Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Internetstörung nur bei Malwarebytes und iobit Produkten (https://www.trojaner-board.de/154953-internetstoerung-nur-malwarebytes-iobit-produkten.html)

Nikolaj02 08.06.2014 15:30
Internetstörung nur bei Malwarebytes und iobit Produkten
 
Bei mir funktioniert seit einiger Zeit das Updaten bei Malwarebytes nicht mehr, genauso wie bei Malware Fighter und anderen iobit Produkten.
Das Internet funktioniert ansonsten dennoch einwandfrei.
Ein Freund sagte es wäre seiner Meinung nach eine Infektion, da die Interneteinstellungen offensichtlich geändert wurden.

Ich bin ganz neu hier und habe von PCs nicht wirklich Ahnung,
bitte nennen Sie mir die Schritte die ich zu tun habe bezüglich scan und log files.

Vielen Dank

Nikolaj

schrauber 08.06.2014 15:40
hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


Nikolaj02 08.06.2014 15:53
Sorry, hallo erstmal, Danke für Deine schnelle Antwort.


FRST Text:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-06-2014
Ran by olga müller (administrator) on OLGAMÜLLER-PC on 08-06-2014 16:43:28
Running from C:\Users\olga müller\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
(Sphinx Software) C:\Program Files (x86)\Windows7FirewallControl\Windows7FirewallService.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
() C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.0.1\ToolbarUpdater.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Sphinx Software) C:\Program Files (x86)\Windows7FirewallControl\Windows7FirewallControl.exe
(Microsoft Corp.) C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(IObit) C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe
(IObit) C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SandboxieRpcSs.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SandboxieDcomLaunch.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\32\SbieSvc.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [Windows7FirewallControl] => C:\Program Files (x86)\Windows7FirewallControl\Windows7FirewallControl.exe [802816 2012-04-12] (Sphinx Software)
HKLM-x32\...\Run: [BingDesktop] => C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe [2127896 2012-11-22] (Microsoft Corp.)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1057920 2012-07-31] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [IObit Malware Fighter] => C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe [1592640 2014-02-27] (IObit)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [NoComputersNearMe] 0
HKU\.DEFAULT\...\Run: [Advanced SystemCare 7] => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe [2285344 2013-12-18] (IObit)
HKU\S-1-5-21-4158558861-3850249873-1972377515-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3671872 2012-04-17] (DT Soft Ltd)
HKU\S-1-5-21-4158558861-3850249873-1972377515-1000\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [784392 2014-05-29] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-4158558861-3850249873-1972377515-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6563608 2014-01-18] (SUPERAntiSpyware)
HKU\S-1-5-21-4158558861-3850249873-1972377515-1000\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-4158558861-3850249873-1972377515-1000\...\Policies\Explorer: [NoNetHood] 0
HKU\S-1-5-21-4158558861-3850249873-1972377515-1000\...\Policies\Explorer: [NoComputersNearMe] 0
HKU\S-1-5-21-4158558861-3850249873-1972377515-1000\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-4158558861-3850249873-1972377515-1000\...\MountPoints2: {05baa77b-fa26-11e2-8109-0022192d7826} - F:\AutoRun.exe
HKU\S-1-5-21-4158558861-3850249873-1972377515-1000\...\MountPoints2: {511a24be-8641-11e2-857e-0022192d7826} - F:\AutoRun.exe
HKU\S-1-5-21-4158558861-3850249873-1972377515-1000\...\MountPoints2: {511a24cc-8641-11e2-857e-0022192d7826} - F:\AutoRun.exe
HKU\S-1-5-21-4158558861-3850249873-1972377515-1000\...\MountPoints2: {56bb9e79-965f-11e2-a5ba-0022192d7826} - F:\AutoRun.exe
HKU\S-1-5-21-4158558861-3850249873-1972377515-1000\...\MountPoints2: {65602795-ed58-11e3-9668-001e101f859f} - I:\AutoRun.exe
HKU\S-1-5-21-4158558861-3850249873-1972377515-1000\...\MountPoints2: {656027a4-ed58-11e3-9668-001e101f859f} - F:\AutoRun.exe
HKU\S-1-5-21-4158558861-3850249873-1972377515-1000\...\MountPoints2: {656027b5-ed58-11e3-9668-001e101f859f} - F:\AutoRun.exe
HKU\S-1-5-21-4158558861-3850249873-1972377515-1000\...\MountPoints2: {656027c2-ed58-11e3-9668-001e101f859f} - F:\AutoRun.exe
HKU\S-1-5-21-4158558861-3850249873-1972377515-1000\...\MountPoints2: {656027d3-ed58-11e3-9668-001e101f859f} - F:\AutoRun.exe
HKU\S-1-5-21-4158558861-3850249873-1972377515-1000\...\MountPoints2: {656027e1-ed58-11e3-9668-001e101f859f} - F:\AutoRun.exe
HKU\S-1-5-21-4158558861-3850249873-1972377515-1000\...\MountPoints2: {656027ec-ed58-11e3-9668-001e101f859f} - F:\AutoRun.exe
HKU\S-1-5-21-4158558861-3850249873-1972377515-1000\...\MountPoints2: {8d07f3f9-8a8b-11e2-8488-0022192d7826} - F:\AutoRun.exe
HKU\S-1-5-21-4158558861-3850249873-1972377515-1000\...\MountPoints2: {a6bf979a-97cd-11e2-b276-0022192d7826} - F:\AutoRun.exe

==================== Internet (Whitelisted) ====================

SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://mysearch.avg.com/search?cid={296DBE24-C7EC-4C8D-A920-248414188F4D}&mid=3dc24f59b91d49a9b15acff09fe33f75-fce9ca809ad4cc5f69d3b70b40facf6c25972347&lang=en&ds=ag011&pr=sa&d=2014-06-02 11:32:43&v=14.0.0.12&pid=safeguard&sg=&sap=dsp&q={searchTerms}
BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll (IObit)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} -  No File
BHO-x32: Ads Removal - {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} - C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll (Adblock)
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Advanced SystemCare Browser Protection - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll (IObit)
Toolbar: HKLM-x32 - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\14.0.1\ViProtocol.dll ()
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\olga müller\AppData\Roaming\Mozilla\Firefox\Profiles\1xfda83j.default
FF DefaultSearchEngine: AVG Secure Search
FF SelectedSearchEngine: AVG Secure Search
FF Homepage: hxxp://mysearch.avg.com/?cid={296DBE24-C7EC-4C8D-A920-248414188F4D}&mid=3dc24f59b91d49a9b15acff09fe33f75-fce9ca809ad4cc5f69d3b70b40facf6c25972347&lang=en&ds=ag011&pr=sa&d=&v=&pid=safeguard&sg=&sap=hp
FF Keyword.URL: hxxp://mysearch.avg.com/search?cid={296DBE24-C7EC-4C8D-A920-248414188F4D}&mid=3dc24f59b91d49a9b15acff09fe33f75-fce9ca809ad4cc5f69d3b70b40facf6c25972347&lang=en&ds=ag011&pr=sa&d=2014-06-02 11:32:43&pid=safeguard&sg=&v=14.0.0.12&sap=ku&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\14.0.1\\npsitesafety.dll (AVG Technologies)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF user.js: detected! => C:\Users\olga müller\AppData\Roaming\Mozilla\Firefox\Profiles\1xfda83j.default\user.js
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Advanced SystemCare Surfing Protection - C:\Users\olga müller\AppData\Roaming\Mozilla\Firefox\Profiles\1xfda83j.default\Extensions\ascsurfingprotection@iobit.com [2014-06-07]
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\14.0.0.12
FF Extension: AVG SafeGuard toolbar - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\14.0.0.12 [2014-06-02]

Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (Ads Removal) - C:\Users\olga müller\AppData\Local\Google\Chrome\User Data\Default\Extensions\fopdddcinljmpmioaklghcalngfhbaen [2014-04-02]
CHR HKLM-x32\...\Chrome\Extension: [ndibdjnfmopecpmkdieinmbadjfpblof] - C:\ProgramData\\ChromeExt\\avg.crx [2014-04-02]
CHR HKLM-x32\...\Chrome\Extension: [nfengeggddojhakldhlpjdlddgkkjkdd] - C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASC_GhromePluginFor6.crx [2014-04-02]

==================== Services (Whitelisted) =================

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [140672 2013-03-25] (SUPERAntiSpyware.com)
R2 AdvancedSystemCareService7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [881440 2013-12-09] (IObit)
R2 BingDesktopUpdate; C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [166424 2012-11-22] (Microsoft Corp.)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
R2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [342336 2014-01-24] (IObit)
S2 Internet Manager. RunOuc; C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [671744 2013-02-05] ()
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-12-03] (IObit)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [174088 2014-05-29] (Sandboxie Holdings, LLC)
R2 vToolbarUpdater14.0.1; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.0.1\ToolbarUpdater.exe [945480 2014-06-02] ()
R2 Windows7FirewallService; C:\Program Files (x86)\Windows7FirewallControl\Windows7FirewallService.exe [495616 2012-04-12] (Sphinx Software)

==================== Drivers (Whitelisted) ====================

R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [37720 2014-06-02] (AVG Technologies)
S3 dc21x4vm; C:\Windows\System32\DRIVERS\dc21x4vm.sys [57344 2009-06-10] (Microsoft Corp.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-03-06] (DT Soft Ltd)
R3 FileMonitor; C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [23048 2013-03-23] (IObit)
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [245248 2013-04-10] (Huawei Technologies Co., Ltd.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-06-08] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R3 RegFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [34848 2013-11-19] (IObit.com)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [185352 2014-05-29] (Sandboxie Holdings, LLC)
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [17720 2013-05-22] ()
R3 UrlFilter; C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [23016 2013-11-19] (IObit.com)
S3 WinRing0_1_2_0; C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-11-01] (OpenLibSys.org)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-08 16:43 - 2014-06-08 16:43 - 00016345 _____ () C:\Users\olga müller\Desktop\FRST.txt
2014-06-08 16:43 - 2014-06-08 16:43 - 00000000 ____D () C:\FRST
2014-06-08 16:42 - 2014-06-08 16:42 - 02072576 _____ (Farbar) C:\Users\olga müller\Desktop\FRST64.exe
2014-06-08 16:38 - 2014-06-08 16:38 - 00000764 _____ () C:\Windows\PFRO.log
2014-06-08 16:38 - 2014-06-08 16:38 - 00000056 _____ () C:\Windows\setupact.log
2014-06-08 16:38 - 2014-06-08 16:38 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-08 16:35 - 2014-06-08 16:35 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\olga müller\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-08 16:33 - 2013-03-05 14:49 - 00002697 _____ () C:\Users\olga müller\Desktop\Microsoft Office Word 2007.lnk
2014-06-08 16:17 - 2014-06-08 16:30 - 00000255 _____ () C:\Users\olga müller\Desktop\Trojaner-Board info.txt
2014-06-07 23:23 - 2014-06-07 23:23 - 00003178 _____ () C:\Windows\System32\Tasks\SmartDefrag_Startup
2014-06-07 23:23 - 2014-06-07 23:23 - 00003176 _____ () C:\Windows\System32\Tasks\SmartDefragUpdate
2014-06-07 23:23 - 2013-05-22 18:49 - 00032600 _____ (IObit) C:\Windows\system32\SmartDefragBootTime.exe
2014-06-07 23:18 - 2014-06-07 23:22 - 00000000 ____D () C:\ProgramData\ProductData
2014-06-07 23:18 - 2014-06-07 23:21 - 00002100 _____ () C:\Users\Public\Desktop\Advanced SystemCare 7.lnk
2014-06-07 23:18 - 2014-06-07 23:18 - 00002862 _____ () C:\Windows\System32\Tasks\ASC7_SkipUac_olga müller
2014-06-07 23:18 - 2014-06-07 23:18 - 00001108 _____ () C:\Users\Public\Desktop\IObit Uninstaller.lnk
2014-06-07 23:18 - 2014-06-07 23:18 - 00001065 _____ () C:\Users\Public\Desktop\Smart Defrag 2.lnk
2014-06-07 23:18 - 2014-06-07 23:18 - 00000000 ____D () C:\Users\olga müller\AppData\Roaming\Apple Computer
2014-06-07 23:18 - 2014-06-07 23:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 2
2014-06-07 23:18 - 2014-06-07 23:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 7
2014-06-07 23:18 - 2014-06-07 23:18 - 00000000 ____D () C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-06-07 23:18 - 2013-05-22 18:49 - 00017720 _____ () C:\Windows\system32\Drivers\SmartDefragDriver.sys
2014-06-07 23:17 - 2014-06-08 16:39 - 00000286 _____ () C:\Windows\Tasks\Driver Booster Update.job
2014-06-07 23:17 - 2014-06-07 23:17 - 00003220 _____ () C:\Windows\System32\Tasks\Driver Booster Scan
2014-06-07 23:17 - 2014-06-07 23:17 - 00002582 _____ () C:\Windows\System32\Tasks\Driver Booster Update
2014-06-07 23:17 - 2014-06-07 23:17 - 00001075 _____ () C:\Users\Public\Desktop\Driver Booster.lnk
2014-06-07 23:17 - 2014-06-07 23:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster
2014-06-06 15:48 - 2014-06-06 15:48 - 00001212 _____ () C:\Users\Public\Desktop\Internet Manager.lnk
2014-06-06 15:48 - 2014-06-06 15:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Manager
2014-06-06 15:48 - 2014-06-06 15:48 - 00000000 ____D () C:\ProgramData\Internet Manager
2014-06-06 15:48 - 2013-04-10 10:47 - 00245248 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_juwwanecm.sys
2014-06-06 15:48 - 2013-03-21 03:57 - 00453632 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbwwan.sys
2014-06-06 15:48 - 2013-03-04 10:32 - 00110592 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcacm.sys
2014-06-06 15:48 - 2013-03-04 10:32 - 00091648 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jubusenum.sys
2014-06-06 15:48 - 2013-03-04 10:32 - 00077312 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcecm.sys
2014-06-06 15:48 - 2013-03-04 10:32 - 00030720 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_juextctrl.sys
2014-06-06 15:48 - 2013-03-04 10:21 - 00226048 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbmdm.sys
2014-06-06 15:48 - 2013-01-25 03:16 - 00109568 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwusbdev.sys
2014-06-06 15:48 - 2012-12-22 03:46 - 00014976 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_usbenumfilter.sys
2014-06-06 15:48 - 2010-10-08 10:59 - 00032768 _____ (Huawei Tech. Co., Ltd.) C:\Windows\system32\Drivers\ewdcsc.sys
2014-06-06 15:48 - 2010-09-26 12:09 - 00022016 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwupgrade.sys
2014-06-06 15:48 - 2010-08-06 01:43 - 01001472 _____ (DiBcom SA) C:\Windows\system32\Drivers\mod7700.sys
2014-06-06 13:37 - 2014-06-06 13:37 - 00000000 ____D () C:\Program Files (x86)\T-Mobile
2014-06-06 13:33 - 2014-06-06 13:33 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ew_juextctrl_01007.Wdf
2014-06-06 13:33 - 2014-06-06 13:33 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ew_jucdcacm_01007.Wdf
2014-06-05 18:35 - 2013-03-15 12:14 - 00001312 _____ () C:\Users\olga müller\Desktop\PlantsVsZombies - Verknüpfung.lnk
2014-06-05 18:29 - 2014-06-05 18:29 - 05718872 _____ (Microsoft Corporation) C:\Users\olga müller\Downloads\vcredist_x64.exe
2014-06-05 18:25 - 2014-06-05 18:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
2014-06-05 18:23 - 2014-06-05 18:23 - 02656264 _____ (Sandboxie Holdings, LLC) C:\Users\olga müller\Downloads\SandboxieInstall.exe
2014-06-04 10:43 - 2014-06-04 10:43 - 00000000 __SHD () C:\Users\olga müller\AppData\Local\EmieUserList
2014-06-04 10:43 - 2014-06-04 10:43 - 00000000 __SHD () C:\Users\olga müller\AppData\Local\EmieSiteList
2014-06-02 11:33 - 2014-06-02 11:33 - 00000000 ____D () C:\Users\olga müller\AppData\Local\AVG SafeGuard toolbar
2014-06-02 11:32 - 2014-06-04 10:36 - 00000000 ____D () C:\Program Files (x86)\AVG SafeGuard toolbar
2014-06-02 11:28 - 2014-06-02 11:33 - 00000000 ____D () C:\ProgramData\AVG SafeGuard toolbar
2014-05-28 14:09 - 2014-05-28 14:09 - 00000000 ____D () C:\Users\olga müller\AppData\Local\Apps\2.0
2014-05-27 15:09 - 2014-05-27 15:09 - 00000000 ____D () C:\Users\olga müller\AppData\Local\{46F0117C-693B-4FD6-994F-B7352FC10BAC}
2014-05-19 12:13 - 2014-06-03 00:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-17 18:54 - 2014-06-08 16:42 - 01481662 _____ () C:\Windows\WindowsUpdate.log
2014-05-16 17:12 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-16 17:12 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-16 17:12 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-16 17:12 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-16 17:12 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-16 17:12 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-16 11:23 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-16 11:23 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-16 11:23 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-16 11:23 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-16 11:23 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-16 11:22 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-16 11:22 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-16 11:22 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-16 11:22 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-16 11:22 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-16 11:22 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-16 11:22 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-16 11:22 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-16 11:22 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-16 11:22 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-16 11:22 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-16 11:22 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-16 11:22 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-16 11:22 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-16 11:22 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-16 11:22 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-16 11:22 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-16 11:22 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-16 11:22 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-16 11:22 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-16 11:22 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-16 11:22 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-16 11:22 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-16 11:22 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-16 11:22 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-16 11:22 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-16 11:22 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-16 11:22 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-16 11:22 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-16 11:22 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-16 11:22 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-16 11:22 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-16 11:22 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-16 11:22 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-16 11:22 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-16 11:22 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-16 11:14 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-16 11:14 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll

==================== One Month Modified Files and Folders =======

2014-06-08 16:43 - 2014-06-08 16:43 - 00016345 _____ () C:\Users\olga müller\Desktop\FRST.txt
2014-06-08 16:43 - 2014-06-08 16:43 - 00000000 ____D () C:\FRST
2014-06-08 16:43 - 2013-03-05 17:59 - 00000000 ____D () C:\Users\olga müller\AppData\Local\Temp
2014-06-08 16:43 - 2011-04-12 09:43 - 00696620 _____ () C:\Windows\system32\perfh007.dat
2014-06-08 16:43 - 2011-04-12 09:43 - 00147916 _____ () C:\Windows\system32\perfc007.dat
2014-06-08 16:43 - 2009-07-14 07:13 - 01612484 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-08 16:42 - 2014-06-08 16:42 - 02072576 _____ (Farbar) C:\Users\olga müller\Desktop\FRST64.exe
2014-06-08 16:42 - 2014-05-17 18:54 - 01481662 _____ () C:\Windows\WindowsUpdate.log
2014-06-08 16:39 - 2014-06-07 23:17 - 00000286 _____ () C:\Windows\Tasks\Driver Booster Update.job
2014-06-08 16:39 - 2014-03-31 13:10 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-08 16:39 - 2013-11-17 13:14 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-08 16:38 - 2014-06-08 16:38 - 00000764 _____ () C:\Windows\PFRO.log
2014-06-08 16:38 - 2014-06-08 16:38 - 00000056 _____ () C:\Windows\setupact.log
2014-06-08 16:38 - 2014-06-08 16:38 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-08 16:38 - 2014-03-31 13:09 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-08 16:38 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-08 16:37 - 2013-03-06 13:06 - 00001073 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-06-08 16:35 - 2014-06-08 16:35 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\olga müller\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-08 16:30 - 2014-06-08 16:17 - 00000255 _____ () C:\Users\olga müller\Desktop\Trojaner-Board info.txt
2014-06-08 16:24 - 2013-05-19 16:29 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-08 16:19 - 2013-11-17 13:14 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-08 16:08 - 2009-07-14 06:45 - 00021696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-08 16:08 - 2009-07-14 06:45 - 00021696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-08 16:02 - 2014-01-05 15:02 - 00000911 _____ () C:\Windows\Tasks\EPSON XP-215 217 Series Update {DE4E382B-0006-4483-9119-FABAB407EA92}.job
2014-06-08 16:02 - 2014-01-05 15:02 - 00000725 _____ () C:\Windows\Tasks\EPSON XP-215 217 Series Invitation {DE4E382B-0006-4483-9119-FABAB407EA92}.job
2014-06-08 16:02 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-06-07 23:23 - 2014-06-07 23:23 - 00003178 _____ () C:\Windows\System32\Tasks\SmartDefrag_Startup
2014-06-07 23:23 - 2014-06-07 23:23 - 00003176 _____ () C:\Windows\System32\Tasks\SmartDefragUpdate
2014-06-07 23:22 - 2014-06-07 23:18 - 00000000 ____D () C:\ProgramData\ProductData
2014-06-07 23:21 - 2014-06-07 23:18 - 00002100 _____ () C:\Users\Public\Desktop\Advanced SystemCare 7.lnk
2014-06-07 23:21 - 2013-03-05 17:50 - 00000000 ____D () C:\Windows\Panther
2014-06-07 23:18 - 2014-06-07 23:18 - 00002862 _____ () C:\Windows\System32\Tasks\ASC7_SkipUac_olga müller
2014-06-07 23:18 - 2014-06-07 23:18 - 00001108 _____ () C:\Users\Public\Desktop\IObit Uninstaller.lnk
2014-06-07 23:18 - 2014-06-07 23:18 - 00001065 _____ () C:\Users\Public\Desktop\Smart Defrag 2.lnk
2014-06-07 23:18 - 2014-06-07 23:18 - 00000000 ____D () C:\Users\olga müller\AppData\Roaming\Apple Computer
2014-06-07 23:18 - 2014-06-07 23:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 2
2014-06-07 23:18 - 2014-06-07 23:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 7
2014-06-07 23:18 - 2014-06-07 23:18 - 00000000 ____D () C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-06-07 23:18 - 2014-04-02 18:40 - 00000000 ____D () C:\Users\olga müller\AppData\Roaming\IObit
2014-06-07 23:18 - 2013-03-06 11:29 - 00000000 ____D () C:\ProgramData\IObit
2014-06-07 23:18 - 2013-03-06 11:29 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-06-07 23:17 - 2014-06-07 23:17 - 00003220 _____ () C:\Windows\System32\Tasks\Driver Booster Scan
2014-06-07 23:17 - 2014-06-07 23:17 - 00002582 _____ () C:\Windows\System32\Tasks\Driver Booster Update
2014-06-07 23:17 - 2014-06-07 23:17 - 00001075 _____ () C:\Users\Public\Desktop\Driver Booster.lnk
2014-06-07 23:17 - 2014-06-07 23:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster
2014-06-06 20:56 - 2013-03-06 11:54 - 00000000 ____D () C:\ProgramData\TEMP
2014-06-06 15:48 - 2014-06-06 15:48 - 00001212 _____ () C:\Users\Public\Desktop\Internet Manager.lnk
2014-06-06 15:48 - 2014-06-06 15:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Manager
2014-06-06 15:48 - 2014-06-06 15:48 - 00000000 ____D () C:\ProgramData\Internet Manager
2014-06-06 15:48 - 2013-03-06 12:37 - 00000000 ____D () C:\ProgramData\DatacardService
2014-06-06 15:45 - 2013-03-06 12:37 - 00000000 ____D () C:\Program Files (x86)\Mobile Partner
2014-06-06 13:37 - 2014-06-06 13:37 - 00000000 ____D () C:\Program Files (x86)\T-Mobile
2014-06-06 13:34 - 2013-03-06 11:20 - 00002446 _____ () C:\Windows\Sandboxie.ini
2014-06-06 13:33 - 2014-06-06 13:33 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ew_juextctrl_01007.Wdf
2014-06-06 13:33 - 2014-06-06 13:33 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ew_jucdcacm_01007.Wdf
2014-06-06 12:03 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-06-05 18:43 - 2013-08-31 12:07 - 00000000 ____D () C:\Users\olga müller\Desktop\mbar
2014-06-05 18:29 - 2014-06-05 18:29 - 05718872 _____ (Microsoft Corporation) C:\Users\olga müller\Downloads\vcredist_x64.exe
2014-06-05 18:25 - 2014-06-05 18:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
2014-06-05 18:25 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-06-05 18:23 - 2014-06-05 18:23 - 02656264 _____ (Sandboxie Holdings, LLC) C:\Users\olga müller\Downloads\SandboxieInstall.exe
2014-06-04 10:49 - 2013-03-06 17:17 - 00000000 ____D () C:\Users\olga müller\Documents\WB Games
2014-06-04 10:43 - 2014-06-04 10:43 - 00000000 __SHD () C:\Users\olga müller\AppData\Local\EmieUserList
2014-06-04 10:43 - 2014-06-04 10:43 - 00000000 __SHD () C:\Users\olga müller\AppData\Local\EmieSiteList
2014-06-04 10:36 - 2014-06-02 11:32 - 00000000 ____D () C:\Program Files (x86)\AVG SafeGuard toolbar
2014-06-03 11:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-06-03 00:09 - 2014-05-19 12:13 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-03 00:09 - 2013-03-05 17:59 - 00000000 ____D () C:\Users\olga müller\Tracing
2014-06-02 11:33 - 2014-06-02 11:33 - 00000000 ____D () C:\Users\olga müller\AppData\Local\AVG SafeGuard toolbar
2014-06-02 11:33 - 2014-06-02 11:28 - 00000000 ____D () C:\ProgramData\AVG SafeGuard toolbar
2014-06-02 11:28 - 2013-06-06 16:50 - 00037720 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2014-06-02 11:25 - 2013-05-19 16:29 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-06-02 11:25 - 2013-03-23 17:58 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-02 11:25 - 2013-03-23 17:58 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-02 11:09 - 2013-06-13 13:30 - 00007597 _____ () C:\Users\olga müller\AppData\Local\resmon.resmoncfg
2014-05-28 14:09 - 2014-05-28 14:09 - 00000000 ____D () C:\Users\olga müller\AppData\Local\Apps\2.0
2014-05-27 15:09 - 2014-05-27 15:09 - 00000000 ____D () C:\Users\olga müller\AppData\Local\{46F0117C-693B-4FD6-994F-B7352FC10BAC}
2014-05-20 15:27 - 2013-03-29 17:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-17 12:44 - 2014-04-02 18:42 - 00000000 ____D () C:\AdwCleaner
2014-05-17 10:52 - 2013-06-06 16:50 - 00003242 _____ () C:\Windows\System32\Tasks\SidebarExecute
2014-05-16 17:12 - 2013-03-05 14:47 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-16 17:11 - 2013-08-08 15:23 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-16 17:10 - 2013-03-16 13:03 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-16 14:51 - 2013-03-05 17:59 - 00000000 ___RD () C:\Users\olga müller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-16 14:51 - 2013-03-05 17:59 - 00000000 ___RD () C:\Users\olga müller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-16 14:49 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-05-12 07:26 - 2014-03-31 13:09 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-12 07:26 - 2014-03-31 13:09 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2013-03-06 11:33 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

Some content of TEMP:
====================
C:\Users\olga müller\AppData\Local\Temp\vcredist_x64.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-06-06 11:55

==================== End Of Log

Addition Text:
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-06-2014
Ran by olga müller at 2014-06-08 16:43:58
Running from C:\Users\olga müller\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: IObit Malware Fighter (Enabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

Advanced SystemCare 7 (HKLM-x32\...\Advanced SystemCare 7_is1) (Version: 7.1.0 - IObit)
Bing-Desktop (HKLM-x32\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.1.165.0 - Microsoft Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 4.07 - Piriform)
CCleaner Professional (HKLM-x32\...\{B217B8BC-8543-46DB-B049-89660B8BFADD}_is1) (Version: v3.19.1721 - Pirform)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.4.0315 - DT Soft Ltd)
Driver Booster (HKLM-x32\...\Driver Booster_is1) (Version: 1.1 - IObit)
Epson Event Manager (HKLM-x32\...\{10144CFE-D76C-4CFA-81A1-37A1642349A3}) (Version: 3.01.0013 - Seiko Epson Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON XP-215 217 Series Printer Uninstall (HKLM\...\EPSON XP-215 217 Series) (Version:  - SEIKO EPSON Corporation)
Epson-Handbücher (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.0.0.0 - SEIKO EPSON CORPORATION)
Game Booster 3 (HKLM-x32\...\Game Booster_is1) (Version: 3.4 - IObit)
Google Update Helper (x32 Version: 1.3.21.123 - Google Inc.) Hidden
Internet Manager (HKLM-x32\...\Internet Manager) (Version: 22.001.18.76.55 - Huawei Technologies Co.,Ltd)
IObit Malware Fighter (HKLM-x32\...\IObit Malware Fighter_is1) (Version: 2.3 - IObit)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 3.0.5.1228 - IObit)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Standard 2007 (HKLM-x32\...\STANDARD) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Standard 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mozilla Firefox 29.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
Prototype 2 version 5.1 (HKLM-x32\...\{B810D852-DFD6-PROT2L-89A5-CC4D47756DAF}_is1) (Version: 5.1 - Black_Box)
Sandboxie 4.12 (64-bit) (HKLM\...\Sandboxie) (Version: 4.12 - Sandboxie Holdings, LLC)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Smart Defrag 2 (HKLM-x32\...\Smart Defrag 2_is1) (Version: 2.9 - IObit)
Software Updater (HKLM-x32\...\{7ACB9D1D-5B26-4CE4-964A-1EB22461E6F6}) (Version: 4.1.0 - SEIKO EPSON CORPORATION)
SolSuite 2013 v13.2 (HKLM-x32\...\SolSuite_is1) (Version: 13.2 - TreeCardGames)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.5.1012 - SUPERAntiSpyware.com)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.0 - IObit)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2836939) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2468871) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2533523) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2600217) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Extended (KB2836939) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2836939) (Version: 1 - Microsoft Corporation)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_STANDARD_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_STANDARD_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2880505) 32-Bit Edition (HKLM-x32\...\{90120000-0012-0000-0000-0000000FF1CE}_STANDARD_{2720451F-5D04-43EC-AB1F-26D948FD971B}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_STANDARD_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_STANDARD_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_STANDARD_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_STANDARD_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
WinASO Registry Optimizer 4.8.4 (HKLM-x32\...\WinASO Registry Optimizer_is1) (Version:  - X.M.Y International LLC)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger Companion Core (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows7FirewallControl (i386) 5.0.0.15 (HKLM-x32\...\Windows7FirewallControl_is1) (Version: 5.0.0.15 - Sphinx Software)
Windows-Treiberpaket - Intel (e1kexpress) Net  (05/04/2011 11.12.36.0) (HKLM\...\E5A5361ECA010CDB35C768EE10CF394BB51A6D32) (Version: 05/04/2011 11.12.36.0 - Intel)
Windows-Treiberpaket - Intel (e1kexpress) Net  (06/21/2012 11.16.87.0) (HKLM\...\9836466740AA622C4845F2598B1E2AD3347CBBBA) (Version: 06/21/2012 11.16.87.0 - Intel)
Windows-Treiberpaket - Intel (e1kexpress) Net  (07/20/2011 11.13.51.0) (HKLM\...\3F286BCBB02A7869CBA0EF9055943CE6FFC4D758) (Version: 07/20/2011 11.13.51.0 - Intel)
Windows-Treiberpaket - Intel Corporation System  (11/02/2006 1.0.0.0) (HKLM\...\7EF15288F9412D6840C9DF241336FA0C0B5E6BA7) (Version: 11/02/2006 1.0.0.0 - Intel Corporation)
Windows-Treiberpaket - Intel Corporation System  (11/02/2006 1.0.0.0) (HKLM\...\FC58E7279FB9644773C1774241C12935933F864C) (Version: 11/02/2006 1.0.0.0 - Intel Corporation)
Windows-Treiberpaket - Intel hdc  (06/08/2010 7.0.0.1013) (HKLM\...\FF1953CFE4B2D49E4631CEBB994B797CD6869771) (Version: 06/08/2010 7.0.0.1013 - Intel)
Windows-Treiberpaket - Intel System  (01/21/2009 9.1.0.1013) (HKLM\...\7A975CADB61C6AB8385AC0A2A178C7C56BD45CF4) (Version: 01/21/2009 9.1.0.1013 - Intel)
Windows-Treiberpaket - Intel System  (02/02/2009 9.1.0.1012) (HKLM\...\627E7231B440E6A66BBC4ABC9BB04D45A89D63EE) (Version: 02/02/2009 9.1.0.1012 - Intel)
Windows-Treiberpaket - Intel System  (06/08/2010 1.0.0.0002) (HKLM\...\9211BB4F3B42621F5ACA608E4FD9736D7D66A7E3) (Version: 06/08/2010 1.0.0.0002 - Intel)
Windows-Treiberpaket - Intel USB  (02/25/2008 9.0.0.1005) (HKLM\...\F07FDF9D6C619BD893206A7241CDD497066D31F9) (Version: 02/25/2008 9.0.0.1005 - Intel)
WinRAR 4.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)
Your Uninstaller! 7 (HKLM-x32\...\YU2010_is1) (Version: 7.4.2012.5 - URSoft, Inc.)

==================== Restore Points  =========================


==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {2D795B73-4438-4CA3-BAED-3A95BBA69435} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-17] (Google Inc.)
Task: {37E1E69D-3E4D-4B27-B2DC-093C06CC344D} - System32\Tasks\EPSON XP-215 217 Series Update {DE4E382B-0006-4483-9119-FABAB407EA92} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE [2013-02-27] (SEIKO EPSON CORPORATION)
Task: {46AACF95-5023-4640-A0C0-32B1196CF41B} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2013-11-08] (IObit)
Task: {47DDF4CA-63E2-4E5F-964E-8A45B967773E} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe [2012-04-23] (IObit)
Task: {5E0B88B0-801A-4DBF-8E46-9E49A905C45B} - System32\Tasks\EPSON XP-215 217 Series Invitation {DE4E382B-0006-4483-9119-FABAB407EA92} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE [2013-02-27] (SEIKO EPSON CORPORATION)
Task: {6118EDCD-250D-402E-B6EC-2C3B030263EC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-02] (Adobe Systems Incorporated)
Task: {721E3422-F114-4503-8396-21FD81B350C0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-10-22] (Piriform Ltd)
Task: {7730CAF2-2D37-4F7C-8F52-9AF4D0E0FDE8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-11-17] (Google Inc.)
Task: {84CA1E7F-D205-4782-A686-71465E51A29B} - System32\Tasks\SmartDefrag_Startup => C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe [2013-09-13] (IObit)
Task: {A0A8BE0C-5DAD-4C29-B52C-850106209075} - System32\Tasks\ASC7_SkipUac_olga müller => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe [2013-12-16] (IObit)
Task: {AB8FF71E-2B02-4A2E-A7D0-DC5F5607E264} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2013-11-04] (IObit)
Task: {B79B9519-E0C4-49B3-8347-8A722A3A9806} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-21] (Microsoft Corporation)
Task: {D6CC0B96-DB44-42D7-8DBE-565A520131F8} - System32\Tasks\{DFBB6E8E-F984-45D7-863D-8C533BD48D26} => Iexplore.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=6.2.0.106&amp;LastError=12029
Task: {DC9AE038-6F9B-41AE-A790-7D82DDD3351F} - System32\Tasks\SmartDefragUpdate => C:\Program Files (x86)\IObit\Smart Defrag 2\AutoUpdate.exe [2013-05-22] (IObit)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Driver Booster Update.job => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
Task: C:\Windows\Tasks\EPSON XP-215 217 Series Invitation {DE4E382B-0006-4483-9119-FABAB407EA92}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE
Task: C:\Windows\Tasks\EPSON XP-215 217 Series Update {DE4E382B-0006-4483-9119-FABAB407EA92}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLGE.EXE
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2011-03-14 17:27 - 2011-03-14 17:27 - 00346976 _____ () C:\ProgramData\DatacardService\HWDeviceService64.exe
2014-06-06 15:48 - 2013-02-05 09:24 - 00671744 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
2014-06-02 11:32 - 2014-06-02 11:28 - 00945480 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.0.1\ToolbarUpdater.exe
2013-06-06 16:50 - 2013-01-12 20:33 - 00012520 _____ () C:\Users\olga müller\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.6.gadget\CoreTempReader.dll
2013-06-06 16:50 - 2013-01-12 20:33 - 00015080 _____ () C:\Users\olga müller\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.6.gadget\GetCoreTempInfoNET.dll
2013-06-06 16:50 - 2013-01-12 20:33 - 00014056 _____ () C:\Users\olga müller\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.6.gadget\SystemInfo.dll
2014-06-07 23:17 - 2013-10-25 12:08 - 00517408 _____ () C:\Program Files (x86)\IObit\Advanced SystemCare 7\sqlite3.dll
2014-06-06 15:48 - 2009-01-10 12:32 - 00011362 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\mingwm10.dll
2014-06-06 15:48 - 2009-06-22 20:42 - 00043008 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\libgcc_s_dw2-1.dll
2014-06-06 15:48 - 2012-10-31 11:11 - 02417152 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtCore4.dll
2014-06-06 15:48 - 2012-10-31 11:14 - 01148416 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtNetwork4.dll
2014-04-02 18:40 - 2013-01-15 18:48 - 00348992 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madExcept_.bpl
2014-04-02 18:40 - 2013-01-15 18:48 - 00183616 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madBasic_.bpl
2014-04-02 18:40 - 2013-01-15 18:48 - 00051008 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\madDisAsm_.bpl
2014-04-02 18:40 - 2013-12-12 18:46 - 08001344 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\WebUI.dll
2014-04-02 18:40 - 2013-05-16 19:26 - 00182080 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\unrar.dll
2014-04-02 18:40 - 2013-10-16 22:17 - 00185168 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\libcurl-4.dll
2014-04-02 18:40 - 2013-05-16 19:26 - 00145216 _____ () C:\Program Files (x86)\IObit\IObit Malware Fighter\zlibwapi.dll
2014-06-07 23:18 - 2013-09-11 19:06 - 00048960 _____ () C:\Program Files (x86)\IObit\Smart Defrag 2\NtfsData.dll
2014-05-19 12:13 - 2014-05-19 12:13 - 03839088 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"

==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/08/2014 04:40:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/08/2014 04:02:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/07/2014 11:11:12 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/07/2014 02:29:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/07/2014 11:39:00 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/06/2014 08:51:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/06/2014 08:18:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/06/2014 05:34:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/06/2014 05:11:25 PM) (Source: IMFservice) (EventID: 0) (User: )
Description: Das Handle ist ungültig

Error: (06/06/2014 05:11:25 PM) (Source: IMFservice) (EventID: 0) (User: )
Description: Das Handle ist ungültig


System errors:
=============
Error: (06/08/2014 04:40:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "LiveUpdate" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/08/2014 04:38:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Internet Manager. OUC" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (06/08/2014 04:38:52 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Internet Manager. OUC erreicht.

Error: (06/08/2014 04:38:36 PM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active

Error: (06/08/2014 04:38:36 PM) (Source: atikmdag) (EventID: 19468) (User: )
Description: CPLIB :: General - Invalid Parameter

Error: (06/08/2014 04:02:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "LiveUpdate" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (06/08/2014 04:01:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Internet Manager. OUC" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (06/08/2014 04:01:11 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Internet Manager. OUC erreicht.

Error: (06/08/2014 04:00:51 PM) (Source: atikmdag) (EventID: 10261) (User: )
Description: Display is not active

Error: (06/08/2014 04:00:51 PM) (Source: atikmdag) (EventID: 19468) (User: )
Description: CPLIB :: General - Invalid Parameter


Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Percentage of memory in use: 28%
Total physical RAM: 8061.61 MB
Available physical RAM: 5776.27 MB
Total Pagefile: 16121.4 MB
Available Pagefile: 13670.79 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:39.06 GB) (Free:1.59 GB) NTFS
Drive d: (Data) (Fixed) (Total:420.58 GB) (Free:403.21 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 44B19B84)
Partition 1: (Active) - (Size=6 GB) - (Type=27)
Partition 2: (Not Active) - (Size=39 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=421 GB) - (Type=07 NTFS)

==================== End Of Log

schrauber 09.06.2014 07:04
Zitat:
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: IObit Malware Fighter (Enabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
Viel zu viel Schutzsoftware. Alles deinstallieren bis auf eines.

Und FInger weg von allen Produkten der Firma IOBIT!!

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

Nikolaj02 09.06.2014 13:04
ADWCleaner log:
Code:
# AdwCleaner v3.212 - Bericht erstellt am 09/06/2014 um 13:42:32
# Aktualisiert 05/06/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : olga müller - OLGAMÜLLER-PC
# Gestartet von : C:\Users\olga müller\Desktop\adwcleaner_3.212.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\AVG SafeGuard toolbar
Ordner Gelöscht : C:\Program Files (x86)\AVG SafeGuard toolbar
Ordner Gelöscht : C:\Program Files (x86)\Common Files\AVG Secure Search
Ordner Gelöscht : C:\Users\olga müller\AppData\Local\AVG SafeGuard toolbar
Ordner Gelöscht : C:\Users\OLGAML~1\AppData\Local\Temp\OCS
Ordner Gelöscht : C:\Users\olga müller\AppData\LocalLow\AVG SafeGuard toolbar
Datei Gelöscht : C:\Users\olga müller\AppData\Roaming\Mozilla\Firefox\Profiles\1xfda83j.default\user.js

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Schlüssel Gelöscht : HKCU\Software\AVG SafeGuard toolbar
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKLM\Software\AVG SafeGuard toolbar
Schlüssel Gelöscht : HKLM\Software\AVG Secure Search
Schlüssel Gelöscht : HKLM\Software\AVG Security Toolbar

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17041


-\\ Mozilla Firefox v29.0.1 (de)

[ Datei : C:\Users\olga müller\AppData\Roaming\Mozilla\Firefox\Profiles\1xfda83j.default\prefs.js ]

Zeile gelöscht : user_pref("browser.search.defaultenginename", "AVG Secure Search");
Zeile gelöscht : user_pref("browser.search.selectedEngine", "AVG Secure Search");

-\\ Google Chrome v

*************************

AdwCleaner[R0].txt - [6381 octets] - [02/04/2014 18:42:28]
AdwCleaner[R1].txt - [952 octets] - [03/04/2014 18:03:34]
AdwCleaner[R2].txt - [1071 octets] - [03/04/2014 18:43:10]
AdwCleaner[R3].txt - [1192 octets] - [07/04/2014 11:10:46]
AdwCleaner[R4].txt - [1312 octets] - [07/04/2014 11:27:07]
AdwCleaner[R5].txt - [6579 octets] - [08/05/2014 11:18:24]
AdwCleaner[R6].txt - [1551 octets] - [17/05/2014 11:26:40]
AdwCleaner[R7].txt - [1671 octets] - [17/05/2014 12:42:48]
AdwCleaner[R8].txt - [6329 octets] - [09/06/2014 13:40:11]
AdwCleaner[S0].txt - [6266 octets] - [02/04/2014 18:43:57]
AdwCleaner[S1].txt - [1012 octets] - [03/04/2014 18:28:13]
AdwCleaner[S2].txt - [1133 octets] - [03/04/2014 18:43:51]
AdwCleaner[S3].txt - [1254 octets] - [07/04/2014 11:12:03]
AdwCleaner[S4].txt - [1374 octets] - [07/04/2014 11:27:38]
AdwCleaner[S5].txt - [6464 octets] - [08/05/2014 11:19:42]
AdwCleaner[S6].txt - [1612 octets] - [17/05/2014 11:27:58]
AdwCleaner[S7].txt - [1732 octets] - [17/05/2014 12:44:00]
AdwCleaner[S8].txt - [6002 octets] - [09/06/2014 13:42:32]

########## EOF - C:\AdwCleaner\AdwCleaner[S8].txt - [6062 octets] ##########

JRT log:
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Professional x64
Ran by olga mller on 09.06.2014 at 13:48:36,66
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\olga mller\appdata\local\{293F8BD8-8333-45CC-99EC-C7C995852711}
Successfully deleted: [Empty Folder] C:\Users\olga mller\appdata\local\{29543A8E-F588-4E9F-BA70-31839F7042CC}
Successfully deleted: [Empty Folder] C:\Users\olga mller\appdata\local\{46F0117C-693B-4FD6-994F-B7352FC10BAC}
Successfully deleted: [Empty Folder] C:\Users\olga mller\appdata\local\{47FF5744-3620-4CF5-BA1E-C6CE28B4DD24}
Successfully deleted: [Empty Folder] C:\Users\olga mller\appdata\local\{4F1B405C-C678-4E6C-B226-6DD7940E0428}
Successfully deleted: [Empty Folder] C:\Users\olga mller\appdata\local\{609F03B0-EA99-4F44-AE5B-45FC28CC3681}
Successfully deleted: [Empty Folder] C:\Users\olga mller\appdata\local\{66A740DE-4AF8-4C14-BA5A-B53F848E5433}
Successfully deleted: [Empty Folder] C:\Users\olga mller\appdata\local\{6A3AC4BB-14F5-4792-AC08-5364B5FAEB5B}
Successfully deleted: [Empty Folder] C:\Users\olga mller\appdata\local\{727C6942-1037-4EE9-802B-F8B06CCF36D2}
Successfully deleted: [Empty Folder] C:\Users\olga mller\appdata\local\{77D80A3C-C902-4D3D-82DA-F0560EC71A4D}
Successfully deleted: [Empty Folder] C:\Users\olga mller\appdata\local\{87094220-36D5-489A-A4F2-A892525F862A}
Successfully deleted: [Empty Folder] C:\Users\olga mller\appdata\local\{88521F78-D735-495A-8088-308C54D1005C}
Successfully deleted: [Empty Folder] C:\Users\olga mller\appdata\local\{BBA53F06-757E-4BC2-8E6E-BD5793B1150C}
Successfully deleted: [Empty Folder] C:\Users\olga mller\appdata\local\{D372691E-2F4C-4C77-B547-B4A571191267}



~~~ FireFox

Successfully deleted the following from C:\Users\olga mller\AppData\Roaming\mozilla\firefox\profiles\1xfda83j.default\prefs.js

user_pref("browser.startup.homepage", "hxxp://mysearch.avg.com/?cid={296DBE24-C7EC-4C8D-A920-248414188F4D}&mid=3dc24f59b91d49a9b15acff09fe33f75-fce9ca809ad4cc5f69d3b70b40facf6
user_pref("keyword.URL", "hxxp://mysearch.avg.com/search?cid={296DBE24-C7EC-4C8D-A920-248414188F4D}&mid=3dc24f59b91d49a9b15acff09fe33f75-fce9ca809ad4cc5f69d3b70b40facf6c259723
Emptied folder: C:\Users\olga mller\AppData\Roaming\mozilla\firefox\profiles\1xfda83j.default\minidumps [7 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 09.06.2014 at 13:53:42,72
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST log:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-06-2014
Ran by olga müller (administrator) on OLGAMÜLLER-PC on 09-06-2014 13:55:09
Running from C:\Users\olga müller\Desktop
Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Sphinx Software) C:\Program Files (x86)\Windows7FirewallControl\Windows7FirewallService.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
() C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Sphinx Software) C:\Program Files (x86)\Windows7FirewallControl\Windows7FirewallControl.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM-x32\...\Run: [Windows7FirewallControl] => C:\Program Files (x86)\Windows7FirewallControl\Windows7FirewallControl.exe [802816 2012-04-12] (Sphinx Software)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1057920 2012-07-31] (SEIKO EPSON CORPORATION)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [NoComputersNearMe] 0
HKU\.DEFAULT\...\Run: [Advanced SystemCare 7] => "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
HKU\S-1-5-21-4158558861-3850249873-1972377515-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3671872 2012-04-17] (DT Soft Ltd)
HKU\S-1-5-21-4158558861-3850249873-1972377515-1000\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [784392 2014-05-29] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-4158558861-3850249873-1972377515-1000\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-4158558861-3850249873-1972377515-1000\...\Policies\Explorer: [NoNetHood] 0
HKU\S-1-5-21-4158558861-3850249873-1972377515-1000\...\Policies\Explorer: [NoComputersNearMe] 0
HKU\S-1-5-21-4158558861-3850249873-1972377515-1000\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-4158558861-3850249873-1972377515-1000\...\MountPoints2: {05baa77b-fa26-11e2-8109-0022192d7826} - F:\AutoRun.exe
HKU\S-1-5-21-4158558861-3850249873-1972377515-1000\...\MountPoints2: {511a24be-8641-11e2-857e-0022192d7826} - F:\AutoRun.exe
HKU\S-1-5-21-4158558861-3850249873-1972377515-1000\...\MountPoints2: {511a24cc-8641-11e2-857e-0022192d7826} - F:\AutoRun.exe
HKU\S-1-5-21-4158558861-3850249873-1972377515-1000\...\MountPoints2: {56bb9e79-965f-11e2-a5ba-0022192d7826} - F:\AutoRun.exe
HKU\S-1-5-21-4158558861-3850249873-1972377515-1000\...\MountPoints2: {65602795-ed58-11e3-9668-001e101f859f} - I:\AutoRun.exe
HKU\S-1-5-21-4158558861-3850249873-1972377515-1000\...\MountPoints2: {656027a4-ed58-11e3-9668-001e101f859f} - F:\AutoRun.exe
HKU\S-1-5-21-4158558861-3850249873-1972377515-1000\...\MountPoints2: {656027b5-ed58-11e3-9668-001e101f859f} - F:\AutoRun.exe
HKU\S-1-5-21-4158558861-3850249873-1972377515-1000\...\MountPoints2: {656027c2-ed58-11e3-9668-001e101f859f} - F:\AutoRun.exe
HKU\S-1-5-21-4158558861-3850249873-1972377515-1000\...\MountPoints2: {656027d3-ed58-11e3-9668-001e101f859f} - F:\AutoRun.exe
HKU\S-1-5-21-4158558861-3850249873-1972377515-1000\...\MountPoints2: {656027e1-ed58-11e3-9668-001e101f859f} - F:\AutoRun.exe
HKU\S-1-5-21-4158558861-3850249873-1972377515-1000\...\MountPoints2: {656027ec-ed58-11e3-9668-001e101f859f} - F:\AutoRun.exe
HKU\S-1-5-21-4158558861-3850249873-1972377515-1000\...\MountPoints2: {8d07f3f9-8a8b-11e2-8488-0022192d7826} - F:\AutoRun.exe
HKU\S-1-5-21-4158558861-3850249873-1972377515-1000\...\MountPoints2: {a6bf979a-97cd-11e2-b276-0022192d7826} - F:\AutoRun.exe

==================== Internet (Whitelisted) ====================

BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Ads Removal - {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} - C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll No File
BHO-x32: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\olga müller\AppData\Roaming\Mozilla\Firefox\Profiles\1xfda83j.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml

Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (Ads Removal) - C:\Users\olga müller\AppData\Local\Google\Chrome\User Data\Default\Extensions\fopdddcinljmpmioaklghcalngfhbaen [2014-04-02]

==================== Services (Whitelisted) =================

R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
S2 Internet Manager. RunOuc; C:\Program Files (x86)\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [671744 2013-02-05] ()
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-12-03] (IObit)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [174088 2014-05-29] (Sandboxie Holdings, LLC)
R2 Windows7FirewallService; C:\Program Files (x86)\Windows7FirewallControl\Windows7FirewallService.exe [495616 2012-04-12] (Sphinx Software)
S2 IMFservice; C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe [X]
S2 vToolbarUpdater14.0.1; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\14.0.1\ToolbarUpdater.exe [X]

==================== Drivers (Whitelisted) ====================

R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [37720 2014-06-02] (AVG Technologies)
S3 dc21x4vm; C:\Windows\System32\DRIVERS\dc21x4vm.sys [57344 2009-06-10] (Microsoft Corp.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-03-06] (DT Soft Ltd)
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [245248 2013-04-10] (Huawei Technologies Co., Ltd.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-06-09] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [185352 2014-05-29] (Sandboxie Holdings, LLC)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S3 WinRing0_1_2_0; C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-11-01] (OpenLibSys.org)
S4 FileMonitor; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [X]
S3 RegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [X]
S3 UrlFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-09 13:55 - 2014-06-09 13:55 - 00011846 _____ () C:\Users\olga müller\Desktop\FRST.txt
2014-06-09 13:53 - 2014-06-09 13:53 - 00002823 _____ () C:\Users\olga müller\Desktop\JRT.txt
2014-06-09 13:48 - 2014-06-09 13:48 - 00000000 ____D () C:\Windows\ERUNT
2014-06-09 13:46 - 2014-06-09 13:46 - 01016261 _____ (Thisisu) C:\Users\olga müller\Desktop\JRT.exe
2014-06-09 13:44 - 2014-06-09 13:44 - 00006158 _____ () C:\Users\olga müller\Desktop\AdwCleaner[S8].txt
2014-06-09 13:38 - 2014-06-09 13:38 - 01333465 _____ () C:\Users\olga müller\Desktop\adwcleaner_3.212.exe
2014-06-09 13:27 - 2014-06-09 13:27 - 00000000 ____D () C:\Users\olga müller\AppData\Roaming\EurekaLog
2014-06-09 13:26 - 2014-06-09 13:26 - 00000000 ____D () C:\Users\olga müller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2014-06-09 13:26 - 2014-06-09 13:26 - 00000000 ____D () C:\Program Files\Unlocker
2014-06-09 13:25 - 2014-06-09 13:25 - 01078591 _____ () C:\Users\olga müller\Downloads\Unlocker1.9.2.exe
2014-06-09 13:11 - 2014-06-09 13:11 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled
2014-06-08 16:43 - 2014-06-09 13:55 - 00000000 ____D () C:\FRST
2014-06-08 16:42 - 2014-06-08 16:42 - 02072576 _____ (Farbar) C:\Users\olga müller\Desktop\FRST64.exe
2014-06-08 16:38 - 2014-06-09 13:43 - 00001766 _____ () C:\Windows\PFRO.log
2014-06-08 16:38 - 2014-06-09 13:43 - 00000336 _____ () C:\Windows\setupact.log
2014-06-08 16:38 - 2014-06-08 16:38 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-08 16:35 - 2014-06-08 16:35 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\olga müller\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-08 16:33 - 2013-03-05 14:49 - 00002697 _____ () C:\Users\olga müller\Desktop\Microsoft Office Word 2007.lnk
2014-06-08 16:17 - 2014-06-08 16:30 - 00000255 _____ () C:\Users\olga müller\Desktop\Trojaner-Board info.txt
2014-06-07 23:18 - 2014-06-07 23:22 - 00000000 ____D () C:\ProgramData\ProductData
2014-06-07 23:18 - 2014-06-07 23:18 - 00000000 ____D () C:\Users\olga müller\AppData\Roaming\Apple Computer
2014-06-07 23:18 - 2014-06-07 23:18 - 00000000 ____D () C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-06-06 15:48 - 2014-06-06 15:48 - 00001212 _____ () C:\Users\Public\Desktop\Internet Manager.lnk
2014-06-06 15:48 - 2014-06-06 15:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Manager
2014-06-06 15:48 - 2014-06-06 15:48 - 00000000 ____D () C:\ProgramData\Internet Manager
2014-06-06 15:48 - 2013-04-10 10:47 - 00245248 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_juwwanecm.sys
2014-06-06 15:48 - 2013-03-21 03:57 - 00453632 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbwwan.sys
2014-06-06 15:48 - 2013-03-04 10:32 - 00110592 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcacm.sys
2014-06-06 15:48 - 2013-03-04 10:32 - 00091648 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jubusenum.sys
2014-06-06 15:48 - 2013-03-04 10:32 - 00077312 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_jucdcecm.sys
2014-06-06 15:48 - 2013-03-04 10:32 - 00030720 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_juextctrl.sys
2014-06-06 15:48 - 2013-03-04 10:21 - 00226048 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ewusbmdm.sys
2014-06-06 15:48 - 2013-01-25 03:16 - 00109568 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwusbdev.sys
2014-06-06 15:48 - 2012-12-22 03:46 - 00014976 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_usbenumfilter.sys
2014-06-06 15:48 - 2010-10-08 10:59 - 00032768 _____ (Huawei Tech. Co., Ltd.) C:\Windows\system32\Drivers\ewdcsc.sys
2014-06-06 15:48 - 2010-09-26 12:09 - 00022016 _____ (Huawei Technologies Co., Ltd.) C:\Windows\system32\Drivers\ew_hwupgrade.sys
2014-06-06 15:48 - 2010-08-06 01:43 - 01001472 _____ (DiBcom SA) C:\Windows\system32\Drivers\mod7700.sys
2014-06-06 13:37 - 2014-06-06 13:37 - 00000000 ____D () C:\Program Files (x86)\T-Mobile
2014-06-06 13:33 - 2014-06-06 13:33 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ew_juextctrl_01007.Wdf
2014-06-06 13:33 - 2014-06-06 13:33 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ew_jucdcacm_01007.Wdf
2014-06-05 18:35 - 2013-03-15 12:14 - 00001312 _____ () C:\Users\olga müller\Desktop\PlantsVsZombies - Verknüpfung.lnk
2014-06-05 18:29 - 2014-06-05 18:29 - 05718872 _____ (Microsoft Corporation) C:\Users\olga müller\Downloads\vcredist_x64.exe
2014-06-05 18:25 - 2014-06-05 18:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
2014-06-05 18:23 - 2014-06-05 18:23 - 02656264 _____ (Sandboxie Holdings, LLC) C:\Users\olga müller\Downloads\SandboxieInstall.exe
2014-06-04 10:43 - 2014-06-04 10:43 - 00000000 __SHD () C:\Users\olga müller\AppData\Local\EmieUserList
2014-06-04 10:43 - 2014-06-04 10:43 - 00000000 __SHD () C:\Users\olga müller\AppData\Local\EmieSiteList
2014-05-28 14:09 - 2014-05-28 14:09 - 00000000 ____D () C:\Users\olga müller\AppData\Local\Apps\2.0
2014-05-19 12:13 - 2014-06-03 00:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-17 18:54 - 2014-06-09 13:47 - 01604514 _____ () C:\Windows\WindowsUpdate.log
2014-05-16 17:12 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-16 17:12 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-16 17:12 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-16 17:12 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-16 17:12 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-16 17:12 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-16 11:23 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-16 11:23 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-16 11:23 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-16 11:23 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-16 11:23 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-16 11:22 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-16 11:22 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-16 11:22 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-16 11:22 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-16 11:22 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-16 11:22 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-16 11:22 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-16 11:22 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-16 11:22 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-16 11:22 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-16 11:22 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-16 11:22 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-16 11:22 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-16 11:22 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-16 11:22 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-16 11:22 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-16 11:22 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-16 11:22 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-16 11:22 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-16 11:22 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-16 11:22 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-16 11:22 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-16 11:22 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-16 11:22 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-16 11:22 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-16 11:22 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-16 11:22 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-16 11:22 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-16 11:22 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-16 11:22 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-16 11:22 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-16 11:22 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-16 11:22 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-16 11:22 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-16 11:22 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-16 11:22 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-16 11:14 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-16 11:14 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll

==================== One Month Modified Files and Folders =======

2014-06-09 13:55 - 2014-06-09 13:55 - 00011846 _____ () C:\Users\olga müller\Desktop\FRST.txt
2014-06-09 13:55 - 2014-06-08 16:43 - 00000000 ____D () C:\FRST
2014-06-09 13:55 - 2013-03-05 17:59 - 00000000 ____D () C:\Users\olga müller\AppData\Local\Temp
2014-06-09 13:53 - 2014-06-09 13:53 - 00002823 _____ () C:\Users\olga müller\Desktop\JRT.txt
2014-06-09 13:50 - 2009-07-14 06:45 - 00021696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-09 13:50 - 2009-07-14 06:45 - 00021696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-09 13:48 - 2014-06-09 13:48 - 00000000 ____D () C:\Windows\ERUNT
2014-06-09 13:48 - 2011-04-12 09:43 - 00696620 _____ () C:\Windows\system32\perfh007.dat
2014-06-09 13:48 - 2011-04-12 09:43 - 00147916 _____ () C:\Windows\system32\perfc007.dat
2014-06-09 13:48 - 2009-07-14 07:13 - 01612484 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-09 13:47 - 2014-05-17 18:54 - 01604514 _____ () C:\Windows\WindowsUpdate.log
2014-06-09 13:46 - 2014-06-09 13:46 - 01016261 _____ (Thisisu) C:\Users\olga müller\Desktop\JRT.exe
2014-06-09 13:44 - 2014-06-09 13:44 - 00006158 _____ () C:\Users\olga müller\Desktop\AdwCleaner[S8].txt
2014-06-09 13:43 - 2014-06-08 16:38 - 00001766 _____ () C:\Windows\PFRO.log
2014-06-09 13:43 - 2014-06-08 16:38 - 00000336 _____ () C:\Windows\setupact.log
2014-06-09 13:43 - 2014-03-31 13:10 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-09 13:43 - 2013-11-17 13:14 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-09 13:43 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-09 13:42 - 2014-04-02 18:42 - 00000000 ____D () C:\AdwCleaner
2014-06-09 13:38 - 2014-06-09 13:38 - 01333465 _____ () C:\Users\olga müller\Desktop\adwcleaner_3.212.exe
2014-06-09 13:34 - 2013-03-06 11:54 - 00000000 ____D () C:\ProgramData\TEMP
2014-06-09 13:34 - 2013-03-06 11:29 - 00000000 ____D () C:\Program Files (x86)\IObit
2014-06-09 13:27 - 2014-06-09 13:27 - 00000000 ____D () C:\Users\olga müller\AppData\Roaming\EurekaLog
2014-06-09 13:27 - 2013-03-06 11:54 - 00000000 ____D () C:\Program Files (x86)\Your Uninstaller! 7
2014-06-09 13:26 - 2014-06-09 13:26 - 00000000 ____D () C:\Users\olga müller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2014-06-09 13:26 - 2014-06-09 13:26 - 00000000 ____D () C:\Program Files\Unlocker
2014-06-09 13:25 - 2014-06-09 13:25 - 01078591 _____ () C:\Users\olga müller\Downloads\Unlocker1.9.2.exe
2014-06-09 13:24 - 2013-05-19 16:29 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-09 13:19 - 2013-11-17 13:14 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-09 13:18 - 2013-03-06 11:35 - 00000000 ____D () C:\Program Files (x86)\CCleaner Professional
2014-06-09 13:16 - 2013-03-06 11:30 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-06-09 13:11 - 2014-06-09 13:11 - 00000000 ____D () C:\Windows\Tasks\ImCleanDisabled
2014-06-09 13:02 - 2014-01-05 15:02 - 00000911 _____ () C:\Windows\Tasks\EPSON XP-215 217 Series Update {DE4E382B-0006-4483-9119-FABAB407EA92}.job
2014-06-09 13:02 - 2014-01-05 15:02 - 00000725 _____ () C:\Windows\Tasks\EPSON XP-215 217 Series Invitation {DE4E382B-0006-4483-9119-FABAB407EA92}.job
2014-06-09 13:02 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-06-08 16:42 - 2014-06-08 16:42 - 02072576 _____ (Farbar) C:\Users\olga müller\Desktop\FRST64.exe
2014-06-08 16:38 - 2014-06-08 16:38 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-08 16:38 - 2014-03-31 13:09 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-08 16:37 - 2013-03-06 13:06 - 00001073 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-06-08 16:35 - 2014-06-08 16:35 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\olga müller\Downloads\mbam-setup-2.0.2.1012.exe
2014-06-08 16:30 - 2014-06-08 16:17 - 00000255 _____ () C:\Users\olga müller\Desktop\Trojaner-Board info.txt
2014-06-07 23:22 - 2014-06-07 23:18 - 00000000 ____D () C:\ProgramData\ProductData
2014-06-07 23:21 - 2013-03-05 17:50 - 00000000 ____D () C:\Windows\Panther
2014-06-07 23:18 - 2014-06-07 23:18 - 00000000 ____D () C:\Users\olga müller\AppData\Roaming\Apple Computer
2014-06-07 23:18 - 2014-06-07 23:18 - 00000000 ____D () C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2014-06-07 23:18 - 2014-04-02 18:40 - 00000000 ____D () C:\Users\olga müller\AppData\Roaming\IObit
2014-06-07 23:18 - 2013-03-06 11:29 - 00000000 ____D () C:\ProgramData\IObit
2014-06-06 15:48 - 2014-06-06 15:48 - 00001212 _____ () C:\Users\Public\Desktop\Internet Manager.lnk
2014-06-06 15:48 - 2014-06-06 15:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Internet Manager
2014-06-06 15:48 - 2014-06-06 15:48 - 00000000 ____D () C:\ProgramData\Internet Manager
2014-06-06 15:48 - 2013-03-06 12:37 - 00000000 ____D () C:\ProgramData\DatacardService
2014-06-06 15:45 - 2013-03-06 12:37 - 00000000 ____D () C:\Program Files (x86)\Mobile Partner
2014-06-06 13:37 - 2014-06-06 13:37 - 00000000 ____D () C:\Program Files (x86)\T-Mobile
2014-06-06 13:34 - 2013-03-06 11:20 - 00002446 _____ () C:\Windows\Sandboxie.ini
2014-06-06 13:33 - 2014-06-06 13:33 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ew_juextctrl_01007.Wdf
2014-06-06 13:33 - 2014-06-06 13:33 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ew_jucdcacm_01007.Wdf
2014-06-06 12:03 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-06-05 18:43 - 2013-08-31 12:07 - 00000000 ____D () C:\Users\olga müller\Desktop\mbar
2014-06-05 18:29 - 2014-06-05 18:29 - 05718872 _____ (Microsoft Corporation) C:\Users\olga müller\Downloads\vcredist_x64.exe
2014-06-05 18:25 - 2014-06-05 18:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
2014-06-05 18:25 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-06-05 18:23 - 2014-06-05 18:23 - 02656264 _____ (Sandboxie Holdings, LLC) C:\Users\olga müller\Downloads\SandboxieInstall.exe
2014-06-04 10:49 - 2013-03-06 17:17 - 00000000 ____D () C:\Users\olga müller\Documents\WB Games
2014-06-04 10:43 - 2014-06-04 10:43 - 00000000 __SHD () C:\Users\olga müller\AppData\Local\EmieUserList
2014-06-04 10:43 - 2014-06-04 10:43 - 00000000 __SHD () C:\Users\olga müller\AppData\Local\EmieSiteList
2014-06-03 11:11 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-06-03 00:09 - 2014-05-19 12:13 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-03 00:09 - 2013-03-05 17:59 - 00000000 ____D () C:\Users\olga müller\Tracing
2014-06-02 11:28 - 2013-06-06 16:50 - 00037720 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2014-06-02 11:25 - 2013-05-19 16:29 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-06-02 11:25 - 2013-03-23 17:58 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-02 11:25 - 2013-03-23 17:58 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-02 11:09 - 2013-06-13 13:30 - 00007597 _____ () C:\Users\olga müller\AppData\Local\resmon.resmoncfg
2014-05-28 14:09 - 2014-05-28 14:09 - 00000000 ____D () C:\Users\olga müller\AppData\Local\Apps\2.0
2014-05-20 15:27 - 2013-03-29 17:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-17 10:52 - 2013-06-06 16:50 - 00003242 _____ () C:\Windows\System32\Tasks\SidebarExecute
2014-05-16 17:12 - 2013-03-05 14:47 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-05-16 17:11 - 2013-08-08 15:23 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-16 17:10 - 2013-03-16 13:03 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-16 14:51 - 2013-03-05 17:59 - 00000000 ___RD () C:\Users\olga müller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-16 14:51 - 2013-03-05 17:59 - 00000000 ___RD () C:\Users\olga müller\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-16 14:49 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-05-12 07:26 - 2014-03-31 13:09 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-12 07:26 - 2014-03-31 13:09 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2013-03-06 11:33 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

Some content of TEMP:
====================
C:\Users\olga müller\AppData\Local\Temp\Quarantine.exe
C:\Users\olga müller\AppData\Local\Temp\vcredist_x64.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-06-08 19:28

==================== End Of Log ============================
--- --- ---


Ich habe soweit alles deinstalliert bis auf microsoft security essentials und malwarebytes, wieso war da mse zweimal gelistet??

Wieso sind iobit Produkte so schlimm, ich hatte immer einen sehr guten Eindruck, aber Advanced System Care hatte jetzt schon viel Müll installiert, Surfing Protection, LiveUpdate...bei LiveUpdate z.B. weiss ich garnicht wie ich es wieder wegbekomme, und für was es überhaupt gut sein soll.

schrauber 09.06.2014 16:51

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

Nikolaj02 11.06.2014 10:22
Security Check log:
Code:
Results of screen317's Security Check version 0.99.83 
 Windows 7 Service Pack 1 x64 (UAC is enabled) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
Microsoft Security Essentials 
 Antivirus up to date! 
`````````Anti-malware/Other Utilities Check:`````````
 Adobe Flash Player 13.0.0.214 
 Mozilla Firefox (29.0.1)
````````Process Check: objlist.exe by Laurent```````` 
 Microsoft Security Essentials MSMpEng.exe
 Microsoft Security Essentials msseces.exe
 Malwarebytes Anti-Malware mbamservice.exe 
 Malwarebytes Anti-Malware mbam.exe 
 Malwarebytes Anti-Malware mbamscheduler.exe 
 Windows7FirewallControl Windows7FirewallService.exe 
 Windows7FirewallControl Windows7FirewallControl.exe 
 Internet Manager OnlineUpdate ouc.exe 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 
````````````````````End of Log``````````````````````
Eset Online Scanner funktioniert nicht, er kann keine Verbindung herstellen, malwarebytes konnte jetzt aber updaten.

schrauber 12.06.2014 05:56
Mach mal nen Vollscan mit deinem AV Programm, und lass ESET weg. Und denk an das frisch FRST log und meine Frage :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 20:11 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131