Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Internet mit allen Browsern langsam nach BizCoaching (https://www.trojaner-board.de/137643-internet-allen-browsern-langsam-bizcoaching.html)

Ninja619 03.07.2013 19:02
Internet mit allen Browsern langsam nach BizCoaching
 
Hallo,

seit 3 Tagen ist mein Internet sehr langsam. Hatte auch diverse Pop-Ups wie die Seiten BizCoaching und CO.
Hab mir da wohl was eingefangen. Ich poste gleich mal die OTL und Extras dazu

Extras
Code:
OTL Extras logfile created on: 03.07.2013 19:37:04 - Run 1
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\Julian\Downloads
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,91 Gb Total Physical Memory | 1,22 Gb Available Physical Memory | 31,13% Memory free
7,81 Gb Paging File | 4,03 Gb Available in Paging File | 51,56% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 101,78 Gb Total Space | 46,67 Gb Free Space | 45,85% Space Free | Partition Type: NTFS
Drive D: | 350,89 Gb Total Space | 314,26 Gb Free Space | 89,56% Space Free | Partition Type: NTFS
 
Computer Name: JULIAN-PC | User Name: Julian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03DCB2FA-071A-404B-8E33-54F9B37246D9}" = rport=138 | protocol=17 | dir=out | app=system |
"{0989058F-6A45-442A-99A9-BB56CAD195B5}" = rport=10243 | protocol=6 | dir=out | app=system |
"{13E81CE7-596F-4FEF-8BCE-7F646AEC64FC}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1C9FD81E-3A5A-40F2-9DDD-D05F5D88767B}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4D87558B-9659-4FBE-AB94-D63827D48D7E}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{4F188470-6695-484B-B953-130778720DC2}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5822C651-1396-422A-9AF8-81EFB912643A}" = rport=445 | protocol=6 | dir=out | app=system |
"{5D83B5EA-1F71-45D7-B244-4BAC3FF70DCF}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{634D3593-F058-4AD8-88C7-0AAB455F83F0}" = lport=2869 | protocol=6 | dir=in | app=system |
"{748CCF80-DE63-4F59-A20E-6A47550CBBB4}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{7C3F4B9C-0022-4385-AEA0-26C2E9C33E5E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{7E6FD325-B626-40B8-99B3-A49099FCB062}" = lport=2869 | protocol=6 | dir=in | app=system |
"{8543860F-62BF-41B5-93FB-312B90B3B998}" = lport=137 | protocol=17 | dir=in | app=system |
"{884FC861-0B11-450D-A174-051271B00C60}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{8A253039-2556-4245-8EA2-867330DB473A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{9699BE35-87D7-4D38-9DA8-8D77BDF47D6D}" = lport=10243 | protocol=6 | dir=in | app=system |
"{BCBBA810-67D0-49CB-888A-9B605259F6D4}" = rport=137 | protocol=17 | dir=out | app=system |
"{C536E2C3-AF17-4A24-9420-EBDFF0107C3B}" = lport=138 | protocol=17 | dir=in | app=system |
"{D2A42110-D624-4207-AAE1-1FC9014D644A}" = rport=139 | protocol=6 | dir=out | app=system |
"{D8D3DBFF-A98D-4569-8479-09AB52022DC3}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E0F7CBA7-5C5D-4831-843A-BEE0FB22F123}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F31E18CC-C07F-4AE6-9082-4AB6752D7F37}" = lport=139 | protocol=6 | dir=in | app=system |
"{F6E2A07B-CA3E-4292-900A-7B8329278123}" = lport=445 | protocol=6 | dir=in | app=system |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{206A2519-1E14-4AB0-8742-B177E5837798}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{2C20A616-41F9-4D8F-98DE-D59635CE89F4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2C68181B-DBC6-4710-87E1-4E3ECB05F853}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{32B67CAB-81C9-41DA-8832-4BAE3865CA11}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{38B6CC47-234E-4DC6-BFBD-8734FA036249}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{38FF9A63-9958-41D9-81D4-1F590443DFE6}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{392B8BE4-5DD0-4C4A-A3AB-29CBD798DDBA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3AFE4870-AA76-46BB-B57D-267358AEDBDE}" = dir=in | app=c:\program files (x86)\acer\touchportal\touch movie\touchmovie.exe |
"{42920F9A-7B4A-4664-AE43-E751A058C14F}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{539280C6-974C-451C-AAF8-87F138C42079}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{5554F022-6B71-47B1-9D5D-0F07895F6F59}" = protocol=6 | dir=out | app=system |
"{55592FDA-BC8C-491A-9728-40D90CAD0DC1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{598C3E8C-2984-4B61-B77E-8239FEABBF4A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{6CF2A001-3EED-426D-B351-8C452BB24954}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{6F67591F-29BA-44DD-8CBF-E235644CAB40}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{73A59BD3-EBFD-4A44-8CD3-40DA1133F578}" = dir=in | app=c:\program files (x86)\acer\acer vcm\vc.exe |
"{7747FA3C-23D5-488C-974B-0484E6B93E74}" = dir=in | app=c:\program files (x86)\acer\touchportal\touch movie\touchmovieservice.exe |
"{78FEABF0-C006-4178-8217-17E457AD7EB8}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{7D62361F-10BD-4E73-A1BE-2ADCFC72D7D7}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{823CA407-E267-40D3-9CB9-570527359349}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{8F777833-C961-4FBB-98D2-3C229C8874B2}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{92891B3D-0F74-44C0-8FBA-4413A1C3E104}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd8\powerdvd8.exe |
"{930B21FA-FAB5-4A9F-9A0E-2974C04B3F7B}" = dir=in | app=c:\program files (x86)\acer\acer vcm\rs_service.exe |
"{A29CFAAC-F4AB-4997-ADE1-24A21B852DEE}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A7443786-CEED-41E3-9E2B-C6B48966809F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B5BFA905-DEFB-443A-8903-2C6D9590DA6A}" = protocol=17 | dir=in | app=c:\users\julian\appdata\roaming\icqm\icq.exe |
"{BB78C4CA-0A7A-41DC-9A61-19C6BC002112}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{D4D6A83A-ED42-4D92-BDE3-356AB3F95D95}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{E63A8EEB-8393-4AB3-85B6-552B4D16D27C}" = protocol=6 | dir=in | app=c:\users\julian\appdata\roaming\icqm\icq.exe |
"{E64A89E7-88FC-4CD0-855E-9500AE1933C4}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E7E4524E-50D6-42C5-B535-4D4C8E2B5065}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{EACFEF4B-E75D-4B53-A271-9E8B0C894901}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{EC3E2595-D1E7-4124-A4D6-D9A679AF6968}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F1F1EA76-A9D3-43C3-955D-7F2D78608B41}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}" = Shredder
"{24F93B56-61F5-415F-85B9-AA444DA34AFC}" = Microsoft-Maus- und Tastatur-Center
"{26A24AE4-039D-4CA4-87B4-2F86417021FF}" = Java 7 Update 21 (64-bit)
"{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = WIDCOMM Bluetooth Software
"{6ACE7F46-FACE-4125-AE86-672F4F2A6A28}" = Virtual Earth 3D (Beta)
"{6E5159B4-A519-41EF-80EF-AD58371515DF}" = Eraser 6.0.10.2620
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"jdownloader2" = JDownloader 2
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft Mouse and Keyboard Center" = Microsoft-Maus- und Tastatur-Center
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"VLC media player" = VLC media player 2.0.6
"WinRAR archiver" = WinRAR 4.20 (64-Bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{047F790A-7A2A-4B6A-AD02-38092BA63DAC}" = Acer VCM
"{0D7CD0D9-4A88-4A63-8F91-3F4E8F371768}" = MyWinLocker
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{16456401-9621-4F3D-836A-59EA425C471D}" = ZoneAlarm Security
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{219AA9C3-E1F9-4C99-A41C-7988C1A67143}" = STScreenDetection
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{243AD385-8C58-4D49-BF54-8E7F809E0A96}" = Acer TouchPortal
"{24ADC5BE-8B82-426F-8779-2308B54B00EE}" = ZoneAlarm Antivirus
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}" = Microsoft XNA Framework Redistributable 3.0
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}" = Norton Online Backup
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{53652DA6-AD2D-4B0F-80BA-6F3CFE2B48D7}" = ZoneAlarm Security
"{54CCA4E2-D15D-4927-A866-2D33BFED4A8E}" = ZoneAlarm Firewall
"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic
"{737B13C5-990B-4339-8A4D-0FFEBBC3DB17}" = ZoneAlarm Firewall
"{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{8FF90DB8-6DED-44A3-B182-244FEC09012F}" = Microsoft Touch Pack for Windows 7
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A7496F46-78AE-4DB2-BCF5-95F210FA6F96}" = Windows Live Movie Maker
"{A80DB23D-0618-405B-89D9-28F99814E287}_is1" = AntiLogger Free version 1.6.2.226
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.1 MUI
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{B906C11A-D193-4143-9FA7-E2EE8A5A8F21}" = Acer Touch Movie
"{C2695E83-CF1D-43D1-84FE-B3BEC561012A}" = Shredder
"{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}" = TuneUp Utilities 2013
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}" = Acer Crystal Eye webcam Ver:1.1.188.706
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}" = eBay Worldwide
"{E3ED49BB-0544-4844-B296-6A0CB28E7BE3}" = Dir-It!
"{E5EABF66-F9C4-430C-B97D-3CF28A58D50B}" = Alcor Micro USB Card Reader
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4811919-F252-4B25-9AB2-8859A85810B5}" = TuneUp Utilities Language Pack (de-DE)
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Acer Welcome Center" = Welcome Center
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Avira AntiVir Desktop" = Avira Free Antivirus
"Free Audio Converter_is1" = Free Audio Converter version 5.0.24.430
"GridVista" = Acer GridVista
"Identity Card" = Identity Card
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{243AD385-8C58-4D49-BF54-8E7F809E0A96}" = Acer TouchPortal
"InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}" = CyberLink PowerDVD 8
"InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Acer Backup Manager
"InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite
"InstallShield_{E5EABF66-F9C4-430C-B97D-3CF28A58D50B}" = Alcor Micro USB Card Reader
"KeePassPasswordSafe2_is1" = KeePass Password Safe 2.22
"LManager" = Launch Manager
"Mozilla Firefox 21.0 (x86 de)" = Mozilla Firefox 21.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"TuneUp Utilities 2013" = TuneUp Utilities 2013
"WinLiveSuite_Wave3" = Windows Live Essentials
"ZoneAlarm Free Firewall" = ZoneAlarm Free Firewall
"ZoneAlarm Security Toolbar" = ZoneAlarm Security Toolbar
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"ICQ" = ICQ 8.0 (build 6017)
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 28.05.2013 14:47:04 | Computer Name = Julian-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: mscorsvw.exe, Version: 4.0.30319.1,
 Zeitstempel: 0x4ba1da21  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
 Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x6f6e6a64  ID des fehlerhaften
 Prozesses: 0x9e0  Startzeit der fehlerhaften Anwendung: 0x01ce5bd387811adc  Pfad der
 fehlerhaften Anwendung: C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
Pfad
 des fehlerhaften Moduls: unknown  Berichtskennung: fd016ba9-c7c6-11e2-a586-60eb699ddf56
 
Error - 28.05.2013 14:47:08 | Computer Name = Julian-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: UMVPFSrv.exe, Version: 13.31.1044.0,
 Zeitstempel: 0x4f166843  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
 Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x6f6e6a64  ID des fehlerhaften
 Prozesses: 0x344  Startzeit der fehlerhaften Anwendung: 0x01ce5bd329fe2899  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
Pfad
 des fehlerhaften Moduls: unknown  Berichtskennung: ff489ccc-c7c6-11e2-a586-60eb699ddf56
 
Error - 28.05.2013 14:47:12 | Computer Name = Julian-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: GREGsvc.exe, Version: 1.0.0.1, Zeitstempel:
 0x4afbd2e4  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel:
 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x6f6e6a64  ID des fehlerhaften Prozesses:
 0x540  Startzeit der fehlerhaften Anwendung: 0x01ce5bd3362bf65f  Pfad der fehlerhaften
 Anwendung: C:\Program Files (x86)\Acer\Registration\GREGsvc.exe  Pfad des fehlerhaften
 Moduls: unknown  Berichtskennung: 0169b7eb-c7c7-11e2-a586-60eb699ddf56
 
Error - 28.05.2013 14:47:13 | Computer Name = Julian-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: IScheduleSvc.exe, Version: 2.0.0.68,
 Zeitstempel: 0x4c28447e  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
 Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x6f6e6a64  ID des fehlerhaften
 Prozesses: 0x640  Startzeit der fehlerhaften Anwendung: 0x01ce5bd336866aaa  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\NewTech Infosystems\Acer Backup
Manager\IScheduleSvc.exe  Pfad des fehlerhaften Moduls: unknown  Berichtskennung: 02425524-c7c7-11e2-a586-60eb699ddf56
 
Error - 28.05.2013 14:47:18 | Computer Name = Julian-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: RS_Service.exe, Version: 4.5.3000.9285,
 Zeitstempel: 0x4a563cf3  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
 Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x6f6e6a64  ID des fehlerhaften
 Prozesses: 0x6d4  Startzeit der fehlerhaften Anwendung: 0x01ce5bd3369e386c  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe  Pfad
 des fehlerhaften Moduls: unknown  Berichtskennung: 05374abb-c7c7-11e2-a586-60eb699ddf56
 
Error - 28.05.2013 14:47:22 | Computer Name = Julian-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: UpdaterService.exe, Version: 1.0.0.8,
 Zeitstempel: 0x4b614046  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
 Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x6f6e6a64  ID des fehlerhaften
 Prozesses: 0x808  Startzeit der fehlerhaften Anwendung: 0x01ce5bd336e80315  Pfad der
 fehlerhaften Anwendung: C:\Program Files\Acer\Acer Updater\UpdaterService.exe  Pfad
 des fehlerhaften Moduls: unknown  Berichtskennung: 07a491e3-c7c7-11e2-a586-60eb699ddf56
 
Error - 31.05.2013 17:23:58 | Computer Name = Julian-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: firefox.exe, Version: 21.0.0.4879,
 Zeitstempel: 0x518ec3cc  Name des fehlerhaften Moduls: xul.dll, Version: 21.0.0.4879,
 Zeitstempel: 0x518ec306  Ausnahmecode: 0xc0000005  Fehleroffset: 0x001c9789  ID des fehlerhaften
 Prozesses: 0xf90  Startzeit der fehlerhaften Anwendung: 0x01ce5e180a1b704b  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\firefox.exe  Pfad
des fehlerhaften Moduls: C:\Program Files (x86)\Mozilla Firefox\xul.dll  Berichtskennung:
 677f31ac-ca38-11e2-a1c2-60eb699ddf56
 
Error - 08.06.2013 05:57:29 | Computer Name = Julian-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: TuneUpUtilitiesService64.exe, Version:
 13.0.3020.2, Zeitstempel: 0x51067ac3  Name des fehlerhaften Moduls: TuneUpUtilitiesService64.exe,
 Version: 13.0.3020.2, Zeitstempel: 0x51067ac3  Ausnahmecode: 0xc0000005  Fehleroffset:
 0x000000000001cbe6  ID des fehlerhaften Prozesses: 0x908  Startzeit der fehlerhaften
 Anwendung: 0x01ce642e8cae3970  Pfad der fehlerhaften Anwendung: C:\Program Files
(x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe  Pfad des fehlerhaften Moduls:
 C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe  Berichtskennung:
 d44b6355-d021-11e2-bf0d-60eb699ddf56
 
Error - 09.06.2013 10:24:58 | Computer Name = Julian-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files
 (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
 Richtliniendatei "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
 AIR.dll" in Zeile 3.  Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
 des "version"-Attributs im assemblyIdentity-Element ist ungültig.
 
Error - 09.06.2013 10:26:57 | Computer Name = Julian-PC | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
 (x86)\windows live\photo gallery\MovieMaker.Exe". Fehler in Manifest- oder Richtliniendatei
 "c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL" in Zeile  8.  Die
im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente
 überein.  Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition:
 WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".  Verwenden Sie
 das Programm "sxstrace.exe" für eine detaillierte Diagnose.
 
[ System Events ]
Error - 12.06.2013 12:18:04 | Computer Name = Julian-PC | Source = NetBT | ID = 4307
Description = Initialisierung fehlgeschlagen, da die Transportschicht das Öffnen
 der Anfangsadressen verweigerte.
 
Error - 13.06.2013 00:39:05 | Computer Name = Julian-PC | Source = DCOM | ID = 10010
Description =
 
Error - 15.06.2013 09:47:34 | Computer Name = Julian-PC | Source = DCOM | ID = 10010
Description =
 
Error - 15.06.2013 16:14:13 | Computer Name = Julian-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR5 gefunden.
 
Error - 15.06.2013 16:14:13 | Computer Name = Julian-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR5 gefunden.
 
Error - 19.06.2013 15:38:54 | Computer Name = Julian-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Avira Browser-Schutz" wurde unerwartet beendet. Dies ist
 bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden
 durchgeführt: Neustart des Diensts.
 
Error - 19.06.2013 15:44:25 | Computer Name = Julian-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Avira Browser-Schutz" wurde unerwartet beendet. Dies ist
 bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden
 durchgeführt: Neustart des Diensts.
 
Error - 20.06.2013 12:43:06 | Computer Name = Julian-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 IPsec-Richtlinien-Agent erreicht.
 
Error - 20.06.2013 12:43:06 | Computer Name = Julian-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "IPsec-Richtlinien-Agent" wurde aufgrund folgenden Fehlers
 nicht gestartet:  %%1053
 
Error - 20.06.2013 12:43:54 | Computer Name = Julian-PC | Source = WMPNetworkSvc | ID = 866300
Description =
 
 
< End of report >
OTL
Code:
OTL logfile created on: 03.07.2013 19:37:04 - Run 1
OTL by OldTimer - Version 3.2.69.0    Folder = C:\Users\Julian\Downloads
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,91 Gb Total Physical Memory | 1,22 Gb Available Physical Memory | 31,13% Memory free
7,81 Gb Paging File | 4,03 Gb Available in Paging File | 51,56% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 101,78 Gb Total Space | 46,67 Gb Free Space | 45,85% Space Free | Partition Type: NTFS
Drive D: | 350,89 Gb Total Space | 314,26 Gb Free Space | 89,56% Space Free | Partition Type: NTFS
 
Computer Name: JULIAN-PC | User Name: Julian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.07.03 19:35:43 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Julian\Downloads\OTL.exe
PRC - [2013.07.01 18:55:31 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2013.07.01 18:54:14 | 000,589,368 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
PRC - [2013.07.01 18:54:10 | 000,345,144 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2013.07.01 18:54:10 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2013.05.28 18:07:20 | 027,598,184 | ---- | M] (ICQ) -- C:\Users\Julian\AppData\Roaming\ICQM\icq.exe
PRC - [2013.05.26 17:16:43 | 000,206,208 | ---- | M] () -- C:\Windows\PLFSetI.exe
PRC - [2013.05.16 10:59:00 | 003,830,224 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
PRC - [2013.05.16 10:56:34 | 001,033,688 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
PRC - [2013.05.16 10:56:30 | 001,817,560 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
PRC - [2013.05.15 13:21:32 | 000,171,928 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
PRC - [2013.03.27 14:02:42 | 002,447,888 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
PRC - [2013.03.27 13:31:18 | 000,073,832 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
PRC - [2012.01.18 06:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
PRC - [2010.06.29 00:23:06 | 000,255,744 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
PRC - [2010.03.04 05:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010.03.04 05:16:04 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2010.01.30 01:52:58 | 000,260,640 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
PRC - [2010.01.29 06:07:26 | 000,870,992 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.EXE
PRC - [2010.01.13 04:55:58 | 000,030,080 | ---- | M] () -- C:\Windows\snuvcdsm.exe
PRC - [2010.01.08 15:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
PRC - [2009.11.06 19:22:52 | 002,584,576 | ---- | M] () -- C:\Program Files (x86)\STMicroelectronics\STScreenDetection\SDTabletPC.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013.06.15 03:28:42 | 000,393,168 | ---- | M] () -- C:\Users\Julian\AppData\Local\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll
MOD - [2013.06.15 03:28:41 | 013,140,432 | ---- | M] () -- C:\Users\Julian\AppData\Local\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll
MOD - [2013.06.15 03:28:40 | 004,051,408 | ---- | M] () -- C:\Users\Julian\AppData\Local\Google\Chrome\Application\27.0.1453.116\pdf.dll
MOD - [2013.06.15 03:27:51 | 000,599,504 | ---- | M] () -- C:\Users\Julian\AppData\Local\Google\Chrome\Application\27.0.1453.116\libglesv2.dll
MOD - [2013.06.15 03:27:50 | 000,124,368 | ---- | M] () -- C:\Users\Julian\AppData\Local\Google\Chrome\Application\27.0.1453.116\libegl.dll
MOD - [2013.06.15 03:27:48 | 001,597,392 | ---- | M] () -- C:\Users\Julian\AppData\Local\Google\Chrome\Application\27.0.1453.116\ffmpegsumo.dll
MOD - [2013.05.29 18:19:23 | 000,452,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\dd2d0cf72eac6e5b113a0059aeb3cab5\IAStorUtil.ni.dll
MOD - [2013.05.28 21:03:50 | 011,824,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\a00aab40bdf5aed84b4d4294965cf20d\System.Web.ni.dll
MOD - [2013.05.28 21:03:37 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\01b47a246b4ec7bfec31bf4503aceda1\System.Runtime.Remoting.ni.dll
MOD - [2013.05.28 21:02:39 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\05682429807d34d6ff05a77ea153935f\System.Windows.Forms.ni.dll
MOD - [2013.05.28 21:02:26 | 001,592,832 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\e2ee5d77ebe0bd025e7a7a317a43d677\System.Drawing.ni.dll
MOD - [2013.05.28 21:02:01 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\82a4c4666ad83c3a375210247e69646b\WindowsBase.ni.dll
MOD - [2013.05.28 21:01:51 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\10aba2c167cc1119b80159fd9ac71ca8\System.Xml.ni.dll
MOD - [2013.05.28 21:01:44 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\96a3b737db1e72adaf32d2b350e50c23\System.Configuration.ni.dll
MOD - [2013.05.28 21:01:42 | 007,974,400 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\c54750e64ba10d0fb7b6a636fb3695ca\System.ni.dll
MOD - [2013.05.28 21:01:31 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b0b8554c05f194f546a8ed531320760b\mscorlib.ni.dll
MOD - [2013.05.28 18:07:26 | 000,851,456 | ---- | M] () -- C:\Users\Julian\AppData\Roaming\ICQM\ICQ\dll\YLUSBTEL.dll
MOD - [2013.05.27 02:52:43 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2013.05.27 02:52:39 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2013.05.26 17:16:43 | 000,206,208 | ---- | M] () -- C:\Windows\PLFSetI.exe
MOD - [2013.05.16 10:55:28 | 000,161,112 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
MOD - [2013.05.16 10:55:26 | 000,113,496 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
MOD - [2013.05.16 10:55:24 | 000,416,600 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
MOD - [2010.01.30 02:41:12 | 004,254,560 | ---- | M] () -- C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf
MOD - [2010.01.13 04:55:58 | 000,030,080 | ---- | M] () -- C:\Windows\snuvcdsm.exe
MOD - [2009.11.06 19:22:52 | 002,584,576 | ---- | M] () -- C:\Program Files (x86)\STMicroelectronics\STScreenDetection\SDTabletPC.exe
 
 
========== Services (SafeList) ==========
 
SRV - [2013.07.01 18:55:31 | 000,084,024 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013.07.01 18:54:14 | 000,589,368 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2013.07.01 18:54:10 | 000,108,088 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013.06.12 19:58:20 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.05.12 00:26:17 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.04.19 15:14:16 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.03.27 14:02:42 | 002,447,888 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe -- (vsmon)
SRV - [2012.11.29 16:06:12 | 002,401,632 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2012.11.22 16:35:22 | 000,828,072 | ---- | M] (Check Point Software Technologies) [Auto | Running] -- C:\Programme\CheckPoint\ZAForceField\ISWSVC.exe -- (IswSvc)
SRV - [2012.01.18 06:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2010.06.29 00:23:06 | 000,255,744 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2010.06.25 09:08:30 | 000,952,096 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2010.06.02 00:31:28 | 002,804,568 | ---- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe -- (NOBU)
SRV - [2010.05.27 04:41:06 | 000,305,520 | ---- | M] (Egis Technology Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe -- (MWLService)
SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.04 05:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010.02.26 19:57:52 | 000,841,248 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV - [2010.01.30 01:52:58 | 000,260,640 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe -- (RS_Service)
SRV - [2010.01.29 01:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Stopped] -- C:\Programme\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV - [2010.01.09 21:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2010.01.08 15:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2013.05.24 17:08:42 | 000,026,080 | ---- | M] (Zemana Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\KeyCrypt64.sys -- (keycrypt)
DRV:64bit: - [2013.03.06 16:13:37 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2013.02.26 16:56:51 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2013.02.26 16:56:50 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2013.01.29 18:15:04 | 000,050,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2012.12.13 11:49:42 | 000,450,136 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vsdatant.sys -- (Vsdatant)
DRV:64bit: - [2012.11.15 21:06:08 | 000,611,160 | ---- | M] (Kaspersky Lab) [File_System | System | Running] -- C:\Windows\SysNative\drivers\klif.sys -- (KLIF)
DRV:64bit: - [2012.03.01 08:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.01.18 06:44:36 | 004,865,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)
DRV:64bit: - [2012.01.18 06:44:28 | 000,351,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)
DRV:64bit: - [2011.03.11 08:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.06.25 04:33:36 | 000,076,912 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2010.06.25 04:13:18 | 000,342,056 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:64bit: - [2010.06.25 04:12:26 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2010.06.25 04:12:26 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2010.06.25 04:12:24 | 000,135,720 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2010.06.25 04:12:24 | 000,102,952 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2010.03.04 04:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.01.13 04:56:18 | 001,806,592 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC)
DRV:64bit: - [2009.11.24 18:58:54 | 000,021,864 | ---- | M] (ST Microelectronics) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\STHall.sys -- (STHall)
DRV:64bit: - [2009.09.17 14:12:06 | 000,292,912 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009.09.15 06:40:00 | 006,952,960 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64)
DRV:64bit: - [2009.09.02 20:54:20 | 007,369,728 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.10 15:45:12 | 000,139,264 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcHdmi.sys -- (IntcHdmiAddService)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.06.03 04:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2009.06.03 04:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2009.06.03 04:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2009.05.26 15:32:38 | 000,040,448 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:64bit: - [2009.05.06 01:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2009.05.06 01:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV - [2012.11.22 16:35:36 | 000,033,712 | ---- | M] (Check Point Software Technologies) [Kernel | Auto | Running] -- C:\Programme\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL)
DRV - [2012.11.16 16:38:44 | 000,011,880 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009.03.26 05:16:08 | 000,025,608 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\DKbFltr.sys -- (DKbFltr)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope =
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.zonealarm.com/?src=hp&tbid=base2013&Lan=de&gu=44e925462ea848c798d8d00965d7a0ec&tu=10G90008F1B000v&sku=&tstsId=&ver=&
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\..\SearchScopes\{44417FA3-E13C-4E17-9A5F-FD0D0C2AC285}: "URL" = hxxp://search.zonealarm.com/search?src=sp&tbid=base2013&Lan=de&q={searchTerms}&gu=44e925462ea848c798d8d00965d7a0ec&tu=10G90008F1B000v&sku=&tstsId=&ver=&&r=469
IE - HKCU\..\SearchScopes\{9F1604C3-87ED-4AF9-A921-9812FF832A94}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=ff874d16-1afe-407c-9e12-ed4fbb01f3b6&apn_sauid=2A80BC78-C5B9-495E-9E26-9C8354DA0000
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = localhost:21320
 
========== FireFox ==========
 
FF - prefs.js..browser.search.order.1: "Search By ZoneAlarm"
FF - prefs.js..browser.search.selectedEngine: "Search By ZoneAlarm"
FF - prefs.js..browser.startup.homepage: "hxxp://search.zonealarm.com/?src=hp&tbid=base2013&Lan=de&gu=44e925462ea848c798d8d00965d7a0ec&tu=10GX0008T1B0008&sku=&tstsId=&ver=&"
FF - prefs.js..extensions.enabledAddons: tineye%40ideeinc.com:1.1
FF - prefs.js..extensions.enabledAddons: ffxtlbr%40zonealarm.com:1.6.0
FF - prefs.js..extensions.enabledAddons: lwoofer%40lyricswoofer.co:1.116
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Program Files (x86)\Virtual Earth 3D\ [2010.09.14 13:18:04 | 000,000,000 | ---D | M]
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Program Files (x86)\Virtual Earth 3D\ [2010.09.14 13:18:04 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Julian\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Julian\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
 
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\PROGRAM FILES\CHECKPOINT\ZAFORCEFIELD\TRUSTCHECKER [2013.06.09 13:54:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker [2013.06.09 13:54:19 | 000,000,000 | ---D | M]
 
[2013.05.26 19:23:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Julian\AppData\Roaming\mozilla\Extensions
[2013.06.09 13:54:09 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Julian\AppData\Roaming\mozilla\Firefox\Profiles\7yoofxo0.default\extensions
[2013.06.09 13:54:09 | 000,000,000 | ---D | M] (zonealarm.com) -- C:\Users\Julian\AppData\Roaming\mozilla\Firefox\Profiles\7yoofxo0.default\extensions\ffxtlbr@zonealarm.com
[2013.05.27 20:13:38 | 000,008,001 | ---- | M] () (No name found) -- C:\Users\Julian\AppData\Roaming\mozilla\firefox\profiles\7yoofxo0.default\extensions\tineye@ideeinc.com.xpi
[2013.05.27 20:12:29 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\Julian\AppData\Roaming\mozilla\firefox\profiles\7yoofxo0.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.01.23 12:46:58 | 000,007,919 | ---- | M] () (No name found) -- C:\Users\Julian\AppData\Roaming\mozilla\firefox\profiles\7yoofxo0.default\extensions\ffxtlbr@zonealarm.com\content\Abine\chrome\content\ff\view_expiry.js
[2013.05.26 19:21:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.05.26 19:23:00 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2013.05.26 19:23:00 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
File not found (No name found) -- C:\PROGRAM FILES (X86)\LYRICSWOOFER\116.XPI
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Julian\AppData\Local\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Julian\AppData\Local\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Julian\AppData\Local\Google\Chrome\Application\27.0.1453.116\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: npFFApi (Enabled) = C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Julian\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll
CHR - Extension: Google Docs = C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google-Suche = C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: AdBlock = C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.2_0\
CHR - Extension: Google Mail = C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Zonealarm Helper Object) - {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.11.6\bh\zonealarm.dll (Montera Technologeis LTD)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Programme\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O3:64bit: - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Toolbar) - {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.11.6\zonealarmTlbr.dll (Montera Technologeis LTD)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O3 - HKCU\..\Toolbar\WebBrowser: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Programme\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Programme\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.)
O4:64bit: - HKLM..\Run: [Eraser] C:\Programme\Eraser\Eraser.exe (The Eraser Project)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [ScreenRotation] C:\Program Files (x86)\STMicroelectronics\STScreenDetection\SDTabletPC.exe ()
O4:64bit: - HKLM..\Run: [SNUVCDSM] C:\Windows\snuvcdsm.exe ()
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [ZoneAlarm] C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe (Check Point Software Technologies LTD)
O4 - HKCU..\Run: [icq] C:\Users\Julian\AppData\Roaming\ICQM\icq.exe (ICQ)
O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MIF5BA~1\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MIF5BA~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MIF5BA~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MIF5BA~1\Office14\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000020 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F1215907-6827-4EBB-8FCD-12BBD623A7FB}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\KEYCRY~1\KEYCRY~4.DLL) - C:\PROGRA~2\KEYCRY~1\KEYCRY~4.DLL (Zemana Ltd.)
O20 - AppInit_DLLs: (C:\PROGRA~2\KEYCRY~1\KEYCRY~3.DLL) - C:\PROGRA~2\KEYCRY~1\KEYCRY~3.DLL (Zemana Ltd.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.07.03 19:03:18 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013.07.03 19:03:03 | 000,000,000 | ---D | C] -- C:\JRT
[2013.07.03 18:58:42 | 000,000,000 | ---D | C] -- C:\FRST
[2013.07.01 20:03:16 | 000,034,656 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe
[2013.07.01 20:03:11 | 000,025,952 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll
[2013.07.01 20:03:10 | 000,021,344 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll
[2013.07.01 20:03:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013
[2013.07.01 20:02:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp Utilities 2013
[2013.07.01 19:02:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013.07.01 19:02:07 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013.07.01 18:34:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2013.07.01 18:33:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2013.07.01 18:33:02 | 000,017,272 | ---- | C] (Safer Networking Limited) -- C:\Windows\SysNative\sdnclean64.exe
[2013.07.01 18:32:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2013.06.30 11:25:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LyricsWoofer
[2013.06.19 21:58:15 | 000,000,000 | ---D | C] -- C:\Users\Julian\Desktop\Markus Heitz - Die Legenden der Albae - Vernichtender Hass
[2013.06.15 16:39:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tools&More
[2013.06.15 16:39:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Tools&More
[2013.06.09 13:51:24 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Roaming\Check Point Software Technologies LTD
[2013.06.07 19:34:49 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Local\Adobe
[2013.06.04 19:44:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
[2013.06.04 19:43:56 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Roaming\DVDVideoSoft
[2013.06.04 19:43:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft
[2013.06.04 19:43:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft
[2013.06.04 18:05:46 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013.06.04 18:04:51 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Local\Google
[2013.06.04 17:34:42 | 000,026,080 | ---- | C] (Zemana Ltd.) -- C:\Windows\SysNative\drivers\KeyCrypt64.sys
[2013.06.04 17:34:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiLogger Free
[2013.06.04 17:34:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\KeyCryptSDK
[2013.06.04 17:34:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Zemana AntiLogger Free
[2013.06.04 17:34:40 | 000,000,000 | ---D | C] -- C:\Users\Julian\AppData\Local\AntiLogger Free
 
========== Files - Modified Within 30 Days ==========
 
[2013.07.03 19:36:39 | 000,000,000 | ---- | M] () -- C:\Users\Julian\defogger_reenable
[2013.07.03 19:30:02 | 000,000,388 | ---- | M] () -- C:\Windows\tasks\Acer Registration - Reminder Recall task.job
[2013.07.03 19:14:11 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2525674677-3744128791-4081538938-1000UA.job
[2013.07.03 19:13:41 | 001,498,506 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.07.03 19:13:41 | 000,654,166 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.07.03 19:13:41 | 000,616,008 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.07.03 19:13:41 | 000,130,006 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.07.03 19:13:41 | 000,106,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.07.03 18:58:01 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.07.03 18:41:31 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.07.03 18:41:31 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.07.03 18:33:35 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.07.03 18:33:30 | 3144,867,840 | -HS- | M] () -- C:\hiberfil.sys
[2013.07.03 18:15:55 | 000,417,040 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.07.01 19:07:57 | 000,008,174 | ---- | M] () -- D:\Users\Julian\Documents\cc_20130701_190751.reg
[2013.07.01 18:55:35 | 000,083,672 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avnetflt.sys
[2013.07.01 18:14:01 | 000,001,072 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2525674677-3744128791-4081538938-1000Core.job
[2013.06.24 21:34:29 | 000,004,414 | ---- | M] () -- D:\Users\Julian\Documents\NewDatabase.kdbx
[2013.06.22 20:50:07 | 000,006,729 | -H-- | M] () -- C:\Windows\SysWow64\BTImages.dat
[2013.06.10 18:34:59 | 000,417,563 | ---- | M] () -- C:\Windows\SysNative\drivers\vsconfig.xml
[2013.06.04 17:18:23 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
 
========== Files Created - No Company Name ==========
 
[2013.07.03 19:36:39 | 000,000,000 | ---- | C] () -- C:\Users\Julian\defogger_reenable
[2013.07.03 18:15:44 | 000,417,040 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.07.01 20:03:05 | 000,002,209 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013.lnk
[2013.07.01 19:07:55 | 000,008,174 | ---- | C] () -- D:\Users\Julian\Documents\cc_20130701_190751.reg
[2013.07.01 18:33:09 | 000,001,399 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2013.06.04 18:04:56 | 000,001,124 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2525674677-3744128791-4081538938-1000UA.job
[2013.06.04 18:04:56 | 000,001,072 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2525674677-3744128791-4081538938-1000Core.job
[2013.06.04 17:18:23 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
[2013.05.28 20:04:24 | 000,006,729 | -H-- | C] () -- C:\Windows\SysWow64\BTImages.dat
[2013.05.26 17:16:51 | 000,206,208 | ---- | C] () -- C:\Windows\PLFSetI.exe
[2013.05.26 17:16:51 | 000,113,264 | ---- | C] () -- C:\Windows\FixUVC.exe
[2013.05.26 17:16:51 | 000,000,302 | ---- | C] () -- C:\Windows\PidList_C.ini
[2012.01.18 06:44:00 | 010,920,984 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2012.01.18 06:44:00 | 000,336,408 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
[2012.01.18 06:44:00 | 000,104,472 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:30:56 | 014,165,504 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 03:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2013.06.09 13:51:24 | 000,000,000 | ---D | M] -- C:\Users\Julian\AppData\Roaming\Check Point Software Technologies LTD
[2013.05.26 19:26:09 | 000,000,000 | ---D | M] -- C:\Users\Julian\AppData\Roaming\CheckPoint
[2013.06.04 19:44:35 | 000,000,000 | ---D | M] -- C:\Users\Julian\AppData\Roaming\DVDVideoSoft
[2013.05.28 18:09:40 | 000,000,000 | ---D | M] -- C:\Users\Julian\AppData\Roaming\ICQ-Profile
[2013.05.28 18:07:27 | 000,000,000 | ---D | M] -- C:\Users\Julian\AppData\Roaming\ICQM
[2013.07.03 18:31:03 | 000,000,000 | ---D | M] -- C:\Users\Julian\AppData\Roaming\KeePass
[2013.05.29 18:42:51 | 000,000,000 | ---D | M] -- C:\Users\Julian\AppData\Roaming\TuneUp Software
 
========== Purity Check ==========
 
 

< End of report >
Danke schonmal :)

schrauber 03.07.2013 19:10
Hi,

Systemscan mit FRST
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Start > Computer (Rechtsklick) > Eigenschaften)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Scan.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Ninja619 03.07.2013 20:22
FRST

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-07-2013 02
Ran by Julian (administrator) on 03-07-2013 20:43:14
Running from C:\Users\Julian\Downloads
Windows 7 Home Premium (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
(Check Point Software Technologies LTD) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
(Check Point Software Technologies) C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Check Point Software Technologies) C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files (x86)\STMicroelectronics\STScreenDetection\SDTabletPC.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
() C:\Windows\snuvcdsm.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Windows\PLFSetI.exe
(The Eraser Project) C:\Program Files\Eraser\Eraser.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Windows\system32\igfxext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Check Point Software Technologies LTD) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Dominik Reichl) C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe
(ICQ) C:\Users\Julian\AppData\Roaming\ICQM\icq.exe
(AppWork GmbH) C:\Users\Julian\AppData\Local\JDownloader v2.0\JDownloader2.exe
(Google Inc.) C:\Users\Julian\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Julian\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Julian\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Julian\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\system32\taskmgr.exe
(Google Inc.) C:\Users\Julian\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Julian\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [324608 2010-02-05] (Alcor Micro Corp.)
HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [1842472 2009-09-17] (Synaptics Incorporated)
HKLM\...\Run: [ScreenRotation] C:\Program Files (x86)\STMicroelectronics\STScreenDetection\SDTabletPC.exe [2584576 2009-11-06] ()
HKLM\...\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [818720 2010-02-26] (Acer Incorporated)
HKLM\...\Run: [SNUVCDSM] C:\Windows\snuvcdsm.exe [30080 2010-01-13] ()
HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [11046504 2010-07-13] (Realtek Semiconductor)
HKLM\...\Run: [PLFSetI] C:\Windows\PLFSetI.exe [206208 2013-05-26] ()
HKLM\...\Run: [Eraser] "C:\PROGRA~1\Eraser\Eraser.exe" --atRestart [980920 2012-05-22] (The Eraser Project)
HKLM\...\Run: [ISW] "C:\Program Files\CheckPoint\ZAForceField\ForceField.exe" /icon="hidden" [1127592 2012-11-22] (Check Point Software Technologies)
HKCU\...\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKCU\...\Run: [icq] C:\Users\Julian\AppData\Roaming\ICQM\icq.exe -CU [27598184 2013-05-28] (ICQ)
HKCU\...\Policies\system: [DisableRegistryTools] 0
HKCU\...\Policies\system: [DisableTaskMgr] 0
HKLM-x32\...\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-04] (Intel Corporation)
HKLM-x32\...\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe [870992 2010-01-29] (Dritek System Inc.)
HKLM-x32\...\Run: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [337264 2010-05-27] (Egis Technology Inc.)
HKLM-x32\...\Run: []  [x]
HKLM-x32\...\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min [345144 2013-07-01] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe" [73832 2013-03-27] (Check Point Software Technologies LTD)
HKLM-x32\...\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [3830224 2013-05-16] (Safer-Networking Ltd.)
HKU\Default\...\RunOnce: [ScrSav] C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe /default [154144 2010-01-15] ()
AppInit_DLLs: C:\PROGRA~2\KEYCRY~1\KEYCRY~4.DLL [89936 2013-05-24] (Zemana Ltd.)
AppInit_DLLs-x32: C:\PROGRA~2\KEYCRY~1\KEYCRY~3.DLL [82696 2013-05-24] (Zemana Ltd.)
Startup: C:\ProgramData\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: localhost:21320
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.zonealarm.com/?src=hp&tbid=base2013&Lan=de&gu=44e925462ea848c798d8d00965d7a0ec&tu=10G90008F1B000v&sku=&tstsId=&ver=&
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {44417FA3-E13C-4E17-9A5F-FD0D0C2AC285} URL = hxxp://search.zonealarm.com/search?src=sp&tbid=base2013&Lan=de&q={searchTerms}&gu=44e925462ea848c798d8d00965d7a0ec&tu=10G90008F1B000v&sku=&tstsId=&ver=&&r=469
SearchScopes: HKCU - {9F1604C3-87ED-4AF9-A921-9812FF832A94} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=ff874d16-1afe-407c-9e12-ed4fbb01f3b6&apn_sauid=2A80BC78-C5B9-495E-9E26-9C8354DA0000
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Zonealarm Helper Object - {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.11.6\bh\zonealarm.dll (Montera Technologeis LTD)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
Toolbar: HKLM-x32 - ZoneAlarm Security Toolbar - {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.11.6\zonealarmTlbr.dll (Montera Technologeis LTD)
Toolbar: HKLM-x32 - ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
Toolbar: HKCU - ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\7yoofxo0.default
FF SelectedSearchEngine: Search By ZoneAlarm
FF Homepage: hxxp://search.zonealarm.com/?src=hp&tbid=base2013&Lan=de&gu=44e925462ea848c798d8d00965d7a0ec&tu=10GX0008T1B0008&sku=&tstsId=&ver=&
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/VirtualEarth3D,version=4.0 - C:\Program Files (x86)\Virtual Earth 3D\ ()
FF Plugin: @videolan.org/vlc,version=2.0.6 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/VirtualEarth3D,version=4.0 - C:\Program Files (x86)\Virtual Earth 3D\ ()
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Julian\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Julian\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Extension: zonealarm.com - C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\7yoofxo0.default\Extensions\ffxtlbr@zonealarm.com
FF Extension: tineye - C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\7yoofxo0.default\Extensions\tineye@ideeinc.com.xpi
FF Extension: No Name - C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\7yoofxo0.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Firefox\Extensions: [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] C:\Program Files\CheckPoint\ZAForceField\TrustChecker
FF Extension: No Name - C:\Program Files\CheckPoint\ZAForceField\TrustChecker
FF HKLM-x32\...\Firefox\Extensions: [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker
FF Extension: ZoneAlarm Security Engine - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker

Chrome:
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Users\Julian\AppData\Local\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Julian\AppData\Local\Google\Chrome\Application\27.0.1453.116\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Julian\AppData\Local\Google\Chrome\Application\27.0.1453.116\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Windows Live\u00AE Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (npFFApi) - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\npFFApi.dll ()
CHR Plugin: (Google Update) - C:\Users\Julian\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
CHR Extension: (Google Docs) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (AdBlock) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.2_0
CHR Extension: (Gmail) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-07-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-07-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [589368 2013-07-01] (Avira Operations GmbH & Co. KG)
R2 IswSvc; C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [828072 2012-11-22] (Check Point Software Technologies)
S3 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-05-27] (Egis Technology Inc.)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation)
R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [260640 2010-01-30] (Acer Incorporated)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2401632 2012-11-29] (TuneUp Software)
R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2447888 2013-03-27] (Check Point Software Technologies LTD)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-02-26] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-02-26] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-06] (Avira Operations GmbH & Co. KG)
R2 ISWKL; C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys [33712 2012-11-22] (Check Point Software Technologies)
R3 keycrypt; C:\Windows\System32\DRIVERS\KeyCrypt64.sys [26080 2013-05-24] (Zemana Ltd.)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [611160 2012-11-15] (Kaspersky Lab)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1806592 2010-01-13] ()
R3 STHall; C:\Windows\system32\DRIVERS\STHall.sys [21864 2009-11-24] (ST Microelectronics)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-11-16] (TuneUp Software)
R1 Vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [450136 2012-12-13] (Check Point Software Technologies LTD)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-03 19:58 - 2013-07-03 19:58 - 00063312 ____A C:\Users\Julian\Downloads\Extras.Txt
2013-07-03 19:57 - 2013-07-03 19:57 - 00106358 ____A C:\Users\Julian\Downloads\OTL.Txt
2013-07-03 19:36 - 2013-07-03 19:36 - 00050477 ____A C:\Users\Julian\Downloads\Defogger.exe
2013-07-03 19:36 - 2013-07-03 19:36 - 00000474 ____A C:\Users\Julian\Downloads\defogger_disable.log
2013-07-03 19:36 - 2013-07-03 19:36 - 00000000 ____A C:\Users\Julian\defogger_reenable
2013-07-03 19:35 - 2013-07-03 19:35 - 00602112 ____A (OldTimer Tools) C:\Users\Julian\Downloads\OTL.exe
2013-07-03 19:10 - 2013-03-05 13:18 - 00000016 ____A C:\Users\Julian\Downloads\enjoy.txt
2013-07-03 19:03 - 2013-07-03 19:03 - 00000000 ____D C:\Windows\ERUNT
2013-07-03 19:03 - 2013-07-03 19:03 - 00000000 ____D C:\JRT
2013-07-03 19:00 - 2013-07-03 19:02 - 00024303 ____A C:\Users\Julian\Downloads\Addition.txt
2013-07-03 19:00 - 2013-07-03 19:00 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\Julian\Downloads\JRT.exe
2013-07-03 18:58 - 2013-07-03 18:58 - 00000000 ____D C:\FRST
2013-07-03 18:40 - 2013-07-03 18:40 - 01934082 ____A (Farbar) C:\Users\Julian\Downloads\FRST64.exe
2013-07-03 18:39 - 2013-07-03 18:40 - 00001137 ____A C:\AdwCleaner[R1].txt
2013-07-03 18:31 - 2013-07-03 18:32 - 00012655 ____A C:\AdwCleaner[S1].txt
2013-07-03 18:30 - 2013-07-03 18:30 - 00650027 ____A C:\Users\Julian\Downloads\adwcleaner.exe
2013-07-03 18:16 - 2013-07-03 19:31 - 00000168 ____A C:\Windows\setupact.log
2013-07-03 18:16 - 2013-07-03 18:16 - 00109688 ____A C:\Users\Julian\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-03 18:16 - 2013-07-03 18:16 - 00000000 ____A C:\Windows\setuperr.log
2013-07-03 18:15 - 2013-07-03 18:15 - 00417040 ____A C:\Windows\System32\FNTCACHE.DAT
2013-07-03 18:15 - 2013-07-03 18:15 - 00000352 ____A C:\Windows\PFRO.log
2013-07-01 20:03 - 2012-11-29 16:06 - 00034656 ____A (TuneUp Software) C:\Windows\System32\TURegOpt.exe
2013-07-01 20:03 - 2012-11-29 16:06 - 00025952 ____A (TuneUp Software) C:\Windows\System32\authuitu.dll
2013-07-01 20:03 - 2012-11-29 16:06 - 00021344 ____A (TuneUp Software) C:\Windows\SysWOW64\authuitu.dll
2013-07-01 20:02 - 2013-07-01 20:03 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2013
2013-07-01 20:00 - 2013-07-01 20:00 - 30169591 ____A C:\Users\Julian\Downloads\TuneUp_Utilities_2013_v13.0.300.132.rar
2013-07-01 20:00 - 2013-07-01 20:00 - 00000000 ____D C:\Users\Julian\Downloads\TuneUp Utilities 2013 v13.0.300.132
2013-07-01 19:02 - 2013-07-01 19:02 - 00000000 ____D C:\Program Files\CCleaner
2013-07-01 18:57 - 2013-07-01 18:57 - 03357912 ____A (Piriform Ltd) C:\Users\Julian\Downloads\ccsetup403_slim.exe
2013-07-01 18:34 - 2013-07-01 18:39 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-07-01 18:33 - 2009-01-25 13:14 - 00017272 ____A (Safer Networking Limited) C:\Windows\System32\sdnclean64.exe
2013-07-01 18:32 - 2013-07-01 18:33 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-07-01 18:31 - 2013-07-01 18:32 - 36271144 ____A (Safer-Networking Ltd.                                      ) C:\Users\Julian\Downloads\spybot-2.1.exe
2013-06-30 12:28 - 2013-06-30 12:29 - 00000000 ____D C:\Users\Julian\Downloads\Movie.43.2013.BDRip.AC3.German.XviD-POE
2013-06-30 12:21 - 2013-06-27 11:19 - 1972400128 ____A C:\Users\Julian\Downloads\Olympus has fallen.avi
2013-06-30 11:25 - 2013-07-03 18:19 - 00000000 ____D C:\Program Files (x86)\LyricsWoofer
2013-06-22 20:45 - 2013-07-01 21:20 - 00000000 ____D C:\Users\Julian\Downloads\Genetikk - D.N.A
2013-06-22 20:11 - 2013-06-22 20:11 - 00844290 ____A C:\Users\Julian\Downloads\gendna2013pre.rar.part
2013-06-22 20:04 - 2013-06-22 20:11 - 11627273 ____A C:\Users\Julian\Downloads\DNA_PR_E.rar.part
2013-06-19 21:58 - 2013-06-19 21:59 - 00000000 ____D C:\Users\Julian\Desktop\Markus Heitz - Die Legenden der Albae - Vernichtender Hass
2013-06-15 21:53 - 2013-06-15 21:54 - 00000000 ____D C:\Users\Julian\Downloads\Snitch.2013.READ.NFO.BDRip.MD.German.x264-POE
2013-06-15 16:39 - 2013-06-15 16:39 - 00000000 ____D C:\Program Files (x86)\Tools&More
2013-06-09 15:33 - 2013-06-15 17:54 - 00000000 ____D C:\Users\Julian\Downloads\Der.Hobbit.Eine.Unerwartete.Reise.2012.German.DL.1080p.BluRay.x264.READ.NFO.INTERNAL-ENCOUNTERS
2013-06-09 13:51 - 2013-06-09 13:51 - 00000000 ____D C:\Users\Julian\AppData\Roaming\Check Point Software Technologies LTD
2013-06-07 19:34 - 2013-06-07 19:35 - 00000000 ____D C:\Users\Julian\AppData\Local\Adobe
2013-06-04 19:43 - 2013-06-04 19:44 - 00000000 ____D C:\Users\Julian\AppData\Roaming\DVDVideoSoft
2013-06-04 19:43 - 2013-06-04 19:44 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-06-04 18:04 - 2013-07-03 20:14 - 00001124 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2525674677-3744128791-4081538938-1000UA.job
2013-06-04 18:04 - 2013-07-01 18:14 - 00001072 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2525674677-3744128791-4081538938-1000Core.job
2013-06-04 18:04 - 2013-06-04 18:05 - 00000000 ____D C:\Users\Julian\AppData\Local\Google
2013-06-04 17:34 - 2013-06-04 17:34 - 00000000 ____D C:\Users\Julian\AppData\Local\AntiLogger Free
2013-06-04 17:34 - 2013-06-04 17:34 - 00000000 ____D C:\Program Files (x86)\Zemana AntiLogger Free
2013-06-04 17:34 - 2013-06-04 17:34 - 00000000 ____D C:\Program Files (x86)\KeyCryptSDK
2013-06-04 17:34 - 2013-05-24 17:08 - 00026080 ____A (Zemana Ltd.) C:\Windows\System32\Drivers\KeyCrypt64.sys
2013-06-04 17:18 - 2013-06-04 17:18 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf

==================== One Month Modified Files and Folders =======

2013-07-03 20:30 - 2013-05-26 19:16 - 00000388 ____A C:\Windows\Tasks\Acer Registration - Reminder Recall task.job
2013-07-03 20:14 - 2013-06-04 18:04 - 00001124 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2525674677-3744128791-4081538938-1000UA.job
2013-07-03 19:58 - 2013-07-03 19:58 - 00063312 ____A C:\Users\Julian\Downloads\Extras.Txt
2013-07-03 19:58 - 2013-05-26 19:53 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-03 19:57 - 2013-07-03 19:57 - 00106358 ____A C:\Users\Julian\Downloads\OTL.Txt
2013-07-03 19:36 - 2013-07-03 19:36 - 00050477 ____A C:\Users\Julian\Downloads\Defogger.exe
2013-07-03 19:36 - 2013-07-03 19:36 - 00000474 ____A C:\Users\Julian\Downloads\defogger_disable.log
2013-07-03 19:36 - 2013-07-03 19:36 - 00000000 ____A C:\Users\Julian\defogger_reenable
2013-07-03 19:36 - 2013-05-26 17:46 - 00000000 ____D C:\users\Julian
2013-07-03 19:35 - 2013-07-03 19:35 - 00602112 ____A (OldTimer Tools) C:\Users\Julian\Downloads\OTL.exe
2013-07-03 19:31 - 2013-07-03 18:16 - 00000168 ____A C:\Windows\setupact.log
2013-07-03 19:13 - 2013-05-27 02:54 - 00654166 ____A C:\Windows\System32\perfh007.dat
2013-07-03 19:13 - 2013-05-27 02:54 - 00130006 ____A C:\Windows\System32\perfc007.dat
2013-07-03 19:13 - 2009-07-14 07:13 - 01498506 ____A C:\Windows\System32\PerfStringBackup.INI
2013-07-03 19:06 - 2013-05-26 20:34 - 00000000 ____D C:\Users\Julian\AppData\Local\JDownloader v2.0
2013-07-03 19:03 - 2013-07-03 19:03 - 00000000 ____D C:\Windows\ERUNT
2013-07-03 19:03 - 2013-07-03 19:03 - 00000000 ____D C:\JRT
2013-07-03 19:02 - 2013-07-03 19:00 - 00024303 ____A C:\Users\Julian\Downloads\Addition.txt
2013-07-03 19:00 - 2013-07-03 19:00 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\Julian\Downloads\JRT.exe
2013-07-03 18:58 - 2013-07-03 18:58 - 00000000 ____D C:\FRST
2013-07-03 18:41 - 2009-07-14 06:45 - 00009696 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-03 18:41 - 2009-07-14 06:45 - 00009696 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-03 18:40 - 2013-07-03 18:40 - 01934082 ____A (Farbar) C:\Users\Julian\Downloads\FRST64.exe
2013-07-03 18:40 - 2013-07-03 18:39 - 00001137 ____A C:\AdwCleaner[R1].txt
2013-07-03 18:37 - 2013-05-26 17:03 - 01829198 ____A C:\Windows\WindowsUpdate.log
2013-07-03 18:33 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-07-03 18:32 - 2013-07-03 18:31 - 00012655 ____A C:\AdwCleaner[S1].txt
2013-07-03 18:31 - 2013-05-26 21:36 - 00000000 ____D C:\Users\Julian\AppData\Roaming\KeePass
2013-07-03 18:30 - 2013-07-03 18:30 - 00650027 ____A C:\Users\Julian\Downloads\adwcleaner.exe
2013-07-03 18:19 - 2013-06-30 11:25 - 00000000 ____D C:\Program Files (x86)\LyricsWoofer
2013-07-03 18:16 - 2013-07-03 18:16 - 00109688 ____A C:\Users\Julian\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-03 18:16 - 2013-07-03 18:16 - 00000000 ____A C:\Windows\setuperr.log
2013-07-03 18:15 - 2013-07-03 18:15 - 00417040 ____A C:\Windows\System32\FNTCACHE.DAT
2013-07-03 18:15 - 2013-07-03 18:15 - 00000352 ____A C:\Windows\PFRO.log
2013-07-01 21:42 - 2013-05-28 18:12 - 00000000 ____D C:\Users\Julian\Downloads\mdh
2013-07-01 21:42 - 2013-05-26 21:46 - 00000000 ____D C:\Users\Julian\AppData\Roaming\vlc
2013-07-01 21:20 - 2013-06-22 20:45 - 00000000 ____D C:\Users\Julian\Downloads\Genetikk - D.N.A
2013-07-01 21:15 - 2013-05-26 19:19 - 00000000 ____D C:\Users\Julian\AppData\Local\DoNotTrackPlus
2013-07-01 21:09 - 2013-05-26 19:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-01 21:06 - 2007-07-12 03:49 - 00000000 ____D C:\Windows\Panther
2013-07-01 20:11 - 2013-05-29 18:39 - 00000000 __SHD C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-07-01 20:04 - 2013-05-26 19:18 - 00000000 ____D C:\Users\Julian\Desktop\Verwaltung
2013-07-01 20:03 - 2013-07-01 20:02 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2013
2013-07-01 20:00 - 2013-07-01 20:00 - 30169591 ____A C:\Users\Julian\Downloads\TuneUp_Utilities_2013_v13.0.300.132.rar
2013-07-01 20:00 - 2013-07-01 20:00 - 00000000 ____D C:\Users\Julian\Downloads\TuneUp Utilities 2013 v13.0.300.132
2013-07-01 19:02 - 2013-07-01 19:02 - 00000000 ____D C:\Program Files\CCleaner
2013-07-01 18:57 - 2013-07-01 18:57 - 03357912 ____A (Piriform Ltd) C:\Users\Julian\Downloads\ccsetup403_slim.exe
2013-07-01 18:55 - 2013-05-27 06:09 - 00083672 ____A (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avnetflt.sys
2013-07-01 18:39 - 2013-07-01 18:34 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-07-01 18:33 - 2013-07-01 18:32 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-07-01 18:32 - 2013-07-01 18:31 - 36271144 ____A (Safer-Networking Ltd.                                      ) C:\Users\Julian\Downloads\spybot-2.1.exe
2013-07-01 18:14 - 2013-06-04 18:04 - 00001072 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2525674677-3744128791-4081538938-1000Core.job
2013-06-30 20:37 - 2013-05-26 19:25 - 00000000 ____D C:\Users\Julian\AppData\Roaming\Skype
2013-06-30 12:29 - 2013-06-30 12:28 - 00000000 ____D C:\Users\Julian\Downloads\Movie.43.2013.BDRip.AC3.German.XviD-POE
2013-06-27 11:19 - 2013-06-30 12:21 - 1972400128 ____A C:\Users\Julian\Downloads\Olympus has fallen.avi
2013-06-22 20:50 - 2013-05-28 20:04 - 00006729 ___AH C:\Windows\SysWOW64\BTImages.dat
2013-06-22 20:11 - 2013-06-22 20:11 - 00844290 ____A C:\Users\Julian\Downloads\gendna2013pre.rar.part
2013-06-22 20:11 - 2013-06-22 20:04 - 11627273 ____A C:\Users\Julian\Downloads\DNA_PR_E.rar.part
2013-06-19 21:59 - 2013-06-19 21:58 - 00000000 ____D C:\Users\Julian\Desktop\Markus Heitz - Die Legenden der Albae - Vernichtender Hass
2013-06-19 21:53 - 2013-05-26 20:11 - 00000000 ____D C:\Users\Julian\Desktop\Media
2013-06-15 21:54 - 2013-06-15 21:53 - 00000000 ____D C:\Users\Julian\Downloads\Snitch.2013.READ.NFO.BDRip.MD.German.x264-POE
2013-06-15 17:54 - 2013-06-09 15:33 - 00000000 ____D C:\Users\Julian\Downloads\Der.Hobbit.Eine.Unerwartete.Reise.2012.German.DL.1080p.BluRay.x264.READ.NFO.INTERNAL-ENCOUNTERS
2013-06-15 16:39 - 2013-06-15 16:39 - 00000000 ____D C:\Program Files (x86)\Tools&More
2013-06-15 16:38 - 2010-09-14 13:14 - 00000000 ____D C:\Windows\Downloaded Installations
2013-06-12 19:58 - 2013-05-26 19:53 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-12 19:58 - 2013-05-26 19:53 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-10 18:34 - 2013-05-26 19:26 - 00417563 ____A C:\Windows\System32\Drivers\vsconfig.xml
2013-06-09 16:45 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-06-09 13:51 - 2013-06-09 13:51 - 00000000 ____D C:\Users\Julian\AppData\Roaming\Check Point Software Technologies LTD
2013-06-07 19:35 - 2013-06-07 19:34 - 00000000 ____D C:\Users\Julian\AppData\Local\Adobe
2013-06-07 19:34 - 2013-05-26 18:13 - 00000000 ____D C:\Users\Julian\AppData\Roaming\Adobe
2013-06-04 19:44 - 2013-06-04 19:43 - 00000000 ____D C:\Users\Julian\AppData\Roaming\DVDVideoSoft
2013-06-04 19:44 - 2013-06-04 19:43 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2013-06-04 18:12 - 2013-05-26 19:26 - 00000000 ____D C:\Users\Julian\Desktop\Internet
2013-06-04 18:05 - 2013-06-04 18:04 - 00000000 ____D C:\Users\Julian\AppData\Local\Google
2013-06-04 17:34 - 2013-06-04 17:34 - 00000000 ____D C:\Users\Julian\AppData\Local\AntiLogger Free
2013-06-04 17:34 - 2013-06-04 17:34 - 00000000 ____D C:\Program Files (x86)\Zemana AntiLogger Free
2013-06-04 17:34 - 2013-06-04 17:34 - 00000000 ____D C:\Program Files (x86)\KeyCryptSDK
2013-06-04 17:18 - 2013-06-04 17:18 - 00000000 ___AH C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-06-09 16:23

==================== End Of Log ============================
--- --- ---


Addition

Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-07-2013 02
Ran by Julian at 2013-07-03 19:00:40
Running from C:\Users\Julian\Downloads
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

Acer Backup Manager (x32 Version: 2.0.0.68)
Acer Crystal Eye webcam Ver:1.1.188.706 (x32 Version: 1.1.188.706)
Acer ePower Management (x32 Version: 4.05.3007)
Acer eRecovery Management (x32 Version: 4.05.3013)
Acer GridVista (x32 Version: 3.03.1223)
Acer Registration (x32 Version: 1.03.3003)
Acer ScreenSaver (x32 Version: 1.1.0203.2010)
Acer Touch Movie (x32 Version: 9.0.6325)
Acer TouchPortal (x32 Version: 1.0.3925)
Acer Updater (x32 Version: 1.02.3001)
Acer VCM (x32 Version: 4.05.3002)
Acrobat.com (x32 Version: 1.6.65)
Adobe AIR (x32 Version: 1.5.0.7220)
Adobe Flash Player 11 ActiveX (x32 Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (x32 Version: 11.7.700.224)
Adobe Reader 9.1 MUI (x32 Version: 9.1.0)
Alcor Micro USB Card Reader (x32 Version: 1.3.17.05006)
AntiLogger Free version 1.6.2.226 (x32 Version: 1.6.2.226)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (x32 Version: 1.0.0.33)
Avira Free Antivirus (x32 Version: 13.0.0.3737)
Backup Manager Basic (x32 Version: 2.0.0.68)
CCleaner (Version: 4.03)
CyberLink PowerDVD 8 (x32 Version: 8.1.4022.50)
Dir-It! (x32 Version: 4.02.0000)
eBay Worldwide (x32 Version: 2.1.0901)
Eraser 6.0.10.2620 (Version: 6.0.2620)
eSobi v2 (x32 Version: 2.0.4.000274)
Free Audio Converter version 5.0.24.430 (x32 Version: 5.0.24.430)
Google Chrome (HKCU Version: 27.0.1453.116)
ICQ 8.0 (build 6017) (HKCU Version: 8.0.6017.0)
Identity Card (x32 Version: 1.00.3003)
Intel(R) Control Center (x32 Version: 1.2.1.1007)
Intel(R) Graphics Media Accelerator Driver (Version: 8.15.10.1892)
Intel(R) Rapid Storage Technology (x32 Version: 9.6.0.1014)
Java 7 Update 21 (64-bit) (Version: 7.0.210)
JDownloader 2 (Version: 2.0)
Junk Mail filter update (x32 Version: 14.0.8117.416)
KeePass Password Safe 2.22 (x32)
Launch Manager (x32 Version: 3.0.00)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (x32 Version: 2.0.48.0)
Microsoft Office 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.4763.1000)
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.4763.1000)
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.4763.1000)
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.4763.1000)
Microsoft Silverlight (x32 Version: 4.0.50401.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Touch Pack for Windows 7 (x32 Version: 1.0.40517.00)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft XNA Framework Redistributable 3.0 (x32 Version: 3.0.11010.0)
Microsoft-Maus- und Tastatur-Center (Version: 2.1.177.0)
Mozilla Firefox 21.0 (x86 de) (x32 Version: 21.0)
Mozilla Maintenance Service (x32 Version: 21.0)
MSVCRT (x32 Version: 14.0.1468.721)
MyWinLocker (x32 Version: 3.1.212.0)
MyWinLocker Suite (x32 Version: 3.1.212.0)
Norton Online Backup (x32 Version: 2.1.17869)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6156)
Shredder (Version: 2.0.8.3)
Shredder (x32 Version: 2.0.8.3)
Skype™ 6.3 (x32 Version: 6.3.107)
Spybot - Search & Destroy (x32 Version: 2.1.19)
STScreenDetection (x32 Version: 1.00.00.18)
Synaptics Pointing Device Driver (Version: 14.0.6.0)
TuneUp Utilities 2013 (x32 Version: 13.0.3000.132)
TuneUp Utilities Language Pack (de-DE) (x32 Version: 13.0.3000.132)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Virtual Earth 3D (Beta) (Version: 4.0.903.16005)
VLC media player 2.0.6 (Version: 2.0.6)
Welcome Center (x32 Version: 1.02.3004)
WIDCOMM Bluetooth Software (Version: 6.3.0.6000)
Windows Live Anmelde-Assistent (x32 Version: 5.000.818.5)
Windows Live Call (x32 Version: 14.0.8117.0416)
Windows Live Communications Platform (x32 Version: 14.0.8117.416)
Windows Live Essentials (x32 Version: 14.0.8117.0416)
Windows Live Essentials (x32 Version: 14.0.8117.416)
Windows Live Fotogalerie (x32 Version: 14.0.8117.416)
Windows Live Mail (x32 Version: 14.0.8117.0416)
Windows Live Messenger (x32 Version: 14.0.8117.0416)
Windows Live Movie Maker (x32 Version: 14.0.8117.0416)
Windows Live Sync (x32 Version: 14.0.8117.416)
Windows Live Writer (x32 Version: 14.0.8117.0416)
Windows Live-Uploadtool (x32 Version: 14.0.8014.1029)
WinRAR 4.20 (64-Bit) (Version: 4.20.0)
ZoneAlarm Antivirus (x32 Version: 11.0.000.057)
ZoneAlarm Firewall (x32 Version: 11.0.000.057)
ZoneAlarm Firewall (x32 Version: 11.0.000.504)
ZoneAlarm Free Firewall (x32 Version: 11.0.000.504)
ZoneAlarm Security (x32 Version: 11.0.000.057)
ZoneAlarm Security (x32 Version: 11.0.000.504)
ZoneAlarm Security Toolbar  (x32 Version: 1.8.11.11)

==================== Restore Points  =========================

01-07-2013 18:01:44 TuneUp Utilities 2013 wird installiert

==================== Scheduled Tasks (whitelisted) =============

Task: {37A4203B-D0CA-4708-9D6A-DAC55A5FD32E} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe No File
Task: {394EE9A4-555F-4E45-AFED-580607036D0A} - System32\Tasks\Acer Registration - Reminder Recall task => C:\Program Files (x86)\Acer\Registration\GREG.exe [2010-04-28] (Acer Incorporated)
Task: {5A73F8BD-5151-451A-86DF-50D55963FA64} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2525674677-3744128791-4081538938-1000UA => C:\Users\Julian\AppData\Local\Google\Update\GoogleUpdate.exe [2013-06-04] (Google Inc.)
Task: {613CF678-5552-4664-B6E2-D7174D12EDF9} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => C:\program files\windows defender\MpCmdRun.exe [2009-07-14] (Microsoft Corporation)
Task: {64B3C097-467D-47EC-BC1B-76189F766BA1} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe No File
Task: {6FF4580C-21F3-42F9-AD95-BA878B9E9216} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2525674677-3744128791-4081538938-1000Core => C:\Users\Julian\AppData\Local\Google\Update\GoogleUpdate.exe [2013-06-04] (Google Inc.)
Task: {8638A350-88F0-4267-84FA-EE6C9D1577C6} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation)
Task: {974A498E-9D94-44D0-83FA-FDB66441EACC} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe [2012-11-29] (TuneUp Software)
Task: {A52F4767-DCAF-408B-A3D0-118FB32A2C83} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe No File
Task: {CB2F6BC1-38F3-45AF-8D4F-C987EDFBEAD6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-06-12] (Adobe Systems Incorporated)
Task: {D5342157-3A4E-4CDF-8967-B97CDCA53F6C} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: {DB94BE21-F2BB-4A05-80AD-6E70740028BD} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe No File
Task: {E5D3F610-4DB3-4E0E-ABE6-D2CD721B27BE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-06-19] (Piriform Ltd)
Task: {E8AB24D5-2304-40C9-B118-6A5977D36288} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation)
Task: C:\Windows\Tasks\Acer Registration - Reminder Recall task.job => C:\Program Files (x86)\Acer\Registration\GREG.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2525674677-3744128791-4081538938-1000Core.job => C:\Users\Julian\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2525674677-3744128791-4081538938-1000UA.job => C:\Users\Julian\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/09/2013 04:26:57 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile  WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (06/09/2013 04:24:58 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (06/08/2013 11:57:29 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: TuneUpUtilitiesService64.exe, Version: 13.0.3020.2, Zeitstempel: 0x51067ac3
Name des fehlerhaften Moduls: TuneUpUtilitiesService64.exe, Version: 13.0.3020.2, Zeitstempel: 0x51067ac3
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000001cbe6
ID des fehlerhaften Prozesses: 0x908
Startzeit der fehlerhaften Anwendung: 0xTuneUpUtilitiesService64.exe0
Pfad der fehlerhaften Anwendung: TuneUpUtilitiesService64.exe1
Pfad des fehlerhaften Moduls: TuneUpUtilitiesService64.exe2
Berichtskennung: TuneUpUtilitiesService64.exe3

Error: (05/31/2013 11:23:58 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 21.0.0.4879, Zeitstempel: 0x518ec3cc
Name des fehlerhaften Moduls: xul.dll, Version: 21.0.0.4879, Zeitstempel: 0x518ec306
Ausnahmecode: 0xc0000005
Fehleroffset: 0x001c9789
ID des fehlerhaften Prozesses: 0xf90
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3

Error: (05/28/2013 08:47:22 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: UpdaterService.exe, Version: 1.0.0.8, Zeitstempel: 0x4b614046
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x6f6e6a64
ID des fehlerhaften Prozesses: 0x808
Startzeit der fehlerhaften Anwendung: 0xUpdaterService.exe0
Pfad der fehlerhaften Anwendung: UpdaterService.exe1
Pfad des fehlerhaften Moduls: UpdaterService.exe2
Berichtskennung: UpdaterService.exe3

Error: (05/28/2013 08:47:18 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: RS_Service.exe, Version: 4.5.3000.9285, Zeitstempel: 0x4a563cf3
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x6f6e6a64
ID des fehlerhaften Prozesses: 0x6d4
Startzeit der fehlerhaften Anwendung: 0xRS_Service.exe0
Pfad der fehlerhaften Anwendung: RS_Service.exe1
Pfad des fehlerhaften Moduls: RS_Service.exe2
Berichtskennung: RS_Service.exe3

Error: (05/28/2013 08:47:13 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: IScheduleSvc.exe, Version: 2.0.0.68, Zeitstempel: 0x4c28447e
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x6f6e6a64
ID des fehlerhaften Prozesses: 0x640
Startzeit der fehlerhaften Anwendung: 0xIScheduleSvc.exe0
Pfad der fehlerhaften Anwendung: IScheduleSvc.exe1
Pfad des fehlerhaften Moduls: IScheduleSvc.exe2
Berichtskennung: IScheduleSvc.exe3

Error: (05/28/2013 08:47:12 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: GREGsvc.exe, Version: 1.0.0.1, Zeitstempel: 0x4afbd2e4
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x6f6e6a64
ID des fehlerhaften Prozesses: 0x540
Startzeit der fehlerhaften Anwendung: 0xGREGsvc.exe0
Pfad der fehlerhaften Anwendung: GREGsvc.exe1
Pfad des fehlerhaften Moduls: GREGsvc.exe2
Berichtskennung: GREGsvc.exe3

Error: (05/28/2013 08:47:08 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: UMVPFSrv.exe, Version: 13.31.1044.0, Zeitstempel: 0x4f166843
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x6f6e6a64
ID des fehlerhaften Prozesses: 0x344
Startzeit der fehlerhaften Anwendung: 0xUMVPFSrv.exe0
Pfad der fehlerhaften Anwendung: UMVPFSrv.exe1
Pfad des fehlerhaften Moduls: UMVPFSrv.exe2
Berichtskennung: UMVPFSrv.exe3

Error: (05/28/2013 08:47:04 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: mscorsvw.exe, Version: 4.0.30319.1, Zeitstempel: 0x4ba1da21
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x6f6e6a64
ID des fehlerhaften Prozesses: 0x9e0
Startzeit der fehlerhaften Anwendung: 0xmscorsvw.exe0
Pfad der fehlerhaften Anwendung: mscorsvw.exe1
Pfad des fehlerhaften Moduls: mscorsvw.exe2
Berichtskennung: mscorsvw.exe3


System errors:
=============
Error: (07/01/2013 09:14:36 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.

Error: (07/01/2013 07:35:38 PM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (07/01/2013 06:33:47 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (07/01/2013 06:33:47 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht.

Error: (07/01/2013 06:02:08 PM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0x80004005

Error: (06/28/2013 06:11:26 PM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0x80070420

Error: (06/26/2013 10:20:17 PM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0x80004005

Error: (06/20/2013 06:43:54 PM) (Source: WMPNetworkSvc) (User: )
Description: WMPNetworkSvc0x80004005

Error: (06/20/2013 06:43:06 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "IPsec-Richtlinien-Agent" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (06/20/2013 06:43:06 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst IPsec-Richtlinien-Agent erreicht.


Microsoft Office Sessions:
=========================
Error: (06/09/2013 04:26:57 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"c:\program files (x86)\windows live\photo gallery\MovieMaker.Exec:\program files (x86)\windows live\photo gallery\WLMFDS.DLL8

Error: (06/09/2013 04:24:58 PM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (06/08/2013 11:57:29 AM) (Source: Application Error)(User: )
Description: TuneUpUtilitiesService64.exe13.0.3020.251067ac3TuneUpUtilitiesService64.exe13.0.3020.251067ac3c0000005000000000001cbe690801ce642e8cae3970C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exeC:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exed44b6355-d021-11e2-bf0d-60eb699ddf56

Error: (05/31/2013 11:23:58 PM) (Source: Application Error)(User: )
Description: firefox.exe21.0.0.4879518ec3ccxul.dll21.0.0.4879518ec306c0000005001c9789f9001ce5e180a1b704bC:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Program Files (x86)\Mozilla Firefox\xul.dll677f31ac-ca38-11e2-a1c2-60eb699ddf56

Error: (05/28/2013 08:47:22 PM) (Source: Application Error)(User: )
Description: UpdaterService.exe1.0.0.84b614046unknown0.0.0.000000000c00000056f6e6a6480801ce5bd336e80315C:\Program Files\Acer\Acer Updater\UpdaterService.exeunknown07a491e3-c7c7-11e2-a586-60eb699ddf56

Error: (05/28/2013 08:47:18 PM) (Source: Application Error)(User: )
Description: RS_Service.exe4.5.3000.92854a563cf3unknown0.0.0.000000000c00000056f6e6a646d401ce5bd3369e386cC:\Program Files (x86)\Acer\Acer VCM\RS_Service.exeunknown05374abb-c7c7-11e2-a586-60eb699ddf56

Error: (05/28/2013 08:47:13 PM) (Source: Application Error)(User: )
Description: IScheduleSvc.exe2.0.0.684c28447eunknown0.0.0.000000000c00000056f6e6a6464001ce5bd336866aaaC:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exeunknown02425524-c7c7-11e2-a586-60eb699ddf56

Error: (05/28/2013 08:47:12 PM) (Source: Application Error)(User: )
Description: GREGsvc.exe1.0.0.14afbd2e4unknown0.0.0.000000000c00000056f6e6a6454001ce5bd3362bf65fC:\Program Files (x86)\Acer\Registration\GREGsvc.exeunknown0169b7eb-c7c7-11e2-a586-60eb699ddf56

Error: (05/28/2013 08:47:08 PM) (Source: Application Error)(User: )
Description: UMVPFSrv.exe13.31.1044.04f166843unknown0.0.0.000000000c00000056f6e6a6434401ce5bd329fe2899C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exeunknownff489ccc-c7c6-11e2-a586-60eb699ddf56

Error: (05/28/2013 08:47:04 PM) (Source: Application Error)(User: )
Description: mscorsvw.exe4.0.30319.14ba1da21unknown0.0.0.000000000c00000056f6e6a649e001ce5bd387811adcC:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exeunknownfd016ba9-c7c6-11e2-a586-60eb699ddf56


CodeIntegrity Errors:
===================================
  Date: 2013-07-03 18:56:13.424
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-03 18:45:32.274
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-03 18:40:20.009
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-03 18:30:27.088
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-01 20:41:31.839
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-01 20:12:52.810
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-01 20:00:59.778
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-01 19:22:40.138
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-01 19:11:17.077
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-07-01 18:53:50.044
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Percentage of memory in use: 62%
Total physical RAM: 3998.91 MB
Available physical RAM: 1508.38 MB
Total Pagefile: 7995.96 MB
Available Pagefile: 4514.72 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:101.78 GB) (Free:46.77 GB) NTFS (Disk=0 Partition=3)
Drive d: (Daten) (Fixed) (Total:350.89 GB) (Free:314.26 GB) NTFS (Disk=0 Partition=4)

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 82D3A025)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=102 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=351 GB) - (Type=07 NTFS)

==================== End Of Log ============================
Bitte :)

schrauber 03.07.2013 20:45
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

Ninja619 04.07.2013 17:15
So
Code:
# AdwCleaner v2.304 - Datei am 04/07/2013 um 17:49:09 erstellt
# Aktualisiert am 03/07/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium  (64 bits)
# Benutzer : Julian - JULIAN-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Julian\Downloads\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Ordner Gelöscht : C:\Users\Julian\AppData\Roaming\CheckPoint\ZoneAlarm LTD Toolbar

***** [Registrierungsdatenbank] *****


***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16483

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v21.0 (de)

Datei : C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\7yoofxo0.default\prefs.js

[OK] Die Datei ist sauber.

-\\ Google Chrome v27.0.1453.116

Datei : C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [1137 octets] - [03/07/2013 18:39:48]
AdwCleaner[S1].txt - [12655 octets] - [03/07/2013 18:31:13]
AdwCleaner[S2].txt - [1071 octets] - [04/07/2013 17:49:09]

########## EOF - C:\AdwCleaner[S2].txt - [1131 octets] ##########

JRT
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 7 Home Premium x64
Ran by Julian on 04.07.2013 at 17:58:54,45
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{9F1604C3-87ED-4AF9-A921-9812FF832A94}



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Julian\AppData\Roaming\mozilla\firefox\profiles\7yoofxo0.default\minidumps [3 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 04.07.2013 at 18:11:29,22
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

schrauber 04.07.2013 19:50

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST Log bitte. Noch Probleme?:)

Ninja619 06.07.2013 15:33
Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=559bd8049d48f74dafcba09518177120
# engine=14289
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-07-06 01:16:16
# local_time=2013-07-06 03:16:16 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7600 NT
# compatibility_mode=1799 16775165 100 96 9477 238539866 2221 0
# compatibility_mode=5893 16776573 100 94 148673 124746426 0 0
# compatibility_mode=9217 16776573 100 13 2337756 13635644 0 0
# scanned=138098
# found=0
# cleaned=0
# scan_time=7068
Code:
Results of screen317's Security Check version 0.99.68 
 Windows 7  x64 (UAC is enabled) 
 Out of date service pack!!
 Internet Explorer 10 
``````````````Antivirus/Firewall Check:``````````````
ZoneAlarm Free Firewall Antivirus 
 Antivirus up to date!  (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
 Spybot - Search & Destroy
 TuneUp Utilities 2013 
 TuneUp Utilities Language Pack (de-DE)
 Adobe Flash Player 11.7.700.224 
 Adobe Reader 9 Adobe Reader out of Date!
 Mozilla Firefox 21.0 Firefox out of Date! 
 Google Chrome 27.0.1453.110 
 Google Chrome 27.0.1453.116 
````````Process Check: objlist.exe by Laurent```````` 
 Spybot Teatimer.exe is disabled!
 Symantec Norton Online Backup NOBuAgent.exe 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 
````````````````````End of Log``````````````````````

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-07-2013 02
Ran by Julian (administrator) on 06-07-2013 16:28:11
Running from C:\Users\Julian\Downloads
Windows 7 Home Premium (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(Logitech Inc.) C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
(Check Point Software Technologies LTD) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
(Check Point Software Technologies) C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files (x86)\STMicroelectronics\STScreenDetection\SDTabletPC.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
() C:\Windows\snuvcdsm.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
() C:\Windows\PLFSetI.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(The Eraser Project) C:\Program Files\Eraser\Eraser.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(Intel Corporation) C:\Windows\system32\igfxext.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.EXE
(Check Point Software Technologies LTD) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
(Check Point Software Technologies) C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\system32\taskmgr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [324608 2010-02-05] (Alcor Micro Corp.)
HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [1842472 2009-09-17] (Synaptics Incorporated)
HKLM\...\Run: [ScreenRotation] C:\Program Files (x86)\STMicroelectronics\STScreenDetection\SDTabletPC.exe [2584576 2009-11-06] ()
HKLM\...\Run: [Acer ePower Management] C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [818720 2010-02-26] (Acer Incorporated)
HKLM\...\Run: [SNUVCDSM] C:\Windows\snuvcdsm.exe [30080 2010-01-13] ()
HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s [11046504 2010-07-13] (Realtek Semiconductor)
HKLM\...\Run: [PLFSetI] C:\Windows\PLFSetI.exe [206208 2013-05-26] ()
HKLM\...\Run: [Eraser] "C:\PROGRA~1\Eraser\Eraser.exe" --atRestart [980920 2012-05-22] (The Eraser Project)
HKLM\...\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe /icon="hidden" [1127592 2012-11-22] (Check Point Software Technologies)
HKCU\...\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKCU\...\Run: [icq] C:\Users\Julian\AppData\Roaming\ICQM\icq.exe -CU [27598184 2013-05-28] (ICQ)
HKCU\...\Policies\system: [DisableRegistryTools] 0
HKCU\...\Policies\system: [DisableTaskMgr] 0
HKLM-x32\...\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-04] (Intel Corporation)
HKLM-x32\...\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe [870992 2010-01-29] (Dritek System Inc.)
HKLM-x32\...\Run: [SuiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [337264 2010-05-27] (Egis Technology Inc.)
HKLM-x32\...\Run: []  [x]
HKLM-x32\...\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe" [73832 2013-03-27] (Check Point Software Technologies LTD)
HKLM-x32\...\Run: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [3830224 2013-05-16] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min [345144 2013-06-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" [1558480 2013-07-03] (APN)
HKU\Default\...\RunOnce: [ScrSav] C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe /default [154144 2010-01-15] ()
HKU\Default User\...\RunOnce: [ScrSav] C:\Program Files (x86)\Acer\Screensaver\run_Acer.exe /default [154144 2010-01-15] ()
AppInit_DLLs: C:\PROGRA~2\KEYCRY~1\KEYCRY~4.DLL [89936 2013-05-24] (Zemana Ltd.)
AppInit_DLLs-x32: C:\PROGRA~2\KEYCRY~1\KEYCRY~3.DLL [82696 2013-05-24] (Zemana Ltd.)
Startup: C:\ProgramData\Start Menu\Programs\Startup\Bluetooth.lnk
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: localhost:21320
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.zonealarm.com/?src=hp&tbid=base2013&Lan=de&gu=44e925462ea848c798d8d00965d7a0ec&tu=10G90008F1B000v&sku=&tstsId=&ver=&
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - {44417FA3-E13C-4E17-9A5F-FD0D0C2AC285} URL = hxxp://search.zonealarm.com/search?src=sp&tbid=base2013&Lan=de&q={searchTerms}&gu=44e925462ea848c798d8d00965d7a0ec&tu=10G90008F1B000v&sku=&tstsId=&ver=&&r=469
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Zonealarm Helper Object - {2A841F7A-A014-4DA5-B6D9-8B913DFB7A8C} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.11.6\bh\zonealarm.dll (Montera Technologeis LTD)
BHO-x32: Avira SearchFree Toolbar plus Web Protection - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: ZoneAlarm Security Engine Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
Toolbar: HKLM-x32 - ZoneAlarm Security Toolbar - {438FAE3E-BDEF-44D3-AB8B-0C7C8350DF59} - C:\Program Files (x86)\Check Point Software Technologies LTD\zonealarm\1.8.11.6\zonealarmTlbr.dll (Montera Technologeis LTD)
Toolbar: HKLM-x32 - ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar plus Web Protection - {41564952-412D-5637-00A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll (APN LLC.)
Toolbar: HKCU - ZoneAlarm Security Engine - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\7yoofxo0.default
FF SelectedSearchEngine: Search By ZoneAlarm
FF Homepage: hxxp://search.zonealarm.com/?src=hp&tbid=base2013&Lan=de&gu=44e925462ea848c798d8d00965d7a0ec&tu=10GX0008T1B0008&sku=&tstsId=&ver=&
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/VirtualEarth3D,version=4.0 - C:\Program Files (x86)\Virtual Earth 3D\ ()
FF Plugin: @videolan.org/vlc,version=2.0.6 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/VirtualEarth3D,version=4.0 - C:\Program Files (x86)\Virtual Earth 3D\ ()
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Julian\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Julian\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Extension: zonealarm.com - C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\7yoofxo0.default\Extensions\ffxtlbr@zonealarm.com
FF Extension: tineye - C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\7yoofxo0.default\Extensions\tineye@ideeinc.com.xpi
FF Extension: toolbar_AVIRA-V7 - C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\7yoofxo0.default\Extensions\toolbar_AVIRA-V7@apn.ask.com.xpi
FF Extension: No Name - C:\Users\Julian\AppData\Roaming\Mozilla\Firefox\Profiles\7yoofxo0.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM\...\Firefox\Extensions: [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] C:\Program Files\CheckPoint\ZAForceField\TrustChecker
FF Extension: No Name - C:\Program Files\CheckPoint\ZAForceField\TrustChecker
FF HKLM-x32\...\Firefox\Extensions: [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker
FF Extension: ZoneAlarm Security Engine - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker

Chrome:
=======
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Users\Julian\AppData\Local\Google\Chrome\Application\27.0.1453.116\PepperFlash\pepflashplayer.dll ()
CHR Extension: (Google Docs) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (AdBlock) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.2_0
CHR Extension: (Gmail) - C:\Users\Julian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-06-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-06-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [589368 2013-06-20] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [168400 2013-07-03] (APN LLC.)
R2 IswSvc; C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe [828072 2012-11-22] (Check Point Software Technologies)
S3 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-05-27] (Egis Technology Inc.)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation)
R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [260640 2010-01-30] (Acer Incorporated)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2401632 2012-11-29] (TuneUp Software)
R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2447888 2013-03-27] (Check Point Software Technologies LTD)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [100712 2013-06-20] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130016 2013-06-20] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-03-06] (Avira Operations GmbH & Co. KG)
R2 ISWKL; C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys [33712 2012-11-22] (Check Point Software Technologies)
R3 keycrypt; C:\Windows\System32\DRIVERS\KeyCrypt64.sys [26080 2013-05-24] (Zemana Ltd.)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [611160 2012-11-15] (Kaspersky Lab)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1806592 2010-01-13] ()
R3 STHall; C:\Windows\system32\DRIVERS\STHall.sys [21864 2009-11-24] (ST Microelectronics)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-11-16] (TuneUp Software)
R1 Vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [450136 2012-12-13] (Check Point Software Technologies LTD)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-06 16:16 - 2013-07-06 16:16 - 00000000 ____D C:\Users\Julian\AppData\Roaming\Avira
2013-07-06 16:13 - 2013-07-06 16:12 - 00083672 ____A (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avnetflt.sys
2013-07-06 16:12 - 2013-07-06 16:12 - 00000000 ____D C:\ProgramData\AskPartnerNetwork
2013-07-06 16:12 - 2013-07-06 16:12 - 00000000 ____D C:\ProgramData\APN
2013-07-06 16:12 - 2013-07-06 16:12 - 00000000 ____D C:\Program Files (x86)\AskPartnerNetwork
2013-07-06 16:10 - 2013-07-06 16:10 - 00000000 ____D C:\Program Files (x86)\Avira
2013-07-06 16:10 - 2013-06-20 14:48 - 00130016 ____A (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avipbb.sys
2013-07-06 16:10 - 2013-06-20 14:48 - 00100712 ____A (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avgntflt.sys
2013-07-06 16:10 - 2013-03-06 16:13 - 00028600 ____A (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avkmgr.sys
2013-07-06 16:06 - 2013-07-06 16:07 - 104943936 ____A C:\Users\Julian\Downloads\avira3737_free_antivirus_de.exe
2013-07-06 15:59 - 2013-07-06 15:59 - 00001201 ____A C:\Users\Julian\Desktop\checkup.txt
2013-07-06 15:33 - 2013-07-06 15:34 - 00890988 ____A C:\Users\Julian\Downloads\SecurityCheck.exe
2013-07-06 13:15 - 2013-07-06 13:15 - 02347384 ____A (ESET) C:\Users\Julian\Downloads\esetsmartinstaller_enu (1).exe
2013-07-04 21:21 - 2013-07-04 21:21 - 02347384 ____A (ESET) C:\Users\Julian\Downloads\esetsmartinstaller_enu.exe
2013-07-04 18:11 - 2013-07-04 18:11 - 00000905 ____A C:\Users\Julian\Desktop\JRT.txt
2013-07-04 17:56 - 2013-07-04 17:56 - 00001200 ____A C:\Users\Julian\Desktop\AdwCleaner[S2].txt
2013-07-04 17:49 - 2013-07-04 17:50 - 00001200 ____A C:\AdwCleaner[S2].txt
2013-07-03 19:58 - 2013-07-03 19:58 - 00063312 ____A C:\Users\Julian\Downloads\Extras.Txt
2013-07-03 19:57 - 2013-07-03 19:57 - 00106358 ____A C:\Users\Julian\Downloads\OTL.Txt
2013-07-03 19:36 - 2013-07-03 19:36 - 00050477 ____A C:\Users\Julian\Downloads\Defogger.exe
2013-07-03 19:36 - 2013-07-03 19:36 - 00000474 ____A C:\Users\Julian\Downloads\defogger_disable.log
2013-07-03 19:36 - 2013-07-03 19:36 - 00000000 ____A C:\Users\Julian\defogger_reenable
2013-07-03 19:35 - 2013-07-03 19:35 - 00602112 ____A (OldTimer Tools) C:\Users\Julian\Downloads\OTL.exe
2013-07-03 19:10 - 2013-03-05 13:18 - 00000016 ____A C:\Users\Julian\Downloads\enjoy.txt
2013-07-03 19:03 - 2013-07-04 17:57 - 00000000 ____D C:\JRT
2013-07-03 19:03 - 2013-07-03 19:03 - 00000000 ____D C:\Windows\ERUNT
2013-07-03 19:00 - 2013-07-03 19:02 - 00024303 ____A C:\Users\Julian\Downloads\Addition.txt
2013-07-03 19:00 - 2013-07-03 19:00 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\Julian\Downloads\JRT.exe
2013-07-03 18:58 - 2013-07-03 18:58 - 00000000 ____D C:\FRST
2013-07-03 18:40 - 2013-07-03 18:40 - 01934082 ____A (Farbar) C:\Users\Julian\Downloads\FRST64.exe
2013-07-03 18:39 - 2013-07-03 18:40 - 00001137 ____A C:\AdwCleaner[R1].txt
2013-07-03 18:31 - 2013-07-03 18:32 - 00012655 ____A C:\AdwCleaner[S1].txt
2013-07-03 18:30 - 2013-07-03 18:30 - 00650027 ____A C:\Users\Julian\Downloads\adwcleaner.exe
2013-07-03 18:16 - 2013-07-06 16:00 - 00000448 ____A C:\Windows\setupact.log
2013-07-03 18:16 - 2013-07-03 18:16 - 00109688 ____A C:\Users\Julian\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-03 18:16 - 2013-07-03 18:16 - 00000000 ____A C:\Windows\setuperr.log
2013-07-03 18:15 - 2013-07-06 15:59 - 00001408 ____A C:\Windows\PFRO.log
2013-07-03 18:15 - 2013-07-03 18:15 - 00417040 ____A C:\Windows\System32\FNTCACHE.DAT
2013-07-01 20:03 - 2012-11-29 16:06 - 00034656 ____A (TuneUp Software) C:\Windows\System32\TURegOpt.exe
2013-07-01 20:03 - 2012-11-29 16:06 - 00025952 ____A (TuneUp Software) C:\Windows\System32\authuitu.dll
2013-07-01 20:03 - 2012-11-29 16:06 - 00021344 ____A (TuneUp Software) C:\Windows\SysWOW64\authuitu.dll
2013-07-01 20:02 - 2013-07-01 20:03 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2013
2013-07-01 20:00 - 2013-07-01 20:00 - 30169591 ____A C:\Users\Julian\Downloads\TuneUp_Utilities_2013_v13.0.300.132.rar
2013-07-01 20:00 - 2013-07-01 20:00 - 00000000 ____D C:\Users\Julian\Downloads\TuneUp Utilities 2013 v13.0.300.132
2013-07-01 19:02 - 2013-07-01 19:02 - 00000000 ____D C:\Program Files\CCleaner
2013-07-01 18:57 - 2013-07-01 18:57 - 03357912 ____A (Piriform Ltd) C:\Users\Julian\Downloads\ccsetup403_slim.exe
2013-07-01 18:34 - 2013-07-01 18:39 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-07-01 18:33 - 2009-01-25 13:14 - 00017272 ____A (Safer Networking Limited) C:\Windows\System32\sdnclean64.exe
2013-07-01 18:32 - 2013-07-01 18:33 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-07-01 18:31 - 2013-07-01 18:32 - 36271144 ____A (Safer-Networking Ltd.                                      ) C:\Users\Julian\Downloads\spybot-2.1.exe
2013-06-30 12:28 - 2013-06-30 12:29 - 00000000 ____D C:\Users\Julian\Downloads\Movie.43.2013.BDRip.AC3.German.XviD-POE
2013-06-30 12:21 - 2013-06-27 11:19 - 1972400128 ____A C:\Users\Julian\Downloads\Olympus has fallen.avi
2013-06-30 11:25 - 2013-07-03 18:19 - 00000000 ____D C:\Program Files (x86)\LyricsWoofer
2013-06-22 20:45 - 2013-07-01 21:20 - 00000000 ____D C:\Users\Julian\Downloads\Genetikk - D.N.A
2013-06-22 20:11 - 2013-06-22 20:11 - 00844290 ____A C:\Users\Julian\Downloads\gendna2013pre.rar.part
2013-06-22 20:04 - 2013-06-22 20:11 - 11627273 ____A C:\Users\Julian\Downloads\DNA_PR_E.rar.part
2013-06-19 21:58 - 2013-06-19 21:59 - 00000000 ____D C:\Users\Julian\Desktop\Markus Heitz - Die Legenden der Albae - Vernichtender Hass
2013-06-15 21:53 - 2013-06-15 21:54 - 00000000 ____D C:\Users\Julian\Downloads\Snitch.2013.READ.NFO.BDRip.MD.German.x264-POE
2013-06-15 16:39 - 2013-06-15 16:39 - 00000000 ____D C:\Program Files (x86)\Tools&More
2013-06-09 15:33 - 2013-06-15 17:54 - 00000000 ____D C:\Users\Julian\Downloads\Der.Hobbit.Eine.Unerwartete.Reise.2012.German.DL.1080p.BluRay.x264.READ.NFO.INTERNAL-ENCOUNTERS
2013-06-09 13:51 - 2013-06-09 13:51 - 00000000 ____D C:\Users\Julian\AppData\Roaming\Check Point Software Technologies LTD
2013-06-07 19:34 - 2013-06-07 19:35 - 00000000 ____D C:\Users\Julian\AppData\Local\Adobe

==================== One Month Modified Files and Folders =======

2013-07-06 16:24 - 2009-07-14 06:45 - 00009696 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-06 16:24 - 2009-07-14 06:45 - 00009696 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-06 16:16 - 2013-07-06 16:16 - 00000000 ____D C:\Users\Julian\AppData\Roaming\Avira
2013-07-06 16:14 - 2013-06-04 18:04 - 00001124 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2525674677-3744128791-4081538938-1000UA.job
2013-07-06 16:13 - 2013-05-26 21:36 - 00000000 ____D C:\Users\Julian\AppData\Roaming\KeePass
2013-07-06 16:12 - 2013-07-06 16:13 - 00083672 ____A (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avnetflt.sys
2013-07-06 16:12 - 2013-07-06 16:12 - 00000000 ____D C:\ProgramData\AskPartnerNetwork
2013-07-06 16:12 - 2013-07-06 16:12 - 00000000 ____D C:\ProgramData\APN
2013-07-06 16:12 - 2013-07-06 16:12 - 00000000 ____D C:\Program Files (x86)\AskPartnerNetwork
2013-07-06 16:11 - 2013-05-26 19:18 - 00000000 ____D C:\Users\Julian\Desktop\Verwaltung
2013-07-06 16:10 - 2013-07-06 16:10 - 00000000 ____D C:\Program Files (x86)\Avira
2013-07-06 16:10 - 2013-05-26 18:59 - 00000000 ____D C:\ProgramData\Avira
2013-07-06 16:07 - 2013-07-06 16:06 - 104943936 ____A C:\Users\Julian\Downloads\avira3737_free_antivirus_de.exe
2013-07-06 16:00 - 2013-07-03 18:16 - 00000448 ____A C:\Windows\setupact.log
2013-07-06 16:00 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-07-06 15:59 - 2013-07-06 15:59 - 00001201 ____A C:\Users\Julian\Desktop\checkup.txt
2013-07-06 15:59 - 2013-07-03 18:15 - 00001408 ____A C:\Windows\PFRO.log
2013-07-06 15:59 - 2013-05-26 17:03 - 01957965 ____A C:\Windows\WindowsUpdate.log
2013-07-06 15:58 - 2013-05-26 19:53 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-06 15:34 - 2013-07-06 15:33 - 00890988 ____A C:\Users\Julian\Downloads\SecurityCheck.exe
2013-07-06 15:34 - 2013-05-27 02:54 - 00654166 ____A C:\Windows\System32\perfh007.dat
2013-07-06 15:34 - 2013-05-27 02:54 - 00130006 ____A C:\Windows\System32\perfc007.dat
2013-07-06 15:34 - 2009-07-14 07:13 - 01498506 ____A C:\Windows\System32\PerfStringBackup.INI
2013-07-06 15:30 - 2013-05-26 19:16 - 00000388 ____A C:\Windows\Tasks\Acer Registration - Reminder Recall task.job
2013-07-06 13:15 - 2013-07-06 13:15 - 02347384 ____A (ESET) C:\Users\Julian\Downloads\esetsmartinstaller_enu (1).exe
2013-07-06 13:14 - 2013-05-26 21:46 - 00000000 ____D C:\Users\Julian\AppData\Roaming\vlc
2013-07-04 21:21 - 2013-07-04 21:21 - 02347384 ____A (ESET) C:\Users\Julian\Downloads\esetsmartinstaller_enu.exe
2013-07-04 20:45 - 2013-05-28 18:12 - 00000000 ____D C:\Users\Julian\Downloads\mdh
2013-07-04 18:57 - 2013-05-26 19:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-07-04 18:14 - 2013-06-04 18:04 - 00001072 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2525674677-3744128791-4081538938-1000Core.job
2013-07-04 18:11 - 2013-07-04 18:11 - 00000905 ____A C:\Users\Julian\Desktop\JRT.txt
2013-07-04 17:57 - 2013-07-03 19:03 - 00000000 ____D C:\JRT
2013-07-04 17:56 - 2013-07-04 17:56 - 00001200 ____A C:\Users\Julian\Desktop\AdwCleaner[S2].txt
2013-07-04 17:50 - 2013-07-04 17:49 - 00001200 ____A C:\AdwCleaner[S2].txt
2013-07-04 17:49 - 2013-05-26 19:26 - 00000000 ____D C:\Users\Julian\AppData\Roaming\CheckPoint
2013-07-03 19:58 - 2013-07-03 19:58 - 00063312 ____A C:\Users\Julian\Downloads\Extras.Txt
2013-07-03 19:57 - 2013-07-03 19:57 - 00106358 ____A C:\Users\Julian\Downloads\OTL.Txt
2013-07-03 19:36 - 2013-07-03 19:36 - 00050477 ____A C:\Users\Julian\Downloads\Defogger.exe
2013-07-03 19:36 - 2013-07-03 19:36 - 00000474 ____A C:\Users\Julian\Downloads\defogger_disable.log
2013-07-03 19:36 - 2013-07-03 19:36 - 00000000 ____A C:\Users\Julian\defogger_reenable
2013-07-03 19:36 - 2013-05-26 17:46 - 00000000 ____D C:\users\Julian
2013-07-03 19:35 - 2013-07-03 19:35 - 00602112 ____A (OldTimer Tools) C:\Users\Julian\Downloads\OTL.exe
2013-07-03 19:06 - 2013-05-26 20:34 - 00000000 ____D C:\Users\Julian\AppData\Local\JDownloader v2.0
2013-07-03 19:03 - 2013-07-03 19:03 - 00000000 ____D C:\Windows\ERUNT
2013-07-03 19:02 - 2013-07-03 19:00 - 00024303 ____A C:\Users\Julian\Downloads\Addition.txt
2013-07-03 19:00 - 2013-07-03 19:00 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\Julian\Downloads\JRT.exe
2013-07-03 18:58 - 2013-07-03 18:58 - 00000000 ____D C:\FRST
2013-07-03 18:40 - 2013-07-03 18:40 - 01934082 ____A (Farbar) C:\Users\Julian\Downloads\FRST64.exe
2013-07-03 18:40 - 2013-07-03 18:39 - 00001137 ____A C:\AdwCleaner[R1].txt
2013-07-03 18:32 - 2013-07-03 18:31 - 00012655 ____A C:\AdwCleaner[S1].txt
2013-07-03 18:30 - 2013-07-03 18:30 - 00650027 ____A C:\Users\Julian\Downloads\adwcleaner.exe
2013-07-03 18:19 - 2013-06-30 11:25 - 00000000 ____D C:\Program Files (x86)\LyricsWoofer
2013-07-03 18:16 - 2013-07-03 18:16 - 00109688 ____A C:\Users\Julian\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-03 18:16 - 2013-07-03 18:16 - 00000000 ____A C:\Windows\setuperr.log
2013-07-03 18:15 - 2013-07-03 18:15 - 00417040 ____A C:\Windows\System32\FNTCACHE.DAT
2013-07-01 21:20 - 2013-06-22 20:45 - 00000000 ____D C:\Users\Julian\Downloads\Genetikk - D.N.A
2013-07-01 21:15 - 2013-05-26 19:19 - 00000000 ____D C:\Users\Julian\AppData\Local\DoNotTrackPlus
2013-07-01 21:06 - 2007-07-12 03:49 - 00000000 ____D C:\Windows\Panther
2013-07-01 20:11 - 2013-05-29 18:39 - 00000000 __SHD C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-07-01 20:03 - 2013-07-01 20:02 - 00000000 ____D C:\Program Files (x86)\TuneUp Utilities 2013
2013-07-01 20:00 - 2013-07-01 20:00 - 30169591 ____A C:\Users\Julian\Downloads\TuneUp_Utilities_2013_v13.0.300.132.rar
2013-07-01 20:00 - 2013-07-01 20:00 - 00000000 ____D C:\Users\Julian\Downloads\TuneUp Utilities 2013 v13.0.300.132
2013-07-01 19:02 - 2013-07-01 19:02 - 00000000 ____D C:\Program Files\CCleaner
2013-07-01 18:57 - 2013-07-01 18:57 - 03357912 ____A (Piriform Ltd) C:\Users\Julian\Downloads\ccsetup403_slim.exe
2013-07-01 18:39 - 2013-07-01 18:34 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-07-01 18:33 - 2013-07-01 18:32 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2013-07-01 18:32 - 2013-07-01 18:31 - 36271144 ____A (Safer-Networking Ltd.                                      ) C:\Users\Julian\Downloads\spybot-2.1.exe
2013-06-30 20:37 - 2013-05-26 19:25 - 00000000 ____D C:\Users\Julian\AppData\Roaming\Skype
2013-06-30 12:29 - 2013-06-30 12:28 - 00000000 ____D C:\Users\Julian\Downloads\Movie.43.2013.BDRip.AC3.German.XviD-POE
2013-06-27 11:19 - 2013-06-30 12:21 - 1972400128 ____A C:\Users\Julian\Downloads\Olympus has fallen.avi
2013-06-22 20:50 - 2013-05-28 20:04 - 00006729 ___AH C:\Windows\SysWOW64\BTImages.dat
2013-06-22 20:11 - 2013-06-22 20:11 - 00844290 ____A C:\Users\Julian\Downloads\gendna2013pre.rar.part
2013-06-22 20:11 - 2013-06-22 20:04 - 11627273 ____A C:\Users\Julian\Downloads\DNA_PR_E.rar.part
2013-06-20 14:48 - 2013-07-06 16:10 - 00130016 ____A (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avipbb.sys
2013-06-20 14:48 - 2013-07-06 16:10 - 00100712 ____A (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avgntflt.sys
2013-06-19 21:59 - 2013-06-19 21:58 - 00000000 ____D C:\Users\Julian\Desktop\Markus Heitz - Die Legenden der Albae - Vernichtender Hass
2013-06-19 21:53 - 2013-05-26 20:11 - 00000000 ____D C:\Users\Julian\Desktop\Media
2013-06-15 21:54 - 2013-06-15 21:53 - 00000000 ____D C:\Users\Julian\Downloads\Snitch.2013.READ.NFO.BDRip.MD.German.x264-POE
2013-06-15 17:54 - 2013-06-09 15:33 - 00000000 ____D C:\Users\Julian\Downloads\Der.Hobbit.Eine.Unerwartete.Reise.2012.German.DL.1080p.BluRay.x264.READ.NFO.INTERNAL-ENCOUNTERS
2013-06-15 16:39 - 2013-06-15 16:39 - 00000000 ____D C:\Program Files (x86)\Tools&More
2013-06-15 16:38 - 2010-09-14 13:14 - 00000000 ____D C:\Windows\Downloaded Installations
2013-06-12 19:58 - 2013-05-26 19:53 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-12 19:58 - 2013-05-26 19:53 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-10 18:34 - 2013-05-26 19:26 - 00417563 ____A C:\Windows\System32\Drivers\vsconfig.xml
2013-06-09 16:45 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-06-09 13:51 - 2013-06-09 13:51 - 00000000 ____D C:\Users\Julian\AppData\Roaming\Check Point Software Technologies LTD
2013-06-07 19:35 - 2013-06-07 19:34 - 00000000 ____D C:\Users\Julian\AppData\Local\Adobe
2013-06-07 19:34 - 2013-05-26 18:13 - 00000000 ____D C:\Users\Julian\AppData\Roaming\Adobe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-06-09 16:23

==================== End Of Log ============================
--- --- ---


Hat sich nichts geändert ... Internet immer noch langsam und CPU Auslastung auf 100% bei allen Browsern

schrauber 06.07.2013 17:33
Adobe und Firefox brauchen ein Update, für dein Windows gibt es nen Servicepack, dringend installieren.

Öffne bitte FRST, setz nen Haken bei Additional und lass scannen, poste beide Logfiles.


Alle Zeitangaben in WEZ +1. Es ist jetzt 10:35 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131