FRST Logfile:
FRST Logfile:
FRST Logfile:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-03-2014 01
Ran by 24-03-2014 08:38:13
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\system32\AUDIODG.EXE
(Creative Technology Ltd) C:\Program Files\Creative\Shared Files\CTAudSvc.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgwdsvc.exe
(Nero AG) C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe
() C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
(Haufe-Lexware GmbH & Co. KG) C:\Program Files\Lexware\Update Service\Hmg.InstallationService.Service.exe
() C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(VIA Technologies, Inc.) C:\Windows\system32\viakaraokesrv.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
() C:\Program Files\HTC\HTC Sync Manager\HTC Sync\adb.exe
(VIA) C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe
(Creative Technology Ltd) C:\Program Files\InstallShield Installation Information\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}\AMBSPISyncService.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Haufe-Lexware GmbH & Co. KG) C:\Program Files\Lexware\Update Manager\LxUpdateManager.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgui.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(WinZip Computing, S.L.) C:\Program Files\WinZip\WZQKPICK32.EXE
(Elias Fotinis) C:\Program Files\DeskPins\DeskPins.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Macrovision Europe Ltd.) C:\Users\ENGIN&~1\AppData\Local\Temp\Sound_Blaster_X-Fi_MB_Cleanup.0001
(Creative Labs) C:\Program Files\Common Files\Creative Labs Shared\Service\XMBLicensing.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [HDAudDeck] - C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe [3770992 2011-06-20] (VIA)
HKLM\...\Run: [CTSyncService] - C:\Program Files\InstallShield Installation Information\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}\AMBSPISyncService.exe [1233195 2009-07-08] (Creative Technology Ltd)
HKLM\...\Run: [VolPanel] - C:\Program Files\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe [241789 2009-05-04] (Creative Technology Ltd)
HKLM\...\Run: [RunDLLEntry] - C:\Windows\system32\AmbRunE.dll [14848 2009-02-26] (Creative Technology Ltd.)
HKLM\...\Run: [ControlCenter3] - C:\Program Files\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [SDTray] - C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [3830224 2013-05-16] (Safer-Networking Ltd.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [LexwareInfoService] - C:\Program Files\Lexware\Update Manager\LxUpdateManager.exe [208424 2013-10-17] (Haufe-Lexware GmbH & Co. KG)
HKLM\...\Run: [AVG_UI] - C:\Program Files\AVG\AVG2014\avgui.exe [4962320 2014-01-22] (AVG Technologies CZ, s.r.o.)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-1973264009-4096354467-804866937-1000\...\Run: [Spybot-S&D Cleaning] - C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe [3642312 2013-05-16] (Safer-Networking Ltd.)
HKU\S-1-5-21-1973264009-4096354467-804866937-1000\...\Policies\Explorer: [NoCDBurning] 0
HKU\S-1-5-21-1973264009-4096354467-804866937-1000\...\MountPoints2: {81d87ad3-c8f2-11e2-b12b-bc5ff43ee03f} - I:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-1973264009-4096354467-804866937-1000\...\MountPoints2: {f43bfee4-24fb-11e2-8b13-806e6f6e6963} - D:\BlueBirds.exe
Startup: C:\Users\Engin & Erol\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DeskPins.lnk
ShortcutTarget: DeskPins.lnk -> C:\Program Files\DeskPins\DeskPins.exe (Elias Fotinis)
==================== Internet (Whitelisted) ====================
ProxyServer: localhost:21320
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x834A00B1410BCE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - URL hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=4.4&ts=1379023200000.000007&tguid=66920-6787-1379059934874-FF14E9EB35DC3404E45EE3864B60F769&q={searchTerms}
SearchScopes: HKLM - SuggestionsURL_JSON hxxp://api.widdit.com/suggestions/?format=ffplugin&ua=ie&src=addon&si=66920&gid=66920-6787-1379059934874-FF14E9EB35DC3404E45EE3864B60F769&dbCode=1&command={searchTerms}
SearchScopes: HKLM - TopResultURLFallback hxxp://search.certified-toolbar.com?si=66920&st=bs&tid=6787&ver=4.4&ts=1379023200000.000007&tguid=66920-6787-1379059934874-FF14E9EB35DC3404E45EE3864B60F769&q={searchTerms}
SearchScopes: HKCU - DefaultScope {F3C54C61-6A1A-4764-B638-99CC33E33724} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3297265&CUI=UN40441540992459026&UM=2
SearchScopes: HKCU - {85C36798-9327-4750-B197-6A22AF5E1216} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3286379&CUI=UN18833377503098032
SearchScopes: HKCU - {E347E2D8-548C-4d61-A92A-14A1CFDCE73F} URL = hxxp://www.google.com/custom?client=pub-3794288947762788&forid=1&channel=5480255188&ie=UTF-8&oe=UTF-8&safe=active&cof=GALT%3A%23008000%3BGL%3A1%3BDIV%3A%23336699%3BVLC%3A663399%3BAH%3Acenter%3BBGC%3AFFFFFF%3BLBGC%3A336699%3BALC%3A0000FF%3BLC%3A0000FF%3BT%3A000000%3BGFNT%3A0000FF%3BGIMP%3A0000FF%3BFORID%3A1&hl=de&q={searchTerms}
SearchScopes: HKCU - {F3C54C61-6A1A-4764-B638-99CC33E33724} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3297265&CUI=UN40441540992459026&UM=2
BHO: Recorder Toolbar - {120A8821-2BEE-4C29-BCDA-62C577781992} - C:\Program Files\MedienTeam66\MP3 Recorder for YouTube\IEPlugin.dll (MedienTeam66)
BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Recorder Toolbar - {120A8821-2BEE-4C29-BCDA-62C577781992} - C:\Program Files\MedienTeam66\MP3 Recorder for YouTube\IEPlugin.dll (MedienTeam66)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKCU - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Engin & Erol\AppData\Roaming\Mozilla\Firefox\Profiles\8o5zaxiw.default-1366457432630
FF SearchEngineOrder.1: Ask Search
FF Homepage: about:home
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @canon.com/EPPEX - C:\Program Files\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll (CANON INC.)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: PutLockerDownloader V6.0 - C:\Users\Engin & Erol\AppData\Roaming\Mozilla\Firefox\Profiles\8o5zaxiw.default-1366457432630\Extensions\2142c4b4-74c0-4c8d-9be5-fdb4bf61b17b@fa0a20eb-0225-46ef-ba03-84e45a86b7d9.com [2014-03-07]
FF Extension: Adblock Plus - C:\Users\Engin & Erol\AppData\Roaming\Mozilla\Firefox\Profiles\8o5zaxiw.default-1366457432630\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-07-02]
FF Extension: Recorder Toolbar - C:\Program Files\Mozilla Firefox\extensions\{10743931-94DF-476f-A987-4391233C17A2} [2014-03-21]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-03-21]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
Chrome:
=======
CHR DefaultSearchKeyword: search.conduit.com
CHR DefaultSearchProvider: Conduit
CHR DefaultSearchURL: hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&CUI=UN24059416221251663&ctid=CT3297265&UM=2
CHR DefaultNewTabURL:
CHR Extension: (Google Wallet) - C:\Users\Engin & Erol\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-26]
========================== Services (Whitelisted) =================
S2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3788816 2014-01-22] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-24] (AVG Technologies CZ, s.r.o.)
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2012-11-02] (Creative Labs)
R2 HTCMonitorService; C:\Program Files\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2013-01-29] (Nero AG)
R2 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] ()
R2 Lexware_Update_Service; C:\Program Files\Lexware\Update Service\Hmg.InstallationService.Service.exe [49664 2013-10-08] (Haufe-Lexware GmbH & Co. KG)
S2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
R3 Sound Blaster X-Fi MB Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\XMBLicensing.exe [79360 2012-11-02] (Creative Labs)
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2011-06-14] (VIA Technologies, Inc.)
==================== Drivers (Whitelisted) ====================
R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [120600 2013-11-25] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [210712 2013-11-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [149272 2013-11-25] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [22808 2014-01-19] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [176952 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [222520 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [102712 2013-10-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27448 2013-09-10] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [193848 2013-08-01] (AVG Technologies CZ, s.r.o.)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [1806448 2011-06-14] (VIA Technologies, Inc.)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-03-24 08:38 - 2014-03-24 08:38 - 00000000 ____D () C:\FRST
2014-03-24 08:37 - 2014-03-24 08:37 - 00000000 _____ () C:\Users\Engin & Erol\defogger_reenable
2014-03-21 15:06 - 2014-03-24 08:38 - 00000000 ____D () C:\Users\Engin & Erol\Desktop\Hilfe für Computer
2014-03-21 14:50 - 2014-03-21 14:50 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-03-21 12:52 - 2014-03-21 12:52 - 00009947 _____ () C:\Users\Engin & Erol\Desktop\hijackthis.log
2014-03-21 12:44 - 2014-03-21 12:44 - 00613200 _____ (Chip Digital GmbH) C:\Users\Engin & Erol\Downloads\HijackThis - CHIP-Downloader.exe
2014-03-20 10:03 - 2014-03-20 10:03 - 00000624 _____ () C:\Windows\PFRO.log
2014-03-20 09:46 - 2014-03-20 09:46 - 00268440 _____ () C:\Users\Engin & Erol\Documents\cc_20140320_094639.reg
2014-03-20 09:26 - 2014-03-20 09:26 - 00000804 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-03-20 09:25 - 2014-03-20 09:26 - 00000000 ____D () C:\Program Files\CCleaner
2014-03-20 08:32 - 2014-03-20 08:32 - 00000000 ____D () C:\Windows\pss
2014-03-19 08:53 - 2014-03-19 08:53 - 00065536 _____ () C:\Windows\TADSUINS.EXE
2014-03-19 08:53 - 2014-03-19 08:53 - 00000776 _____ () C:\Users\UpdatusUser\Desktop\HTML TADS Interpreter.lnk
2014-03-17 09:19 - 2014-03-17 09:19 - 00000000 ____D () C:\Users\Engin & Erol\AppData\Roaming\AVG2014
2014-03-17 09:18 - 2014-03-17 09:18 - 00000858 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-03-17 09:16 - 2014-03-17 09:16 - 00000000 ___HD () C:\$AVG
2014-03-17 09:15 - 2014-03-17 09:15 - 00000000 ____D () C:\Program Files\AVG
2014-03-17 09:14 - 2014-03-17 09:19 - 00000000 ____D () C:\Users\Engin & Erol\AppData\Local\Avg2014
2014-03-14 06:47 - 2014-02-23 06:50 - 12347904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-14 06:47 - 2014-02-23 06:47 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-14 06:47 - 2014-02-23 06:43 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-14 06:47 - 2014-02-23 06:41 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-14 06:47 - 2014-02-23 06:40 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-14 06:47 - 2014-02-23 06:39 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-14 06:47 - 2014-02-23 06:38 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-03-14 06:47 - 2014-02-23 06:38 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-14 06:47 - 2014-02-23 06:38 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-14 06:47 - 2014-02-23 06:37 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-14 06:47 - 2014-02-23 06:37 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-03-14 06:47 - 2014-02-23 06:37 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-14 06:47 - 2014-02-23 06:37 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-03-14 06:47 - 2014-02-23 06:36 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-14 06:47 - 2014-02-23 06:36 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-03-14 06:47 - 2014-02-23 06:35 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-13 12:07 - 2014-02-07 11:38 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-13 12:07 - 2014-02-03 11:37 - 00505344 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-13 12:07 - 2014-01-30 08:46 - 00876032 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-13 12:07 - 2013-11-13 01:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-03-13 10:36 - 2014-03-13 10:36 - 00002755 _____ () C:\Users\Public\Desktop\Lexware financial office.lnk
2014-03-10 09:30 - 2014-03-13 09:43 - 00000000 ____D () C:\ProgramData\MGS
2014-03-10 09:30 - 2014-03-10 09:30 - 00000000 ____D () C:\Microgaming
2014-02-26 12:40 - 2014-02-26 12:40 - 01684703 _____ () C:\Users\Engin & Erol\Desktop\erste.ini
2014-02-26 10:13 - 2014-02-26 10:14 - 00000000 ____D () C:\Users\Engin & Erol\Desktop\php
2014-02-26 10:12 - 2014-02-05 14:52 - 00000000 ____D () C:\Users\Engin & Erol\Desktop\dev
2014-02-26 10:03 - 2013-12-24 10:37 - 00000000 ____D () C:\Users\Engin & Erol\Desktop\backwpup
==================== One Month Modified Files and Folders =======
2014-03-24 08:38 - 2014-03-24 08:38 - 00000000 ____D () C:\FRST
2014-03-24 08:38 - 2014-03-21 15:06 - 00000000 ____D () C:\Users\Engin & Erol\Desktop\Hilfe für Computer
2014-03-24 08:37 - 2014-03-24 08:37 - 00000000 _____ () C:\Users\Engin & Erol\defogger_reenable
2014-03-24 08:37 - 2012-11-02 10:09 - 00000000 ____D () C:\Users\Engin & Erol
2014-03-24 08:36 - 2008-01-21 02:35 - 01274333 _____ () C:\Windows\WindowsUpdate.log
2014-03-24 08:34 - 2013-08-08 12:59 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-24 08:34 - 2013-05-30 14:20 - 00000000 ____D () C:\Users\Engin & Erol\AppData\Local\HTC MediaHub
2014-03-24 08:33 - 2013-11-26 23:35 - 00002210 _____ () C:\Windows\Tasks\PutLockerDownloader V6.0-firefoxinstaller.job
2014-03-24 08:33 - 2013-11-26 23:35 - 00001376 _____ () C:\Windows\Tasks\PutLockerDownloader V6.0-updater.job
2014-03-24 08:33 - 2013-07-02 09:06 - 00000644 _____ () C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
2014-03-24 08:33 - 2012-11-02 12:19 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-24 08:33 - 2006-11-02 14:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-24 08:33 - 2006-11-02 13:47 - 00008832 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-24 08:33 - 2006-11-02 13:47 - 00008832 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-24 08:20 - 2006-11-02 14:01 - 00032530 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-03-24 08:04 - 2012-11-05 12:53 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-23 22:23 - 2013-08-08 12:59 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-23 17:15 - 2012-11-02 11:29 - 00000000 ____D () C:\ProgramData\MFAData
2014-03-23 12:30 - 2013-02-11 12:30 - 00000316 _____ () C:\Windows\Tasks\MT66 Software Update.job
2014-03-21 22:14 - 2014-02-21 13:47 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-03-21 14:50 - 2014-03-21 14:50 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-03-21 12:52 - 2014-03-21 12:52 - 00009947 _____ () C:\Users\Engin & Erol\Desktop\hijackthis.log
2014-03-21 12:44 - 2014-03-21 12:44 - 00613200 _____ (Chip Digital GmbH) C:\Users\Engin & Erol\Downloads\HijackThis - CHIP-Downloader.exe
2014-03-21 12:26 - 2012-11-06 09:38 - 00000000 ____D () C:\ProgramData\Lexware
2014-03-20 10:03 - 2014-03-20 10:03 - 00000624 _____ () C:\Windows\PFRO.log
2014-03-20 09:46 - 2014-03-20 09:46 - 00268440 _____ () C:\Users\Engin & Erol\Documents\cc_20140320_094639.reg
2014-03-20 09:44 - 2012-11-28 09:39 - 00000000 ____D () C:\Windows\Minidump
2014-03-20 09:44 - 2012-11-02 15:44 - 00000000 ____D () C:\Windows\Panther
2014-03-20 09:44 - 2012-11-02 11:13 - 00000000 ____D () C:\Users\Engin & Erol\AppData\Local\CrashDumps
2014-03-20 09:26 - 2014-03-20 09:26 - 00000804 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-03-20 09:26 - 2014-03-20 09:25 - 00000000 ____D () C:\Program Files\CCleaner
2014-03-20 09:00 - 2013-04-30 09:02 - 00000000 ____D () C:\Users\Engin & Erol\VideoConverter
2014-03-20 08:49 - 2013-10-16 08:37 - 00000000 ____D () C:\House_Party
2014-03-20 08:32 - 2014-03-20 08:32 - 00000000 ____D () C:\Windows\pss
2014-03-19 08:59 - 2012-11-06 08:42 - 00000000 ____D () C:\Users\Engin & Erol\Desktop\Engin
2014-03-19 08:53 - 2014-03-19 08:53 - 00065536 _____ () C:\Windows\TADSUINS.EXE
2014-03-19 08:53 - 2014-03-19 08:53 - 00000776 _____ () C:\Users\UpdatusUser\Desktop\HTML TADS Interpreter.lnk
2014-03-18 03:03 - 2013-08-14 15:55 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-18 03:00 - 2006-11-02 11:24 - 87350280 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-03-17 15:00 - 2012-11-02 10:40 - 00000000 ____D () C:\Users\Engin & Erol\AppData\Local\Adobe
2014-03-17 14:55 - 2012-11-05 12:53 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-03-17 14:55 - 2012-11-05 12:53 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-03-17 09:31 - 2014-02-12 11:15 - 00000000 ____D () C:\ProgramData\CanonIJPLM
2014-03-17 09:19 - 2014-03-17 09:19 - 00000000 ____D () C:\Users\Engin & Erol\AppData\Roaming\AVG2014
2014-03-17 09:19 - 2014-03-17 09:14 - 00000000 ____D () C:\Users\Engin & Erol\AppData\Local\Avg2014
2014-03-17 09:18 - 2014-03-17 09:18 - 00000858 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-03-17 09:18 - 2013-10-12 11:16 - 00000000 ____D () C:\ProgramData\AVG2014
2014-03-17 09:16 - 2014-03-17 09:16 - 00000000 ___HD () C:\$AVG
2014-03-17 09:15 - 2014-03-17 09:15 - 00000000 ____D () C:\Program Files\AVG
2014-03-14 07:08 - 2006-11-02 13:47 - 00288752 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-14 07:07 - 2012-11-06 09:36 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-14 07:00 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\rescache
2014-03-14 06:45 - 2006-11-02 12:18 - 00000000 ____D () C:\Windows\system32\de-DE
2014-03-13 15:02 - 2008-01-21 08:16 - 01566088 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-13 10:36 - 2014-03-13 10:36 - 00002755 _____ () C:\Users\Public\Desktop\Lexware financial office.lnk
2014-03-13 09:43 - 2014-03-10 09:30 - 00000000 ____D () C:\ProgramData\MGS
2014-03-12 00:30 - 2013-07-02 09:06 - 00000616 _____ () C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
2014-03-11 08:45 - 2014-01-29 09:06 - 00002633 _____ () C:\Users\Engin & Erol\Desktop\Lexware financial office.lnk
2014-03-10 09:30 - 2014-03-10 09:30 - 00000000 ____D () C:\Microgaming
2014-03-04 08:45 - 2013-08-28 11:26 - 00000000 ____D () C:\AdwCleaner
2014-03-01 05:38 - 2013-07-02 09:06 - 00000446 _____ () C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job
2014-02-28 14:40 - 2012-11-05 13:39 - 00000532 _____ () C:\Windows\BRWMARK.INI
2014-02-26 12:40 - 2014-02-26 12:40 - 01684703 _____ () C:\Users\Engin & Erol\Desktop\erste.ini
2014-02-26 10:14 - 2014-02-26 10:13 - 00000000 ____D () C:\Users\Engin & Erol\Desktop\php
2014-02-25 15:32 - 2014-02-20 09:45 - 00000000 ____D () C:\Users\Engin & Erol\AppData\Local\Haufe-Lexware_GmbH_&_Co._
2014-02-25 10:10 - 2014-02-21 13:30 - 00000000 ____D () C:\Program Files\MozBackup
2014-02-23 06:50 - 2014-03-14 06:47 - 12347904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-23 06:47 - 2014-03-14 06:47 - 01806848 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-23 06:43 - 2014-03-14 06:47 - 09739264 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-23 06:41 - 2014-03-14 06:47 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-23 06:40 - 2014-03-14 06:47 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-23 06:39 - 2014-03-14 06:47 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-23 06:38 - 2014-03-14 06:47 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-02-23 06:38 - 2014-03-14 06:47 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-23 06:38 - 2014-03-14 06:47 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-23 06:37 - 2014-03-14 06:47 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-23 06:37 - 2014-03-14 06:47 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-02-23 06:37 - 2014-03-14 06:47 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-23 06:37 - 2014-03-14 06:47 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-23 06:36 - 2014-03-14 06:47 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-23 06:36 - 2014-03-14 06:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-02-23 06:35 - 2014-03-14 06:47 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-03-24 08:40
==================== End Of Log ============================
--- --- ---
--- --- ---
--- --- ---
--- --- ---
--- --- --- Code:
==================== Security Center ========================
AV: AVG AntiVirus Free Edition 2014 (Disabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: AVG AntiVirus Free Edition 2014 (Disabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
==================== Installed Programs ======================
Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 2.0.0.0 - Adobe Systems Incorporated)
Acrobat.com (Version: 2.0.0 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.9.0.1030 - Adobe Systems Incorporated)
Adobe AIR (Version: 3.9.0.1030 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader X (10.1.9) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)
Apple Application Support (HKLM\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{E14ADE0E-75F3-4A46-87E5-26692DD626EC}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASRock InstantBoot v1.29 (HKLM\...\ASRock InstantBoot_is1) (Version: - )
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4336 - AVG Technologies)
AVG 2014 (Version: 14.0.3722 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4336 - AVG Technologies) Hidden
Brother MFL-Pro Suite (HKLM\...\{51E89658-5D6B-4F0D-B72B-57863C3AD06C}) (Version: 1.00 - Brother Industries, Ltd.)
Canon Easy-WebPrint EX (HKLM\...\Easy-WebPrint EX) (Version: 1.4.0.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.)
Canon Kurzwahlprogramm (HKLM\...\Speed Dial Utility) (Version: 1.3.0 - Canon Inc.)
Canon MX450 series Benutzerregistrierung (HKLM\...\Canon MX450 series Benutzerregistrierung) (Version: - *Canon Inc.)
Canon MX450 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX450_series) (Version: 1.00 - Canon Inc.)
Canon MX450 series On-screen Manual (HKLM\...\Canon MX450 series On-screen Manual) (Version: 7.6.0 - Canon Inc.)
Canon My Image Garden (HKLM\...\Canon My Image Garden) (Version: 1.1.2 - Canon Inc.)
Canon My Image Garden Design Files (HKLM\...\Canon My Image Garden Design Files) (Version: 1.0.1 - Canon Inc.)
Canon My Printer (HKLM\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
Canon Quick Menu (HKLM\...\CanonQuickMenu) (Version: 2.1.0 - Canon Inc.)
Casino Action (HKLM\...\casinoaction) (Version: 16.10.1.1475 - )
CCleaner (HKLM\...\CCleaner) (Version: 4.11 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.0.3717 - CDBurnerXP)
dakota.ag (HKLM\...\dakota.ag) (Version: 6.0 - ITSG GmbH)
dakota.ag (Version: 6.0 - ITSG GmbH) Hidden
DeskPins (remove only) (HKLM\...\DeskPins) (Version: - )
DivX-Setup (HKLM\...\DivX Setup) (Version: 2.6.1.87 - DivX, LLC)
Free M4a to MP3 Converter 7.2 (HKLM\...\Free M4a to MP3 Converter_is1) (Version: - ManiacTools.com)
Google Chrome (HKLM\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Update Helper (Version: 1.3.22.5 - Google Inc.) Hidden
HTC Driver Installer (HKLM\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.1.0.001 - HTC Corporation)
HTC Sync Manager (HKLM\...\{5002C5B1-B688-474A-AB3A-9B65DBD38FF9}) (Version: 2.0.58.0 - HTC)
iFunbox (v2.6.2375.747), iFunbox DevTeam (HKLM\...\iFunbox_is1) (Version: v2.6.2375.747 - )
IPTInstaller (HKLM\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
iTunes (HKLM\...\{91FD46D2-4FB7-4A51-8637-556E1BE1DB7C}) (Version: 11.0.4.4 - Apple Inc.)
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 35 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216035FF}) (Version: 6.0.350 - Oracle)
Lexware Elster (HKLM\...\{CEF3D480-E4A5-4962-BCF5-D72F355B4E98}) (Version: 14.02.00.0015 - Haufe-Lexware GmbH & Co.KG)
Lexware financial office 2014 (HKLM\...\{bcd8903c-570f-4324-977b-8d0efe79a922}) (Version: 18.0.0.98 - Haufe-Lexware GmbH & Co.KG)
Lexware financial office 2014 (Version: 18.04.00.0139 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Info Service (Version: 4.01.00.0077 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware Installations Dienst (Version: 3.01.00.0011 - Haufe-Lexware GmbH & Co.KG) Hidden
Lexware online banking (HKLM\...\{7F603892-89C9-4EC4-9236-7AD4A798EA41}) (Version: 21.00.00.0039 - Haufe-Lexware GmbH & Co.KG)
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 28.0 (x86 de) (HKLM\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MP3 Recorder for YouTube 1.0 Professional-E (HKLM\...\{2ED4869A-6D7B-4a8f-8261-B842DA4852FA}_is1) (Version: - )
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MT66 Software Update (HKLM\...\{F2E4F3A5-A8F0-46F4-8E91-E8C1DE1FCFE5}_is1) (Version: - )
NVIDIA 3D Vision Treiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.11.9621 - NVIDIA Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10 - NVIDIA Corporation)
NVIDIA Grafiktreiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.109.718 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.1106 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 311.06 (Version: 311.06 - NVIDIA Corporation) Hidden
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
OEM Logo and Information (HKLM\...\OEMInformation) (Version: - ASROCK)
Platform (Version: 1.36 - VIA Technologies, Inc.) Hidden
Plus500 (HKLM\...\Plus500) (Version: - )
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Sound Blaster X-Fi MB (HKLM\...\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}) (Version: 1.0 - Creative Technology Limited)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.1.19 - Safer-Networking Ltd.)
sv.net (HKLM\...\sv.net) (Version: 13.2 - ITSG GmbH)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
Versandhelfer (HKLM\...\dpdhl.versandhelfer) (Version: 1.3 - DPITS-Projekt_DHLVersandhelfer)
Versandhelfer (Version: 1.3 - DPITS-Projekt_DHLVersandhelfer) Hidden
VIA Plattform-Geräte-Manager (HKLM\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.36 - VIA Technologies, Inc.)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.0.7 (HKLM\...\VLC media player) (Version: 2.0.7 - VideoLAN)
WinRAR 4.20 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinZip 17.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240D8}) (Version: 17.0.10381 - WinZip Computing, S.L. )
WISO Steuer 2013 (HKLM\...\{D6CC2FAF-F827-4091-96A1-D32CC9B69C79}) (Version: 20.00.8137 - Buhl Data Service GmbH)
==================== Restore Points =========================
08-03-2014 16:02:12 Geplanter Prüfpunkt
10-03-2014 17:03:48 Geplanter Prüfpunkt
11-03-2014 21:32:27 Geplanter Prüfpunkt
12-03-2014 12:02:47 Geplanter Prüfpunkt
13-03-2014 17:32:39 Geplanter Prüfpunkt
14-03-2014 05:42:56 Windows Update
14-03-2014 23:00:01 Geplanter Prüfpunkt
16-03-2014 17:03:27 Geplanter Prüfpunkt
17-03-2014 07:58:42 Gerätetreiber-Paketinstallation: AVG Technologies Netzwerkdienst
17-03-2014 08:02:37 Removed AVG 2014
17-03-2014 08:04:43 Removed AVG 2014
17-03-2014 08:14:47 Installed AVG 2014
17-03-2014 08:15:35 Installed AVG 2014
18-03-2014 02:00:10 Windows Update
19-03-2014 14:18:18 Geplanter Prüfpunkt
20-03-2014 10:00:15 Geplanter Prüfpunkt
21-03-2014 12:24:16 Geplanter Prüfpunkt
22-03-2014 02:57:23 Geplanter Prüfpunkt
22-03-2014 23:00:03 Geplanter Prüfpunkt
23-03-2014 13:28:41 Geplanter Prüfpunkt
==================== Hosts content: ==========================
2006-11-02 11:23 - 2006-09-18 22:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {060518E2-6223-42A0-9F5F-D71401A32CD6} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {0AB647D6-59AC-4230-8E26-B7973C77D4FB} - System32\Tasks\Scan the system (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {287B8B63-19E5-4965-B248-6301585DFA53} - System32\Tasks\Test TimeTrigger => C:\Users\ENGIN&~1\AppData\Local\Temp\Runner.exe <==== ATTENTION
Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {3315D1D8-7CD8-4D83-9D17-E58AF5221A3B} - System32\Tasks\Divx-Online-Aktualisierungsprogramm => C:\Program Files\DivX\DivX Update\DivXUpdate.exe [2013-08-29] ()
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {5136CF41-0F69-48FB-8E18-FDDEFB4DB7CB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-08-08] (Google Inc.)
Task: {5F683DD3-D995-4150-80B2-5F202791A48B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-17] (Adobe Systems Incorporated)
Task: {63F97C14-FF01-4224-8CB6-A98C183D1D68} - System32\Tasks\PutLockerDownloader V6.0-updater => C:\Program Files\PutLockerDownloader V6.0\PutLockerDownloader V6.0-updater.exe <==== ATTENTION
Task: {64B9D53D-18EC-4452-9E82-CA843D27E5B9} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-02-20] (Piriform Ltd)
Task: {64DAACF1-7E5F-4C4D-B0CE-8360D1D9EC95} - System32\Tasks\Check for updates (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {7BF79ACE-ED2D-4575-9B22-3B60230112C3} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {82738C45-819C-4D12-BF82-95BF2FF1DF7D} - System32\Tasks\FGRun => C:\Users\Engin
Task: {88EFA13A-C113-4B82-A6E5-27E3876B8B4F} - System32\Tasks\Refresh immunization (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {9B18D391-0EFE-47EC-AB2F-E59ABF01FCEE} - System32\Tasks\MT66 Software Update => C:\Program Files\Common Files\MT66 Software Update\UpdateClient.exe [2009-11-18] (MedienTeam66)
Task: {A714DCAB-17F2-49CB-9BCE-131CF5AC2F15} - System32\Tasks\ROC_REG_JAN_DELETE => C:\ProgramData\AVG January 2013 Campaign\ROC.exe [2013-01-17] ()
Task: {A728AE6B-5AB8-4223-AD3E-E6341441A01C} - System32\Tasks\Microsoft\Windows\PLA\System\ConvertLogEntries => Rundll32.exe %windir%\system32\pla.dll,PlaConvertLogEntries
Task: {BD40BEAC-6B34-43D6-B1CD-71043CBE23BB} - System32\Tasks\PutLockerDownloader V6.0-firefoxinstaller => C:\Program Files\PutLockerDownloader V6.0\PutLockerDownloader V6.0-firefoxinstaller.exe <==== ATTENTION
Task: {E019F197-C968-43C6-8EA9-F00CC966C687} - System32\Tasks\Lexware-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: {E8E67EBB-DCAB-4588-B4A5-EDA5A03CC80B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2013-08-08] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\MT66 Software Update.job => C:\Program Files\Common Files\MT66 Software Update\UpdateClient.exe
Task: C:\Windows\Tasks\PutLockerDownloader V6.0-firefoxinstaller.job => C:\Program Files\PutLockerDownloader V6.0\PutLockerDownloader V6.0-firefoxinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\PutLockerDownloader V6.0-updater.job => C:\Program Files\PutLockerDownloader V6.0\PutLockerDownloader V6.0-updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
Task: C:\Windows\Tasks\ROC_REG_JAN_DELETE.job => C:\ProgramData\AVG January 2013 Campaign\ROC.exe
Task: C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe
==================== Loaded Modules (whitelisted) =============
2012-11-28 13:13 - 2012-11-28 13:13 - 00087952 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2012-11-28 13:13 - 2012-11-28 13:13 - 01242512 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-04-26 18:01 - 2013-04-26 18:01 - 00030056 _____ () C:\Program Files\HTC\HTC Sync Manager\DbAccess.dll
2013-04-26 18:02 - 2013-04-26 18:02 - 00607376 _____ () C:\Program Files\HTC\HTC Sync Manager\sqlite3.dll
2013-04-26 18:02 - 2013-04-26 18:02 - 00044392 _____ () C:\Program Files\HTC\HTC Sync Manager\NAdvLog.dll
2013-04-26 18:02 - 2013-04-26 18:02 - 00036216 _____ () C:\Program Files\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2013-04-26 18:03 - 2013-04-26 18:03 - 00080248 _____ () C:\Program Files\HTC\HTC Sync Manager\ninstallerhelper.dll
2013-04-26 18:07 - 2013-04-26 18:07 - 00223592 _____ () C:\Program Files\HTC\HTC Sync Manager\DevConnMon.dll
2014-02-12 11:38 - 2012-03-28 13:49 - 00140456 _____ () C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
2013-05-30 14:17 - 2012-12-07 16:26 - 00167424 _____ () C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
2013-07-02 09:06 - 2013-05-16 09:55 - 00113496 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2013-07-02 09:06 - 2013-05-16 09:55 - 00416600 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
2013-07-02 09:06 - 2013-05-16 09:55 - 00161112 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2013-07-02 09:06 - 2012-08-23 09:38 - 00574840 _____ () C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll
2013-07-02 09:06 - 2012-04-03 16:06 - 00565640 _____ () C:\Program Files\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2012-11-05 13:28 - 2002-11-26 13:43 - 00106496 ____N () C:\Windows\system32\BrMuSNMP.dll
2013-04-26 18:03 - 2013-04-26 18:03 - 00169312 _____ () C:\Program Files\HTC\HTC Sync Manager\HTC Sync\adb.exe
2012-11-02 10:22 - 2011-06-20 09:27 - 00080496 ____R () C:\Program Files\VIA\VIAudioi\VDeck\QsApoApi.dll
2012-11-02 10:22 - 2011-06-20 09:27 - 00113264 ____R () C:\Program Files\VIA\VIAudioi\VDeck\Dts2ApoApi.dll
2012-11-02 10:22 - 2011-06-20 09:27 - 00623216 ____R () C:\Program Files\VIA\VIAudioi\VDeck\Skin.dll
2014-03-24 08:33 - 2014-03-24 08:34 - 00697884 _____ () C:\Users\Engin & Erol\AppData\Local\Temp\Sound_Blaster_X-Fi_MB_Cleanup.0001.dir.0008\~df394b.tmp
2014-03-24 08:34 - 2014-03-24 08:34 - 00592896 _____ () C:\Users\Engin & Erol\AppData\Local\Temp\Sound_Blaster_X-Fi_MB_Cleanup.0001.dir.0008\~de6248.tmp
2013-09-26 12:20 - 2013-09-26 12:20 - 00176168 _____ () C:\Program Files\Lexware\Update Manager\Haufe.Core.Diagnostics.Logging.Targets.Etw.dll
2013-09-26 12:20 - 2013-09-26 12:20 - 00043048 _____ () C:\Program Files\Lexware\Update Manager\Haufe.Core.Diagnostics.Etw.dll
2014-03-21 14:50 - 2014-03-21 14:50 - 03642480 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2014-03-12 02:04 - 2014-03-17 14:55 - 16276872 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WISO Mein Steuer-Sparbuch heute.lnk => C:\Windows\pss\WISO Mein Steuer-Sparbuch heute.lnk.CommonStartup
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: bluebirds => C:\Users\Engin & Erol\Bluebirds\BlueBirds.exe
MSCONFIG\startupreg: CanonQuickMenu => C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE /logon
MSCONFIG\startupreg: DivXMediaServer => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (03/24/2014 08:33:43 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/24/2014 07:42:06 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/23/2014 00:04:15 PM) (Source: SDFSSvc.exe) (User: )
Description: Der Dienstprozess konnte keine Verbindung mit dem Dienstcontroller herstellen
Error: (03/23/2014 00:04:11 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/21/2014 10:15:23 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/21/2014 10:44:40 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/21/2014 08:47:54 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/20/2014 07:09:44 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/20/2014 05:37:17 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/20/2014 10:21:04 AM) (Source: Windows Search Service) (User: )
Description: Eintrag <C:\USERS\ENGIN & EROL\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\8O5ZAXIW.DEFAULT-1366457432630\SAFEBROWSING-TO_DELETE> in der Hash-Zuordnung kann nicht aktualisiert werden.
Kontext: Anwendung, SystemIndex Katalog
Details:
Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f)
System errors:
=============
Error: (03/24/2014 08:35:45 AM) (Source: Service Control Manager) (User: )
Description: NVIDIA Update Service Daemon%%1069
Error: (03/24/2014 08:35:45 AM) (Source: Service Control Manager) (User: )
Description: nvUpdatusService.\UpdatusUser%%1330
Error: (03/24/2014 07:44:08 AM) (Source: Service Control Manager) (User: )
Description: NVIDIA Update Service Daemon%%1069
Error: (03/24/2014 07:44:08 AM) (Source: Service Control Manager) (User: )
Description: nvUpdatusService.\UpdatusUser%%1330
Error: (03/23/2014 02:43:49 PM) (Source: disk) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
Error: (03/23/2014 02:43:49 PM) (Source: nvstor32) (User: )
Description: Ein Paritätsfehler wurde auf \Device\RaidPort0 gefunden.
Error: (03/23/2014 02:43:46 PM) (Source: disk) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
Error: (03/23/2014 02:43:46 PM) (Source: nvstor32) (User: )
Description: Ein Paritätsfehler wurde auf \Device\RaidPort0 gefunden.
Error: (03/23/2014 02:42:42 PM) (Source: disk) (User: )
Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.
Error: (03/23/2014 02:42:42 PM) (Source: nvstor32) (User: )
Description: Ein Paritätsfehler wurde auf \Device\RaidPort0 gefunden.
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2014-03-24 08:38:26.552
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-03-24 08:38:26.440
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-03-24 08:38:26.326
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-03-24 08:38:26.188
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-03-24 07:45:03.440
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-03-24 07:45:03.330
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-03-24 07:45:03.205
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-03-24 07:45:03.096
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-03-24 07:45:02.986
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-03-24 07:45:02.877
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 45%
Total physical RAM: 3326.33 MB
Available physical RAM: 1818.79 MB
Total Pagefile: 6861.55 MB
Available Pagefile: 5206.99 MB
Total Virtual: 2047.88 MB
Available Virtual: 1894.8 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:596.17 GB) (Free:349.85 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 596 GB) (Disk ID: 031F031E)
Partition 1: (Active) - (Size=596 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Code:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 08:37 on 24/03/2014 (Engin & Erol)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
Code:
---- System - GMER 2.1 ----
SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys ZwNotifyChangeKey [0x907CD6E0]
SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys ZwNotifyChangeMultipleKeys [0x907CD800]
SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys ZwOpenProcess [0x907CD010]
SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys ZwOpenThread [0x907CD4D0]
SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys ZwSuspendProcess [0x907CD300]
SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys ZwSuspendThread [0x907CD3E0]
SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys ZwTerminateProcess [0x907CD120]
SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys ZwTerminateThread [0x907CD210]
SSDT \SystemRoot\system32\DRIVERS\avgidsshimx.sys ZwWriteVirtualMemory [0x907CD5E0]
---- Kernel code sections - GMER 2.1 ----
.text ntkrnlpa.exe!KeSetEvent + 3BD 822CAA08 8 Bytes [E0, D6, 7C, 90, 00, D8, 7C, ...] {LOOPNZ 0xffffffd8; JL 0xffffff94; ADD AL, BL; JL 0xffffff98}
.text ntkrnlpa.exe!KeSetEvent + 3F1 822CAA3C 4 Bytes [10, D0, 7C, 90] {ADC AL, DL; JL 0xffffff94}
.text ntkrnlpa.exe!KeSetEvent + 40D 822CAA58 4 Bytes [D0, D4, 7C, 90] {RCL AH, 0x1; JL 0xffffff94}
.text ntkrnlpa.exe!KeSetEvent + 611 822CAC5C 8 Bytes [00, D3, 7C, 90, E0, D3, 7C, ...] {ADD BL, DL; JL 0xffffff94; LOOPNZ 0xffffffd9; JL 0xffffff98}
.text ntkrnlpa.exe!KeSetEvent + 621 822CAC6C 8 Bytes [20, D1, 7C, 90, 10, D2, 7C, ...] {AND CL, DL; JL 0xffffff94; ADC DL, DL; JL 0xffffff98}
.text ...
---- Devices - GMER 2.1 ----
AttachedDevice \Driver\tdx \Device\Tcp avgtdix.sys
AttachedDevice \Driver\tdx \Device\Udp avgtdix.sys
AttachedDevice \Driver\tdx \Device\RawIp avgtdix.sys
---- EOF - GMER 2.1 ----
Ich hoffe ich hab alles richtig gemacht ;-) |
So funktioniert es:
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
SecurityCheck und:
