Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   AVG 2014 lässt sich nach (2) Virenfunden nicht mehr starten (https://www.trojaner-board.de/155342-avg-2014-laesst-2-virenfunden-mehr-starten.html)

Plekdemon 17.06.2014 11:39
AVG 2014 lässt sich nach (2) Virenfunden nicht mehr starten
 
Hallo Trojaner-Board Team,

ich hoffe ich bekomme den Ablauf der Ereignisse in die richtige Reihenfolge.
AVG hat beim Virenscannen des Computers 2 Viren gefunden, die vom Virenscanner danach per Knopfklick (erfolgreich) beseitigt wurden.
Ausserdem erhielt ich die Meldung, dass eine file names "mfc110u" fehlt. Habe nach dieser file gegoogelt und auch einen link zum download dafür gefunden. Das Teil heisst Dll-Files Fixer. Die download Datei heisst "dffsetup-mfc110u". Habe dieses Programm dann rennen lassen und die file wurde laut Programm "erfolgreich wiederhergestellt", oder sowas, weiss leider den genauen Wortlaut nicht mehr.
Leider kann ich die AVG logs nicht posten, da sich eben die software nicht starten lässt. Mein Versuch die AVG Version zu entfernen, und neu zu installieren scheitert, weil sie sich im "Programme hinzufügen/entfernen" nicht entfernen lässt. Meldung "AVG Crash Dumper has stopped working".
Ausserdem hatt ich einen blue-screen beim runterfahren, mit der Meldung, dass Windows das System abschaltet, um weiteren Schaden am System zu verhindern, oder so ähnlich.

Habe mir letzte Woche eine Skiller gaming Tastatur von Sharkoon neu ans System gehängt, weil meine alte Microsoft Tastatur den Geist aufgab. (einige Buchstaben wollten nicht mehr funktionieren, mal ja, mal nein...). Sonst ist nichts neu.

Gmer lässt sich nicht ausführen:
Gmer-19357.exe-No Disk (im Fensterrahmen)
There is no disk in the drive. Please insert a disk drive\Device\Harddisk1\DR1.

Die free-Version von Malware-bytes Anti Malware, welche ich regelmässig laufen lasse, hat keine Funde angezeigt.

Defogger-log:
Code:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 11:25 on 17/06/2014 (Norbert)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
FRST.txt

Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:16-06-2014
Ran by Norbert (administrator) on NORBERT-PC on 17-06-2014 11:27:48
Running from C:\Users\Norbert\Desktop
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(Secunia) C:\Program Files\Secunia\PSI\sua.exe
(TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
(AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe
() C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\loggingserver.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Epson Software\Event Manager\EEventManager.exe
() C:\Program Files\Belkin\F5D8055\v2\BelkinDetectUI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Program Files\AVG Secure Search\vprot.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Game Inc.) C:\Program Files\SHARKOON Skiller\GameMon.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Opera Software) C:\Program Files\Opera\22.0.1471.50\opera.exe
() C:\Program Files\Opera\22.0.1471.50\opera_crashreporter.exe
(Opera Software) C:\Program Files\Opera\22.0.1471.50\opera.exe
(Opera Software) C:\Program Files\Opera\22.0.1471.50\opera.exe
(Opera Software) C:\Program Files\Opera\22.0.1471.50\opera.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\System32\sdclt.exe
(Opera Software) C:\Program Files\Opera\22.0.1471.50\opera.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [EEventManager] => C:\Program Files\Epson Software\Event Manager\EEventManager.exe [591696 2008-05-07] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [F5D8055v2] => C:\Program Files\Belkin\F5D8055\v2\BelkinDetectUI.exe [196608 2009-04-15] ()
HKLM\...\Run: [Nvtmru] => C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-11-14] (NVIDIA Corporation)
HKLM\...\Run: [TkBellExe] => c:\program files\real\realplayer\Update\realsched.exe [295512 2013-10-17] (RealNetworks, Inc.)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2014\avgui.exe [5181456 2014-05-13] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation)
HKLM\...\Run: [vProt] => C:\Program Files\AVG Secure Search\vprot.exe [2557976 2014-04-29] ()
HKLM\...\Run: [itype] => C:\Program Files\Microsoft IntelliType Pro\itype.exe [1313640 2011-08-10] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [224128 2014-03-18] (Oracle Corporation)
HKLM\...\Run: [GamingKeyboard] => C:\Program Files\SHARKOON Skiller\GameMon.exe [1805824 2013-10-16] (Game Inc.)
HKU\S-1-5-21-1006003231-2697031979-1953750779-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-1006003231-2697031979-1953750779-1000\...\Run: [AVG-Secure-Search-Update_1213b] => C:\Users\Norbert\AppData\Roaming\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe /PROMPT /mid=b84bd206e02247f5b5d9199ceddd2408-81d3a19c008f02a9c5a7646a090fae9a1306aa88 /CMPID=1213b
HKU\S-1-5-21-1006003231-2697031979-1953750779-1000\...\Run: [TomTomHOME.exe] => C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [248208 2013-08-27] (TomTom)
HKU\S-1-5-21-1006003231-2697031979-1953750779-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-1006003231-2697031979-1953750779-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [AVG-Secure-Search-Update_1213b] => C:\Users\Norbert\AppData\Roaming\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe /PROMPT /mid=b84bd206e02247f5b5d9199ceddd2408-81d3a19c008f02a9c5a7646a090fae9a1306aa88 /CMPID=1213b
HKU\S-1-5-21-1006003231-2697031979-1953750779-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [TomTomHOME.exe] => C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [248208 2013-08-27] (TomTom)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
Startup: C:\Users\Norbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://at.msn.com/?st=1
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x766D3BB98C72CA01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-at
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://isearch.avg.com/search?cid={F765AAF5-886B-466E-956B-787B8A03C6D7}&mid=b84bd206e02247f5b5d9199ceddd2408-81d3a19c008f02a9c5a7646a090fae9a1306aa88&lang=en&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-02-12 21:53:01&v=17.3.1.91&pid=avg&sg=&sap=dsp&q={searchTerms}
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\18.1.0.443\AVG Secure Search_toolbar.dll (AVG Secure Search)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKLM - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\18.1.0.443\AVG Secure Search_toolbar.dll (AVG Secure Search)
Toolbar: HKCU - ZoneAlarm Toolbar - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll No File
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.0\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 195.34.133.21 212.186.211.21

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.0\\npsitesafety.dll No File
FF Plugin: @java.com/DTPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\4.0.50826.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=16.0.3.51 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.3.51 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] - C:\Program Files\CheckPoint\ZAForceField\TrustChecker
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-10-17]
FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []

========================== Services (Whitelisted) =================

S2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3644432 2014-05-13] (AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [292424 2014-05-13] (AVG Technologies CZ, s.r.o.)
R2 EPSON_EB_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE [143872 2007-12-17] (SEIKO EPSON CORPORATION)
R2 EPSON_PM_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE [113664 2007-01-11] (SEIKO EPSON CORPORATION)
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
S3 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
R2 Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
R2 vToolbarUpdater18.1.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe [1801240 2014-04-29] (AVG Secure Search)
S2 AntiVirSchedulerService; "C:\Program Files\Avira\AntiVir Desktop\sched.exe" [X]
S2 AntiVirService; "C:\Program Files\Avira\AntiVir Desktop\avguard.exe" [X]
S2 vToolbarUpdater15.4.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe [X]

==================== Drivers (Whitelisted) ====================

R1 AsIO; C:\Windows\System32\drivers\AsIO.sys [12400 2009-12-01] ()
R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [122136 2014-05-13] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [198936 2014-05-13] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [149784 2014-05-13] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [21272 2014-05-13] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [192280 2014-05-13] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [237848 2014-05-13] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [107288 2014-05-13] (AVG Technologies CZ, s.r.o.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [56816 2009-12-09] (Avira GmbH)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27416 2014-05-13] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [210200 2014-05-13] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [42272 2014-04-29] (AVG Technologies)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [96104 2009-03-30] (Avira GmbH)
S3 GKBFltr; C:\Windows\System32\Drivers\GameKB.sys [25088 2013-10-15] ( )
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-06-17] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [7680 2009-12-01] ()
S3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [718336 2010-10-18] (Ralink Technology Corp.)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_x86.sys [16024 2013-12-06] (Secunia)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2009-05-11] (Avira GmbH)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
S1 avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [X]
S3 catchme; \??\C:\Users\Norbert\AppData\Local\Temp\catchme.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 USBMULCD; system32\drivers\CM106.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-17 11:27 - 2014-06-17 11:28 - 00016017 _____ () C:\Users\Norbert\Desktop\FRST.txt
2014-06-17 11:27 - 2014-06-17 11:27 - 00000000 ____D () C:\FRST
2014-06-17 11:26 - 2014-06-17 11:26 - 01072640 _____ (Farbar) C:\Users\Norbert\Desktop\FRST.exe
2014-06-17 11:25 - 2014-06-17 11:26 - 00000476 _____ () C:\Users\Norbert\Desktop\defogger_disable.log
2014-06-17 11:25 - 2014-06-17 11:25 - 00000000 _____ () C:\Users\Norbert\defogger_reenable
2014-06-17 11:24 - 2014-06-17 11:24 - 00050477 _____ () C:\Users\Norbert\Desktop\Defogger.exe
2014-06-17 11:17 - 2014-06-17 11:18 - 152430976 _____ (AVG Technologies) C:\Users\Norbert\Downloads\avg_free_x86_all_2014_4592a7484.exe
2014-06-17 11:17 - 2014-06-17 11:17 - 152430976 _____ (AVG Technologies) C:\Users\Norbert\Downloads\avg_free_x86_all_2014_4592a7484 (1).exe
2014-06-16 15:30 - 2014-06-17 11:11 - 00000284 _____ () C:\Windows\Tasks\DLL-Files.Com Fixer_Updates.job
2014-06-16 15:30 - 2014-06-17 11:11 - 00000276 _____ () C:\Windows\Tasks\DLL-Files FixerASKUSER.job
2014-06-16 15:30 - 2014-06-17 11:11 - 00000268 _____ () C:\Windows\Tasks\DLL-Files.Com Fixer_MONTHLY.job
2014-06-16 15:30 - 2014-06-16 15:30 - 04456520 _____ (Microsoft Corporation) C:\Windows\system32\mfc110u.dll
2014-06-16 15:30 - 2014-06-16 15:30 - 00000000 ____D () C:\Users\Norbert\AppData\Roaming\dll-files.com
2014-06-16 15:30 - 2014-06-16 15:30 - 00000000 ____D () C:\ProgramData\TEMP
2014-06-16 15:30 - 2014-06-16 15:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dll-Files Fixer
2014-06-16 15:30 - 2014-06-16 15:30 - 00000000 ____D () C:\Program Files\Dll-Files.com Fixer
2014-06-16 15:30 - 2014-02-13 17:56 - 00017344 _____ (Dll-Files.com) C:\Windows\system32\roboot.exe
2014-06-16 15:29 - 2014-06-16 15:29 - 05359680 _____ (Dll-Files.com ) C:\Users\Norbert\Downloads\dffsetup-mfc110u.exe
2014-06-16 15:28 - 2014-06-16 15:28 - 02363953 _____ () C:\Users\Norbert\Downloads\mfc110u.zip
2014-06-12 21:08 - 2014-06-12 21:08 - 00000000 ____D () C:\Users\Norbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse
2014-06-12 14:05 - 2014-05-28 18:48 - 12356608 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-12 14:05 - 2014-05-28 18:39 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-12 14:05 - 2014-05-28 18:38 - 09711104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-12 14:05 - 2014-05-28 18:33 - 01106432 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-12 14:05 - 2014-05-28 18:32 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-12 14:05 - 2014-05-28 18:32 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-12 14:05 - 2014-05-28 18:31 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-06-12 14:05 - 2014-05-28 18:31 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-12 14:05 - 2014-05-28 18:30 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-12 14:05 - 2014-05-28 18:30 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-06-12 14:05 - 2014-05-28 18:30 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-12 14:05 - 2014-05-28 18:30 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-12 14:05 - 2014-05-28 18:30 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-12 14:05 - 2014-05-28 18:30 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-12 14:05 - 2014-05-28 18:30 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-06-12 14:05 - 2014-05-28 18:29 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-12 14:05 - 2014-05-28 18:29 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-12 14:05 - 2014-05-28 18:29 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-12 14:05 - 2014-05-28 18:29 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-06-12 14:05 - 2014-05-28 18:29 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-06-12 14:05 - 2014-05-28 18:28 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-12 14:05 - 2014-04-26 18:01 - 00502784 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-12 14:05 - 2014-04-05 04:42 - 00905664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-12 14:05 - 2014-03-10 03:22 - 01401344 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-12 14:05 - 2014-03-10 03:22 - 01248768 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-08 17:51 - 2014-06-08 17:51 - 00000000 ___SD () C:\Users\Norbert\Documents\Eigene Webs
2014-06-08 17:40 - 2014-06-08 17:41 - 00007606 _____ () C:\Windows\DPINST.LOG
2014-06-08 17:40 - 2014-06-08 17:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SHARKOON Skiller
2014-06-08 17:40 - 2014-06-08 17:40 - 00000000 ____D () C:\Program Files\SHARKOON Skiller
2014-06-08 17:40 - 2013-10-15 16:00 - 00025088 _____ ( ) C:\Windows\system32\Drivers\GameKB.sys
2014-06-08 11:47 - 2014-06-08 11:47 - 00000000 ____D () C:\Program Files\AGEIA Technologies
2014-06-08 11:47 - 2014-05-14 04:20 - 03774821 _____ () C:\Windows\system32\nvcoproc.bin
2014-06-08 11:44 - 2014-05-20 04:39 - 24024408 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv32.dll
2014-06-08 11:44 - 2014-05-20 04:39 - 17559384 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-06-08 11:44 - 2014-05-20 04:39 - 16003912 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2um.dll
2014-06-08 11:44 - 2014-05-20 04:39 - 10533152 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-06-08 11:44 - 2014-05-20 04:39 - 09735256 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-06-08 11:44 - 2014-05-20 04:39 - 09697640 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-06-08 11:44 - 2014-05-20 04:39 - 02953672 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-06-08 11:44 - 2014-05-20 04:39 - 02413344 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-06-08 11:44 - 2014-05-20 04:39 - 01056200 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco3233788.dll
2014-06-08 11:44 - 2014-05-20 04:39 - 00908744 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco3233788.dll
2014-06-08 09:13 - 2014-06-08 09:13 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-06-08 09:12 - 2014-06-08 09:11 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-06-08 09:11 - 2014-06-08 09:11 - 00176040 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-06-08 09:11 - 2014-06-08 09:11 - 00176040 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-06-08 09:11 - 2014-06-08 09:11 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-06-08 09:11 - 2014-06-08 09:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-20 16:31 - 2014-05-11 00:08 - 00000426 _____ () C:\AVScanner.ini
2014-05-20 16:21 - 2014-06-17 11:21 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-20 16:20 - 2014-05-31 08:58 - 00000905 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-20 16:20 - 2014-05-31 08:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-20 16:20 - 2014-05-31 08:58 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-05-20 16:20 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-20 16:20 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-20 15:32 - 2014-05-20 15:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft-Tastatur
2014-05-20 15:30 - 2014-05-20 15:30 - 00000000 ____D () C:\Windows\PCHEALTH
2014-05-20 15:30 - 2014-05-20 15:30 - 00000000 ____D () C:\Program Files\Microsoft IntelliType Pro

==================== One Month Modified Files and Folders =======

2014-06-17 11:28 - 2014-06-17 11:27 - 00016017 _____ () C:\Users\Norbert\Desktop\FRST.txt
2014-06-17 11:28 - 2013-12-21 19:07 - 00000000 ____D () C:\Users\Norbert\AppData\Local\temp
2014-06-17 11:27 - 2014-06-17 11:27 - 00000000 ____D () C:\FRST
2014-06-17 11:26 - 2014-06-17 11:26 - 01072640 _____ (Farbar) C:\Users\Norbert\Desktop\FRST.exe
2014-06-17 11:26 - 2014-06-17 11:25 - 00000476 _____ () C:\Users\Norbert\Desktop\defogger_disable.log
2014-06-17 11:25 - 2014-06-17 11:25 - 00000000 _____ () C:\Users\Norbert\defogger_reenable
2014-06-17 11:25 - 2009-12-01 13:59 - 00000000 ____D () C:\Users\Norbert
2014-06-17 11:24 - 2014-06-17 11:24 - 00050477 _____ () C:\Users\Norbert\Desktop\Defogger.exe
2014-06-17 11:23 - 2012-10-22 17:12 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-17 11:21 - 2014-05-20 16:21 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-17 11:20 - 2013-12-11 11:03 - 00000000 ____D () C:\ProgramData\MFAData
2014-06-17 11:19 - 2008-01-21 03:35 - 02079636 _____ () C:\Windows\WindowsUpdate.log
2014-06-17 11:18 - 2014-06-17 11:17 - 152430976 _____ (AVG Technologies) C:\Users\Norbert\Downloads\avg_free_x86_all_2014_4592a7484.exe
2014-06-17 11:17 - 2014-06-17 11:17 - 152430976 _____ (AVG Technologies) C:\Users\Norbert\Downloads\avg_free_x86_all_2014_4592a7484 (1).exe
2014-06-17 11:15 - 2010-01-06 13:58 - 00000000 ____D () C:\Users\Norbert\AppData\Local\Deployment
2014-06-17 11:11 - 2014-06-16 15:30 - 00000284 _____ () C:\Windows\Tasks\DLL-Files.Com Fixer_Updates.job
2014-06-17 11:11 - 2014-06-16 15:30 - 00000276 _____ () C:\Windows\Tasks\DLL-Files FixerASKUSER.job
2014-06-17 11:11 - 2014-06-16 15:30 - 00000268 _____ () C:\Windows\Tasks\DLL-Files.Com Fixer_MONTHLY.job
2014-06-17 11:11 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-17 11:11 - 2006-11-02 14:47 - 00003712 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-17 11:11 - 2006-11-02 14:47 - 00003712 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-16 15:34 - 2006-11-02 15:01 - 00032622 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-06-16 15:30 - 2014-06-16 15:30 - 04456520 _____ (Microsoft Corporation) C:\Windows\system32\mfc110u.dll
2014-06-16 15:30 - 2014-06-16 15:30 - 00000000 ____D () C:\Users\Norbert\AppData\Roaming\dll-files.com
2014-06-16 15:30 - 2014-06-16 15:30 - 00000000 ____D () C:\ProgramData\TEMP
2014-06-16 15:30 - 2014-06-16 15:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dll-Files Fixer
2014-06-16 15:30 - 2014-06-16 15:30 - 00000000 ____D () C:\Program Files\Dll-Files.com Fixer
2014-06-16 15:29 - 2014-06-16 15:29 - 05359680 _____ (Dll-Files.com ) C:\Users\Norbert\Downloads\dffsetup-mfc110u.exe
2014-06-16 15:28 - 2014-06-16 15:28 - 02363953 _____ () C:\Users\Norbert\Downloads\mfc110u.zip
2014-06-15 18:48 - 2012-06-26 09:13 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-06-15 18:48 - 2011-09-13 10:04 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-06-15 18:01 - 2006-11-02 12:33 - 00765776 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-15 18:00 - 2010-09-29 13:16 - 00025600 _____ () C:\Users\Norbert\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-06-12 21:08 - 2014-06-12 21:08 - 00000000 ____D () C:\Users\Norbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse
2014-06-12 21:08 - 2013-08-16 23:18 - 00000318 _____ () C:\Users\Norbert\Desktop\Curse Client.appref-ms
2014-06-12 14:18 - 2013-08-05 15:54 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-12 14:16 - 2006-11-02 12:24 - 92708840 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-06-08 17:51 - 2014-06-08 17:51 - 00000000 ___SD () C:\Users\Norbert\Documents\Eigene Webs
2014-06-08 17:43 - 2009-12-01 13:59 - 00055128 _____ () C:\Users\Norbert\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-08 17:43 - 2006-11-02 14:47 - 00251408 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-08 17:41 - 2014-06-08 17:40 - 00007606 _____ () C:\Windows\DPINST.LOG
2014-06-08 17:40 - 2014-06-08 17:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SHARKOON Skiller
2014-06-08 17:40 - 2014-06-08 17:40 - 00000000 ____D () C:\Program Files\SHARKOON Skiller
2014-06-08 17:40 - 2009-12-01 14:21 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-06-08 11:47 - 2014-06-08 11:47 - 00000000 ____D () C:\Program Files\AGEIA Technologies
2014-06-08 11:47 - 2009-12-01 14:35 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-06-08 11:47 - 2009-12-01 14:09 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-08 09:13 - 2014-06-08 09:13 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-06-08 09:11 - 2014-06-08 09:12 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-06-08 09:11 - 2014-06-08 09:11 - 00176040 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-06-08 09:11 - 2014-06-08 09:11 - 00176040 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-06-08 09:11 - 2014-06-08 09:11 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-06-08 09:11 - 2014-06-08 09:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-06-08 09:11 - 2013-08-10 07:37 - 00000000 ____D () C:\Program Files\Java
2014-06-03 17:56 - 2013-08-16 22:10 - 00000000 ____D () C:\Program Files\Opera
2014-05-31 08:58 - 2014-05-20 16:20 - 00000905 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-05-31 08:58 - 2014-05-20 16:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-05-31 08:58 - 2014-05-20 16:20 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-05-28 18:48 - 2014-06-12 14:05 - 12356608 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-28 18:39 - 2014-06-12 14:05 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-28 18:38 - 2014-06-12 14:05 - 09711104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-28 18:33 - 2014-06-12 14:05 - 01106432 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-28 18:32 - 2014-06-12 14:05 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-28 18:32 - 2014-06-12 14:05 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-28 18:31 - 2014-06-12 14:05 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-05-28 18:31 - 2014-06-12 14:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-28 18:30 - 2014-06-12 14:05 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-28 18:30 - 2014-06-12 14:05 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-05-28 18:30 - 2014-06-12 14:05 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-28 18:30 - 2014-06-12 14:05 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-28 18:30 - 2014-06-12 14:05 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-28 18:30 - 2014-06-12 14:05 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-28 18:30 - 2014-06-12 14:05 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-05-28 18:29 - 2014-06-12 14:05 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-28 18:29 - 2014-06-12 14:05 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-28 18:29 - 2014-06-12 14:05 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-28 18:29 - 2014-06-12 14:05 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-05-28 18:29 - 2014-06-12 14:05 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-05-28 18:28 - 2014-06-12 14:05 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-25 11:25 - 2013-12-11 12:48 - 00001590 _____ () C:\Windows\setupact.log
2014-05-20 20:34 - 2013-12-16 20:21 - 00004376 _____ () C:\Windows\PFRO.log
2014-05-20 16:31 - 2014-03-05 20:34 - 00000000 ____D () C:\Users\Norbert\AppData\Local\Unity
2014-05-20 16:20 - 2013-12-17 19:08 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-05-20 16:20 - 2013-08-06 19:20 - 00000000 ____D () C:\Users\Norbert\AppData\Roaming\Malwarebytes
2014-05-20 16:20 - 2013-08-06 19:19 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-20 15:32 - 2014-05-20 15:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft-Tastatur
2014-05-20 15:30 - 2014-05-20 15:30 - 00000000 ____D () C:\Windows\PCHEALTH
2014-05-20 15:30 - 2014-05-20 15:30 - 00000000 ____D () C:\Program Files\Microsoft IntelliType Pro
2014-05-20 15:30 - 2006-11-02 13:18 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-05-20 15:13 - 2013-12-21 19:25 - 00002425 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-05-20 11:51 - 2014-04-01 20:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-05-20 04:39 - 2014-06-08 11:44 - 24024408 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv32.dll
2014-05-20 04:39 - 2014-06-08 11:44 - 17559384 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-05-20 04:39 - 2014-06-08 11:44 - 16003912 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2um.dll
2014-05-20 04:39 - 2014-06-08 11:44 - 10533152 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-05-20 04:39 - 2014-06-08 11:44 - 09735256 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-05-20 04:39 - 2014-06-08 11:44 - 09697640 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-05-20 04:39 - 2014-06-08 11:44 - 02953672 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-05-20 04:39 - 2014-06-08 11:44 - 02413344 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-05-20 04:39 - 2014-06-08 11:44 - 01056200 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco3233788.dll
2014-05-20 04:39 - 2014-06-08 11:44 - 00908744 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco3233788.dll
2014-05-20 04:39 - 2012-10-10 22:14 - 14434704 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dum.dll
2014-05-20 04:39 - 2012-10-10 22:14 - 02730208 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi.dll
2014-05-20 04:39 - 2009-12-01 14:06 - 00020729 _____ () C:\Windows\system32\nvinfo.pb
2014-05-20 02:04 - 2010-07-09 16:37 - 04379592 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-05-20 02:04 - 2010-07-09 16:37 - 03055560 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc.dll
2014-05-20 02:04 - 2010-07-09 16:37 - 00668104 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-05-20 02:04 - 2010-07-09 16:37 - 00376096 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-05-20 02:04 - 2009-09-27 18:47 - 00061784 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll

Some content of TEMP:
====================
C:\Users\Norbert\AppData\Local\temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Norbert\AppData\Local\temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Norbert\AppData\Local\temp\oi_{CB4E8797-A5B0-4126-8EB6-72ED80BEDAE1}.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-17 11:21

==================== End Of Log ============================
Addition.txt

Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version:16-06-2014
Ran by Norbert at 2014-06-17 11:28:18
Running from C:\Users\Norbert\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: AVG AntiVirus Free Edition 2014 (Disabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Disabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

==================== Installed Programs ======================

Adobe Flash Player 13 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Reader 9.3.2 - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-A93000000001}) (Version: 9.3.2 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4592 - AVG Technologies)
AVG 2014 (Version: 14.0.3964 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4592 - AVG Technologies) Hidden
AVG Security Toolbar (HKLM\...\AVG Secure Search) (Version: 18.1.0.443 - AVG Technologies)
Belkin N+ Wireless USB Adapter (HKLM\...\{5032D684-B2EB-46CC-9416-C9C955A53A85}) (Version: 2.00.06 - Belkin International, Inc.)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Cool & Quiet (HKLM\...\{1ADE1AA0-7F82-4BB1-B1BD-727DE438057B}) (Version:  - )
Curse Client (HKCU\...\101a9f93b8f0bb6f) (Version: 5.1.1.810 - Curse)
Dll-Files Fixer (HKLM\...\Dll-Files Fixer_is1) (Version: 3.1.81 - Dll-Files.com)
Epson Easy Photo Print 2 (HKLM\...\{DEDB47A3-C988-4A43-A645-E2CEA571E680}) (Version: 2.0.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM\...\{48F22622-1CC2-4A83-9C1E-644DD96F832D}) (Version: 2.01.00 - SEIKO EPSON Corporation)
Epson Print CD (HKLM\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.00.00 - SEIKO EPSON CORPORATION)
EPSON PX800FW Series Printer Uninstall (HKLM\...\EPSON PX800FW Series) (Version:  - SEIKO EPSON Corporation)
EPSON Scan (HKLM\...\EPSON Scanner) (Version:  - )
EPSON Stylus Photo PX700W_PX800FW_TX700W_TX800FW Handbuch (HKLM\...\EPSON Stylus Photo PX700W_PX800FW_TX700W_TX800FW Benutzerhandbuch) (Version:  - )
Free Driver Scout (Version: 1.0.0.101 - Covus Freemium) Hidden
GSview 4.9 (HKLM\...\GSview 4.9) (Version:  - )
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Java 8 Update 5 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218005FF}) (Version: 8.0.50 - Oracle Corporation)
Java Auto Updater (Version: 2.8.05.13 - Oracle, Inc.) Hidden
Left 4 Dead 2 (HKLM\...\Steam App 550) (Version:  - Valve)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft IntelliType Pro 8.2 (HKLM\...\Microsoft IntelliType Pro 8.2) (Version: 8.20.469.0 - Microsoft Corporation)
Microsoft IntelliType Pro 8.2 (Version: 8.20.469.0 - Microsoft Corporation) Hidden
Microsoft Office XP Professional mit FrontPage (HKLM\...\{90280407-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.50826.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
NVIDIA 3D Vision Controller Driver 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 337.88 - NVIDIA Corporation)
NVIDIA Control Panel 337.88 (Version: 337.88 - NVIDIA Corporation) Hidden
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5896 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.154.1168 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA Update 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 10.11.15 - NVIDIA Corporation) Hidden
OGA Notifier 2.0.0048.0 (Version: 2.0.0048.0 - Microsoft Corporation) Hidden
Opera Stable 22.0.1471.50 (HKLM\...\Opera 22.0.1471.50) (Version: 22.0.1471.50 - Opera Software ASA)
PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden
RealDownloader (Version: 1.3.3 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.4.103.0 - SAMSUNG Electronics Co., Ltd.)
Secunia PSI (3.0.0.9016) (HKLM\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)
SHARKOON Skiller (HKLM\...\{91C25547-9534-41A5-823A-1E54BA16EA3F}) (Version: 1.00.0000 - )
Steam (HKLM\...\Steam) (Version:  - Valve Corporation)
System Requirements Lab (HKLM\...\SystemRequirementsLab) (Version:  - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.13.1 - TeamSpeak Systems GmbH)
TomTom HOME (HKLM\...\{99072AB4-D795-44D5-9D65-E3C9F8322C97}) (Version: 2.9.7 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (HKLM\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
World of Warcraft (HKLM\...\World of Warcraft) (Version:  - Blizzard Entertainment)

==================== Restore Points  =========================

08-06-2014 15:39:56 Installiert SHARKOON Skiller
08-06-2014 15:40:15 Device Driver Package Install: Sharkoon Human Interface Devices
08-06-2014 15:52:43 Windows Update
09-06-2014 16:49:13 Windows Update
09-06-2014 19:41:04 Windows Update
10-06-2014 17:38:51 Windows Update
11-06-2014 20:05:33 Windows Update
12-06-2014 12:16:07 Windows Update
12-06-2014 14:54:24 Windows Update
12-06-2014 20:12:37 Windows Update
13-06-2014 21:05:42 Scheduled Checkpoint
13-06-2014 21:19:48 Windows Update
14-06-2014 08:43:53 Windows Update
15-06-2014 11:12:01 Windows Update
15-06-2014 19:34:41 Windows Update
16-06-2014 08:24:39 Windows Update
16-06-2014 12:52:02 Removed Visual Studio 2012 x86 Redistributables
16-06-2014 13:08:54 Windows Update
17-06-2014 09:15:12 Windows Update

==================== Hosts content: ==========================

2006-11-02 12:23 - 2013-08-05 16:16 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {123C06E4-5F11-44A2-82A4-5ADFB64E1576} - System32\Tasks\RDReminder => C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe [2014-02-13] (Dll-FIles.Com)
Task: {1A3E2874-2839-4C41-A528-DE6015653950} - System32\Tasks\DLL-Files.Com Fixer_MONTHLY => C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe [2014-02-13] (Dll-FIles.Com)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {1E110028-0926-4147-A05B-32683682C09A} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1006003231-2697031979-1953750779-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {1F6E12E0-1FA0-4276-82E0-336F5E4FCBD4} - System32\Tasks\DLL-Files.Com Fixer_Updates => C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe [2014-02-13] (Dll-FIles.Com)
Task: {2AED682D-E1CE-4047-96BA-A7AB0FDC9AEB} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {2D720758-712B-455F-B3C7-A18B89417524} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1006003231-2697031979-1953750779-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {36A1B5E6-8F9A-41FF-9F57-11F62A8C53CA} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1006003231-2697031979-1953750779-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {492E425D-2EFA-4A31-A742-74247D9A3BE8} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => C:\Program Files\Microsoft IntelliType Pro\IType.exe [2011-08-10] (Microsoft Corporation)
Task: {5B3A1C4A-EC5A-447D-B7B2-7760BF65C5BC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-15] (Adobe Systems Incorporated)
Task: {70E9E92B-F31B-4F59-80AE-5BFE32A91F0F} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1006003231-2697031979-1953750779-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe [2013-08-14] (RealNetworks, Inc.)
Task: {98F6817F-5CA8-4EB5-8FAA-C3214E06191C} - System32\Tasks\DLL-Files FixerASKUSER => C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe [2014-02-13] (Dll-FIles.Com)
Task: {A728AE6B-5AB8-4223-AD3E-E6341441A01C} - System32\Tasks\Microsoft\Windows\PLA\System\ConvertLogEntries => Rundll32.exe %windir%\system32\pla.dll,PlaConvertLogEntries
Task: {ADE711F3-10EE-45F4-8D9E-5F9E5FDBE3E7} - System32\Tasks\Opera scheduled Autoupdate 1376683835 => C:\Program Files\Opera\launcher.exe [2014-05-27] (Opera Software)
Task: {B0973208-3DFF-4B32-8373-14BA22DE4807} - \CreateChoiceProcessTask No Task File <==== ATTENTION
Task: {B96FFB5F-431B-4E91-B122-ACE0252A4119} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DLL-Files FixerASKUSER.job => C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
Task: C:\Windows\Tasks\DLL-Files.Com Fixer_MONTHLY.job => C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
Task: C:\Windows\Tasks\DLL-Files.Com Fixer_Updates.job => C:\Program Files\Dll-Files.com Fixer\DLLFixer.exe
Task: C:\Windows\Tasks\User_Feed_Synchronization-{A972CF4C-A94D-411E-B01B-AB8C488CC158}.job => C:\Windows\system32\msfeedssync.exe

==================== Loaded Modules (whitelisted) =============

2013-08-14 15:19 - 2013-08-14 15:19 - 00039056 _____ () C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
2014-04-29 22:07 - 2014-04-29 22:06 - 00159768 _____ () C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\loggingserver.exe
2014-04-29 22:07 - 2014-04-29 22:06 - 00519704 _____ () C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\log4cplusU.dll
2010-10-18 12:16 - 2009-04-15 20:55 - 00196608 _____ () C:\Program Files\Belkin\F5D8055\v2\BelkinDetectUI.exe
2014-02-12 22:53 - 2014-04-29 22:06 - 02557976 _____ () C:\Program Files\AVG Secure Search\vprot.exe
2014-06-03 17:56 - 2014-06-03 17:32 - 01396344 _____ () C:\Program Files\Opera\22.0.1471.50\opera_crashreporter.exe
2014-06-03 17:56 - 2014-06-03 17:32 - 00957048 _____ () C:\Program Files\Opera\22.0.1471.50\ffmpegsumo.dll
2014-06-15 18:48 - 2014-06-15 18:48 - 17024688 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_125.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"

==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/17/2014 11:25:12 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (06/17/2014 11:25:12 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (06/17/2014 11:20:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application fixcfg.exe, version 14.0.0.4592, time stamp 0x53720cd6, faulting module MSVCR110.dll, version 6.0.6002.18881, time stamp 0x51da3e27, exception code 0xc0000135, fault offset 0x00009f5d,
process id 0x1088, application start time 0xfixcfg.exe0.

Error: (06/17/2014 11:15:51 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application avgmfapx.exe, version 14.0.0.4592, time stamp 0x53720ebe, faulting module avgmfapx.exe, version 14.0.0.4592, time stamp 0x53720ebe, exception code 0x40000015, fault offset 0x003d83de,
process id 0x10e8, application start time 0xavgmfapx.exe0.

Error: (06/17/2014 11:15:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application avgdumpx.exe, version 14.0.0.4592, time stamp 0x53720cc1, faulting module MSVCR110.dll, version 6.0.6002.18881, time stamp 0x51da3e27, exception code 0xc0000135, fault offset 0x00009f5d,
process id 0x11e8, application start time 0xavgdumpx.exe0.

Error: (06/17/2014 11:15:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application avgui.exe, version 14.0.0.4592, time stamp 0x53720d72, faulting module MSVCR110.dll, version 6.0.6002.18881, time stamp 0x51da3e27, exception code 0xc0000135, fault offset 0x00009f5d,
process id 0xdcc, application start time 0xavgui.exe0.

Error: (06/17/2014 11:13:07 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/16/2014 03:33:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application avgwsc.exe, version 14.0.0.4592, time stamp 0x53720d94, faulting module MSVCR110.dll, version 6.0.6002.18881, time stamp 0x51da3e27, exception code 0xc0000135, fault offset 0x00009f5d,
process id 0x11a4, application start time 0xavgwsc.exe0.

Error: (06/16/2014 03:32:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application avgwsc.exe, version 14.0.0.4592, time stamp 0x53720d94, faulting module MSVCR110.dll, version 6.0.6002.18881, time stamp 0x51da3e27, exception code 0xc0000135, fault offset 0x00009f5d,
process id 0x1648, application start time 0xavgwsc.exe0.

Error: (06/16/2014 03:29:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application avgui.exe, version 14.0.0.4592, time stamp 0x53720d72, faulting module mfc110u.dll, version 6.0.6002.18881, time stamp 0x51da3e27, exception code 0xc0000135, fault offset 0x00009f5d,
process id 0xe58, application start time 0xavgui.exe0.


System errors:
=============
Error: (06/17/2014 11:17:06 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: 0x80070643Security Update for Microsoft Silverlight (KB2932677){C6BF131F-BE90-438C-BA58-A732368D8A96}201

Error: (06/17/2014 11:13:07 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: avgio

Error: (06/17/2014 11:13:07 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: vToolbarUpdater15.4.0%%2

Error: (06/17/2014 11:13:07 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: AVG WatchDog%%1053

Error: (06/17/2014 11:13:07 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000AVG WatchDog

Error: (06/17/2014 11:13:07 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: AVGIDSAgent%%1053

Error: (06/17/2014 11:13:07 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: 30000AVGIDSAgent

Error: (06/17/2014 11:13:07 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Avira AntiVir Guard%%3

Error: (06/17/2014 11:13:07 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Avira AntiVir Planer%%3

Error: (06/17/2014 11:11:53 AM) (Source: Microsoft-Windows-TaskScheduler) (EventID: 412) (User: NT AUTHORITY)
Description: 2147942402


Microsoft Office Sessions:
=========================
Error: (06/17/2014 11:25:12 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files\Epson Software\Easy Photo Print\Microsoft.VC80.MFC\MFC80.DLL

Error: (06/17/2014 11:25:12 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.MFCLOC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files\Epson Software\Easy Photo Print\Microsoft.VC80.MFC\MFC80.DLL

Error: (06/17/2014 11:20:12 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: fixcfg.exe14.0.0.459253720cd6MSVCR110.dll6.0.6002.1888151da3e27c000013500009f5d108801cf8a0d570fcce7

Error: (06/17/2014 11:15:51 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: avgmfapx.exe14.0.0.459253720ebeavgmfapx.exe14.0.0.459253720ebe40000015003d83de10e801cf8a0cae954ea7

Error: (06/17/2014 11:15:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: avgdumpx.exe14.0.0.459253720cc1MSVCR110.dll6.0.6002.1888151da3e27c000013500009f5d11e801cf8a0cb5d62637

Error: (06/17/2014 11:15:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: avgui.exe14.0.0.459253720d72MSVCR110.dll6.0.6002.1888151da3e27c000013500009f5ddcc01cf8a0c322ba307

Error: (06/17/2014 11:13:07 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/16/2014 03:33:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: avgwsc.exe14.0.0.459253720d94MSVCR110.dll6.0.6002.1888151da3e27c000013500009f5d11a401cf8967846c8c27

Error: (06/16/2014 03:32:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: avgwsc.exe14.0.0.459253720d94MSVCR110.dll6.0.6002.1888151da3e27c000013500009f5d164801cf89676f8ec027

Error: (06/16/2014 03:29:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: avgui.exe14.0.0.459253720d72mfc110u.dll6.0.6002.1888151da3e27c000013500009f5de5801cf89665da01a47


CodeIntegrity Errors:
===================================
  Date: 2014-06-17 11:28:13.561
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-06-17 11:28:13.393
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-06-17 11:28:13.224
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-06-17 11:28:13.055
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-06-17 11:28:12.795
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-06-17 11:28:12.625
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-06-17 11:28:12.453
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-06-17 11:28:12.276
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-06-17 11:27:55.060
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.

  Date: 2014-06-17 11:27:54.891
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Percentage of memory in use: 51%
Total physical RAM: 3325.63 MB
Available physical RAM: 1627.46 MB
Total Pagefile: 6848.2 MB
Available Pagefile: 5066.86 MB
Total Virtual: 2047.88 MB
Available Virtual: 1909.72 MB

==================== Drives ================================

Drive c: (SYSTEM) (Fixed) (Total:100.01 GB) (Free:12.45 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (VERBATIM) (Fixed) (Total:465.65 GB) (Free:346.56 GB) FAT32
Drive j: (DATEN) (Fixed) (Total:365.75 GB) (Free:346.35 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 466 GB) (Disk ID: 1BB1E3DB)
Partition 1: (Active) - (Size=100 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=366 GB) - (Type=07 NTFS)

========================================================
Disk: 5 (Size: 466 GB) (Disk ID: B57BA8BE)
Partition 1: (Not Active) - (Size=466 GB) - (Type=0C)

==================== End Of Log ============================
Bitte um Eure Hilfe. Dankeschön.

schrauber 17.06.2014 11:54
hi,

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Plekdemon 17.06.2014 12:30
Hi Schrauber,

vielen Dank.

Bitteschön:

Combofix Logfile:
Code:
ComboFix 14-06-16.01 - Norbert 17.06.2014  13:17:37.3.4 - x86
ausgeführt von:: c:\users\Norbert\Desktop\ComboFix.exe
.
.
(((((((((((((((((((((((  Dateien erstellt von 2014-05-17 bis 2014-06-17  ))))))))))))))))))))))))))))))
.
.
2014-06-17 11:24 . 2014-06-17 11:24        --------        d-----w-        c:\users\UpdatusUser\AppData\Local\temp
2014-06-17 11:24 . 2014-06-17 11:24        --------        d-----w-        c:\users\Public\AppData\Local\temp
2014-06-17 11:24 . 2014-06-17 11:24        --------        d-----w-        c:\users\Default\AppData\Local\temp
2014-06-17 09:27 . 2014-06-17 09:29        --------        d-----w-        C:\FRST
2014-06-16 13:30 . 2014-06-16 13:30        4456520        ----a-w-        c:\windows\system32\mfc110u.dll
2014-06-16 13:30 . 2014-06-16 13:30        --------        d-----w-        c:\users\Norbert\AppData\Roaming\dll-files.com
2014-06-16 13:30 . 2014-06-16 13:30        --------        d-----w-        c:\programdata\Logs
2014-06-16 13:30 . 2014-02-13 15:56        17344        ----a-w-        c:\windows\system32\roboot.exe
2014-06-16 13:30 . 2014-06-16 13:30        --------        d-----w-        c:\program files\Dll-Files.com Fixer
2014-06-08 15:40 . 2014-06-08 15:40        --------        d-----w-        c:\program files\SHARKOON Skiller
2014-06-08 15:40 . 2013-10-15 14:00        25088        ----a-w-        c:\windows\system32\drivers\GameKB.sys
2014-06-08 09:47 . 2014-06-08 09:47        --------        d-----w-        c:\program files\AGEIA Technologies
2014-06-08 09:47 . 2014-05-14 02:20        3774821        ----a-w-        c:\windows\system32\nvcoproc.bin
2014-06-08 09:44 . 2014-05-20 02:39        9697640        ----a-w-        c:\windows\system32\nvopencl.dll
2014-06-08 09:44 . 2014-05-20 02:39        24024408        ----a-w-        c:\windows\system32\nvoglv32.dll
2014-06-08 09:44 . 2014-05-20 02:39        16003912        ----a-w-        c:\windows\system32\nvwgf2um.dll
2014-06-08 09:44 . 2014-05-20 02:39        9735256        ----a-w-        c:\windows\system32\nvcuda.dll
2014-06-08 09:44 . 2014-05-20 02:39        908744        ----a-w-        c:\windows\system32\nvdispgenco3233788.dll
2014-06-08 09:44 . 2014-05-20 02:39        2953672        ----a-w-        c:\windows\system32\nvcuvid.dll
2014-06-08 09:44 . 2014-05-20 02:39        2413344        ----a-w-        c:\windows\system32\nvcuvenc.dll
2014-06-08 09:44 . 2014-05-20 02:39        1056200        ----a-w-        c:\windows\system32\nvdispco3233788.dll
2014-06-08 09:44 . 2014-05-20 02:39        10533152        ----a-w-        c:\windows\system32\drivers\nvlddmkm.sys
2014-06-08 09:44 . 2014-05-20 02:39        17559384        ----a-w-        c:\windows\system32\nvcompiler.dll
2014-06-08 07:13 . 2014-06-08 07:13        --------        d-----w-        c:\program files\Common Files\Java
2014-06-08 07:11 . 2014-06-08 07:11        96680        ----a-w-        c:\windows\system32\WindowsAccessBridge.dll
2014-05-20 14:21 . 2014-06-17 11:13        110296        ----a-w-        c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-05-20 14:20 . 2014-05-31 06:58        --------        d-----w-        c:\program files\Malwarebytes Anti-Malware
2014-05-20 14:20 . 2014-05-12 05:26        51928        ----a-w-        c:\windows\system32\drivers\mwac.sys
2014-05-20 14:20 . 2014-05-12 05:25        74456        ----a-w-        c:\windows\system32\drivers\mbamchameleon.sys
2014-05-20 13:30 . 2014-05-20 13:30        --------        d-----w-        c:\program files\Microsoft IntelliType Pro
2014-05-20 13:30 . 2014-05-20 13:30        --------        d-----w-        c:\windows\PCHEALTH
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-06-15 16:48 . 2012-06-26 07:13        699056        ----a-w-        c:\windows\system32\FlashPlayerApp.exe
2014-06-15 16:48 . 2011-09-13 08:04        71344        ----a-w-        c:\windows\system32\FlashPlayerCPLApp.cpl
2014-05-20 02:39 . 2012-10-10 20:14        2730208        ----a-w-        c:\windows\system32\nvapi.dll
2014-05-20 02:39 . 2012-10-10 20:14        14434704        ----a-w-        c:\windows\system32\nvd3dum.dll
2014-05-20 00:04 . 2010-07-09 14:37        4379592        ----a-w-        c:\windows\system32\nvcpl.dll
2014-05-20 00:04 . 2010-07-09 14:37        3055560        ----a-w-        c:\windows\system32\nvsvc.dll
2014-05-20 00:04 . 2010-07-09 14:37        668104        ----a-w-        c:\windows\system32\nvvsvc.exe
2014-05-20 00:04 . 2010-07-09 14:37        376096        ----a-w-        c:\windows\system32\nvmctray.dll
2014-05-20 00:04 . 2009-09-27 16:47        61784        ----a-w-        c:\windows\system32\nvshext.dll
2014-05-13 12:19 . 2014-05-13 12:19        192280        ----a-w-        c:\windows\system32\drivers\avgldx86.sys
2014-05-13 12:17 . 2014-05-13 12:17        237848        ----a-w-        c:\windows\system32\drivers\avglogx.sys
2014-05-13 12:17 . 2014-05-13 12:17        210200        ----a-w-        c:\windows\system32\drivers\avgtdix.sys
2014-05-13 12:17 . 2014-05-13 12:17        122136        ----a-w-        c:\windows\system32\drivers\avgdiskx.sys
2014-05-13 12:17 . 2014-05-13 12:17        149784        ----a-w-        c:\windows\system32\drivers\avgidshx.sys
2014-05-13 12:17 . 2014-05-13 12:17        107288        ----a-w-        c:\windows\system32\drivers\avgmfx86.sys
2014-05-13 12:09 . 2014-05-13 12:09        198936        ----a-w-        c:\windows\system32\drivers\avgidsdriverx.sys
2014-05-13 12:04 . 2014-05-13 12:04        27416        ----a-w-        c:\windows\system32\drivers\avgrkx86.sys
2014-05-13 12:04 . 2014-05-13 12:04        21272        ----a-w-        c:\windows\system32\drivers\avgidsshimx.sys
2014-05-12 05:25 . 2013-12-17 17:08        23256        ----a-w-        c:\windows\system32\drivers\mbam.sys
2014-04-29 20:06 . 2013-01-13 09:02        42272        ----a-w-        c:\windows\system32\drivers\avgtpx86.sys
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2014-04-29 20:06        3559448        ----a-w-        c:\program files\AVG Secure Search\18.1.0.443\AVG Secure Search_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\18.1.0.443\AVG Secure Search_toolbar.dll" [2014-04-29 3559448]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"TomTomHOME.exe"="c:\program files\TomTom HOME 2\TomTomHOMERunner.exe" [2013-08-27 248208]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EEventManager"="c:\progra~1\EPSONS~1\EVENTM~1\EEventManager.exe" [2008-05-07 591696]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2013-05-08 41056]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"F5D8055v2"="c:\program files\Belkin\F5D8055\v2\BelkinDetectUI.exe" [2009-04-15 196608]
"Nvtmru"="c:\program files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-11-14 1028384]
"TkBellExe"="c:\program files\real\realplayer\Update\realsched.exe" [2013-10-17 295512]
"AVG_UI"="c:\program files\AVG\AVG2014\avgui.exe" [2014-05-13 5181456]
"NvBackend"="c:\program files\NVIDIA Corporation\Update Core\NvBackend.exe" [2013-12-10 2279712]
"vProt"="c:\program files\AVG Secure Search\vprot.exe" [2014-04-29 2557976]
"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2011-08-10 1313640]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2014-03-17 224128]
"GamingKeyboard"="c:\program files\SHARKOON Skiller\GameMon.exe" [2013-10-16 1805824]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableSecureUIAPath"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
@="Driver"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation        REG_MULTI_SZ          FontCache
.
Inhalt des "geplante Tasks" Ordners
.
2014-06-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-26 16:48]
.
2014-06-17 c:\windows\Tasks\DLL-Files FixerASKUSER.job
- c:\program files\Dll-Files.com Fixer\DLLFixer.exe [2014-06-16 15:56]
.
2014-06-17 c:\windows\Tasks\DLL-Files.Com Fixer_MONTHLY.job
- c:\program files\Dll-Files.com Fixer\DLLFixer.exe [2014-06-16 15:56]
.
2014-06-17 c:\windows\Tasks\DLL-Files.Com Fixer_Updates.job
- c:\program files\Dll-Files.com Fixer\DLLFixer.exe [2014-06-16 15:56]
.
2010-09-14 c:\windows\Tasks\User_Feed_Synchronization-{A972CF4C-A94D-411E-B01B-AB8C488CC158}.job
- c:\windows\system32\msfeedssync.exe [2014-06-12 16:29]
.
.
------- Zusätzlicher Suchlauf -------
.
IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
Trusted Zone: asus.de\support
TCP: DhcpNameServer = 195.34.133.21 212.186.211.21
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.0\ViProtocol.dll
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKCU-Run-AVG-Secure-Search-Update_1213b - c:\users\Norbert\AppData\Roaming\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe
AddRemove-Steam - d:\users\Public\Games\Steam\uninstall.exe
AddRemove-Steam App 550 - d:\users\Public\Games\Steam\steam.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net
Rootkit scan 2014-06-17 13:24
Windows 6.0.6002 Service Pack 2 NTFS
.
Scanne versteckte Prozesse...
.
Scanne versteckte Autostarteinträge...
.
Scanne versteckte Dateien...
.
Scan erfolgreich abgeschlossen
versteckte Dateien: 0
.
**************************************************************************
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet011\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet011\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet011\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Zeit der Fertigstellung: 2014-06-17  13:25:48
ComboFix-quarantined-files.txt  2014-06-17 11:25
ComboFix2.txt  2013-12-16 18:10
.
Vor Suchlauf: 13.224.644.608 bytes free
Nach Suchlauf: 13.263.306.752 bytes free
.
- - End Of File - - 9B64B71444828602A718536B8A574309
--- --- ---
5C616939100B85E558DA92B899A0FC36

schrauber 18.06.2014 09:06
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

Plekdemon 18.06.2014 15:51
Hallo,

nach dem Hochfahren des PC's bekomme ich folgende Meldung:

avgui.exe-Unable to locate Component
This application has failed to start because MSVCR110.dll was not found. Re-installing the application may fix that problem.

bitteschön die logs:

Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 18.06.2014
Suchlauf-Zeit: 16:07:48
Logdatei: mbam.log
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.06.18.06
Rootkit Datenbank: v2014.06.02.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows Vista Service Pack 2
CPU: x86
Dateisystem: NTFS
Benutzer: Norbert

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 261688
Verstrichene Zeit: 5 Min, 39 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 0
(No malicious items detected)

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 1
PUP.Optional.PCPerformer.A, C:\Windows\System32\roboot.exe, In Quarantäne, [17d7a5d43a4157df103fd10b23e06b95],

Physische Sektoren: 0
(No malicious items detected)


(end)

Code:
# AdwCleaner v3.212 - Report created 18/06/2014 at 16:27:35
# Updated 05/06/2014 by Xplode
# Operating System : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Username : Norbert - NORBERT-PC
# Running from : C:\Users\Norbert\Desktop\adwcleaner_3.212.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : vToolbarUpdater18.1.0

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\ProgramData\AVG Security Toolbar
Folder Deleted : C:\Program Files\AVG Secure Search
Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
Folder Deleted : C:\Users\Norbert\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\Norbert\AppData\LocalLow\AVG Secure Search

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Key Deleted : HKCU\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search

***** [ Browsers ] *****

-\\ Internet Explorer v9.0.8112.16555


*************************

AdwCleaner[R0].txt - [1910 octets] - [17/12/2013 19:32:17]
AdwCleaner[R1].txt - [4602 octets] - [18/06/2014 16:24:16]
AdwCleaner[S0].txt - [1960 octets] - [17/12/2013 19:34:13]
AdwCleaner[S1].txt - [4619 octets] - [18/06/2014 16:27:35]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [4679 octets] ##########

Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows Vista (TM) Home Premium x86
Ran by Norbert on 18.06.2014 at 16:34:09,97
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] "C:\Windows\System32\Tasks\dll-files.com fixer_monthly"
Successfully deleted: [File] "C:\Windows\System32\Tasks\dll-files.com fixer_updates"
Successfully deleted: [File] "C:\Windows\Tasks\dll-files.com fixer_monthly.job"
Successfully deleted: [File] "C:\Windows\Tasks\dll-files.com fixer_updates.job"



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Norbert\AppData\Roaming\dll-files.com"
Successfully deleted: [Folder] "C:\Program Files\dll-files.com fixer"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 18.06.2014 at 16:36:42,58
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[CODE]A
FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:16-06-2014
Ran by Norbert (administrator) on NORBERT-PC on 18-06-2014 16:38:49
Running from C:\Users\Norbert\Desktop
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: English(US)
Internet Explorer Version 9
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(Secunia) C:\Program Files\Secunia\PSI\sua.exe
(TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Epson Software\Event Manager\EEventManager.exe
() C:\Program Files\Belkin\F5D8055\v2\BelkinDetectUI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Opera Software) C:\Program Files\Opera\22.0.1471.70\opera.exe
() C:\Program Files\Opera\22.0.1471.70\opera_crashreporter.exe
(Opera Software) C:\Program Files\Opera\22.0.1471.70\opera.exe
(Opera Software) C:\Program Files\Opera\22.0.1471.70\opera.exe
(Opera Software) C:\Program Files\Opera\22.0.1471.70\opera.exe
(Opera Software) C:\Program Files\Opera\22.0.1471.70\opera.exe
(Opera Software) C:\Program Files\Opera\22.0.1471.70\opera.exe
(Opera Software) C:\Program Files\Opera\22.0.1471.70\opera.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [EEventManager] => C:\Program Files\Epson Software\Event Manager\EEventManager.exe [591696 2008-05-07] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [F5D8055v2] => C:\Program Files\Belkin\F5D8055\v2\BelkinDetectUI.exe [196608 2009-04-15] ()
HKLM\...\Run: [Nvtmru] => C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-11-14] (NVIDIA Corporation)
HKLM\...\Run: [TkBellExe] => c:\program files\real\realplayer\Update\realsched.exe [295512 2013-10-17] (RealNetworks, Inc.)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2014\avgui.exe [5181456 2014-05-13] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation)
HKLM\...\Run: [itype] => C:\Program Files\Microsoft IntelliType Pro\itype.exe [1313640 2011-08-10] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [224128 2014-03-18] (Oracle Corporation)
HKU\S-1-5-21-1006003231-2697031979-1953750779-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-1006003231-2697031979-1953750779-1000\...\Run: [TomTomHOME.exe] => C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [248208 2013-08-27] (TomTom)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
Startup: C:\Users\Norbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://at.msn.com/?st=1
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x766D3BB98C72CA01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-at
SearchScopes: HKLM - DefaultScope value is missing.
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKCU - ZoneAlarm Toolbar - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll No File
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin: @java.com/DTPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\4.0.50826.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=16.0.3.51 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.3.51 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-10-17]
FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []

========================== Services (Whitelisted) =================

S2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3644432 2014-05-13] (AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [292424 2014-05-13] (AVG Technologies CZ, s.r.o.)
R2 EPSON_EB_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE [143872 2007-12-17] (SEIKO EPSON CORPORATION)
R2 EPSON_PM_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE [113664 2007-01-11] (SEIKO EPSON CORPORATION)
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
S3 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
R2 Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
S2 AntiVirSchedulerService; "C:\Program Files\Avira\AntiVir Desktop\sched.exe" [X]
S2 AntiVirService; "C:\Program Files\Avira\AntiVir Desktop\avguard.exe" [X]
S2 vToolbarUpdater15.4.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe [X]

==================== Drivers (Whitelisted) ====================

R1 AsIO; C:\Windows\System32\drivers\AsIO.sys [12400 2009-12-01] ()
R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [122136 2014-05-13] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [198936 2014-05-13] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [149784 2014-05-13] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [21272 2014-05-13] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [192280 2014-05-13] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [237848 2014-05-13] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [107288 2014-05-13] (AVG Technologies CZ, s.r.o.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [56816 2009-12-09] (Avira GmbH)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27416 2014-05-13] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [210200 2014-05-13] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [42272 2014-04-29] (AVG Technologies)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [96104 2009-03-30] (Avira GmbH)
S3 GKBFltr; C:\Windows\System32\Drivers\GameKB.sys [25088 2013-10-15] ( ) [File not signed]
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-06-18] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [7680 2009-12-01] ()
S3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [718336 2010-10-18] (Ralink Technology Corp.)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_x86.sys [16024 2013-12-06] (Secunia)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2009-05-11] (Avira GmbH)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
S1 avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [X]
S3 catchme; \??\C:\Users\Norbert\AppData\Local\Temp\catchme.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 USBMULCD; system32\drivers\CM106.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-18 16:38 - 2014-06-18 16:38 - 00001126 _____ () C:\Users\Norbert\Desktop\JRT.log
2014-06-18 16:36 - 2014-06-18 16:36 - 00001126 _____ () C:\Users\Norbert\Desktop\JRT.txt
2014-06-18 16:32 - 2014-06-18 16:32 - 01016261 _____ (Thisisu) C:\Users\Norbert\Desktop\JRT.exe
2014-06-18 16:31 - 2014-06-18 16:31 - 00004759 _____ () C:\Users\Norbert\Desktop\AdwCleaner[S1].txt
2014-06-18 16:22 - 2014-06-18 16:22 - 01333465 _____ () C:\Users\Norbert\Desktop\adwcleaner_3.212.exe
2014-06-18 16:21 - 2014-06-18 16:21 - 00001246 _____ () C:\Users\Norbert\Desktop\mbam.log
2014-06-18 16:07 - 2014-06-18 16:18 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-18 16:06 - 2014-06-18 16:06 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Norbert\Desktop\mbam-setup-2.0.2.1012.exe
2014-06-18 16:06 - 2014-06-18 16:06 - 00000905 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-06-18 16:06 - 2014-06-18 16:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-18 16:06 - 2014-06-18 16:06 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-06-18 16:06 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-18 16:06 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-18 16:06 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-06-18 15:52 - 2014-06-18 15:52 - 00000000 ____D () C:\Users\Norbert\AppData\Local\Adobe
2014-06-17 13:32 - 2014-06-17 13:32 - 00010904 _____ () C:\Users\Norbert\Desktop\combofix.log
2014-06-17 13:25 - 2014-06-17 13:25 - 00010904 _____ () C:\ComboFix.txt
2014-06-17 13:25 - 2014-06-17 13:25 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\temp
2014-06-17 13:25 - 2014-06-17 13:25 - 00000000 ____D () C:\Users\Public\AppData\Local\temp
2014-06-17 13:25 - 2014-06-17 13:25 - 00000000 ____D () C:\Users\Default\AppData\Local\temp
2014-06-17 13:25 - 2014-06-17 13:25 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp
2014-06-17 13:11 - 2014-06-17 13:11 - 05206841 ____R (Swearware) C:\Users\Norbert\Desktop\ComboFix.exe
2014-06-17 13:11 - 2014-06-17 13:11 - 05206841 _____ (Swearware) C:\Users\Norbert\Downloads\ComboFix.exe
2014-06-17 11:30 - 2014-06-17 11:30 - 00380416 _____ () C:\Users\Norbert\Desktop\Gmer-19357.exe
2014-06-17 11:28 - 2014-06-17 11:29 - 00025332 _____ () C:\Users\Norbert\Desktop\Addition.txt
2014-06-17 11:27 - 2014-06-18 16:38 - 00012981 _____ () C:\Users\Norbert\Desktop\FRST.txt
2014-06-17 11:27 - 2014-06-18 16:38 - 00000000 ____D () C:\FRST
2014-06-17 11:26 - 2014-06-17 11:26 - 01072640 _____ (Farbar) C:\Users\Norbert\Desktop\FRST.exe
2014-06-17 11:25 - 2014-06-17 11:26 - 00000476 _____ () C:\Users\Norbert\Desktop\defogger_disable.log
2014-06-17 11:25 - 2014-06-17 11:25 - 00000000 _____ () C:\Users\Norbert\defogger_reenable
2014-06-17 11:24 - 2014-06-17 11:24 - 00050477 _____ () C:\Users\Norbert\Desktop\Defogger.exe
2014-06-17 11:17 - 2014-06-17 11:18 - 152430976 _____ (AVG Technologies) C:\Users\Norbert\Downloads\avg_free_x86_all_2014_4592a7484.exe
2014-06-17 11:17 - 2014-06-17 11:17 - 152430976 _____ (AVG Technologies) C:\Users\Norbert\Downloads\avg_free_x86_all_2014_4592a7484 (1).exe
2014-06-16 15:30 - 2014-06-17 11:11 - 00000276 _____ () C:\Windows\Tasks\DLL-Files FixerASKUSER.job
2014-06-16 15:30 - 2014-06-16 15:30 - 04456520 _____ (Microsoft Corporation) C:\Windows\system32\mfc110u.dll
2014-06-16 15:30 - 2014-06-16 15:30 - 00000000 ____D () C:\ProgramData\TEMP
2014-06-16 15:30 - 2014-06-16 15:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dll-Files Fixer
2014-06-16 15:29 - 2014-06-16 15:29 - 05359680 _____ (Dll-Files.com ) C:\Users\Norbert\Downloads\dffsetup-mfc110u.exe
2014-06-16 15:28 - 2014-06-16 15:28 - 02363953 _____ () C:\Users\Norbert\Downloads\mfc110u.zip
2014-06-12 21:08 - 2014-06-12 21:08 - 00000000 ____D () C:\Users\Norbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse
2014-06-12 14:05 - 2014-05-28 18:48 - 12356608 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-12 14:05 - 2014-05-28 18:39 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-12 14:05 - 2014-05-28 18:38 - 09711104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-12 14:05 - 2014-05-28 18:33 - 01106432 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-12 14:05 - 2014-05-28 18:32 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-12 14:05 - 2014-05-28 18:32 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-12 14:05 - 2014-05-28 18:31 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-06-12 14:05 - 2014-05-28 18:31 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-12 14:05 - 2014-05-28 18:30 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-12 14:05 - 2014-05-28 18:30 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-06-12 14:05 - 2014-05-28 18:30 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-12 14:05 - 2014-05-28 18:30 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-12 14:05 - 2014-05-28 18:30 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-12 14:05 - 2014-05-28 18:30 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-12 14:05 - 2014-05-28 18:30 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-06-12 14:05 - 2014-05-28 18:29 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-12 14:05 - 2014-05-28 18:29 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-12 14:05 - 2014-05-28 18:29 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-12 14:05 - 2014-05-28 18:29 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-06-12 14:05 - 2014-05-28 18:29 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-06-12 14:05 - 2014-05-28 18:28 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-12 14:05 - 2014-04-26 18:01 - 00502784 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-12 14:05 - 2014-04-05 04:42 - 00905664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-12 14:05 - 2014-03-10 03:22 - 01401344 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-12 14:05 - 2014-03-10 03:22 - 01248768 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-08 17:51 - 2014-06-08 17:51 - 00000000 ___SD () C:\Users\Norbert\Documents\Eigene Webs
2014-06-08 17:40 - 2014-06-18 15:54 - 00010626 _____ () C:\Windows\DPINST.LOG
2014-06-08 17:40 - 2013-10-15 16:00 - 00025088 _____ ( ) C:\Windows\system32\Drivers\GameKB.sys
2014-06-08 11:47 - 2014-06-08 11:47 - 00000000 ____D () C:\Program Files\AGEIA Technologies
2014-06-08 11:47 - 2014-05-14 04:20 - 03774821 _____ () C:\Windows\system32\nvcoproc.bin
2014-06-08 11:44 - 2014-05-20 04:39 - 24024408 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv32.dll
2014-06-08 11:44 - 2014-05-20 04:39 - 17559384 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-06-08 11:44 - 2014-05-20 04:39 - 16003912 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2um.dll
2014-06-08 11:44 - 2014-05-20 04:39 - 10533152 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-06-08 11:44 - 2014-05-20 04:39 - 09735256 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-06-08 11:44 - 2014-05-20 04:39 - 09697640 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-06-08 11:44 - 2014-05-20 04:39 - 02953672 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-06-08 11:44 - 2014-05-20 04:39 - 02413344 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-06-08 11:44 - 2014-05-20 04:39 - 01056200 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco3233788.dll
2014-06-08 11:44 - 2014-05-20 04:39 - 00908744 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco3233788.dll
2014-06-08 09:13 - 2014-06-08 09:13 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-06-08 09:12 - 2014-06-08 09:11 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-06-08 09:11 - 2014-06-08 09:11 - 00176040 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-06-08 09:11 - 2014-06-08 09:11 - 00176040 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-06-08 09:11 - 2014-06-08 09:11 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-06-08 09:11 - 2014-06-08 09:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-20 16:31 - 2014-05-11 00:08 - 00000426 _____ () C:\AVScanner.ini
2014-05-20 15:32 - 2014-05-20 15:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft-Tastatur
2014-05-20 15:30 - 2014-05-20 15:30 - 00000000 ____D () C:\Windows\PCHEALTH
2014-05-20 15:30 - 2014-05-20 15:30 - 00000000 ____D () C:\Program Files\Microsoft IntelliType Pro

==================== One Month Modified Files and Folders =======

2014-06-18 16:39 - 2014-06-17 11:27 - 00012981 _____ () C:\Users\Norbert\Desktop\FRST.txt
2014-06-18 16:39 - 2013-12-21 19:07 - 00000000 ____D () C:\Users\Norbert\AppData\Local\temp
2014-06-18 16:38 - 2014-06-18 16:38 - 00001126 _____ () C:\Users\Norbert\Desktop\JRT.log
2014-06-18 16:38 - 2014-06-17 11:27 - 00000000 ____D () C:\FRST
2014-06-18 16:36 - 2014-06-18 16:36 - 00001126 _____ () C:\Users\Norbert\Desktop\JRT.txt
2014-06-18 16:32 - 2014-06-18 16:32 - 01016261 _____ (Thisisu) C:\Users\Norbert\Desktop\JRT.exe
2014-06-18 16:32 - 2008-01-21 03:35 - 01136744 _____ () C:\Windows\WindowsUpdate.log
2014-06-18 16:31 - 2014-06-18 16:31 - 00004759 _____ () C:\Users\Norbert\Desktop\AdwCleaner[S1].txt
2014-06-18 16:29 - 2013-12-16 20:21 - 00005798 _____ () C:\Windows\PFRO.log
2014-06-18 16:29 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-18 16:29 - 2006-11-02 14:47 - 00003712 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-18 16:29 - 2006-11-02 14:47 - 00003712 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-18 16:27 - 2013-12-17 19:32 - 00000000 ____D () C:\AdwCleaner
2014-06-18 16:27 - 2006-11-02 15:01 - 00032622 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-06-18 16:23 - 2012-10-22 17:12 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-18 16:22 - 2014-06-18 16:22 - 01333465 _____ () C:\Users\Norbert\Desktop\adwcleaner_3.212.exe
2014-06-18 16:21 - 2014-06-18 16:21 - 00001246 _____ () C:\Users\Norbert\Desktop\mbam.log
2014-06-18 16:18 - 2014-06-18 16:07 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-18 16:15 - 2006-11-02 14:37 - 00000000 ____D () C:\Windows\DigitalLocker
2014-06-18 16:06 - 2014-06-18 16:06 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Norbert\Desktop\mbam-setup-2.0.2.1012.exe
2014-06-18 16:06 - 2014-06-18 16:06 - 00000905 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-06-18 16:06 - 2014-06-18 16:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-18 16:06 - 2014-06-18 16:06 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-06-18 15:58 - 2009-12-01 13:59 - 00054704 _____ () C:\Users\Norbert\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-18 15:57 - 2006-11-02 14:47 - 00250032 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-18 15:55 - 2009-12-01 14:21 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-06-18 15:54 - 2014-06-08 17:40 - 00010626 _____ () C:\Windows\DPINST.LOG
2014-06-18 15:52 - 2014-06-18 15:52 - 00000000 ____D () C:\Users\Norbert\AppData\Local\Adobe
2014-06-18 15:48 - 2013-08-16 22:10 - 00000000 ____D () C:\Program Files\Opera
2014-06-17 13:32 - 2014-06-17 13:32 - 00010904 _____ () C:\Users\Norbert\Desktop\combofix.log
2014-06-17 13:25 - 2014-06-17 13:25 - 00010904 _____ () C:\ComboFix.txt
2014-06-17 13:25 - 2014-06-17 13:25 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\temp
2014-06-17 13:25 - 2014-06-17 13:25 - 00000000 ____D () C:\Users\Public\AppData\Local\temp
2014-06-17 13:25 - 2014-06-17 13:25 - 00000000 ____D () C:\Users\Default\AppData\Local\temp
2014-06-17 13:25 - 2014-06-17 13:25 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp
2014-06-17 13:25 - 2013-12-16 20:00 - 00000000 ____D () C:\Qoobox
2014-06-17 13:25 - 2010-01-06 13:58 - 00000000 ____D () C:\Users\Norbert\AppData\Local\Apps\2.0
2014-06-17 13:24 - 2006-11-02 12:23 - 00000215 _____ () C:\Windows\system.ini
2014-06-17 13:11 - 2014-06-17 13:11 - 05206841 ____R (Swearware) C:\Users\Norbert\Desktop\ComboFix.exe
2014-06-17 13:11 - 2014-06-17 13:11 - 05206841 _____ (Swearware) C:\Users\Norbert\Downloads\ComboFix.exe
2014-06-17 12:20 - 2013-12-11 11:03 - 00000000 ____D () C:\ProgramData\MFAData
2014-06-17 11:30 - 2014-06-17 11:30 - 00380416 _____ () C:\Users\Norbert\Desktop\Gmer-19357.exe
2014-06-17 11:29 - 2014-06-17 11:28 - 00025332 _____ () C:\Users\Norbert\Desktop\Addition.txt
2014-06-17 11:26 - 2014-06-17 11:26 - 01072640 _____ (Farbar) C:\Users\Norbert\Desktop\FRST.exe
2014-06-17 11:26 - 2014-06-17 11:25 - 00000476 _____ () C:\Users\Norbert\Desktop\defogger_disable.log
2014-06-17 11:25 - 2014-06-17 11:25 - 00000000 _____ () C:\Users\Norbert\defogger_reenable
2014-06-17 11:25 - 2009-12-01 13:59 - 00000000 ____D () C:\Users\Norbert
2014-06-17 11:24 - 2014-06-17 11:24 - 00050477 _____ () C:\Users\Norbert\Desktop\Defogger.exe
2014-06-17 11:18 - 2014-06-17 11:17 - 152430976 _____ (AVG Technologies) C:\Users\Norbert\Downloads\avg_free_x86_all_2014_4592a7484.exe
2014-06-17 11:17 - 2014-06-17 11:17 - 152430976 _____ (AVG Technologies) C:\Users\Norbert\Downloads\avg_free_x86_all_2014_4592a7484 (1).exe
2014-06-17 11:15 - 2010-01-06 13:58 - 00000000 ____D () C:\Users\Norbert\AppData\Local\Deployment
2014-06-17 11:11 - 2014-06-16 15:30 - 00000276 _____ () C:\Windows\Tasks\DLL-Files FixerASKUSER.job
2014-06-16 15:30 - 2014-06-16 15:30 - 04456520 _____ (Microsoft Corporation) C:\Windows\system32\mfc110u.dll
2014-06-16 15:30 - 2014-06-16 15:30 - 00000000 ____D () C:\ProgramData\TEMP
2014-06-16 15:30 - 2014-06-16 15:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dll-Files Fixer
2014-06-16 15:29 - 2014-06-16 15:29 - 05359680 _____ (Dll-Files.com ) C:\Users\Norbert\Downloads\dffsetup-mfc110u.exe
2014-06-16 15:28 - 2014-06-16 15:28 - 02363953 _____ () C:\Users\Norbert\Downloads\mfc110u.zip
2014-06-15 18:48 - 2012-06-26 09:13 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-06-15 18:48 - 2011-09-13 10:04 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-06-15 18:01 - 2006-11-02 12:33 - 00765776 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-15 18:00 - 2010-09-29 13:16 - 00025600 _____ () C:\Users\Norbert\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-06-12 21:08 - 2014-06-12 21:08 - 00000000 ____D () C:\Users\Norbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse
2014-06-12 21:08 - 2013-08-16 23:18 - 00000318 _____ () C:\Users\Norbert\Desktop\Curse Client.appref-ms
2014-06-12 14:18 - 2013-08-05 15:54 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-12 14:16 - 2006-11-02 12:24 - 92708840 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-06-08 17:51 - 2014-06-08 17:51 - 00000000 ___SD () C:\Users\Norbert\Documents\Eigene Webs
2014-06-08 11:47 - 2014-06-08 11:47 - 00000000 ____D () C:\Program Files\AGEIA Technologies
2014-06-08 11:47 - 2009-12-01 14:35 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-06-08 11:47 - 2009-12-01 14:09 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-08 09:13 - 2014-06-08 09:13 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-06-08 09:11 - 2014-06-08 09:12 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-06-08 09:11 - 2014-06-08 09:11 - 00176040 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-06-08 09:11 - 2014-06-08 09:11 - 00176040 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-06-08 09:11 - 2014-06-08 09:11 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-06-08 09:11 - 2014-06-08 09:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-06-08 09:11 - 2013-08-10 07:37 - 00000000 ____D () C:\Program Files\Java
2014-05-28 18:48 - 2014-06-12 14:05 - 12356608 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-28 18:39 - 2014-06-12 14:05 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-28 18:38 - 2014-06-12 14:05 - 09711104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-28 18:33 - 2014-06-12 14:05 - 01106432 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-28 18:32 - 2014-06-12 14:05 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-28 18:32 - 2014-06-12 14:05 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-28 18:31 - 2014-06-12 14:05 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-05-28 18:31 - 2014-06-12 14:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-28 18:30 - 2014-06-12 14:05 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-28 18:30 - 2014-06-12 14:05 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-05-28 18:30 - 2014-06-12 14:05 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-28 18:30 - 2014-06-12 14:05 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-28 18:30 - 2014-06-12 14:05 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-28 18:30 - 2014-06-12 14:05 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-28 18:30 - 2014-06-12 14:05 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-05-28 18:29 - 2014-06-12 14:05 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-28 18:29 - 2014-06-12 14:05 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-28 18:29 - 2014-06-12 14:05 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-28 18:29 - 2014-06-12 14:05 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-05-28 18:29 - 2014-06-12 14:05 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-05-28 18:28 - 2014-06-12 14:05 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-25 11:25 - 2013-12-11 12:48 - 00001590 _____ () C:\Windows\setupact.log
2014-05-20 16:31 - 2014-03-05 20:34 - 00000000 ____D () C:\Users\Norbert\AppData\Local\Unity
2014-05-20 16:20 - 2013-12-17 19:08 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-05-20 16:20 - 2013-08-06 19:20 - 00000000 ____D () C:\Users\Norbert\AppData\Roaming\Malwarebytes
2014-05-20 16:20 - 2013-08-06 19:19 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-20 15:32 - 2014-05-20 15:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft-Tastatur
2014-05-20 15:30 - 2014-05-20 15:30 - 00000000 ____D () C:\Windows\PCHEALTH
2014-05-20 15:30 - 2014-05-20 15:30 - 00000000 ____D () C:\Program Files\Microsoft IntelliType Pro
2014-05-20 15:30 - 2006-11-02 13:18 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-05-20 15:13 - 2013-12-21 19:25 - 00002425 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-05-20 11:51 - 2014-04-01 20:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-05-20 04:39 - 2014-06-08 11:44 - 24024408 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv32.dll
2014-05-20 04:39 - 2014-06-08 11:44 - 17559384 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-05-20 04:39 - 2014-06-08 11:44 - 16003912 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2um.dll
2014-05-20 04:39 - 2014-06-08 11:44 - 10533152 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-05-20 04:39 - 2014-06-08 11:44 - 09735256 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-05-20 04:39 - 2014-06-08 11:44 - 09697640 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-05-20 04:39 - 2014-06-08 11:44 - 02953672 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-05-20 04:39 - 2014-06-08 11:44 - 02413344 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-05-20 04:39 - 2014-06-08 11:44 - 01056200 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco3233788.dll
2014-05-20 04:39 - 2014-06-08 11:44 - 00908744 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco3233788.dll
2014-05-20 04:39 - 2012-10-10 22:14 - 14434704 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dum.dll
2014-05-20 04:39 - 2012-10-10 22:14 - 02730208 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi.dll
2014-05-20 04:39 - 2009-12-01 14:06 - 00020729 _____ () C:\Windows\system32\nvinfo.pb
2014-05-20 02:04 - 2010-07-09 16:37 - 04379592 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-05-20 02:04 - 2010-07-09 16:37 - 03055560 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc.dll
2014-05-20 02:04 - 2010-07-09 16:37 - 00668104 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-05-20 02:04 - 2010-07-09 16:37 - 00376096 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-05-20 02:04 - 2009-09-27 18:47 - 00061784 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll

Some content of TEMP:
====================
C:\Users\Norbert\AppData\Local\temp\Quarantine.exe
C:\Users\Norbert\AppData\Local\temp\_isCBD6.exe
C:\Users\Norbert\AppData\Local\temp\_isEA.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-18 16:36

==================== End Of Log ============================
--- --- ---

--- --- ---


Danke!

schrauber 19.06.2014 13:15

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

Plekdemon 19.06.2014 20:41
Hallo Schrauber,

bitteschön, zuerst die logs:

Eset:

Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7587
# api_version=3.0.2
# EOSSerial=7ae336bad0e56a4e91d5613b76bc8019
# engine=18786
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=false
# utc_time=2014-06-19 04:40:18
# local_time=2014-06-19 06:40:18 (+0100, W. Europe Daylight Time)
# country="Austria"
# lang=1031
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode_1='AVG AntiVirus Free Edition 2014'
# compatibility_mode=1051 16777214 100 100 290575 204060771 0 0
# compatibility_mode_1=''
# compatibility_mode=5892 16776574 100 100 10957694 240728746 0 0
# scanned=138674
# found=0
# cleaned=0
# scan_time=3824
Security Check:

Code:
Results of screen317's Security Check version 0.99.83 
 Windows Vista Service Pack 2 x86 (UAC is enabled) 
 Internet Explorer 9 
 Internet Explorer 8 
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled! 
 Windows Firewall Disabled! 
 WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
 Secunia PSI (3.0.0.9016) 
 Java 7 Update 51 
 Java 8 Update 5 
 Java version out of Date!
 Adobe Flash Player        14.0.0.125 
 Adobe Reader 9 Adobe Reader out of Date!
 Adobe Reader 10.1.10 Adobe Reader out of Date! 
````````Process Check: objlist.exe by Laurent```````` 
 AVG avgrsx.exe
 AVG avgemc.exe
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 6 % Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````
FRST:


FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:18-06-2014
Ran by Norbert (administrator) on NORBERT-PC on 19-06-2014 19:29:26
Running from C:\Users\Norbert\Desktop
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: English (United States)
Internet Explorer Version 9
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe
() C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe
(Secunia) C:\Program Files\Secunia\PSI\sua.exe
(TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Epson Software\Event Manager\EEventManager.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
() C:\Program Files\Belkin\F5D8055\v2\BelkinDetectUI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\dpupdchk.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Opera Software) C:\Program Files\Opera\22.0.1471.70_0\opera.exe
() C:\Program Files\Opera\22.0.1471.70_0\opera_crashreporter.exe
(Opera Software) C:\Program Files\Opera\22.0.1471.70_0\opera.exe
(Opera Software) C:\Program Files\Opera\22.0.1471.70_0\opera.exe
(Opera Software) C:\Program Files\Opera\22.0.1471.70_0\opera.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [EEventManager] => C:\Program Files\Epson Software\Event Manager\EEventManager.exe [591696 2008-05-07] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [F5D8055v2] => C:\Program Files\Belkin\F5D8055\v2\BelkinDetectUI.exe [196608 2009-04-15] ()
HKLM\...\Run: [Nvtmru] => C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-11-14] (NVIDIA Corporation)
HKLM\...\Run: [TkBellExe] => c:\program files\real\realplayer\Update\realsched.exe [295512 2013-10-17] (RealNetworks, Inc.)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2014\avgui.exe [5181456 2014-05-13] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation)
HKLM\...\Run: [itype] => C:\Program Files\Microsoft IntelliType Pro\itype.exe [1313640 2011-08-10] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [224128 2014-03-18] (Oracle Corporation)
HKU\S-1-5-21-1006003231-2697031979-1953750779-1000\...\Run: [WMPNSCFG] => C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-1006003231-2697031979-1953750779-1000\...\Run: [TomTomHOME.exe] => C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [248208 2013-08-27] (TomTom)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
Startup: C:\Users\Norbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://at.msn.com/?st=1
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x766D3BB98C72CA01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-at
SearchScopes: HKLM - DefaultScope value is missing.
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKCU - ZoneAlarm Toolbar - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll No File
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin: @java.com/DTPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.5.2 - C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\4.0.50826.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=16.0.3.51 - c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.3.51 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ []
FF HKLM\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-10-17]
FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []

========================== Services (Whitelisted) =================

S2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3644432 2014-05-13] (AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [292424 2014-05-13] (AVG Technologies CZ, s.r.o.)
R2 EPSON_EB_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE [143872 2007-12-17] (SEIKO EPSON CORPORATION)
R2 EPSON_PM_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE [113664 2007-01-11] (SEIKO EPSON CORPORATION)
R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
R2 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
S3 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
R2 Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
S2 AntiVirSchedulerService; "C:\Program Files\Avira\AntiVir Desktop\sched.exe" [X]
S2 AntiVirService; "C:\Program Files\Avira\AntiVir Desktop\avguard.exe" [X]
S2 vToolbarUpdater15.4.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe [X]

==================== Drivers (Whitelisted) ====================

R1 AsIO; C:\Windows\System32\drivers\AsIO.sys [12400 2009-12-01] ()
R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [122136 2014-05-13] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [198936 2014-05-13] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [149784 2014-05-13] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [21272 2014-05-13] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [192280 2014-05-13] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [237848 2014-05-13] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [107288 2014-05-13] (AVG Technologies CZ, s.r.o.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [56816 2009-12-09] (Avira GmbH)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27416 2014-05-13] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [210200 2014-05-13] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [42272 2014-04-29] (AVG Technologies)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [96104 2009-03-30] (Avira GmbH)
S3 GKBFltr; C:\Windows\System32\Drivers\GameKB.sys [25088 2013-10-15] ( ) [File not signed]
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-06-18] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [7680 2009-12-01] ()
S3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [718336 2010-10-18] (Ralink Technology Corp.)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_x86.sys [16024 2013-12-06] (Secunia)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2009-05-11] (Avira GmbH)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)
S1 avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [X]
S3 catchme; \??\C:\Users\Norbert\AppData\Local\Temp\catchme.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 USBMULCD; system32\drivers\CM106.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-19 19:29 - 2014-06-19 19:29 - 00000000 ____D () C:\Users\Norbert\Desktop\FRST-OlderVersion
2014-06-19 19:28 - 2014-06-19 19:29 - 05207168 _____ (Swearware) C:\Users\Norbert\Downloads\ComboFix (1).exe
2014-06-19 19:22 - 2014-06-19 19:22 - 00001122 _____ () C:\Users\Norbert\Desktop\checkup.txt
2014-06-19 19:04 - 2014-06-19 19:04 - 00854367 _____ () C:\Users\Norbert\Desktop\SecurityCheck.exe
2014-06-19 17:30 - 2014-06-19 17:30 - 02347384 _____ (ESET) C:\Users\Norbert\Desktop\esetsmartinstaller_deu.exe
2014-06-19 01:16 - 2014-06-19 01:16 - 27641968 _____ (Opera Software ASA) C:\Users\Norbert\Downloads\Opera_22.0.1471.70_Setup.exe
2014-06-18 16:38 - 2014-06-18 16:38 - 00001126 _____ () C:\Users\Norbert\Desktop\JRT.log
2014-06-18 16:36 - 2014-06-18 16:36 - 00001126 _____ () C:\Users\Norbert\Desktop\JRT.txt
2014-06-18 16:32 - 2014-06-18 16:32 - 01016261 _____ (Thisisu) C:\Users\Norbert\Desktop\JRT.exe
2014-06-18 16:31 - 2014-06-18 16:31 - 00004759 _____ () C:\Users\Norbert\Desktop\AdwCleaner[S1].txt
2014-06-18 16:22 - 2014-06-18 16:22 - 01333465 _____ () C:\Users\Norbert\Desktop\adwcleaner_3.212.exe
2014-06-18 16:21 - 2014-06-18 16:21 - 00001246 _____ () C:\Users\Norbert\Desktop\mbam.log
2014-06-18 16:07 - 2014-06-18 16:18 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-18 16:06 - 2014-06-18 16:06 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Norbert\Desktop\mbam-setup-2.0.2.1012.exe
2014-06-18 16:06 - 2014-06-18 16:06 - 00000905 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-06-18 16:06 - 2014-06-18 16:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-18 16:06 - 2014-06-18 16:06 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-06-18 16:06 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-18 16:06 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-18 16:06 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-06-18 15:52 - 2014-06-18 15:52 - 00000000 ____D () C:\Users\Norbert\AppData\Local\Adobe
2014-06-17 13:32 - 2014-06-17 13:32 - 00010904 _____ () C:\Users\Norbert\Desktop\combofix.log
2014-06-17 13:25 - 2014-06-17 13:25 - 00010904 _____ () C:\ComboFix.txt
2014-06-17 13:11 - 2014-06-17 13:11 - 05206841 ____R (Swearware) C:\Users\Norbert\Desktop\ComboFix.exe
2014-06-17 13:11 - 2014-06-17 13:11 - 05206841 _____ (Swearware) C:\Users\Norbert\Downloads\ComboFix.exe
2014-06-17 11:30 - 2014-06-17 11:30 - 00380416 _____ () C:\Users\Norbert\Desktop\Gmer-19357.exe
2014-06-17 11:28 - 2014-06-17 11:29 - 00025332 _____ () C:\Users\Norbert\Desktop\Addition.txt
2014-06-17 11:27 - 2014-06-19 19:29 - 00012953 _____ () C:\Users\Norbert\Desktop\FRST.txt
2014-06-17 11:27 - 2014-06-19 19:29 - 00000000 ____D () C:\FRST
2014-06-17 11:26 - 2014-06-19 19:29 - 01072128 _____ (Farbar) C:\Users\Norbert\Desktop\FRST.exe
2014-06-17 11:25 - 2014-06-17 11:26 - 00000476 _____ () C:\Users\Norbert\Desktop\defogger_disable.log
2014-06-17 11:25 - 2014-06-17 11:25 - 00000000 _____ () C:\Users\Norbert\defogger_reenable
2014-06-17 11:24 - 2014-06-17 11:24 - 00050477 _____ () C:\Users\Norbert\Desktop\Defogger.exe
2014-06-17 11:17 - 2014-06-17 11:18 - 152430976 _____ (AVG Technologies) C:\Users\Norbert\Downloads\avg_free_x86_all_2014_4592a7484.exe
2014-06-17 11:17 - 2014-06-17 11:17 - 152430976 _____ (AVG Technologies) C:\Users\Norbert\Downloads\avg_free_x86_all_2014_4592a7484 (1).exe
2014-06-16 15:30 - 2014-06-17 11:11 - 00000276 _____ () C:\Windows\Tasks\DLL-Files FixerASKUSER.job
2014-06-16 15:30 - 2014-06-16 15:30 - 04456520 _____ (Microsoft Corporation) C:\Windows\system32\mfc110u.dll
2014-06-16 15:30 - 2014-06-16 15:30 - 00000000 ____D () C:\ProgramData\TEMP
2014-06-16 15:30 - 2014-06-16 15:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dll-Files Fixer
2014-06-16 15:29 - 2014-06-16 15:29 - 05359680 _____ (Dll-Files.com ) C:\Users\Norbert\Downloads\dffsetup-mfc110u.exe
2014-06-16 15:28 - 2014-06-16 15:28 - 02363953 _____ () C:\Users\Norbert\Downloads\mfc110u.zip
2014-06-12 21:08 - 2014-06-12 21:08 - 00000000 ____D () C:\Users\Norbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse
2014-06-12 14:05 - 2014-05-28 18:48 - 12356608 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-12 14:05 - 2014-05-28 18:39 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-12 14:05 - 2014-05-28 18:38 - 09711104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-12 14:05 - 2014-05-28 18:33 - 01106432 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-12 14:05 - 2014-05-28 18:32 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-12 14:05 - 2014-05-28 18:32 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-12 14:05 - 2014-05-28 18:31 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-06-12 14:05 - 2014-05-28 18:31 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-12 14:05 - 2014-05-28 18:30 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-12 14:05 - 2014-05-28 18:30 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-06-12 14:05 - 2014-05-28 18:30 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-12 14:05 - 2014-05-28 18:30 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-12 14:05 - 2014-05-28 18:30 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-12 14:05 - 2014-05-28 18:30 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-12 14:05 - 2014-05-28 18:30 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-06-12 14:05 - 2014-05-28 18:29 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-12 14:05 - 2014-05-28 18:29 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-12 14:05 - 2014-05-28 18:29 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-12 14:05 - 2014-05-28 18:29 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-06-12 14:05 - 2014-05-28 18:29 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-06-12 14:05 - 2014-05-28 18:28 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-12 14:05 - 2014-04-26 18:01 - 00502784 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-12 14:05 - 2014-04-05 04:42 - 00905664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-12 14:05 - 2014-03-10 03:22 - 01401344 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-12 14:05 - 2014-03-10 03:22 - 01248768 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-08 17:51 - 2014-06-08 17:51 - 00000000 ___SD () C:\Users\Norbert\Documents\Eigene Webs
2014-06-08 17:40 - 2014-06-18 15:54 - 00010626 _____ () C:\Windows\DPINST.LOG
2014-06-08 17:40 - 2013-10-15 16:00 - 00025088 _____ ( ) C:\Windows\system32\Drivers\GameKB.sys
2014-06-08 11:47 - 2014-06-08 11:47 - 00000000 ____D () C:\Program Files\AGEIA Technologies
2014-06-08 11:47 - 2014-05-14 04:20 - 03774821 _____ () C:\Windows\system32\nvcoproc.bin
2014-06-08 11:44 - 2014-05-20 04:39 - 24024408 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv32.dll
2014-06-08 11:44 - 2014-05-20 04:39 - 17559384 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-06-08 11:44 - 2014-05-20 04:39 - 16003912 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2um.dll
2014-06-08 11:44 - 2014-05-20 04:39 - 10533152 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-06-08 11:44 - 2014-05-20 04:39 - 09735256 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-06-08 11:44 - 2014-05-20 04:39 - 09697640 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-06-08 11:44 - 2014-05-20 04:39 - 02953672 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-06-08 11:44 - 2014-05-20 04:39 - 02413344 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-06-08 11:44 - 2014-05-20 04:39 - 01056200 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco3233788.dll
2014-06-08 11:44 - 2014-05-20 04:39 - 00908744 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco3233788.dll
2014-06-08 09:13 - 2014-06-08 09:13 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-06-08 09:12 - 2014-06-08 09:11 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-06-08 09:11 - 2014-06-08 09:11 - 00176040 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-06-08 09:11 - 2014-06-08 09:11 - 00176040 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-06-08 09:11 - 2014-06-08 09:11 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-06-08 09:11 - 2014-06-08 09:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-20 16:31 - 2014-05-11 00:08 - 00000426 _____ () C:\AVScanner.ini
2014-05-20 15:32 - 2014-05-20 15:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft-Tastatur
2014-05-20 15:30 - 2014-05-20 15:30 - 00000000 ____D () C:\Windows\PCHEALTH
2014-05-20 15:30 - 2014-05-20 15:30 - 00000000 ____D () C:\Program Files\Microsoft IntelliType Pro

==================== One Month Modified Files and Folders =======

2014-06-19 19:30 - 2014-06-17 11:27 - 00012953 _____ () C:\Users\Norbert\Desktop\FRST.txt
2014-06-19 19:29 - 2014-06-19 19:29 - 00000000 ____D () C:\Users\Norbert\Desktop\FRST-OlderVersion
2014-06-19 19:29 - 2014-06-19 19:28 - 05207168 _____ (Swearware) C:\Users\Norbert\Downloads\ComboFix (1).exe
2014-06-19 19:29 - 2014-06-17 11:27 - 00000000 ____D () C:\FRST
2014-06-19 19:29 - 2014-06-17 11:26 - 01072128 _____ (Farbar) C:\Users\Norbert\Desktop\FRST.exe
2014-06-19 19:28 - 2008-01-21 03:35 - 01217416 _____ () C:\Windows\WindowsUpdate.log
2014-06-19 19:27 - 2013-12-11 11:03 - 00000000 ____D () C:\ProgramData\MFAData
2014-06-19 19:24 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-19 19:24 - 2006-11-02 14:47 - 00003712 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-19 19:24 - 2006-11-02 14:47 - 00003712 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-19 19:23 - 2012-10-22 17:12 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-19 19:23 - 2006-11-02 15:01 - 00032622 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-06-19 19:22 - 2014-06-19 19:22 - 00001122 _____ () C:\Users\Norbert\Desktop\checkup.txt
2014-06-19 19:04 - 2014-06-19 19:04 - 00854367 _____ () C:\Users\Norbert\Desktop\SecurityCheck.exe
2014-06-19 17:30 - 2014-06-19 17:30 - 02347384 _____ (ESET) C:\Users\Norbert\Desktop\esetsmartinstaller_deu.exe
2014-06-19 01:17 - 2013-08-16 22:10 - 00000000 ____D () C:\Program Files\Opera
2014-06-19 01:16 - 2014-06-19 01:16 - 27641968 _____ (Opera Software ASA) C:\Users\Norbert\Downloads\Opera_22.0.1471.70_Setup.exe
2014-06-18 16:38 - 2014-06-18 16:38 - 00001126 _____ () C:\Users\Norbert\Desktop\JRT.log
2014-06-18 16:36 - 2014-06-18 16:36 - 00001126 _____ () C:\Users\Norbert\Desktop\JRT.txt
2014-06-18 16:32 - 2014-06-18 16:32 - 01016261 _____ (Thisisu) C:\Users\Norbert\Desktop\JRT.exe
2014-06-18 16:31 - 2014-06-18 16:31 - 00004759 _____ () C:\Users\Norbert\Desktop\AdwCleaner[S1].txt
2014-06-18 16:29 - 2013-12-16 20:21 - 00005798 _____ () C:\Windows\PFRO.log
2014-06-18 16:27 - 2013-12-17 19:32 - 00000000 ____D () C:\AdwCleaner
2014-06-18 16:22 - 2014-06-18 16:22 - 01333465 _____ () C:\Users\Norbert\Desktop\adwcleaner_3.212.exe
2014-06-18 16:21 - 2014-06-18 16:21 - 00001246 _____ () C:\Users\Norbert\Desktop\mbam.log
2014-06-18 16:18 - 2014-06-18 16:07 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-18 16:16 - 2006-11-02 14:37 - 00000000 ____D () C:\Windows\DigitalLocker
2014-06-18 16:06 - 2014-06-18 16:06 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Norbert\Desktop\mbam-setup-2.0.2.1012.exe
2014-06-18 16:06 - 2014-06-18 16:06 - 00000905 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-06-18 16:06 - 2014-06-18 16:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-18 16:06 - 2014-06-18 16:06 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-06-18 15:58 - 2009-12-01 13:59 - 00054704 _____ () C:\Users\Norbert\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-18 15:57 - 2006-11-02 14:47 - 00250032 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-18 15:55 - 2009-12-01 14:21 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-06-18 15:54 - 2014-06-08 17:40 - 00010626 _____ () C:\Windows\DPINST.LOG
2014-06-18 15:52 - 2014-06-18 15:52 - 00000000 ____D () C:\Users\Norbert\AppData\Local\Adobe
2014-06-17 13:32 - 2014-06-17 13:32 - 00010904 _____ () C:\Users\Norbert\Desktop\combofix.log
2014-06-17 13:25 - 2014-06-17 13:25 - 00010904 _____ () C:\ComboFix.txt
2014-06-17 13:25 - 2013-12-16 20:00 - 00000000 ____D () C:\Qoobox
2014-06-17 13:25 - 2010-01-06 13:58 - 00000000 ____D () C:\Users\Norbert\AppData\Local\Apps\2.0
2014-06-17 13:24 - 2006-11-02 12:23 - 00000215 _____ () C:\Windows\system.ini
2014-06-17 13:11 - 2014-06-17 13:11 - 05206841 ____R (Swearware) C:\Users\Norbert\Desktop\ComboFix.exe
2014-06-17 13:11 - 2014-06-17 13:11 - 05206841 _____ (Swearware) C:\Users\Norbert\Downloads\ComboFix.exe
2014-06-17 11:30 - 2014-06-17 11:30 - 00380416 _____ () C:\Users\Norbert\Desktop\Gmer-19357.exe
2014-06-17 11:29 - 2014-06-17 11:28 - 00025332 _____ () C:\Users\Norbert\Desktop\Addition.txt
2014-06-17 11:26 - 2014-06-17 11:25 - 00000476 _____ () C:\Users\Norbert\Desktop\defogger_disable.log
2014-06-17 11:25 - 2014-06-17 11:25 - 00000000 _____ () C:\Users\Norbert\defogger_reenable
2014-06-17 11:25 - 2009-12-01 13:59 - 00000000 ____D () C:\Users\Norbert
2014-06-17 11:24 - 2014-06-17 11:24 - 00050477 _____ () C:\Users\Norbert\Desktop\Defogger.exe
2014-06-17 11:18 - 2014-06-17 11:17 - 152430976 _____ (AVG Technologies) C:\Users\Norbert\Downloads\avg_free_x86_all_2014_4592a7484.exe
2014-06-17 11:17 - 2014-06-17 11:17 - 152430976 _____ (AVG Technologies) C:\Users\Norbert\Downloads\avg_free_x86_all_2014_4592a7484 (1).exe
2014-06-17 11:15 - 2010-01-06 13:58 - 00000000 ____D () C:\Users\Norbert\AppData\Local\Deployment
2014-06-17 11:11 - 2014-06-16 15:30 - 00000276 _____ () C:\Windows\Tasks\DLL-Files FixerASKUSER.job
2014-06-16 15:30 - 2014-06-16 15:30 - 04456520 _____ (Microsoft Corporation) C:\Windows\system32\mfc110u.dll
2014-06-16 15:30 - 2014-06-16 15:30 - 00000000 ____D () C:\ProgramData\TEMP
2014-06-16 15:30 - 2014-06-16 15:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dll-Files Fixer
2014-06-16 15:29 - 2014-06-16 15:29 - 05359680 _____ (Dll-Files.com ) C:\Users\Norbert\Downloads\dffsetup-mfc110u.exe
2014-06-16 15:28 - 2014-06-16 15:28 - 02363953 _____ () C:\Users\Norbert\Downloads\mfc110u.zip
2014-06-15 18:48 - 2012-06-26 09:13 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-06-15 18:48 - 2011-09-13 10:04 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-06-15 18:01 - 2006-11-02 12:33 - 00765776 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-15 18:00 - 2010-09-29 13:16 - 00025600 _____ () C:\Users\Norbert\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-06-12 21:08 - 2014-06-12 21:08 - 00000000 ____D () C:\Users\Norbert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse
2014-06-12 21:08 - 2013-08-16 23:18 - 00000318 _____ () C:\Users\Norbert\Desktop\Curse Client.appref-ms
2014-06-12 14:18 - 2013-08-05 15:54 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-12 14:16 - 2006-11-02 12:24 - 92708840 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-06-08 17:51 - 2014-06-08 17:51 - 00000000 ___SD () C:\Users\Norbert\Documents\Eigene Webs
2014-06-08 11:47 - 2014-06-08 11:47 - 00000000 ____D () C:\Program Files\AGEIA Technologies
2014-06-08 11:47 - 2009-12-01 14:35 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-06-08 11:47 - 2009-12-01 14:09 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-08 09:13 - 2014-06-08 09:13 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-06-08 09:11 - 2014-06-08 09:12 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-06-08 09:11 - 2014-06-08 09:11 - 00176040 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-06-08 09:11 - 2014-06-08 09:11 - 00176040 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-06-08 09:11 - 2014-06-08 09:11 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-06-08 09:11 - 2014-06-08 09:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-06-08 09:11 - 2013-08-10 07:37 - 00000000 ____D () C:\Program Files\Java
2014-05-28 18:48 - 2014-06-12 14:05 - 12356608 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-28 18:39 - 2014-06-12 14:05 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-28 18:38 - 2014-06-12 14:05 - 09711104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-28 18:33 - 2014-06-12 14:05 - 01106432 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-28 18:32 - 2014-06-12 14:05 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-28 18:32 - 2014-06-12 14:05 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-28 18:31 - 2014-06-12 14:05 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-05-28 18:31 - 2014-06-12 14:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-28 18:30 - 2014-06-12 14:05 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-28 18:30 - 2014-06-12 14:05 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-05-28 18:30 - 2014-06-12 14:05 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-28 18:30 - 2014-06-12 14:05 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-28 18:30 - 2014-06-12 14:05 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-28 18:30 - 2014-06-12 14:05 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-28 18:30 - 2014-06-12 14:05 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-05-28 18:29 - 2014-06-12 14:05 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-28 18:29 - 2014-06-12 14:05 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-28 18:29 - 2014-06-12 14:05 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-28 18:29 - 2014-06-12 14:05 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-05-28 18:29 - 2014-06-12 14:05 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-05-28 18:28 - 2014-06-12 14:05 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-25 11:25 - 2013-12-11 12:48 - 00001590 _____ () C:\Windows\setupact.log
2014-05-20 16:31 - 2014-03-05 20:34 - 00000000 ____D () C:\Users\Norbert\AppData\Local\Unity
2014-05-20 16:20 - 2013-12-17 19:08 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-05-20 16:20 - 2013-08-06 19:20 - 00000000 ____D () C:\Users\Norbert\AppData\Roaming\Malwarebytes
2014-05-20 16:20 - 2013-08-06 19:19 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-20 15:32 - 2014-05-20 15:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft-Tastatur
2014-05-20 15:30 - 2014-05-20 15:30 - 00000000 ____D () C:\Windows\PCHEALTH
2014-05-20 15:30 - 2014-05-20 15:30 - 00000000 ____D () C:\Program Files\Microsoft IntelliType Pro
2014-05-20 15:30 - 2006-11-02 13:18 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-05-20 15:13 - 2013-12-21 19:25 - 00002425 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-05-20 11:51 - 2014-04-01 20:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-05-20 04:39 - 2014-06-08 11:44 - 24024408 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv32.dll
2014-05-20 04:39 - 2014-06-08 11:44 - 17559384 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-05-20 04:39 - 2014-06-08 11:44 - 16003912 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2um.dll
2014-05-20 04:39 - 2014-06-08 11:44 - 10533152 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-05-20 04:39 - 2014-06-08 11:44 - 09735256 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-05-20 04:39 - 2014-06-08 11:44 - 09697640 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-05-20 04:39 - 2014-06-08 11:44 - 02953672 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-05-20 04:39 - 2014-06-08 11:44 - 02413344 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-05-20 04:39 - 2014-06-08 11:44 - 01056200 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco3233788.dll
2014-05-20 04:39 - 2014-06-08 11:44 - 00908744 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco3233788.dll
2014-05-20 04:39 - 2012-10-10 22:14 - 14434704 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dum.dll
2014-05-20 04:39 - 2012-10-10 22:14 - 02730208 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi.dll
2014-05-20 04:39 - 2009-12-01 14:06 - 00020729 _____ () C:\Windows\system32\nvinfo.pb
2014-05-20 02:04 - 2010-07-09 16:37 - 04379592 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-05-20 02:04 - 2010-07-09 16:37 - 03055560 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc.dll
2014-05-20 02:04 - 2010-07-09 16:37 - 00668104 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-05-20 02:04 - 2010-07-09 16:37 - 00376096 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-05-20 02:04 - 2009-09-27 18:47 - 00061784 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll

Some content of TEMP:
====================
C:\Users\Norbert\AppData\Local\temp\Quarantine.exe
C:\Users\Norbert\AppData\Local\temp\_isCBD6.exe
C:\Users\Norbert\AppData\Local\temp\_isEA.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-19 17:32

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---

--- --- ---


Unverändert:
nach dem Hochfahren des PC's bekomme ich folgende Meldung:

avgui.exe-Unable to locate Component
This application has failed to start because MSVCR110.dll was not found. Re-installing the application may fix that problem.

AVG lässt sich weiterhin nicht entfernen, deinstallieren oder aktualiesieren. Was soll ich damit machen?
Habe permanent den Windows Security Alert in meiner rechten, unteren Leiste mit der Meldung die Malware Protection ist aus. Beim Versuch sie im Windows Security Center wieder einzuschalten erhalte ich die Meldung:

Im Rahmen: avgwsc.exe Unable to Locate Component
This application has failed to start because MSVCR110.dll was not found. Reinstalling the application may fix this problem.

Wie soll ich da jetzt vorgehen, ich habe anscheinend keinen Viren Schutz und die AVG Version 2014 spinnt weiterhin rum?? :eek:

Liebe Grüsse, Plekdemon.


Edit:
Da ich nicht weiss, ob mein AVG 2014 free wenigestens im Hintergrund seine Arbeit mach habe ich mir den Avast free Virenschutz runtergeladen.

Edit2: Erneut ein bluescreen beim runterfahren des Systems. Musste manuell ausschalten.

Lg, Plekdemon.

schrauber 20.06.2014 19:52
Mach das mal:
http://www.trojaner-board.de/126216-...epair-aio.html

Plekdemon 21.06.2014 15:06
Hallo Schrauber,

bitte, hier das log.

Code:
System Variables
--------------------------------------------------------------------------------
OS: Windows Vista (TM) Home Premium
OS Architecture: 32-bit
OS Version: 6.0.6002
OS Service Pack: Service Pack 2
Computer Name: NORBERT-PC
Windows Drive: C:\
Windows Path: C:\Windows
Current Profile: C:\Users\Norbert
Current Profile SID: S-1-5-21-1006003231-2697031979-1953750779-1000
Current Profile Classes: S-1-5-21-1006003231-2697031979-1953750779-1000_Classes
Profiles Location: C:\Users
Profiles Location 2: C:\Windows\ServiceProfiles
Local Settings AppData: C:\Users\Norbert\AppData\Local
--------------------------------------------------------------------------------

System Information
--------------------------------------------------------------------------------
System Up Time: 0 Days 00:08:30

Process Count: 80
Commit Total: 2,01 GB
Commit Limit: 6,70 GB
Commit Peak: 2,45 GB
Handle Count: 28671
Kernel Total: 241,10 MB
Kernel Paged: 177,38 MB
Kernel Non Paged: 63,73 MB
System Cache: 1,57 GB
Thread Count: 1074
--------------------------------------------------------------------------------

Memory Before Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 3,25 GB
Memory Used: 1,73 GB(53,1198%)
Memory Avail.: 1,52 GB
--------------------------------------------------------------------------------

Cleaning Memory Before Starting Repairs...

Memory After Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 3,25 GB
Memory Used: 1,43 GB(44,0736%)
Memory Avail.: 1,82 GB
--------------------------------------------------------------------------------

Starting Repairs...
  Start (21.06.2014 14:44:42)

01 - Reset Registry Permissions 01/03
  HKEY_CURRENT_USER & Sub Keys
  Start (21.06.2014 14:44:49)
  Running Repair Under Current User Account
  Done (21.06.2014 14:44:55)

01 - Reset Registry Permissions 02/03
  HKEY_LOCAL_MACHINE & Sub Keys
  Start (21.06.2014 14:44:55)
  Running Repair Under System Account
  Done (21.06.2014 14:48:02)

01 - Reset Registry Permissions 03/03
  HKEY_CLASSES_ROOT & Sub Keys
  Start (21.06.2014 14:48:02)
  Running Repair Under System Account
  Done (21.06.2014 14:48:35)

02 - Reset File Permissions: C:
  C: & Sub Folders
  Start (21.06.2014 14:48:35)
  Running Repair Under System Account
  Done (21.06.2014 14:54:13)

02 - Reset File Permissions: J:
  J: & Sub Folders
  Start (21.06.2014 14:54:18)
  Running Repair Under System Account
  Done (21.06.2014 14:58:27)

02 - Reset File Permissions: All Profiles
  C:\Users & Sub Folders
  Start (21.06.2014 14:58:27)
  Running Repair Under System Account
  Done (21.06.2014 14:59:18)

02 - Reset File Permissions: Current Profile
  C:\Users\Norbert & Sub Folders
  Start (21.06.2014 14:59:18)
  Running Repair Under System Account
  Done (21.06.2014 14:59:41)

02 - Reset File Permissions: Cleanup
  Repairing Restricted Folders Permissions To Avoid Infinite Loops
  Start (21.06.2014 14:59:41)
  Running Repair Under System Account
Processing ACL of: <\\?\C:\Documents and Settings>

SetACL finished successfully.
Processing ACL of: <\\?\C:\ProgramData\Application Data>

SetACL finished successfully.
Processing ACL of: <\\?\C:\ProgramData\Desktop>

SetACL finished successfully.
Processing ACL of: <\\?\C:\ProgramData\Documents>

SetACL finished successfully.
Processing ACL of: <\\?\C:\ProgramData\Favorites>

SetACL finished successfully.
Processing ACL of: <\\?\C:\ProgramData\Start Menu>

SetACL finished successfully.
Processing ACL of: <\\?\C:\ProgramData\Templates>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\All Users\Application Data>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\All Users\Desktop>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\All Users\Documents>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\All Users\Favorites>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\All Users\Start Menu>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\All Users\Templates>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default User>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Application Data>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Cookies>
Reading the SD from <\\?\C:\Users\Default\Cookies> failed with: The system cannot find the file specified.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: The system cannot find the file specified.

Processing ACL of: <\\?\C:\Users\Default\Local Settings>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\My Documents>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\NetHood>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\PrintHood>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Recent>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\SendTo>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Start Menu>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Templates>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\AppData\Local\Application Data>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\AppData\Local\History>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\AppData\Local\Temporary Internet Files>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Documents\My Music>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Documents\My Pictures>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Documents\My Videos>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Public\Documents\My Music>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Public\Documents\My Pictures>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Public\Documents\My Videos>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Norbert\Application Data>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Norbert\Cookies>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Norbert\Local Settings>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Norbert\My Documents>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Norbert\NetHood>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Norbert\PrintHood>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Norbert\Recent>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Norbert\SendTo>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Norbert\Start Menu>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Norbert\Templates>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Norbert\AppData\Local\Application Data>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Norbert\AppData\Local\History>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Norbert\AppData\Local\Temporary Internet Files>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Norbert\Documents\My Music>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Norbert\Documents\My Pictures>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Norbert\Documents\My Videos>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\UpdatusUser\Application Data>
Reading the SD from <\\?\C:\Users\UpdatusUser\Application Data> failed with: The system cannot find the file specified.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: The system cannot find the file specified.

Processing ACL of: <\\?\C:\Users\UpdatusUser\Cookies>
Reading the SD from <\\?\C:\Users\UpdatusUser\Cookies> failed with: The system cannot find the file specified.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: The system cannot find the file specified.

Processing ACL of: <\\?\C:\Users\UpdatusUser\Local Settings>
Reading the SD from <\\?\C:\Users\UpdatusUser\Local Settings> failed with: The system cannot find the file specified.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: The system cannot find the file specified.

Processing ACL of: <\\?\C:\Users\UpdatusUser\My Documents>
Reading the SD from <\\?\C:\Users\UpdatusUser\My Documents> failed with: The system cannot find the file specified.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: The system cannot find the file specified.

Processing ACL of: <\\?\C:\Users\UpdatusUser\NetHood>
Reading the SD from <\\?\C:\Users\UpdatusUser\NetHood> failed with: The system cannot find the file specified.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: The system cannot find the file specified.

Processing ACL of: <\\?\C:\Users\UpdatusUser\PrintHood>
Reading the SD from <\\?\C:\Users\UpdatusUser\PrintHood> failed with: The system cannot find the file specified.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: The system cannot find the file specified.

Processing ACL of: <\\?\C:\Users\UpdatusUser\Recent>
Reading the SD from <\\?\C:\Users\UpdatusUser\Recent> failed with: The system cannot find the file specified.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: The system cannot find the file specified.

Processing ACL of: <\\?\C:\Users\UpdatusUser\SendTo>
Reading the SD from <\\?\C:\Users\UpdatusUser\SendTo> failed with: The system cannot find the file specified.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: The system cannot find the file specified.

Processing ACL of: <\\?\C:\Users\UpdatusUser\Start Menu>
Reading the SD from <\\?\C:\Users\UpdatusUser\Start Menu> failed with: The system cannot find the file specified.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: The system cannot find the file specified.

Processing ACL of: <\\?\C:\Users\UpdatusUser\Templates>
Reading the SD from <\\?\C:\Users\UpdatusUser\Templates> failed with: The system cannot find the file specified.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: The system cannot find the file specified.

Processing ACL of: <\\?\C:\Users\UpdatusUser\AppData\Local\Application Data>
Reading the SD from <\\?\C:\Users\UpdatusUser\AppData\Local\Application Data> failed with: The system cannot find the file specified.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: The system cannot find the file specified.

Processing ACL of: <\\?\C:\Users\UpdatusUser\AppData\Local\History>
Reading the SD from <\\?\C:\Users\UpdatusUser\AppData\Local\History> failed with: The system cannot find the file specified.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: The system cannot find the file specified.

Processing ACL of: <\\?\C:\Users\UpdatusUser\AppData\Local\Temporary Internet Files>
Reading the SD from <\\?\C:\Users\UpdatusUser\AppData\Local\Temporary Internet Files> failed with: The system cannot find the file specified.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: The system cannot find the file specified.

Processing ACL of: <\\?\C:\Users\UpdatusUser\Documents\My Music>
Reading the SD from <\\?\C:\Users\UpdatusUser\Documents\My Music> failed with: The system cannot find the path specified.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: The system cannot find the path specified.

Processing ACL of: <\\?\C:\Users\UpdatusUser\Documents\My Pictures>
Reading the SD from <\\?\C:\Users\UpdatusUser\Documents\My Pictures> failed with: The system cannot find the path specified.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: The system cannot find the path specified.

Processing ACL of: <\\?\C:\Users\UpdatusUser\Documents\My Videos>
Reading the SD from <\\?\C:\Users\UpdatusUser\Documents\My Videos> failed with: The system cannot find the path specified.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: The system cannot find the path specified.

  Done (21.06.2014 14:59:49)

03 - Register System Files
  Start (21.06.2014 14:59:49)
  Running Repair Under Current User Account
  Running Repair Under System Account
  Done (21.06.2014 15:00:17)

04 - Repair WMI
  Start (21.06.2014 15:00:17)

  Starting Security Center So We Can Export The Security Info.

  Exporting Antivirus Info...
  AVG AntiVirus Free Edition 2014 Exported.
  avast! Antivirus Exported.

  Exporting AntiSpyware Info...
  Windows Defender Exported.
  AVG AntiVirus Free Edition 2014 Exported.
  avast! Antivirus Exported.

  Exporting 3rd Party Firewall Info...
  No Firewall Products Reported.

  Running Repair Under Current User Account
  Done (21.06.2014 15:01:59)

05 - Repair Windows Firewall
  Start (21.06.2014 15:01:59)
  Running Repair Under Current User Account
  Running Repair Under System Account
  Done (21.06.2014 15:02:38)

06 - Repair Internet Explorer
  Start (21.06.2014 15:02:38)
  Running Repair Under Current User Account
  Running Repair Under System Account
  Done (21.06.2014 15:03:14)

07 - Repair MDAC/MS Jet
  Start (21.06.2014 15:03:14)
  Running Repair Under Current User Account
  Running Repair Under System Account
  Done (21.06.2014 15:03:56)

08 - Repair Hosts File
  Start (21.06.2014 15:03:56)
  Running Repair Under System Account
  Done (21.06.2014 15:04:00)

09 - Remove Policies Set By Infections
  Start (21.06.2014 15:04:00)
  Running Repair Under Current User Account
  Running Repair Under System Account
  Done (21.06.2014 15:04:30)

10 - Repair Start Menu Icons Removed By Infections
  Start (21.06.2014 15:04:30)
  Running Repair Under System Account
  Done (21.06.2014 15:04:47)

11 - Repair Icons
  Start (21.06.2014 15:04:47)
  Running Repair Under Current User Account
  Done (21.06.2014 15:04:50)

12 - Repair Winsock & DNS Cache
  Start (21.06.2014 15:04:50)
  Running Repair Under Current User Account
  Running Repair Under System Account
  Done (21.06.2014 15:05:12)

13 - Remove Temp Files
  Start (21.06.2014 15:05:12)
  Running Repair Under System Account
  Done (21.06.2014 15:05:29)

14 - Repair Proxy Settings
  Start (21.06.2014 15:05:29)
  Running Repair Under Current User Account
  Running Repair Under System Account
  Done (21.06.2014 15:05:38)

15 - Unhide Non System Files
  Start (21.06.2014 15:05:38)
  C:\ - Total Files Unhidden: 115 - Check Unhidden_Files.txt for list of files unhidden
  J:\ - Total Files Unhidden: 3 - Check Unhidden_Files.txt for list of files unhidden
  Done (21.06.2014 15:06:55)

16 - Repair Windows Updates
  Start (21.06.2014 15:06:55)
  Running Repair Under Current User Account
  Running Repair Under System Account
  Done (21.06.2014 15:07:21)

17 - Repair CD/DVD Missing/Not Working
  Start (21.06.2014 15:07:21)
  iTunes not found, not applying UpperFilters iTunes Reg Key
  Done (21.06.2014 15:07:21)

18 - Repair Volume Shadow Copy Service
  Start (21.06.2014 15:07:21)
  Running Repair Under Current User Account
  Running Repair Under System Account
  Done (21.06.2014 15:07:37)

19 - Repair Windows Sidebar/Gadgets
  Start (21.06.2014 15:07:37)
  Running Repair Under Current User Account
  Running Repair Under System Account
  Done (21.06.2014 15:08:05)

20 - Repair MSI (Windows Installer)
  Start (21.06.2014 15:08:05)
  Running Repair Under Current User Account
  Running Repair Under System Account
  Done (21.06.2014 15:09:21)

21 - Repair Windows Snipping Tool
  Start (21.06.2014 15:09:21)
  Running Repair Under Current User Account
  Running Repair Under System Account
  Done (21.06.2014 15:09:52)

22.01 - Repair bat Association
  Start (21.06.2014 15:09:52)
  Running Repair Under Current User Account
  Running Repair Under System Account
  Done (21.06.2014 15:09:57)

22.02 - Repair cmd Association
  Start (21.06.2014 15:09:57)
  Running Repair Under Current User Account
  Running Repair Under System Account
  Done (21.06.2014 15:10:03)

22.03 - Repair com Association
  Start (21.06.2014 15:10:03)
  Running Repair Under Current User Account
  Running Repair Under System Account
  Done (21.06.2014 15:10:08)

22.04 - Repair Directory Association
  Start (21.06.2014 15:10:08)
  Running Repair Under Current User Account
  Running Repair Under System Account
  Done (21.06.2014 15:10:14)

22.05 - Repair Drive Association
  Start (21.06.2014 15:10:14)
  Running Repair Under Current User Account
  Running Repair Under System Account
  Done (21.06.2014 15:10:20)

22.06 - Repair exe Association
  Start (21.06.2014 15:10:20)
  Running Repair Under Current User Account
  Running Repair Under System Account
  Done (21.06.2014 15:10:25)

22.07 - Repair Folder Association
  Start (21.06.2014 15:10:25)
  Running Repair Under Current User Account
  Running Repair Under System Account
  Done (21.06.2014 15:10:31)

22.08 - Repair inf Association
  Start (21.06.2014 15:10:31)
  Running Repair Under Current User Account
  Running Repair Under System Account
  Done (21.06.2014 15:10:36)

22.09 - Repair lnk (Shortcuts) Association
  Start (21.06.2014 15:10:36)
  Running Repair Under Current User Account
  Running Repair Under System Account
  Done (21.06.2014 15:10:41)

22.10 - Repair msc Association
  Start (21.06.2014 15:10:41)
  Running Repair Under Current User Account
  Running Repair Under System Account
  Done (21.06.2014 15:10:47)

22.11 - Repair reg Association
  Start (21.06.2014 15:10:47)
  Running Repair Under Current User Account
  Running Repair Under System Account
  Done (21.06.2014 15:10:52)

22.12 - Repair scr Association
  Start (21.06.2014 15:10:52)
  Running Repair Under Current User Account
  Running Repair Under System Account
  Done (21.06.2014 15:10:57)

23 - Repair Windows Safe Mode
  Start (21.06.2014 15:10:57)
  Running Repair Under Current User Account
  Running Repair Under System Account
  Done (21.06.2014 15:11:02)

24 - Repair Print Spooler
  Start (21.06.2014 15:11:02)
  Running Repair Under Current User Account
  Running Repair Under System Account
  Done (21.06.2014 15:11:16)

25 - Restore Important Windows Services
  Start (21.06.2014 15:11:16)
  Running Repair Under Current User Account
  Running Repair Under System Account
  Done (21.06.2014 15:11:35)

26 - Set Windows Services To Default Startup
  Start (21.06.2014 15:11:35)
  Running Repair Under Current User Account
  Running Repair Under System Account
  Done (21.06.2014 15:11:43)

  Skipping Repair.
  Repair is for Windows v6.2 (Windows 8 & Newer) or higher.
  Current version: 6.0

  Skipping Repair.
  Repair is for Windows v6.2 (Windows 8 & Newer) or higher.
  Current version: 6.0

  Skipping Repair.
  Repair is for Windows v6.2 (Windows 8 & Newer) or higher.
  Current version: 6.0

Cleaning up empty logs...

All Selected Repairs Done.
  Done (21.06.2014 15:11:43)
  Total Repair Time: 00:27:05


...YOU MUST RESTART YOUR SYSTEM...
  Running Repair Under Current User Account

Die avgui-Fehlermeldung war nach dem Repraturprogramm und restart wieder am Desktop.
Habe danach erneut versucht AVG zu deinstallieren, wieder nicht möglich, selbe Fehlermeldung, wie im letzten post beschrieben.

Lg,
Plekdemon

Edit:
Bin danach auf C:/Program Data/AVG2014 auf folgende Datei gestoßen. ..../SetupBackup/
Die ist mir gleich aufgefallen, weil sie in blau geschrieben war. Habe diese Datei manuell gelöscht und bin danach zum Control Panel/Programs and Features/AVG2014 und habe die Option "Change" ausgewählt. Wollte dann erneut versuchen "Repair" auszuwählen, dann kam kurz wieder so eine avgui-Fehlermeldung, irgendwas mit checker, doch gleich danach eine Tafel mit mit einem ausgefüllten "key". Habe dann auf installieren gedrückt und plötzlich fing AVG Repair an zu rennen. Das Programm wurde abgeschlossen, der Computer neu gestartet und die Fehlermeldung nach dem Hochfahren blieb aus. das AVG Symbol ist nun wieder in meiner rechten, unteren Leiste und scheint zu funktionieren?? (ist her ne Frage als eine Aussage :eek:)
Habe also momentan keine Fehlermeldung mehr-jedoch Avast und AVG rennen. Kann ich das so lassen, oder soll ich einen löschen?
Die SetupBackup Datei innerhald des AVG Verzeichnisses befindet sich noch in meinem Recycle Bin.

Lag es an dieser blauen Datei-ich glaube die war vor dem Windows repair nicht da?

Lg, Plekdemon

schrauber 22.06.2014 07:00
eigentlich unwarscheinlich, aber ich kenne die Programmierfähigkeiten von AVG nicht :)

EIn AV deinstallieren. Noch andere Probleme?

Plekdemon 22.06.2014 16:04
Hallo Schrauber,

im Moment alles fehlerfrei. Vielen Dank für die Hilfe.

Gut, dass es Euch gibt.

:dankeschoen:

schrauber 23.06.2014 11:49
Fertig :)

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun :)

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.


Alle Zeitangaben in WEZ +1. Es ist jetzt 18:50 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131