09-03 18:06 - 2013-09-03 18:06 - 00000000 ____D C:\Users\Büro\.android
2013-09-03 17:51 - 2013-09-03 18:18 - 00000002 _____ C:\Users\Büro\Downloads\lng.ini
2013-09-03 17:51 - 2013-09-03 17:51 - 00920576 ____H C:\Users\Büro\Downloads\gpubli.exe
2013-09-03 17:50 - 2013-09-03 17:50 - 00000090 _____ C:\Users\Büro\AppData\RoamingClient_Update.ini
2013-09-03 17:49 - 2013-09-03 17:49 - 09691648 _____ (MarijSoft) C:\Users\Büro\Downloads\PhoneBackup_2.0.exe

==================== One Month Modified Files and Folders =======

2013-09-28 19:54 - 2013-09-28 19:54 - 00001741 _____ C:\Users\Büro\Desktop\JRT.txt
2013-09-28 19:52 - 2012-11-05 15:50 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-555147751-3048471492-2092455339-1001
2013-09-28 19:43 - 2013-09-28 19:43 - 01030305 _____ (Thisisu) C:\Users\Büro\Downloads\JRT.exe
2013-09-28 19:43 - 2013-09-28 19:43 - 00000000 ____D C:\Windows\ERUNT
2013-09-28 19:26 - 2012-11-05 18:53 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-28 19:08 - 2013-04-08 12:48 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-28 19:02 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2013-09-28 17:30 - 2012-09-23 23:20 - 01666436 _____ C:\Windows\WindowsUpdate.log
2013-09-27 20:14 - 2013-04-08 12:48 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-27 20:12 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-27 20:10 - 2013-09-27 20:03 - 00000000 ____D C:\AdwCleaner
2013-09-27 20:01 - 2013-09-27 20:01 - 01042066 _____ C:\Users\Büro\Downloads\adwcleaner.exe
2013-09-27 18:33 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache
2013-09-27 18:02 - 2013-09-27 18:02 - 00035596 _____ C:\Users\Büro\Desktop\Addition.txt
2013-09-27 18:01 - 2013-09-27 18:01 - 00035596 _____ C:\Users\Büro\Downloads\Addition.txt
2013-09-27 17:59 - 2013-09-27 17:59 - 00000000 ____D C:\FRST
2013-09-27 17:58 - 2013-09-27 17:58 - 01953854 _____ (Farbar) C:\Users\Büro\Downloads\FRST64.exe
2013-09-27 17:34 - 2012-08-03 04:22 - 00111090 _____ C:\Windows\PFRO.log
2013-09-27 17:33 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2013-09-27 17:32 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\WinStore
2013-09-27 17:32 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-09-27 16:54 - 2013-05-11 20:57 - 00000000 ____D C:\Users\Büro\Documents\EA Games
2013-09-27 16:44 - 2012-11-05 18:49 - 00000000 ____D C:\Program Files (x86)\Steam
2013-09-27 16:42 - 2013-05-13 15:51 - 00000000 ____D C:\Program Files (x86)\Origin Games
2013-09-27 15:50 - 2013-09-27 15:50 - 00001743 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-09-27 15:50 - 2013-09-27 15:48 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-09-27 15:50 - 2013-09-27 15:48 - 00000000 ____D C:\Program Files\iTunes
2013-09-27 15:50 - 2013-09-27 15:48 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-09-27 15:48 - 2013-09-27 15:48 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2013-09-27 15:48 - 2013-09-27 15:48 - 00000000 ____D C:\Program Files\iPod
2013-09-27 15:48 - 2013-09-27 15:48 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2013-09-27 15:47 - 2013-09-27 15:47 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-09-27 15:47 - 2013-09-27 15:47 - 00000000 ____D C:\Program Files\Bonjour
2013-09-27 15:47 - 2013-09-27 15:47 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-09-27 15:46 - 2013-09-27 15:44 - 97176400 _____ (Apple Inc.) C:\Users\Büro\Downloads\iTunes64Setup(2).exe
2013-09-27 15:22 - 2012-12-05 11:12 - 00762880 ___SH C:\Users\Büro\Desktop\Thumbs.db
2013-09-27 15:20 - 2012-11-05 16:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-09-27 15:16 - 2013-09-27 15:16 - 00023712 _____ C:\Users\Büro\Desktop\Kopie von Team Akademie Leipzigaktuell.xlsx
2013-09-27 15:05 - 2013-09-27 15:05 - 00001069 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-09-27 15:05 - 2013-09-27 15:05 - 00000000 ____D C:\Users\Büro\AppData\Roaming\Malwarebytes
2013-09-27 15:05 - 2013-09-27 15:05 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-27 15:05 - 2013-09-27 15:05 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-27 15:03 - 2013-09-27 15:04 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Büro\Downloads\mbam-setup-1.75.0.1300.exe
2013-09-26 18:34 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-09-25 13:03 - 2013-01-29 10:52 - 00000000 ____D C:\Users\Büro\Desktop\diverses
2013-09-23 22:11 - 2013-03-25 22:06 - 00292352 ___SH C:\Users\Büro\Downloads\Thumbs.db
2013-09-21 15:11 - 2013-04-08 12:52 - 00002143 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-09-20 20:52 - 2012-11-05 16:51 - 00000000 ____D C:\Users\Büro\AppData\Local\Mozilla
2013-09-19 15:55 - 2013-09-19 15:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-19 09:22 - 2013-09-03 18:20 - 00001986 _____ C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2013-09-19 09:22 - 2012-09-23 23:09 - 00251828 _____ C:\Windows\DPINST.LOG
2013-09-19 09:22 - 2012-09-23 23:07 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-09-19 09:10 - 2012-12-28 21:30 - 00000000 ____D C:\Update
2013-09-18 12:35 - 2012-09-23 23:02 - 00000000 ____D C:\ProgramData\Sony Corporation
2013-09-18 12:33 - 2013-01-29 10:51 - 00003924 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-09-18 12:33 - 2013-01-29 10:51 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-09-18 12:24 - 2013-09-18 12:24 - 00356648 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-16 13:37 - 2012-09-23 23:56 - 00753134 _____ C:\Windows\system32\perfh007.dat
2013-09-16 13:37 - 2012-09-23 23:56 - 00155826 _____ C:\Windows\system32\perfc007.dat
2013-09-16 13:37 - 2012-07-26 09:28 - 01745416 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-15 16:39 - 2013-05-02 19:06 - 00004096 _____ C:\Users\Public\Documents\00001453.LCS
2013-09-15 16:39 - 2013-05-02 19:06 - 00000000 ____D C:\Users\Büro\AppData\Roaming\ProtectDisc
2013-09-11 20:59 - 2012-11-05 15:41 - 00000000 ____D C:\Users\Büro
2013-09-11 20:56 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\oobe
2013-09-11 18:42 - 2013-01-05 19:36 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-09-11 18:38 - 2013-08-14 03:04 - 00000000 ____D C:\Windows\system32\MRT
2013-09-11 18:36 - 2012-12-13 11:11 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-11 11:34 - 2013-07-31 16:40 - 00000000 ____D C:\Users\Büro\AppData\Roaming\wargaming.net
2013-09-11 09:13 - 2013-09-11 09:13 - 00000722 _____ C:\Users\Public\Desktop\World of Warplanes.lnk
2013-09-11 09:13 - 2013-07-31 16:39 - 00000000 ___HD C:\Windows\msdownld.tmp
2013-09-11 09:13 - 2013-07-31 16:39 - 00000000 ____D C:\Windows\SysWOW64\directx
2013-09-11 09:10 - 2013-09-11 09:10 - 08775080 _____ (Wargaming.net                                              ) C:\Users\Büro\Downloads\WoWP_internet_install_eu.exe
2013-09-11 08:56 - 2013-09-11 08:56 - 00000172 _____ C:\Users\Büro\Downloads\wot_pref.zip
2013-09-10 18:26 - 2012-11-05 18:53 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-09-06 11:29 - 2012-11-08 09:05 - 00000000 ____D C:\Users\Büro\AppData\Local\CrashDumps
2013-09-05 22:09 - 2013-09-27 17:36 - 00694232 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-05 22:09 - 2013-09-27 17:36 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-03 19:57 - 2012-11-26 19:06 - 00000000 ____D C:\Users\Büro\Documents\My Games
2013-09-03 19:51 - 2013-07-05 10:11 - 00000000 ____D C:\Program Files (x86)\Mobile Partner
2013-09-03 19:49 - 2012-12-07 18:08 - 00000000 ____D C:\ProgramData\InstallMate
2013-09-03 18:31 - 2013-09-03 18:31 - 00000023 _____ C:\Users\Büro\Downloads\listpack.txt
2013-09-03 18:31 - 2013-09-03 18:31 - 00000023 _____ C:\Users\Büro\Downloads\list.txt
2013-09-03 18:31 - 2013-09-03 18:07 - 00000000 _____ C:\Users\Büro\Downloads\backup.ab
2013-09-03 18:30 - 2013-09-03 18:30 - 00034696 _____ C:\Users\Büro\Downloads\samsungdrv.exe
2013-09-03 18:25 - 2013-09-03 18:25 - 00000000 ____D C:\Users\Büro\AppData\Local\Sony
2013-09-03 18:19 - 2013-09-03 18:19 - 00000000 ____D C:\ProgramData\Sony
2013-09-03 18:19 - 2012-09-23 23:27 - 00000000 ____D C:\Program Files (x86)\Sony
2013-09-03 18:18 - 2013-09-03 18:17 - 27723672 _____ (Sony Mobile Communications                                  ) C:\Users\Büro\Downloads\Sony PC Companion_2.10.165_Web.exe
2013-09-03 18:18 - 2013-09-03 17:51 - 00000002 _____ C:\Users\Büro\Downloads\lng.ini
2013-09-03 18:14 - 2013-09-03 18:06 - 00000000 _____ C:\Users\Büro\Downloads\androidbackup.abt
2013-09-03 18:10 - 2013-09-03 18:10 - 06395919 _____ C:\Users\Büro\Downloads\X10_mini_drivers.zip
2013-09-03 18:06 - 2013-09-03 18:06 - 00000000 ____D C:\Users\Büro\.android
2013-09-03 17:51 - 2013-09-03 17:51 - 00920576 ____H C:\Users\Büro\Downloads\gpubli.exe
2013-09-03 17:50 - 2013-09-03 17:50 - 00000090 _____ C:\Users\Büro\AppData\RoamingClient_Update.ini
2013-09-03 17:49 - 2013-09-03 17:49 - 09691648 _____ (MarijSoft) C:\Users\Büro\Downloads\PhoneBackup_2.0.exe
2013-09-03 17:49 - 2013-03-21 11:53 - 00014062 _____ C:\Windows\setupact.log
2013-08-30 09:48 - 2013-04-08 12:42 - 00276992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2013-08-30 09:48 - 2013-04-08 12:42 - 00204880 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-08-30 09:48 - 2013-04-08 12:42 - 00065336 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-08-30 09:48 - 2013-01-29 10:52 - 00378944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-08-30 09:48 - 2013-01-29 10:52 - 00131232 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFW.sys
2013-08-30 09:48 - 2013-01-29 10:52 - 00033400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-08-30 09:48 - 2013-01-29 10:51 - 01030952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-08-30 09:48 - 2013-01-29 10:51 - 00080816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-08-30 09:48 - 2013-01-29 10:51 - 00072016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-08-30 09:48 - 2013-01-29 10:51 - 00064288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-08-30 09:48 - 2013-01-29 10:51 - 00022600 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2013-08-30 09:47 - 2013-01-29 10:51 - 00287840 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-08-30 09:47 - 2013-01-29 10:50 - 00041664 _____ (AVAST Software) C:\Windows\avastSS.scr

Files to move or delete:
====================
C:\Users\BRO~1\AppData\Local\Temp\dlusb_launcherC120.exe


Some content of TEMP:
====================
C:\Users\Büro\AppData\Local\Temp\awiscale.dll
C:\Users\Büro\AppData\Local\Temp\DataCard_Setup64.exe
C:\Users\Büro\AppData\Local\Temp\detectionapi_rd.dll
C:\Users\Büro\AppData\Local\Temp\detectionui_r.exe
C:\Users\Büro\AppData\Local\Temp\directx10tests_rd.dll
C:\Users\Büro\AppData\Local\Temp\directx11tests_rd.dll
C:\Users\Büro\AppData\Local\Temp\directx9tests_rd.dll
C:\Users\Büro\AppData\Local\Temp\DLCapAPI.dll
C:\Users\Büro\AppData\Local\Temp\dlusb_launcherC120.exe
C:\Users\Büro\AppData\Local\Temp\drm_dyndata_7360007.dll
C:\Users\Büro\AppData\Local\Temp\DXCap.dll
C:\Users\Büro\AppData\Local\Temp\DXCap64.dll
C:\Users\Büro\AppData\Local\Temp\DXCapHost64.exe
C:\Users\Büro\AppData\Local\Temp\local.dll
C:\Users\Büro\AppData\Local\Temp\Medal of Honor_uninst.exe
C:\Users\Büro\AppData\Local\Temp\ose00000.exe
C:\Users\Büro\AppData\Local\Temp\ResetDevice.exe
C:\Users\Büro\AppData\Local\Temp\sonarinst.exe
C:\Users\Büro\AppData\Local\Temp\u320_dlusb.exe
C:\Users\Büro\AppData\Local\Temp\uninst1.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-20 03:05

==================== End Of Log ============================
--- --- ---

--- --- ---

schrauber 29.09.2013 17:33

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

Tosca78 29.09.2013 21:34
hat etwas länger gedauert
Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=ce19e7125e7f7d479e2ac4009c0433ce
# engine=15299
# end=stopped
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-09-29 06:07:52
# local_time=2013-09-29 08:07:52 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.2.9200 NT
# compatibility_mode=772 16777213 83 94 903573 157184344 0 0
# compatibility_mode=5893 16776574 100 94 2940253 39984183 0 0
# scanned=123770
# found=0
# cleaned=0
# scan_time=3947
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=ce19e7125e7f7d479e2ac4009c0433ce
# engine=15302
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-09-29 08:21:36
# local_time=2013-09-29 10:21:36 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.2.9200 NT
# compatibility_mode=772 16777213 83 94 911597 157192368 0 0
# compatibility_mode=5893 16776574 100 94 2948277 39992207 0 0
# scanned=284891
# found=3
# cleaned=3
# scan_time=7341
sh=949847653216F50E1ED353ECE12B24ADB5FED602 ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Büro\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpckkcpapmclmeaogjhccdjjnmcofiog\7.1_0\50c21656b33a45.01200279.js"
sh=9277EDE5CE4FDF402A17A8193D81376619BC2D1E ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\Büro\AppData\Local\Google\Chrome\User Data\Default\Extensions\oefkakjpkkiiagdjjoecnnmblilbakbm\7.1_0\50c2151cdb6fe2.89316229.js"
sh=2388A102F874745B699D044CF205D3421CB4E9B0 ft=1 fh=3ad07b4b98b9adb6 vn="multiple threats (cleaned by deleting - quarantined)" ac=C fn="C:\Windows\Temp\RegistryOptimizer.exe"
Nummer 2
Code:
Results of screen317's Security Check version 0.99.73 
  x64 (UAC is enabled) 
 Internet Explorer 10 
``````````````Antivirus/Firewall Check:``````````````
avast! Internet Security 
Windows Defender         
 Antivirus up to date! 
`````````Anti-malware/Other Utilities Check:`````````
 MVPS Hosts File 
 Spybot - Search & Destroy
 Malwarebytes Anti-Malware Version 1.75.0.1300 
 Java(TM) 7 Update 5 
 Java version out of Date!
 Adobe Flash Player        11.8.800.168 
 Adobe Reader XI 
 Mozilla Firefox (24.0)
 Mozilla Thunderbird (17.0.8)
 Google Chrome 29.0.1547.66 
 Google Chrome 29.0.1547.76 
````````Process Check: objlist.exe by Laurent```````` 
 Spybot Teatimer.exe is disabled!
 ESET ESET Online Scanner OnlineScannerApp.exe 
 AVAST Software Avast AvastSvc.exe 
 AVAST Software Avast afwServ.exe 
 AVAST Software Avast AvastUI.exe 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  %
````````````````````End of Log``````````````````````
Nummer Drei

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-09-2013
Ran by Büro (administrator) on MAIK on 29-09-2013 22:31:22
Running from C:\Users\Büro\Downloads
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Bury GmbH & Co. KG) C:\Program Files (x86)\BURY Time Suite\BuryLoggerSyncService.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(Firebird Project) C:\Program Files (x86)\FirebirdSQL\bin\fbguard.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.EXE
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Firebird Project) C:\Program Files (x86)\FirebirdSQL\bin\fbserver.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Grain Media, Inc.) C:\Users\Büro\AppData\Local\Temp\dlusb_launcherC120.exe
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files\Sony\VAIO Care\VCPerfService.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(ESET) C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Wargaming.net) C:\Games\World_of_Tanks\WorldOfTanks.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
() C:\Users\Büro\Downloads\SecurityCheck.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-08-20] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2930488 2012-09-27] (Synaptics Incorporated)
HKLM\...\Run: [BtTray] - C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [765056 2012-10-09] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-10-09] (Atheros Communications)
HKCU\...\Run: [Steam] - C:\Program Files (x86)\Steam\Steam.exe [1811368 2013-09-06] (Valve Corporation)
HKCU\...\Run: [Spybot-S&D Cleaning] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [3713032 2012-11-13] (Safer-Networking Ltd.)
HKCU\...\Run: [DoUSBC120] - C:\Users\BRO~1\AppData\Local\Temp\dlusb_launcherC120.exe [110592 2011-10-06] (Grain Media, Inc.) <===== ATTENTION
HKCU\...\Run: [Sony PC Companion] - C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [449248 2013-05-29] (Sony)
MountPoints2: {46c3f8b1-05c1-11e2-be6a-806e6f6e6963} - "D:\START.exe" index.html
MountPoints2: {9d119ed0-e4d4-11e2-beaf-083e8eb8cdb4} - "E:\AutoRun.exe"
MountPoints2: {9d11a468-e4d4-11e2-beaf-083e8eb8cdb4} - "E:\AutoRun.exe"
MountPoints2: {ec0884c6-a661-11e2-be9c-083e8eb8cdb4} - "E:\dlusb_launcherC120.exe"
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ISBMgr.exe] - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-18] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] - C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [724576 2012-07-27] (Sony Corporation)
HKLM-x32\...\Run: [Intel AppUp(SM) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [152896 2012-06-25] (Intel Corporation)
HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [3825176 2012-11-13] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-08-30] (AVAST Software)
HKLM-x32\...\Run: [PDFPrint] - C:\Program Files (x86)\PDF24\pdf24.exe [162856 2013-02-19] (Geek Software GmbH)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-09-17] (Apple Inc.)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com
URLSearchHook: (No Name) - {3B81079D-2AC9-425f-A494-A1C7D93AFA3C} -  No File
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2413} URL =
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E62696E672E636F6D2F7365617263683F713D7B7365617263685465726D737D26666F726D3D4C454E4446382670633D4D414C4E267372633D49452D536561726368426F78&st={searchTerms}&clid=47702a1e-f753-4103-9f70-7d92c2a2d2af&pid=netzwelt&k=0
SearchScopes: HKCU - {1A7C8232-0186-44D0-8B84-9436B14703B5} URL = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=47702a1e-f753-4103-9f70-7d92c2a2d2af&pid=netzwelt&mode=bounce&k=0
SearchScopes: HKCU - {313352A6-21C4-4D58-9590-588272D08F4B} URL = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=47702a1e-f753-4103-9f70-7d92c2a2d2af&pid=netzwelt&mode=bounce&k=0
SearchScopes: HKCU - {4383C211-0BF7-465D-8F8A-2309CAD463ED} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q312&_nkw={searchTerms}
SearchScopes: HKCU - {9D0523C8-B48E-49A7-977C-ED200AB2934F} URL = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=47702a1e-f753-4103-9f70-7d92c2a2d2af&pid=netzwelt&mode=bounce&k=0
SearchScopes: HKCU - {A1AB15D2-0325-4F8B-9816-491AEEF6C6DD} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASEJS
SearchScopes: HKCU - {A6FC23A0-CDAE-46B1-BFBE-AE697D60714A} URL = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=47702a1e-f753-4103-9f70-7d92c2a2d2af&pid=netzwelt&mode=bounce&k=0
SearchScopes: HKCU - {C70D2AAE-CBC7-421F-9EBC-D90F492D7678} URL = hxxp://de.search.yahoo.com.anonymize-me.de/?anonymto=687474703A2F2F64652E7365617263682E7961686F6F2E636F6D2F7365617263683F66723D6368722D677265656E747265655F69652665693D7574662D3826696C633D313226747970653D32343435303626703D7B7365617263685465726D737D&st={searchTerms}&clid=47702a1e-f753-4103-9f70-7d92c2a2d2af&pid=netzwelt&k=0
SearchScopes: HKCU - {EAFF01AE-2338-4682-8332-B3CF14C795D5} URL = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=47702a1e-f753-4103-9f70-7d92c2a2d2af&pid=netzwelt&mode=bounce&k=0
SearchScopes: HKCU - {F0158379-7E7D-4AB2-9051-587667442EAF} URL = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=47702a1e-f753-4103-9f70-7d92c2a2d2af&pid=netzwelt&mode=bounce&k=0
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: No Name - {D558163C-D11E-1BAA-D2FD-4EC7302DD35E} -  No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Büro\AppData\Roaming\Mozilla\Firefox\Profiles\hly0mlf8.default
FF NewTab: hxxp://www.google.com/firefox
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin: @java.com/DTPlugin,version=10.10.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.10.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.3 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.5.0 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.5.0 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: HP Detect - C:\Users\Büro\AppData\Roaming\Mozilla\Firefox\Profiles\hly0mlf8.default\Extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.com/"
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.66\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Intel Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U5) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Uplay PC) - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
CHR Plugin: (WildTangent Games App V2 Presence Detector) - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll No File
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.50.6) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Extension: (Google Docs) - C:\Users\BRO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\BRO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\BRO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\BRO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Download and Sa) - C:\Users\BRO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpckkcpapmclmeaogjhccdjjnmcofiog\7.1_0
CHR Extension: (Plus-HD-3.7) - C:\Users\BRO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgdgpogmpcjffpmdkoedclegjohlepii\1.23.7_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\BRO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Download and Sa) - C:\Users\BRO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\oefkakjpkkiiagdjjoecnnmblilbakbm\7.1_0
CHR Extension: (Gmail) - C:\Users\BRO~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM-x32\...\Chrome\Extension: [fpckkcpapmclmeaogjhccdjjnmcofiog] - C:\ProgramData\Download and Sa\fpckkcpapmclmeaogjhccdjjnmcofiog.crx
CHR HKLM-x32\...\Chrome\Extension: [oefkakjpkkiiagdjjoecnnmblilbakbm] - C:\ProgramData\Download and Sa\oefkakjpkkiiagdjjoecnnmblilbakbm.crx
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Services (Whitelisted) =================

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [219776 2012-10-09] (Qualcomm Atheros Commnucations)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [137960 2013-08-30] (AVAST Software)
R2 BuryLoggerSyncService; C:\Program Files (x86)\BURY Time Suite\BuryLoggerSyncService.exe [107520 2011-03-08] (Bury GmbH & Co. KG)
R2 FirebirdGuardianBURYTIMESUITE; C:\Program Files (x86)\FirebirdSQL\bin\fbguard.exe [81920 2010-04-19] (Firebird Project)
R3 FirebirdServerBURYTIMESUITE; C:\Program Files (x86)\FirebirdSQL\bin\fbserver.exe [2723840 2010-04-19] (Firebird Project)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [623784 2012-08-18] (Sony Corporation)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474208 2012-07-27] (Sony Corporation)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [156672 2012-08-06] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1103392 2012-11-13] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1369624 2012-11-13] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [168384 2012-11-13] (Safer-Networking Ltd.)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2012-08-08] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1368624 2013-08-01] (Sony Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-10-09] (Atheros)
S4 McOobeSv2; "C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc [x]

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-08-30] (AVAST Software)
R1 aswFW; C:\Windows\System32\Drivers\aswFW.sys [131232 2013-08-30] (AVAST Software)
R0 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [22600 2013-08-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-08-30] (AVAST Software)
R1 aswNdisFlt; C:\Windows\system32\DRIVERS\aswNdisFlt.sys [276992 2013-08-30] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-08-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-08-30] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-30] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-30] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-08-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [204880 2013-08-30] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-08-20] (Advanced Micro Devices)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-10-09] (Qualcomm Atheros)
R3 BTATH_VDP; C:\Windows\system32\drivers\btath_vdp.sys [427416 2012-10-09] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44344 2012-09-27] (Synaptics Incorporated)
R3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-11] (Sony Corporation)
S3 WUDFWpdComp; C:\Windows\system32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation)
S3 hwdatacard; \SystemRoot\system32\DRIVERS\ewusbmdm.sys [x]
S3 pccsmcfd; \SystemRoot\system32\DRIVERS\pccsmcfdx64.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-29 22:28 - 2013-09-29 22:28 - 00891144 _____ C:\Users\Büro\Downloads\SecurityCheck.exe
2013-09-29 18:58 - 2013-09-29 18:58 - 00000000 ____D C:\Program Files (x86)\ESET
2013-09-29 18:57 - 2013-09-29 18:57 - 02347384 _____ (ESET) C:\Users\Büro\Downloads\esetsmartinstaller_enu.exe
2013-09-28 23:17 - 2013-09-28 23:17 - 00288197 _____ C:\Users\Büro\Desktop\photo.php
2013-09-28 19:54 - 2013-09-28 19:54 - 00001741 _____ C:\Users\Büro\Desktop\JRT.txt
2013-09-28 19:43 - 2013-09-28 19:43 - 01030305 _____ (Thisisu) C:\Users\Büro\Downloads\JRT.exe
2013-09-28 19:43 - 2013-09-28 19:43 - 00000000 ____D C:\Windows\ERUNT
2013-09-27 20:03 - 2013-09-27 20:10 - 00000000 ____D C:\AdwCleaner
2013-09-27 20:01 - 2013-09-27 20:01 - 01042066 _____ C:\Users\Büro\Downloads\adwcleaner.exe
2013-09-27 18:02 - 2013-09-27 18:02 - 00035596 _____ C:\Users\Büro\Desktop\Addition.txt
2013-09-27 18:01 - 2013-09-27 18:01 - 00035596 _____ C:\Users\Büro\Downloads\Addition.txt
2013-09-27 17:59 - 2013-09-27 17:59 - 00000000 ____D C:\FRST
2013-09-27 17:58 - 2013-09-27 17:58 - 01953854 _____ (Farbar) C:\Users\Büro\Downloads\FRST64.exe
2013-09-27 17:36 - 2013-09-05 22:09 - 00694232 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-27 17:36 - 2013-09-05 22:09 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-27 15:50 - 2013-09-27 15:50 - 00001743 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-09-27 15:50 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2013-09-27 15:48 - 2013-09-27 15:50 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-09-27 15:48 - 2013-09-27 15:50 - 00000000 ____D C:\Program Files\iTunes
2013-09-27 15:48 - 2013-09-27 15:50 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-09-27 15:48 - 2013-09-27 15:48 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2013-09-27 15:48 - 2013-09-27 15:48 - 00000000 ____D C:\Program Files\iPod
2013-09-27 15:48 - 2013-09-27 15:48 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2013-09-27 15:47 - 2013-09-27 15:47 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-09-27 15:47 - 2013-09-27 15:47 - 00000000 ____D C:\Program Files\Bonjour
2013-09-27 15:47 - 2013-09-27 15:47 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-09-27 15:44 - 2013-09-27 15:46 - 97176400 _____ (Apple Inc.) C:\Users\Büro\Downloads\iTunes64Setup(2).exe
2013-09-27 15:16 - 2013-09-27 15:16 - 00023712 _____ C:\Users\Büro\Desktop\Kopie von Team Akademie Leipzigaktuell.xlsx
2013-09-27 15:05 - 2013-09-27 15:05 - 00001069 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-09-27 15:05 - 2013-09-27 15:05 - 00000000 ____D C:\Users\Büro\AppData\Roaming\Malwarebytes
2013-09-27 15:05 - 2013-09-27 15:05 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-27 15:05 - 2013-09-27 15:05 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-27 15:05 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-09-27 15:04 - 2013-09-27 15:03 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Büro\Downloads\mbam-setup-1.75.0.1300.exe
2013-09-19 15:54 - 2013-09-19 15:55 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-18 12:24 - 2013-09-18 12:24 - 00356648 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-11 16:54 - 2013-08-16 07:39 - 02371728 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll
2013-09-11 16:54 - 2013-08-16 07:32 - 00209200 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2013-09-11 16:54 - 2013-08-16 07:22 - 04917760 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2013-09-11 16:54 - 2013-08-16 07:21 - 03275776 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2013-09-11 16:54 - 2013-08-16 07:21 - 01621504 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2013-09-11 16:54 - 2013-08-16 07:21 - 01164288 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2013-09-11 16:54 - 2013-08-16 07:21 - 00773120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2013-09-11 16:54 - 2013-08-16 07:21 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2013-09-11 16:54 - 2013-08-16 07:21 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2013-09-11 16:54 - 2013-08-16 07:21 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\WSSync.dll
2013-09-11 16:54 - 2013-08-16 07:21 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll
2013-09-11 16:54 - 2013-08-16 07:20 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2013-09-11 16:54 - 2013-08-16 00:43 - 00628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2013-09-11 16:54 - 2013-08-16 00:43 - 00562688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2013-09-11 16:54 - 2013-08-16 00:43 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSSync.dll
2013-09-11 16:54 - 2013-08-16 00:43 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2013-09-11 16:54 - 2013-08-16 00:42 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppc.dll
2013-09-11 16:53 - 2013-08-16 07:41 - 00058200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dam.sys
2013-09-11 16:53 - 2013-08-16 07:39 - 00059416 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2013-09-11 16:53 - 2013-08-16 07:22 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2013-09-11 16:53 - 2013-08-16 07:21 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2013-09-11 16:53 - 2013-08-16 07:21 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\WSClient.dll
2013-09-11 16:53 - 2013-08-16 07:21 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2013-09-11 16:53 - 2013-08-16 07:21 - 00174592 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2013-09-11 16:53 - 2013-08-16 07:21 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-09-11 16:53 - 2013-08-16 07:21 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2013-09-11 16:53 - 2013-08-16 07:21 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2013-09-11 16:53 - 2013-08-16 07:21 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\setupcln.dll
2013-09-11 16:53 - 2013-08-16 07:21 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2013-09-11 16:53 - 2013-08-16 07:21 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2013-09-11 16:53 - 2013-08-16 00:43 - 00167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSClient.dll
2013-09-11 16:53 - 2013-08-16 00:43 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2013-09-11 16:53 - 2013-08-16 00:43 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-09-11 16:53 - 2013-08-16 00:43 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2013-09-11 16:53 - 2013-08-16 00:43 - 00083968 _____ C:\Windows\SysWOW64\OEMLicense.dll
2013-09-11 16:53 - 2013-08-16 00:43 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2013-09-11 16:53 - 2013-08-16 00:43 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2013-09-11 16:53 - 2013-08-16 00:42 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupcln.dll
2013-09-11 16:51 - 2013-08-21 06:12 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-11 16:51 - 2013-08-21 06:12 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-11 16:51 - 2013-08-21 06:11 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-11 16:51 - 2013-08-21 06:11 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-11 16:51 - 2013-08-21 06:11 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-11 16:51 - 2013-08-21 06:11 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-11 16:51 - 2013-08-21 06:11 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-11 16:51 - 2013-08-21 06:11 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2013-09-11 16:51 - 2013-08-21 06:11 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-11 16:51 - 2013-08-21 06:11 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-11 16:51 - 2013-08-21 06:11 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-11 16:51 - 2013-08-21 06:11 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-11 16:51 - 2013-08-21 06:11 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2013-09-11 16:51 - 2013-08-21 06:11 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-11 16:51 - 2013-08-21 06:11 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-11 16:51 - 2013-08-21 04:34 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-11 16:51 - 2013-08-21 04:06 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-11 16:51 - 2013-08-21 04:06 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-11 16:51 - 2013-08-21 04:06 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2013-09-11 16:51 - 2013-08-21 04:05 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-11 16:51 - 2013-08-21 04:05 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-11 16:51 - 2013-08-21 04:05 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-11 16:51 - 2013-08-21 04:05 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-11 16:51 - 2013-08-21 04:05 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-11 16:51 - 2013-08-21 04:05 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-11 16:51 - 2013-08-21 04:05 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-11 16:51 - 2013-08-21 04:05 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-11 16:51 - 2013-08-21 04:05 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-11 16:51 - 2013-08-21 04:05 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-11 16:51 - 2013-08-21 03:43 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-11 16:51 - 2013-08-21 01:52 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2013-09-11 16:51 - 2013-08-07 07:15 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll
2013-09-11 16:51 - 2013-08-03 06:30 - 04038144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-11 16:49 - 2013-07-09 10:04 - 00120144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpioclx.sys
2013-09-11 16:49 - 2013-07-09 08:18 - 00439488 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2013-09-11 16:49 - 2013-07-09 06:25 - 00385768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2013-09-11 16:49 - 2013-07-09 05:57 - 00245760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationApi.dll
2013-09-11 16:49 - 2013-07-09 00:46 - 00543744 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll
2013-09-11 16:49 - 2013-07-09 00:46 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
2013-09-11 16:49 - 2013-07-09 00:46 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Wwanadvui.dll
2013-09-11 16:49 - 2013-07-09 00:45 - 00312832 _____ (Microsoft Corporation) C:\Windows\system32\LocationApi.dll
2013-09-11 16:49 - 2013-07-06 02:16 - 01025024 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2013-09-11 16:49 - 2013-07-03 02:23 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2013-09-11 16:49 - 2013-07-03 02:23 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
2013-09-11 16:49 - 2013-07-03 02:22 - 02839552 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2013-09-11 16:49 - 2013-07-03 02:22 - 01300480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-09-11 16:49 - 2013-07-03 02:11 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2013-09-11 16:49 - 2013-07-03 02:11 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2013-09-11 16:49 - 2013-07-03 02:10 - 02273792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2013-09-11 16:49 - 2013-07-02 00:08 - 00387583 _____ C:\Windows\system32\ApnDatabase.xml
2013-09-11 16:49 - 2013-07-01 00:30 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\openfiles.exe
2013-09-11 16:49 - 2013-07-01 00:29 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\openfiles.exe
2013-09-11 16:49 - 2013-06-29 08:15 - 00195416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2013-09-11 16:49 - 2013-06-29 08:15 - 00125784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2013-09-11 16:49 - 2013-06-29 07:43 - 00327512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2013-09-11 16:49 - 2013-06-29 03:12 - 01022464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-09-11 16:49 - 2013-06-26 05:01 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2013-09-11 16:49 - 2013-06-26 04:59 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys
2013-09-11 16:49 - 2013-06-25 00:54 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2013-09-11 16:49 - 2013-06-25 00:54 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2013-09-11 16:49 - 2013-06-25 00:54 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2013-09-11 16:49 - 2013-06-19 07:36 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\winmmbase.dll
2013-09-11 16:49 - 2013-06-19 07:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll
2013-09-11 16:49 - 2013-06-19 00:38 - 00160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmmbase.dll
2013-09-11 16:49 - 2013-06-19 00:38 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll
2013-09-11 16:49 - 2013-06-12 01:43 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2013-09-11 16:49 - 2013-06-12 01:26 - 00230912 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2013-09-11 16:49 - 2013-06-10 23:17 - 00096512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2013-09-11 16:49 - 2013-06-10 21:16 - 00888832 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-09-11 16:49 - 2013-06-10 21:15 - 01156096 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-09-11 16:49 - 2013-06-10 21:15 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2013-09-11 16:49 - 2013-06-10 21:15 - 00381952 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-09-11 16:49 - 2013-06-10 21:10 - 00702464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-09-11 16:49 - 2013-06-10 21:10 - 00245248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-09-11 16:49 - 2013-06-06 10:03 - 00119040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2013-09-11 09:13 - 2013-09-11 09:13 - 00000722 _____ C:\Users\Public\Desktop\World of Warplanes.lnk
2013-09-11 09:10 - 2013-09-11 09:10 - 08775080 _____ (Wargaming.net                                              ) C:\Users\Büro\Downloads\WoWP_internet_install_eu.exe
2013-09-11 08:56 - 2013-09-11 08:56 - 00000172 _____ C:\Users\Büro\Downloads\wot_pref.zip
2013-09-03 18:31 - 2013-09-03 18:31 - 00000023 _____ C:\Users\Büro\Downloads\listpack.txt
2013-09-03 18:31 - 2013-09-03 18:31 - 00000023 _____ C:\Users\Büro\Downloads\list.txt
2013-09-03 18:30 - 2013-09-03 18:30 - 00034696 _____ C:\Users\Büro\Downloads\samsungdrv.exe
2013-09-03 18:25 - 2013-09-03 18:25 - 00000000 ____D C:\Users\Büro\AppData\Local\Sony
2013-09-03 18:20 - 2013-09-19 09:22 - 00001986 _____ C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2013-09-03 18:19 - 2013-09-03 18:19 - 00000000 ____D C:\ProgramData\Sony
2013-09-03 18:17 - 2013-09-03 18:18 - 27723672 _____ (Sony Mobile Communications                                  ) C:\Users\Büro\Downloads\Sony PC Companion_2.10.165_Web.exe
2013-09-03 18:10 - 2013-09-03 18:10 - 06395919 _____ C:\Users\Büro\Downloads\X10_mini_drivers.zip
2013-09-03 18:07 - 2013-09-03 18:31 - 00000000 _____ C:\Users\Büro\Downloads\backup.ab
2013-09-03 18:06 - 2013-09-03 18:14 - 00000000 _____ C:\Users\Büro\Downloads\androidbackup.abt
2013-09-03 18:06 - 2013-09-03 18:06 - 00000000 ____D C:\Users\Büro\.android
2013-09-03 17:51 - 2013-09-03 18:18 - 00000002 _____ C:\Users\Büro\Downloads\lng.ini
2013-09-03 17:51 - 2013-09-03 17:51 - 00920576 ____H C:\Users\Büro\Downloads\gpubli.exe
2013-09-03 17:50 - 2013-09-03 17:50 - 00000090 _____ C:\Users\Büro\AppData\RoamingClient_Update.ini
2013-09-03 17:49 - 2013-09-03 17:49 - 09691648 _____ (MarijSoft) C:\Users\Büro\Downloads\PhoneBackup_2.0.exe

==================== One Month Modified Files and Folders =======

2013-09-29 22:28 - 2013-09-29 22:28 - 00891144 _____ C:\Users\Büro\Downloads\SecurityCheck.exe
2013-09-29 22:26 - 2012-11-05 18:53 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-29 22:08 - 2013-04-08 12:48 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-29 22:08 - 2013-04-08 12:48 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-29 22:00 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2013-09-29 20:53 - 2012-09-23 23:20 - 01937433 _____ C:\Windows\WindowsUpdate.log
2013-09-29 20:19 - 2012-11-05 15:50 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-555147751-3048471492-2092455339-1001
2013-09-29 20:15 - 2012-12-05 11:12 - 00792064 ___SH C:\Users\Büro\Desktop\Thumbs.db
2013-09-29 20:14 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-29 20:13 - 2012-08-03 04:22 - 00116720 _____ C:\Windows\PFRO.log
2013-09-29 18:58 - 2013-09-29 18:58 - 00000000 ____D C:\Program Files (x86)\ESET
2013-09-29 18:57 - 2013-09-29 18:57 - 02347384 _____ (ESET) C:\Users\Büro\Downloads\esetsmartinstaller_enu.exe
2013-09-29 18:55 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-09-29 12:33 - 2013-01-29 10:51 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-09-28 23:17 - 2013-09-28 23:17 - 00288197 _____ C:\Users\Büro\Desktop\photo.php
2013-09-28 19:54 - 2013-09-28 19:54 - 00001741 _____ C:\Users\Büro\Desktop\JRT.txt
2013-09-28 19:43 - 2013-09-28 19:43 - 01030305 _____ (Thisisu) C:\Users\Büro\Downloads\JRT.exe
2013-09-28 19:43 - 2013-09-28 19:43 - 00000000 ____D C:\Windows\ERUNT
2013-09-27 20:10 - 2013-09-27 20:03 - 00000000 ____D C:\AdwCleaner
2013-09-27 20:01 - 2013-09-27 20:01 - 01042066 _____ C:\Users\Büro\Downloads\adwcleaner.exe
2013-09-27 18:33 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache
2013-09-27 18:02 - 2013-09-27 18:02 - 00035596 _____ C:\Users\Büro\Desktop\Addition.txt
2013-09-27 18:01 - 2013-09-27 18:01 - 00035596 _____ C:\Users\Büro\Downloads\Addition.txt
2013-09-27 17:59 - 2013-09-27 17:59 - 00000000 ____D C:\FRST
2013-09-27 17:58 - 2013-09-27 17:58 - 01953854 _____ (Farbar) C:\Users\Büro\Downloads\FRST64.exe
2013-09-27 17:33 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2013-09-27 17:32 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\WinStore
2013-09-27 17:32 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-09-27 16:54 - 2013-05-11 20:57 - 00000000 ____D C:\Users\Büro\Documents\EA Games
2013-09-27 16:44 - 2012-11-05 18:49 - 00000000 ____D C:\Program Files (x86)\Steam
2013-09-27 16:42 - 2013-05-13 15:51 - 00000000 ____D C:\Program Files (x86)\Origin Games
2013-09-27 15:50 - 2013-09-27 15:50 - 00001743 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-09-27 15:50 - 2013-09-27 15:48 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-09-27 15:50 - 2013-09-27 15:48 - 00000000 ____D C:\Program Files\iTunes
2013-09-27 15:50 - 2013-09-27 15:48 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-09-27 15:48 - 2013-09-27 15:48 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2013-09-27 15:48 - 2013-09-27 15:48 - 00000000 ____D C:\Program Files\iPod
2013-09-27 15:48 - 2013-09-27 15:48 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2013-09-27 15:47 - 2013-09-27 15:47 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-09-27 15:47 - 2013-09-27 15:47 - 00000000 ____D C:\Program Files\Bonjour
2013-09-27 15:47 - 2013-09-27 15:47 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-09-27 15:46 - 2013-09-27 15:44 - 97176400 _____ (Apple Inc.) C:\Users\Büro\Downloads\iTunes64Setup(2).exe
2013-09-27 15:20 - 2012-11-05 16:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-09-27 15:16 - 2013-09-27 15:16 - 00023712 _____ C:\Users\Büro\Desktop\Kopie von Team Akademie Leipzigaktuell.xlsx
2013-09-27 15:05 - 2013-09-27 15:05 - 00001069 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-09-27 15:05 - 2013-09-27 15:05 - 00000000 ____D C:\Users\Büro\AppData\Roaming\Malwarebytes
2013-09-27 15:05 - 2013-09-27 15:05 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-27 15:05 - 2013-09-27 15:05 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-27 15:03 - 2013-09-27 15:04 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Büro\Downloads\mbam-setup-1.75.0.1300.exe
2013-09-25 13:03 - 2013-01-29 10:52 - 00000000 ____D C:\Users\Büro\Desktop\diverses
2013-09-23 22:11 - 2013-03-25 22:06 - 00292352 ___SH C:\Users\Büro\Downloads\Thumbs.db
2013-09-21 15:11 - 2013-04-08 12:52 - 00002143 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2013-09-20 20:52 - 2012-11-05 16:51 - 00000000 ____D C:\Users\Büro\AppData\Local\Mozilla
2013-09-19 15:55 - 2013-09-19 15:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-19 09:22 - 2013-09-03 18:20 - 00001986 _____ C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2013-09-19 09:22 - 2012-09-23 23:09 - 00251828 _____ C:\Windows\DPINST.LOG
2013-09-19 09:22 - 2012-09-23 23:07 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-09-19 09:10 - 2012-12-28 21:30 - 00000000 ____D C:\Update
2013-09-18 12:35 - 2012-09-23 23:02 - 00000000 ____D C:\ProgramData\Sony Corporation
2013-09-18 12:33 - 2013-01-29 10:51 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-09-18 12:24 - 2013-09-18 12:24 - 00356648 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-16 13:37 - 2012-09-23 23:56 - 00753134 _____ C:\Windows\system32\perfh007.dat
2013-09-16 13:37 - 2012-09-23 23:56 - 00155826 _____ C:\Windows\system32\perfc007.dat
2013-09-16 13:37 - 2012-07-26 09:28 - 01745416 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-15 16:39 - 2013-05-02 19:06 - 00004096 _____ C:\Users\Public\Documents\00001453.LCS
2013-09-15 16:39 - 2013-05-02 19:06 - 00000000 ____D C:\Users\Büro\AppData\Roaming\ProtectDisc
2013-09-11 20:59 - 2012-11-05 15:41 - 00000000 ____D C:\Users\Büro
2013-09-11 20:56 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\oobe
2013-09-11 18:42 - 2013-01-05 19:36 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-09-11 18:38 - 2013-08-14 03:04 - 00000000 ____D C:\Windows\system32\MRT
2013-09-11 18:36 - 2012-12-13 11:11 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-11 11:34 - 2013-07-31 16:40 - 00000000 ____D C:\Users\Büro\AppData\Roaming\wargaming.net
2013-09-11 09:13 - 2013-09-11 09:13 - 00000722 _____ C:\Users\Public\Desktop\World of Warplanes.lnk
2013-09-11 09:13 - 2013-07-31 16:39 - 00000000 ___HD C:\Windows\msdownld.tmp
2013-09-11 09:13 - 2013-07-31 16:39 - 00000000 ____D C:\Windows\SysWOW64\directx
2013-09-11 09:10 - 2013-09-11 09:10 - 08775080 _____ (Wargaming.net                                              ) C:\Users\Büro\Downloads\WoWP_internet_install_eu.exe
2013-09-11 08:56 - 2013-09-11 08:56 - 00000172 _____ C:\Users\Büro\Downloads\wot_pref.zip
2013-09-10 18:26 - 2012-11-05 18:53 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-09-06 11:29 - 2012-11-08 09:05 - 00000000 ____D C:\Users\Büro\AppData\Local\CrashDumps
2013-09-05 22:09 - 2013-09-27 17:36 - 00694232 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-05 22:09 - 2013-09-27 17:36 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-03 19:57 - 2012-11-26 19:06 - 00000000 ____D C:\Users\Büro\Documents\My Games
2013-09-03 19:51 - 2013-07-05 10:11 - 00000000 ____D C:\Program Files (x86)\Mobile Partner
2013-09-03 19:49 - 2012-12-07 18:08 - 00000000 ____D C:\ProgramData\InstallMate
2013-09-03 18:31 - 2013-09-03 18:31 - 00000023 _____ C:\Users\Büro\Downloads\listpack.txt
2013-09-03 18:31 - 2013-09-03 18:31 - 00000023 _____ C:\Users\Büro\Downloads\list.txt
2013-09-03 18:31 - 2013-09-03 18:07 - 00000000 _____ C:\Users\Büro\Downloads\backup.ab
2013-09-03 18:30 - 2013-09-03 18:30 - 00034696 _____ C:\Users\Büro\Downloads\samsungdrv.exe
2013-09-03 18:25 - 2013-09-03 18:25 - 00000000 ____D C:\Users\Büro\AppData\Local\Sony
2013-09-03 18:19 - 2013-09-03 18:19 - 00000000 ____D C:\ProgramData\Sony
2013-09-03 18:19 - 2012-09-23 23:27 - 00000000 ____D C:\Program Files (x86)\Sony
2013-09-03 18:18 - 2013-09-03 18:17 - 27723672 _____ (Sony Mobile Communications                                  ) C:\Users\Büro\Downloads\Sony PC Companion_2.10.165_Web.exe
2013-09-03 18:18 - 2013-09-03 17:51 - 00000002 _____ C:\Users\Büro\Downloads\lng.ini
2013-09-03 18:14 - 2013-09-03 18:06 - 00000000 _____ C:\Users\Büro\Downloads\androidbackup.abt
2013-09-03 18:10 - 2013-09-03 18:10 - 06395919 _____ C:\Users\Büro\Downloads\X10_mini_drivers.zip
2013-09-03 18:06 - 2013-09-03 18:06 - 00000000 ____D C:\Users\Büro\.android
2013-09-03 17:51 - 2013-09-03 17:51 - 00920576 ____H C:\Users\Büro\Downloads\gpubli.exe
2013-09-03 17:50 - 2013-09-03 17:50 - 00000090 _____ C:\Users\Büro\AppData\RoamingClient_Update.ini
2013-09-03 17:49 - 2013-09-03 17:49 - 09691648 _____ (MarijSoft) C:\Users\Büro\Downloads\PhoneBackup_2.0.exe
2013-09-03 17:49 - 2013-03-21 11:53 - 00014062 _____ C:\Windows\setupact.log
2013-08-30 09:48 - 2013-04-08 12:42 - 00276992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2013-08-30 09:48 - 2013-04-08 12:42 - 00204880 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-08-30 09:48 - 2013-04-08 12:42 - 00065336 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-08-30 09:48 - 2013-01-29 10:52 - 00378944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-08-30 09:48 - 2013-01-29 10:52 - 00131232 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFW.sys
2013-08-30 09:48 - 2013-01-29 10:52 - 00033400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-08-30 09:48 - 2013-01-29 10:51 - 01030952 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-08-30 09:48 - 2013-01-29 10:51 - 00080816 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-08-30 09:48 - 2013-01-29 10:51 - 00072016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-08-30 09:48 - 2013-01-29 10:51 - 00064288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-08-30 09:48 - 2013-01-29 10:51 - 00022600 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2013-08-30 09:47 - 2013-01-29 10:51 - 00287840 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-08-30 09:47 - 2013-01-29 10:50 - 00041664 _____ (AVAST Software) C:\Windows\avastSS.scr

Files to move or delete:
====================
C:\Users\BRO~1\AppData\Local\Temp\dlusb_launcherC120.exe


Some content of TEMP:
====================
C:\Users\Büro\AppData\Local\Temp\awiscale.dll
C:\Users\Büro\AppData\Local\Temp\DataCard_Setup64.exe
C:\Users\Büro\AppData\Local\Temp\detectionapi_rd.dll
C:\Users\Büro\AppData\Local\Temp\detectionui_r.exe
C:\Users\Büro\AppData\Local\Temp\directx10tests_rd.dll
C:\Users\Büro\AppData\Local\Temp\directx11tests_rd.dll
C:\Users\Büro\AppData\Local\Temp\directx9tests_rd.dll
C:\Users\Büro\AppData\Local\Temp\DLCapAPI.dll
C:\Users\Büro\AppData\Local\Temp\dlusb_launcherC120.exe
C:\Users\Büro\AppData\Local\Temp\drm_dyndata_7360007.dll
C:\Users\Büro\AppData\Local\Temp\DXCap.dll
C:\Users\Büro\AppData\Local\Temp\DXCap64.dll
C:\Users\Büro\AppData\Local\Temp\DXCapHost64.exe
C:\Users\Büro\AppData\Local\Temp\local.dll
C:\Users\Büro\AppData\Local\Temp\Medal of Honor_uninst.exe
C:\Users\Büro\AppData\Local\Temp\ose00000.exe
C:\Users\Büro\AppData\Local\Temp\ResetDevice.exe
C:\Users\Büro\AppData\Local\Temp\sonarinst.exe
C:\Users\Büro\AppData\Local\Temp\u320_dlusb.exe
C:\Users\Büro\AppData\Local\Temp\uninst1.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-29 03:06

==================== End Of Log ============================
--- --- ---

--- --- ---

schrauber 30.09.2013 09:09
Java updaten.

Revo Uninstaller - Download - Filepony
damit Chrome deinstallieren, keine Daten behalten, Reste entfernen lassen, neu installieren.

Noch Probleme?

Tosca78 30.09.2013 15:03
Hallo Schrauber,
also die unterstrichenen Wörter scheinen jetzt weg zu sein, allerdings diese nervigen Werbebanner sind nach wie vor da, zwar nicht mehr so häufig, aber sie sind noch da.
Eine blöde Frage hab ich noch, wie date ich Java ab?

schrauber 30.09.2013 19:49
Am besten deinstallieren und neu installieren.

Wo haste die Banner, in Chrome?

Tosca78 30.09.2013 20:21
Die Banner sind weniger geworden aber im Firefox tauchen sie ab und zu noch auf. Wie kann ich mich zukünftig vor so etwas schützen?
Bei Software finde ich java nicht, oder muss ich woanders suchen?
Gruss Tosca

schrauber 01.10.2013 16:32
Java sollte unter Software sein.

Versuchs mal mit Revo, damit auch gleich mal Firefox deinstallieren

Software mit Revo Uninstaller deinstallieren

Downloade Dir bitte den Revo Uninstaller
  • Doppelklicke auf die revosetup.exe.
  • Installiere das Tool in den vorgegebenen Pfad.
  • Doppelklicke auf das Revo Uninstall Icon.
  • Suche Dir nun folgende Software aus der Code-Box.
    Klicke darauf und bestätige mit Ja.
  • Belasse die Einstellung der Deinstallationsroutine auf Moderat und klicke auf weiter.
  • Das Tool wird nun nach allen Einträgen auf dem Rechner suchen. Klick auf weiter
  • Klicke auf den Markiere alle Button und klicke auf löschen und bestätige mit Ja.
Bebilderte Anleitung

Starte den Rechner neu auf.


Dann Firefox und Java neu installieren, in Firefox auf jeden Fall das Addon Adblock Plus installieren, dann nochma testen.

Tosca78 04.10.2013 09:55
Hallo Schrauber,
ich habe nun alle Schritte mit Revo so ausgeführt wie beschrieben. Jedoch ist das komische, das Firefox immer noch auf dem Rechner ist und auch benutzt werden kann obwohl er mir bei Revo gar nicht als Software angezeigt wird. Das heisst, dass ich den Firefox gar nicht deinstallieren kann. Was nun? Auch läd Windows keine Updates mehr, ich fahre ihn runter und beim hochfahren will er Updates laden, bleibt aber dabei hängen habe jetzt nach sechs Stunden abgebrochen weil er immer noch nicht das erste Update geladen hat.

Gruss Tosca

schrauber 04.10.2013 15:18
In Revo und in der Softwareliste von WIndows ist Firefox komplett weg?

Versuchs nochmal, dann noch händisch alle Ordner von Firefox löschen, dann ein frisches FRST log bitte.

Tosca78 06.10.2013 09:19
Ja genau in Revo und Software ist Firefox weg und ist aber noch ganz normal auf dem Rechner und kann auf geöffnet werden. Ich habe den Rechner mehrfach neu gestartet und Reva geöffnet, aber ich kanns nicht nochmal versuchen wenn mir Firefox bei Revo und Software nicht angezeigt wird. Alle Ordner die ich gefunden habe, habe ich händisch gelöscht, den Rechner neu gestartet und Firefox is wieder da?

Hier der Log

Code:
can result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-09-2013 (ATTENTION: ====> FRST version is 9 days old and could be outdated)
Ran by Büro (administrator) on MAIK on 06-10-2013 10:13:42
Running from C:\Users\Büro\Downloads
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Bury GmbH & Co. KG) C:\Program Files (x86)\BURY Time Suite\BuryLoggerSyncService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(Firebird Project) C:\Program Files (x86)\FirebirdSQL\bin\fbguard.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.EXE
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe
(Firebird Project) C:\Program Files (x86)\FirebirdSQL\bin\fbserver.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Grain Media, Inc.) C:\Users\Büro\AppData\Local\Temp\dlusb_launcherC120.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files\Sony\VAIO Care\VCPerfService.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Wargaming.net) C:\Games\World_of_Tanks\WorldOfTanks.exe
(Opera Software) C:\Program Files (x86)\Opera\16.0.1196.80\opera.exe
() C:\Program Files (x86)\Opera\16.0.1196.80\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\16.0.1196.80\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\16.0.1196.80\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\16.0.1196.80\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\16.0.1196.80\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\16.0.1196.80\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\16.0.1196.80\opera.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Improvement\vim.exe
(Microsoft Corporation) C:\Windows\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.2.9200.16683_none_62280e15510f8e79\TiWorker.exe
(Microsoft Corporation) C:\Windows\system32\msiexec.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\system32\srtasks.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-08-20] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2930488 2012-09-27] (Synaptics Incorporated)
HKLM\...\Run: [BtTray] - C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [765056 2012-10-09] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-10-09] (Atheros Communications)
HKCU\...\Run: [DoUSBC120] - C:\Users\BRO~1\AppData\Local\Temp\dlusb_launcherC120.exe [110592 2011-10-06] (Grain Media, Inc.) <===== ATTENTION
MountPoints2: {46c3f8b1-05c1-11e2-be6a-806e6f6e6963} - "D:\START.exe" index.html
MountPoints2: {9d119ed0-e4d4-11e2-beaf-083e8eb8cdb4} - "E:\AutoRun.exe"
MountPoints2: {9d11a468-e4d4-11e2-beaf-083e8eb8cdb4} - "E:\AutoRun.exe"
MountPoints2: {ec0884c6-a661-11e2-be9c-083e8eb8cdb4} - "E:\dlusb_launcherC120.exe"
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ISBMgr.exe] - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-18] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] - C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [724576 2012-07-27] (Sony Corporation)
HKLM-x32\...\Run: [Intel AppUp(SM) center] - C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [152896 2012-06-25] (Intel Corporation)
HKLM-x32\...\Run: [SDTray] - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [3825176 2012-11-13] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [avast] - C:\Program Files\AVAST Software\Avast\avastUI.exe [4858968 2013-08-30] (AVAST Software)
HKLM-x32\...\Run: [PDFPrint] - C:\Program Files (x86)\PDF24\pdf24.exe [162856 2013-02-19] (Geek Software GmbH)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-09-17] (Apple Inc.)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com
URLSearchHook: (No Name) - {3B81079D-2AC9-425f-A494-A1C7D93AFA3C} -  No File
SearchScopes: HKLM - DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD2413} URL =
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E62696E672E636F6D2F7365617263683F713D7B7365617263685465726D737D26666F726D3D4C454E4446382670633D4D414C4E267372633D49452D536561726368426F78&st={searchTerms}&clid=47702a1e-f753-4103-9f70-7d92c2a2d2af&pid=netzwelt&k=0
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com.anonymize-me.de/?anonymto=687474703A2F2F7777772E62696E672E636F6D2F7365617263683F713D7B7365617263685465726D737D26666F726D3D4C454E4446382670633D4D414C4E267372633D49452D536561726368426F78&st={searchTerms}&clid=47702a1e-f753-4103-9f70-7d92c2a2d2af&pid=netzwelt&k=0
SearchScopes: HKCU - {1A7C8232-0186-44D0-8B84-9436B14703B5} URL = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=47702a1e-f753-4103-9f70-7d92c2a2d2af&pid=netzwelt&mode=bounce&k=0
SearchScopes: HKCU - {313352A6-21C4-4D58-9590-588272D08F4B} URL = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=47702a1e-f753-4103-9f70-7d92c2a2d2af&pid=netzwelt&mode=bounce&k=0
SearchScopes: HKCU - {4383C211-0BF7-465D-8F8A-2309CAD463ED} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q312&_nkw={searchTerms}
SearchScopes: HKCU - {9D0523C8-B48E-49A7-977C-ED200AB2934F} URL = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=47702a1e-f753-4103-9f70-7d92c2a2d2af&pid=netzwelt&mode=bounce&k=0
SearchScopes: HKCU - {A1AB15D2-0325-4F8B-9816-491AEEF6C6DD} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASEJS
SearchScopes: HKCU - {A6FC23A0-CDAE-46B1-BFBE-AE697D60714A} URL = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=47702a1e-f753-4103-9f70-7d92c2a2d2af&pid=netzwelt&mode=bounce&k=0
SearchScopes: HKCU - {C70D2AAE-CBC7-421F-9EBC-D90F492D7678} URL = hxxp://de.search.yahoo.com.anonymize-me.de/?anonymto=687474703A2F2F64652E7365617263682E7961686F6F2E636F6D2F7365617263683F66723D6368722D677265656E747265655F69652665693D7574662D3826696C633D313226747970653D32343435303626703D7B7365617263685465726D737D&st={searchTerms}&clid=47702a1e-f753-4103-9f70-7d92c2a2d2af&pid=netzwelt&k=0
SearchScopes: HKCU - {EAFF01AE-2338-4682-8332-B3CF14C795D5} URL = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=47702a1e-f753-4103-9f70-7d92c2a2d2af&pid=netzwelt&mode=bounce&k=0
SearchScopes: HKCU - {F0158379-7E7D-4AB2-9051-587667442EAF} URL = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=47702a1e-f753-4103-9f70-7d92c2a2d2af&pid=netzwelt&mode=bounce&k=0
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: No Name - {D558163C-D11E-1BAA-D2FD-4EC7302DD35E} -  No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Büro\AppData\Roaming\Mozilla\Firefox\Profiles\hly0mlf8.default
FF NewTab: hxxp://www.google.com/firefox
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin: @java.com/DTPlugin,version=10.10.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.10.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.1.3 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.5.0 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.5.0 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: HP Detect - C:\Users\Büro\AppData\Roaming\Mozilla\Firefox\Profiles\hly0mlf8.default\Extensions\{ab91efd4-6975-4081-8552-1b3922ed79e2}
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK

==================== Services (Whitelisted) =================

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [219776 2012-10-09] (Qualcomm Atheros Commnucations)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [46808 2013-08-30] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [137960 2013-08-30] (AVAST Software)
R2 BuryLoggerSyncService; C:\Program Files (x86)\BURY Time Suite\BuryLoggerSyncService.exe [107520 2011-03-08] (Bury GmbH & Co. KG)
R2 FirebirdGuardianBURYTIMESUITE; C:\Program Files (x86)\FirebirdSQL\bin\fbguard.exe [81920 2010-04-19] (Firebird Project)
R3 FirebirdServerBURYTIMESUITE; C:\Program Files (x86)\FirebirdSQL\bin\fbserver.exe [2723840 2010-04-19] (Firebird Project)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [623784 2012-08-18] (Sony Corporation)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474208 2012-07-27] (Sony Corporation)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [156672 2012-08-06] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1103392 2012-11-13] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1369624 2012-11-13] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [168384 2012-11-13] (Safer-Networking Ltd.)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2012-08-08] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1368624 2013-08-01] (Sony Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-07-02] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-10-09] (Atheros)
S4 McOobeSv2; "C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc [x]

==================== Drivers (Whitelisted) ====================

R2 aswFsBlk; C:\Windows\System32\Drivers\aswFsBlk.sys [33400 2013-08-30] (AVAST Software)
R1 aswFW; C:\Windows\System32\Drivers\aswFW.sys [131232 2013-08-30] (AVAST Software)
R0 aswKbd; C:\Windows\System32\Drivers\aswKbd.sys [22600 2013-08-30] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [80816 2013-08-30] (AVAST Software)
R1 aswNdisFlt; C:\Windows\system32\DRIVERS\aswNdisFlt.sys [276992 2013-08-30] (AVAST Software)
R1 aswRdr; C:\Windows\System32\Drivers\aswrdr2.sys [72016 2013-08-30] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-08-30] ()
R1 aswSnx; C:\Windows\System32\Drivers\aswSnx.sys [1030952 2013-08-30] (AVAST Software)
R1 aswSP; C:\Windows\System32\Drivers\aswSP.sys [378944 2013-08-30] (AVAST Software)
R1 aswTdi; C:\Windows\System32\Drivers\aswTdi.sys [64288 2013-08-30] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [204880 2013-08-30] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-08-20] (Advanced Micro Devices)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-10-09] (Qualcomm Atheros)
R3 BTATH_VDP; C:\Windows\system32\drivers\btath_vdp.sys [427416 2012-10-09] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [44344 2012-09-27] (Synaptics Incorporated)
R3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-11] (Sony Corporation)
S3 WUDFWpdComp; C:\Windows\system32\DRIVERS\WUDFRd.sys [198656 2012-07-26] (Microsoft Corporation)
S3 hwdatacard; \SystemRoot\system32\DRIVERS\ewusbmdm.sys [x]
S3 pccsmcfd; \SystemRoot\system32\DRIVERS\pccsmcfdx64.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-04 12:29 - 2013-10-04 15:03 - 00075920 _____ C:\Users\Büro\Desktop\Voliere.pptx
2013-10-04 11:15 - 2013-10-04 11:15 - 00001089 _____ C:\Users\Public\Desktop\Opera.lnk
2013-10-04 11:15 - 2013-10-04 11:15 - 00000000 ____D C:\Users\Büro\AppData\Roaming\Opera Software
2013-10-04 11:15 - 2013-10-04 11:15 - 00000000 ____D C:\Users\Büro\AppData\Local\Opera Software
2013-10-04 11:15 - 2013-10-04 11:15 - 00000000 ____D C:\Program Files (x86)\Opera
2013-10-04 10:58 - 2013-10-04 10:59 - 32097512 _____ (Opera Software ASA) C:\Users\Büro\Downloads\Opera_16.0.1196.80_Setup(1).exe
2013-09-30 16:27 - 2013-09-30 16:27 - 00000000 ____D C:\Users\Büro\AppData\Roaming\pdfforge
2013-09-30 13:04 - 2013-10-04 07:59 - 00001224 _____ C:\Users\Büro\Desktop\Revo Uninstaller.lnk
2013-09-30 13:04 - 2013-10-04 07:59 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2013-09-30 12:56 - 2013-09-30 12:56 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Büro\Downloads\revosetup95.exe
2013-09-29 22:28 - 2013-09-29 22:28 - 00891144 _____ C:\Users\Büro\Downloads\SecurityCheck.exe
2013-09-29 18:57 - 2013-09-29 18:57 - 02347384 _____ (ESET) C:\Users\Büro\Downloads\esetsmartinstaller_enu.exe
2013-09-28 23:17 - 2013-09-28 23:17 - 00288197 _____ C:\Users\Büro\Desktop\photo.php
2013-09-28 19:54 - 2013-09-28 19:54 - 00001741 _____ C:\Users\Büro\Desktop\JRT.txt
2013-09-28 19:43 - 2013-09-28 19:43 - 01030305 _____ (Thisisu) C:\Users\Büro\Downloads\JRT.exe
2013-09-28 19:43 - 2013-09-28 19:43 - 00000000 ____D C:\Windows\ERUNT
2013-09-27 20:03 - 2013-09-27 20:10 - 00000000 ____D C:\AdwCleaner
2013-09-27 20:01 - 2013-09-27 20:01 - 01042066 _____ C:\Users\Büro\Downloads\adwcleaner.exe
2013-09-27 18:02 - 2013-09-27 18:02 - 00035596 _____ C:\Users\Büro\Desktop\Addition.txt
2013-09-27 18:01 - 2013-09-27 18:01 - 00035596 _____ C:\Users\Büro\Downloads\Addition.txt
2013-09-27 17:59 - 2013-09-27 17:59 - 00000000 ____D C:\FRST
2013-09-27 17:58 - 2013-09-27 17:58 - 01953854 _____ (Farbar) C:\Users\Büro\Downloads\FRST64.exe
2013-09-27 17:36 - 2013-09-05 22:09 - 00694232 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-09-27 17:36 - 2013-09-05 22:09 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-09-27 15:50 - 2013-09-27 15:50 - 00001743 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-09-27 15:50 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2013-09-27 15:48 - 2013-09-27 15:50 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-09-27 15:48 - 2013-09-27 15:50 - 00000000 ____D C:\Program Files\iTunes
2013-09-27 15:48 - 2013-09-27 15:50 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-09-27 15:48 - 2013-09-27 15:48 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2013-09-27 15:48 - 2013-09-27 15:48 - 00000000 ____D C:\Program Files\iPod
2013-09-27 15:48 - 2013-09-27 15:48 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2013-09-27 15:47 - 2013-09-27 15:47 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-09-27 15:47 - 2013-09-27 15:47 - 00000000 ____D C:\Program Files\Bonjour
2013-09-27 15:47 - 2013-09-27 15:47 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-09-27 15:44 - 2013-09-27 15:46 - 97176400 _____ (Apple Inc.) C:\Users\Büro\Downloads\iTunes64Setup(2).exe
2013-09-27 15:16 - 2013-10-04 10:05 - 00027471 _____ C:\Users\Büro\Desktop\Kopie von Team Akademie Leipzigaktuell.xlsx
2013-09-27 15:05 - 2013-09-27 15:05 - 00001069 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-09-27 15:05 - 2013-09-27 15:05 - 00000000 ____D C:\Users\Büro\AppData\Roaming\Malwarebytes
2013-09-27 15:05 - 2013-09-27 15:05 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-27 15:05 - 2013-09-27 15:05 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-27 15:05 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-09-27 15:04 - 2013-09-27 15:03 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Büro\Downloads\mbam-setup-1.75.0.1300.exe
2013-09-19 15:54 - 2013-10-04 08:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-09-18 12:24 - 2013-09-18 12:24 - 00356648 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-11 16:54 - 2013-08-16 07:39 - 02371728 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll
2013-09-11 16:54 - 2013-08-16 07:32 - 00209200 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2013-09-11 16:54 - 2013-08-16 07:22 - 04917760 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2013-09-11 16:54 - 2013-08-16 07:21 - 03275776 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2013-09-11 16:54 - 2013-08-16 07:21 - 01621504 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2013-09-11 16:54 - 2013-08-16 07:21 - 01164288 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2013-09-11 16:54 - 2013-08-16 07:21 - 00773120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2013-09-11 16:54 - 2013-08-16 07:21 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2013-09-11 16:54 - 2013-08-16 07:21 - 00368640 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2013-09-11 16:54 - 2013-08-16 07:21 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\WSSync.dll
2013-09-11 16:54 - 2013-08-16 07:21 - 00120320 _____ (Microsoft Corporation) C:\Windows\system32\sppc.dll
2013-09-11 16:54 - 2013-08-16 07:20 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2013-09-11 16:54 - 2013-08-16 00:43 - 00628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2013-09-11 16:54 - 2013-08-16 00:43 - 00562688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2013-09-11 16:54 - 2013-08-16 00:43 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSSync.dll
2013-09-11 16:54 - 2013-08-16 00:43 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2013-09-11 16:54 - 2013-08-16 00:42 - 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sppc.dll
2013-09-11 16:53 - 2013-08-16 07:41 - 00058200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dam.sys
2013-09-11 16:53 - 2013-08-16 07:39 - 00059416 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2013-09-11 16:53 - 2013-08-16 07:22 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2013-09-11 16:53 - 2013-08-16 07:21 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2013-09-11 16:53 - 2013-08-16 07:21 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\WSClient.dll
2013-09-11 16:53 - 2013-08-16 07:21 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.dll
2013-09-11 16:53 - 2013-08-16 07:21 - 00174592 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2013-09-11 16:53 - 2013-08-16 07:21 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2013-09-11 16:53 - 2013-08-16 07:21 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2013-09-11 16:53 - 2013-08-16 07:21 - 00099328 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2013-09-11 16:53 - 2013-08-16 07:21 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\setupcln.dll
2013-09-11 16:53 - 2013-08-16 07:21 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2013-09-11 16:53 - 2013-08-16 07:21 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2013-09-11 16:53 - 2013-08-16 00:43 - 00167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSClient.dll
2013-09-11 16:53 - 2013-08-16 00:43 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2013-09-11 16:53 - 2013-08-16 00:43 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2013-09-11 16:53 - 2013-08-16 00:43 - 00084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2013-09-11 16:53 - 2013-08-16 00:43 - 00083968 _____ C:\Windows\SysWOW64\OEMLicense.dll
2013-09-11 16:53 - 2013-08-16 00:43 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2013-09-11 16:53 - 2013-08-16 00:43 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2013-09-11 16:53 - 2013-08-16 00:42 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupcln.dll
2013-09-11 16:51 - 2013-08-21 06:12 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-09-11 16:51 - 2013-08-21 06:12 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-09-11 16:51 - 2013-08-21 06:11 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-09-11 16:51 - 2013-08-21 06:11 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-09-11 16:51 - 2013-08-21 06:11 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-09-11 16:51 - 2013-08-21 06:11 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-09-11 16:51 - 2013-08-21 06:11 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-09-11 16:51 - 2013-08-21 06:11 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2013-09-11 16:51 - 2013-08-21 06:11 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-09-11 16:51 - 2013-08-21 06:11 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-09-11 16:51 - 2013-08-21 06:11 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-09-11 16:51 - 2013-08-21 06:11 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-09-11 16:51 - 2013-08-21 06:11 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2013-09-11 16:51 - 2013-08-21 06:11 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-09-11 16:51 - 2013-08-21 06:11 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-09-11 16:51 - 2013-08-21 04:34 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-09-11 16:51 - 2013-08-21 04:06 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-09-11 16:51 - 2013-08-21 04:06 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-09-11 16:51 - 2013-08-21 04:06 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2013-09-11 16:51 - 2013-08-21 04:05 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-09-11 16:51 - 2013-08-21 04:05 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-09-11 16:51 - 2013-08-21 04:05 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-09-11 16:51 - 2013-08-21 04:05 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-09-11 16:51 - 2013-08-21 04:05 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-09-11 16:51 - 2013-08-21 04:05 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-09-11 16:51 - 2013-08-21 04:05 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-09-11 16:51 - 2013-08-21 04:05 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-09-11 16:51 - 2013-08-21 04:05 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-09-11 16:51 - 2013-08-21 04:05 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-09-11 16:51 - 2013-08-21 03:43 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-09-11 16:51 - 2013-08-21 01:52 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2013-09-11 16:51 - 2013-08-07 07:15 - 00144896 _____ (Microsoft Corporation) C:\Windows\system32\tssdisai.dll
2013-09-11 16:51 - 2013-08-03 06:30 - 04038144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-09-11 16:49 - 2013-07-09 10:04 - 00120144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msgpioclx.sys
2013-09-11 16:49 - 2013-07-09 08:18 - 00439488 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2013-09-11 16:49 - 2013-07-09 06:25 - 00385768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2013-09-11 16:49 - 2013-07-09 05:57 - 00245760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationApi.dll
2013-09-11 16:49 - 2013-07-09 00:46 - 00543744 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll
2013-09-11 16:49 - 2013-07-09 00:46 - 00414208 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
2013-09-11 16:49 - 2013-07-09 00:46 - 00370688 _____ (Microsoft Corporation) C:\Windows\system32\Wwanadvui.dll
2013-09-11 16:49 - 2013-07-09 00:45 - 00312832 _____ (Microsoft Corporation) C:\Windows\system32\LocationApi.dll
2013-09-11 16:49 - 2013-07-06 02:16 - 01025024 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2013-09-11 16:49 - 2013-07-03 02:23 - 00778752 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2013-09-11 16:49 - 2013-07-03 02:23 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
2013-09-11 16:49 - 2013-07-03 02:22 - 02839552 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2013-09-11 16:49 - 2013-07-03 02:22 - 01300480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-09-11 16:49 - 2013-07-03 02:11 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2013-09-11 16:49 - 2013-07-03 02:11 - 00268800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2013-09-11 16:49 - 2013-07-03 02:10 - 02273792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2013-09-11 16:49 - 2013-07-02 00:08 - 00387583 _____ C:\Windows\system32\ApnDatabase.xml
2013-09-11 16:49 - 2013-07-01 00:30 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\openfiles.exe
2013-09-11 16:49 - 2013-07-01 00:29 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\openfiles.exe
2013-09-11 16:49 - 2013-06-29 08:15 - 00195416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2013-09-11 16:49 - 2013-06-29 08:15 - 00125784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2013-09-11 16:49 - 2013-06-29 07:43 - 00327512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Classpnp.sys
2013-09-11 16:49 - 2013-06-29 03:12 - 01022464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-09-11 16:49 - 2013-06-26 05:01 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2013-09-11 16:49 - 2013-06-26 04:59 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys
2013-09-11 16:49 - 2013-06-25 00:54 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2013-09-11 16:49 - 2013-06-25 00:54 - 00263680 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2013-09-11 16:49 - 2013-06-25 00:54 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\wcmcsp.dll
2013-09-11 16:49 - 2013-06-19 07:36 - 00183808 _____ (Microsoft Corporation) C:\Windows\system32\winmmbase.dll
2013-09-11 16:49 - 2013-06-19 07:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\winmm.dll
2013-09-11 16:49 - 2013-06-19 00:38 - 00160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmmbase.dll
2013-09-11 16:49 - 2013-06-19 00:38 - 00125440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmm.dll
2013-09-11 16:49 - 2013-06-12 01:43 - 00154112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2013-09-11 16:49 - 2013-06-12 01:26 - 00230912 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2013-09-11 16:49 - 2013-06-10 23:17 - 00096512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2013-09-11 16:49 - 2013-06-10 21:16 - 00888832 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-09-11 16:49 - 2013-06-10 21:15 - 01156096 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-09-11 16:49 - 2013-06-10 21:15 - 00723968 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2013-09-11 16:49 - 2013-06-10 21:15 - 00381952 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-09-11 16:49 - 2013-06-10 21:10 - 00702464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-09-11 16:49 - 2013-06-10 21:10 - 00245248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-09-11 16:49 - 2013-06-06 10:03 - 00119040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2013-09-11 09:13 - 2013-09-11 09:13 - 00000722 _____ C:\Users\Public\Desktop\World of Warplanes.lnk
2013-09-11 09:10 - 2013-09-11 09:10 - 08775080 _____ (Wargaming.net                                              ) C:\Users\Büro\Downloads\WoWP_internet_install_eu.exe
2013-09-11 08:56 - 2013-09-11 08:56 - 00000172 _____ C:\Users\Büro\Downloads\wot_pref.zip

==================== One Month Modified Files and Folders =======

2013-10-06 10:12 - 2012-09-23 23:07 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-10-06 10:11 - 2012-12-28 21:30 - 00000000 ____D C:\Update
2013-10-06 10:11 - 2012-09-23 23:20 - 02016763 _____ C:\Windows\WindowsUpdate.log
2013-10-06 10:09 - 2012-11-05 15:50 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-555147751-3048471492-2092455339-1001
2013-10-06 10:08 - 2013-04-08 12:48 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-06 10:05 - 2013-04-08 12:48 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-06 10:05 - 2012-12-05 11:12 - 00804352 ___SH C:\Users\Büro\Desktop\Thumbs.db
2013-10-06 10:04 - 2012-07-26 09:22 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-06 10:03 - 2012-08-03 04:22 - 00128440 _____ C:\Windows\PFRO.log
2013-10-06 07:02 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\system32\sru
2013-10-06 06:26 - 2012-11-05 18:53 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-04 15:03 - 2013-10-04 12:29 - 00075920 _____ C:\Users\Büro\Desktop\Voliere.pptx
2013-10-04 13:25 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\AUInstallAgent
2013-10-04 11:15 - 2013-10-04 11:15 - 00001089 _____ C:\Users\Public\Desktop\Opera.lnk
2013-10-04 11:15 - 2013-10-04 11:15 - 00000000 ____D C:\Users\Büro\AppData\Roaming\Opera Software
2013-10-04 11:15 - 2013-10-04 11:15 - 00000000 ____D C:\Users\Büro\AppData\Local\Opera Software
2013-10-04 11:15 - 2013-10-04 11:15 - 00000000 ____D C:\Program Files (x86)\Opera
2013-10-04 10:59 - 2013-10-04 10:58 - 32097512 _____ (Opera Software ASA) C:\Users\Büro\Downloads\Opera_16.0.1196.80_Setup(1).exe
2013-10-04 10:50 - 2013-01-29 10:51 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-10-04 10:05 - 2013-09-27 15:16 - 00027471 _____ C:\Users\Büro\Desktop\Kopie von Team Akademie Leipzigaktuell.xlsx
2013-10-04 08:00 - 2013-09-19 15:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-04 07:59 - 2013-09-30 13:04 - 00001224 _____ C:\Users\Büro\Desktop\Revo Uninstaller.lnk
2013-10-04 07:59 - 2013-09-30 13:04 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2013-10-03 02:13 - 2012-11-08 09:05 - 00000000 ____D C:\Users\Büro\AppData\Local\CrashDumps
2013-09-30 16:27 - 2013-09-30 16:27 - 00000000 ____D C:\Users\Büro\AppData\Roaming\pdfforge
2013-09-30 14:34 - 2013-04-08 12:48 - 00000000 ____D C:\Program Files (x86)\Google
2013-09-30 12:56 - 2013-09-30 12:56 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Büro\Downloads\revosetup95.exe
2013-09-29 22:28 - 2013-09-29 22:28 - 00891144 _____ C:\Users\Büro\Downloads\SecurityCheck.exe
2013-09-29 18:57 - 2013-09-29 18:57 - 02347384 _____ (ESET) C:\Users\Büro\Downloads\esetsmartinstaller_enu.exe
2013-09-28 23:17 - 2013-09-28 23:17 - 00288197 _____ C:\Users\Büro\Desktop\photo.php
2013-09-28 19:54 - 2013-09-28 19:54 - 00001741 _____ C:\Users\Büro\Desktop\JRT.txt
2013-09-28 19:43 - 2013-09-28 19:43 - 01030305 _____ (Thisisu) C:\Users\Büro\Downloads\JRT.exe
2013-09-28 19:43 - 2013-09-28 19:43 - 00000000 ____D C:\Windows\ERUNT
2013-09-27 20:10 - 2013-09-27 20:03 - 00000000 ____D C:\AdwCleaner
2013-09-27 20:01 - 2013-09-27 20:01 - 01042066 _____ C:\Users\Büro\Downloads\adwcleaner.exe
2013-09-27 18:33 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\rescache
2013-09-27 18:02 - 2013-09-27 18:02 - 00035596 _____ C:\Users\Büro\Desktop\Addition.txt
2013-09-27 18:01 - 2013-09-27 18:01 - 00035596 _____ C:\Users\Büro\Downloads\Addition.txt
2013-09-27 17:59 - 2013-09-27 17:59 - 00000000 ____D C:\FRST
2013-09-27 17:58 - 2013-09-27 17:58 - 01953854 _____ (Farbar) C:\Users\Büro\Downloads\FRST64.exe
2013-09-27 17:33 - 2012-07-26 07:26 - 00262144 ___SH C:\Windows\system32\config\BBI
2013-09-27 17:32 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\WinStore
2013-09-27 17:32 - 2012-07-26 10:12 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-09-27 16:54 - 2013-05-11 20:57 - 00000000 ____D C:\Users\Büro\Documents\EA Games
2013-09-27 16:44 - 2012-11-05 18:49 - 00000000 ____D C:\Program Files (x86)\Steam
2013-09-27 16:42 - 2013-05-13 15:51 - 00000000 ____D C:\Program Files (x86)\Origin Games
2013-09-27 15:50 - 2013-09-27 15:50 - 00001743 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-09-27 15:50 - 2013-09-27 15:48 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-09-27 15:50 - 2013-09-27 15:48 - 00000000 ____D C:\Program Files\iTunes
2013-09-27 15:50 - 2013-09-27 15:48 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-09-27 15:48 - 2013-09-27 15:48 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2013-09-27 15:48 - 2013-09-27 15:48 - 00000000 ____D C:\Program Files\iPod
2013-09-27 15:48 - 2013-09-27 15:48 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2013-09-27 15:47 - 2013-09-27 15:47 - 00000000 ____D C:\Program Files\Common Files\Apple
2013-09-27 15:47 - 2013-09-27 15:47 - 00000000 ____D C:\Program Files\Bonjour
2013-09-27 15:47 - 2013-09-27 15:47 - 00000000 ____D C:\Program Files (x86)\Bonjour
2013-09-27 15:46 - 2013-09-27 15:44 - 97176400 _____ (Apple Inc.) C:\Users\Büro\Downloads\iTunes64Setup(2).exe
2013-09-27 15:20 - 2012-11-05 16:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-09-27 15:05 - 2013-09-27 15:05 - 00001069 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2013-09-27 15:05 - 2013-09-27 15:05 - 00000000 ____D C:\Users\Büro\AppData\Roaming\Malwarebytes
2013-09-27 15:05 - 2013-09-27 15:05 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-27 15:05 - 2013-09-27 15:05 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-09-27 15:03 - 2013-09-27 15:04 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Büro\Downloads\mbam-setup-1.75.0.1300.exe
2013-09-25 13:03 - 2013-01-29 10:52 - 00000000 ____D C:\Users\Büro\Desktop\diverses
2013-09-23 22:11 - 2013-03-25 22:06 - 00292352 ___SH C:\Users\Büro\Downloads\Thumbs.db
2013-09-20 20:52 - 2012-11-05 16:51 - 00000000 ____D C:\Users\Büro\AppData\Local\Mozilla
2013-09-19 09:22 - 2013-09-03 18:20 - 00001986 _____ C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2013-09-19 09:22 - 2012-09-23 23:09 - 00251828 _____ C:\Windows\DPINST.LOG
2013-09-18 12:35 - 2012-09-23 23:02 - 00000000 ____D C:\ProgramData\Sony Corporation
2013-09-18 12:33 - 2013-01-29 10:51 - 00000000 _____ C:\Windows\SysWOW64\config.nt
2013-09-18 12:24 - 2013-09-18 12:24 - 00356648 _____ C:\Windows\system32\FNTCACHE.DAT
2013-09-16 13:37 - 2012-09-23 23:56 - 00753134 _____ C:\Windows\system32\perfh007.dat
2013-09-16 13:37 - 2012-09-23 23:56 - 00155826 _____ C:\Windows\system32\perfc007.dat
2013-09-16 13:37 - 2012-07-26 09:28 - 01745416 _____ C:\Windows\system32\PerfStringBackup.INI
2013-09-15 16:39 - 2013-05-02 19:06 - 00004096 _____ C:\Users\Public\Documents\00001453.LCS
2013-09-15 16:39 - 2013-05-02 19:06 - 00000000 ____D C:\Users\Büro\AppData\Roaming\ProtectDisc
2013-09-11 20:59 - 2012-11-05 15:41 - 00000000 ____D C:\Users\Büro
2013-09-11 20:56 - 2012-07-26 07:38 - 00000000 ____D C:\Windows\system32\oobe
2013-09-11 18:42 - 2013-01-05 19:36 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-09-11 18:38 - 2013-08-14 03:04 - 00000000 ____D C:\Windows\system32\MRT
2013-09-11 18:36 - 2012-12-13 11:11 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-09-11 11:34 - 2013-07-31 16:40 - 00000000 ____D C:\Users\Büro\AppData\Roaming\wargaming.net
2013-09-11 09:13 - 2013-09-11 09:13 - 00000722 _____ C:\Users\Public\Desktop\World of Warplanes.lnk
2013-09-11 09:13 - 2013-07-31 16:39 - 00000000 ___HD C:\Windows\msdownld.tmp
2013-09-11 09:13 - 2013-07-31 16:39 - 00000000 ____D C:\Windows\SysWOW64\directx
2013-09-11 09:10 - 2013-09-11 09:10 - 08775080 _____ (Wargaming.net                                              ) C:\Users\Büro\Downloads\WoWP_internet_install_eu.exe
2013-09-11 08:56 - 2013-09-11 08:56 - 00000172 _____ C:\Users\Büro\Downloads\wot_pref.zip
2013-09-10 18:26 - 2012-11-05 18:53 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater

Files to move or delete:
====================
C:\Users\BRO~1\AppData\Local\Temp\dlusb_launcherC120.exe


Some content of TEMP:
====================
C:\Users\Büro\AppData\Local\Temp\awiscale.dll
C:\Users\Büro\AppData\Local\Temp\DataCard_Setup64.exe
C:\Users\Büro\AppData\Local\Temp\detectionapi_rd.dll
C:\Users\Büro\AppData\Local\Temp\detectionui_r.exe
C:\Users\Büro\AppData\Local\Temp\directx10tests_rd.dll
C:\Users\Büro\AppData\Local\Temp\directx11tests_rd.dll
C:\Users\Büro\AppData\Local\Temp\directx9tests_rd.dll
C:\Users\Büro\AppData\Local\Temp\DLCapAPI.dll
C:\Users\Büro\AppData\Local\Temp\dlusb_launcherC120.exe
C:\Users\Büro\AppData\Local\Temp\drm_dyndata_7360007.dll
C:\Users\Büro\AppData\Local\Temp\DXCap.dll
C:\Users\Büro\AppData\Local\Temp\DXCap64.dll
C:\Users\Büro\AppData\Local\Temp\DXCapHost64.exe
C:\Users\Büro\AppData\Local\Temp\local.dll
C:\Users\Büro\AppData\Local\Temp\Medal of Honor_uninst.exe
C:\Users\Büro\AppData\Local\Temp\ose00000.exe
C:\Users\Büro\AppData\Local\Temp\ResetDevice.exe
C:\Users\Büro\AppData\Local\Temp\sonarinst.exe
C:\Users\Büro\AppData\Local\Temp\u320_dlusb.exe
C:\Users\Büro\AppData\Local\Temp\uninst1.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-30 03:06

==================== End Of Log ============================


Alle Zeitangaben in WEZ +1. Es ist jetzt 07:00 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19