Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Interpol Trojaner eingefangen, was tun? (https://www.trojaner-board.de/146120-interpol-trojaner-eingefangen-tun.html)

Pille77 15.12.2013 10:55
Interpol Trojaner eingefangen, was tun?
 
Hallo zusammen,
Ein Freund von mir hat sich diesen Interpol Trojaner eingefangen, wo man 100€ zahlen soll um sich wieder freischalten zu lassen.
Wer hat wohl keinerlei Zugriff mehr auf den Rechner, immer ploppt das weiße Fenster auf. Auch kein Internet, darum schreibe ich hier mal.
Er hat win7 auf dem Rechner und nun wollte ich fragen was ich tun kann bzw. Kann man das Teil entfernen oder muss man den pc neu aufsetzen?
Ich habe den Rechner noch nicht gesehen....
Vielen Dank schon mal
Christine

aharonov 15.12.2013 10:57
Hallo Christine,

mach bitte ein Scan mit FRST wie folgt:


Scan mit Farbar's Recovery Scan Tool (Recovery Mode - Windows Vista, 7, 8)
Hinweise für Windows 8-Nutzer: Anleitung 1 (FRST-Variante) und Anleitung 2 (zweiter Teil)
  • Downloade dir bitte die passende Version des Tools (im Zweifel beide) und speichere diese auf einen USB Stick: FRST Download FRST 32-Bit | FRST 64-Bit
  • Schließe den USB Stick an das infizierte System an und boote das System in die System Reparatur Option.
  • Scanne jetzt nach der bebilderten Anleitung oder verwende die folgende Kurzanleitung:
Über den Boot Manager:
  • Starte den Rechner neu.
  • Während dem Hochfahren drücke mehrmals die F8 Taste
  • Wähle nun Computer reparieren.
  • Wähle dein Betriebssystem und Benutzerkonto und klicke jeweils "Weiter".
Mit Windows CD/DVD (auch bei Windows 8 möglich):
  • Lege die Windows CD in dein Laufwerk.
  • Starte den Rechner neu und starte von der CD.
  • Wähle die Spracheinstellungen und klicke "Weiter".
  • Klicke auf Computerreparaturoptionen !
  • Wähle dein Betriebssystem und Benutzerkonto und klicke jeweils "Weiter".
Wähle in den Reparaturoptionen: Eingabeaufforderung
  • Gib nun bitte notepad ein und drücke Enter.
  • Im öffnenden Textdokument: Datei > Speichern unter... und wähle Computer.
    Hier wird dir der Laufwerksbuchstabe deines USB Sticks angezeigt, merke ihn dir.
  • Schließe Notepad wieder
  • Gib nun bitte folgenden Befehl ein.
    e:\frst.exe bzw. e:\frst64.exe
    Hinweis: e steht für den Laufwerksbuchstaben deines USB Sticks, den du dir gemerkt hast. Gegebenfalls anpassen.
  • Akzeptiere den Disclaimer mit Ja und klicke Untersuchen
Das Tool erstellt eine FRST.txt auf deinem USB Stick. Poste den Inhalt bitte hier nach Möglichkeit in Code-Tags (Anleitung).


Pille77 15.12.2013 11:11
Hui, danke für die prompte Antwort!
Ich lade mir das nachher, kann das aber erst am Mittwoch machen da dann erst dort bin und den Rechner sehe.
Ich melde mich dann wieder und hoffe das ich das mit der super Anleitung hinbekomme,
Danke, bis dahin
Christine

aharonov 15.12.2013 14:50
Ok, alles klar. :)

Pille77 18.12.2013 10:31
hallo,
so noch eine frage bevor ich heute abend loslegen kann.
in der anleitung steht

Nach dem Scan hat FRST an dem Ort von dem es gestartet wurde das Logfile abgelegt. Die Datei heißt FRST.txt und liegt in diesem Fall im Hauptverzeichnis deines USB-Sticks. Kopiere diese Datei auf deinen sauberen Rechner, füge sie nach folgender Anleitung in dein Thema ein und warte auf die Anweisungen deines Helfers.

der sauberer rechner dh ich muß meinen dazu benuzten und nicht den infizierten?
dann wäre es wohl geschickter den infizierten rechner mit zu mir zu nehmen, oder?

danke schon mal

aharonov 18.12.2013 12:55
Hallo,

diese Anleitung ist geschrieben unter der Annahme, dass man auf dem gesperrten Rechner keinen Zugriff aufs Windows hat und deshalb von einem Zweitrechner aus kommuniziert und arbeitet, bis die Sperre weg ist.

Du schreibt ja:
Zitat:
er hat wohl keinerlei Zugriff mehr auf den Rechner,
Also bräuchtest du einen Zweitrechner, um FRST herunterzuladen und auf den USB-Stick zu transferieren. Und nach dem Scan das Logfile auf dem USB-Stick hier im Forum zu posten.

Pille77 18.12.2013 13:10
Ok danke dir, dann nehme ich den Rechner heute Abend mit zu mir und starte das ganze dann am Wochenende,
Zum glück braucht er den Rechner nicht dringend, ich melde mich dann wieder wenn das für dich ok ist.
Sorry für Die Verzögerung.

Danke
Lg Christine

aharonov 18.12.2013 13:15
Alles klar. :)

Pille77 22.12.2013 11:03
hallo,
so nun habe ich den ersten schritt erldedigt,
hier das frst logfile


FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-12-2013 01
Ran by SYSTEM on MININT-SLTVDU7 on 22-12-2013 10:48:41
Running from G:\
Windows 7 Home Premium (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.

==================== Registry (Whitelisted) ==================

HKLM-x32\...\Run: [hpsysdrv] - C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Remote Solution] - C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe [656896 2009-05-26] ()
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-05-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [Easybits Recovery] - C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [60464 2009-06-22] (EasyBits Software AS)
HKLM-x32\...\Run: [UpdatePRCShortCut] - C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [ApnUpdater] - C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1644680 2013-02-08] (Ask)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [683576 2013-11-25] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKU\Default\...\Run: [HPADVISOR] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1668664 2009-07-15] (Hewlett-Packard)
HKU\Default User\...\Run: [HPADVISOR] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1668664 2009-07-15] (Hewlett-Packard)
HKU\Expert\...\Run: [HPADVISOR] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1668664 2009-07-15] (Hewlett-Packard)
HKU\Expert\...\Policies\system: [DisableLockWorkstation] 0
HKU\Expert\...\Policies\system: [DisableChangePassword] 0
HKU\Gast\...\Run: [HPADVISOR] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1668664 2009-07-15] (Hewlett-Packard)
HKU\Gast\...\Policies\system: [DisableLockWorkstation] 0
HKU\Gast\...\Policies\system: [DisableChangePassword] 0
Startup: C:\Users\Expert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Other.exe ()

==================== Services (Whitelisted) =================

S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-11-25] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-25] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1164360 2013-11-25] (Avira Operations GmbH & Co. KG)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
S2 ezSharedSvc; C:\Windows\System32\ezsvc7.dll [x]

==================== Drivers (Whitelisted) ====================

S2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [107416 2013-12-05] (Avira Operations GmbH & Co. KG)
S1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132600 2013-11-25] (Avira Operations GmbH & Co. KG)
S1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-25] (Avira Operations GmbH & Co. KG)
S3 StarOpen; No ImagePath
S3 PCDSRVC{F36B3A4C-F95654BD-06000000}_0; \??\c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms [x]

========================== Drivers MD5 =======================

C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpahci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys 79059559E89D06E8B80CE2944BE20228
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\DRIVERS\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arcsas.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\system32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\drivers\AtiHdmi.sys 04A5815DF7E8B037DF674D3CCACC0C31
C:\Windows\System32\DRIVERS\atikmdag.sys 29623DB7E23B65F0C50CA19D7E0DFD03
C:\Windows\System32\DRIVERS\avgntflt.sys 471321EA23309699AE61611CC1559C5E
C:\Windows\System32\DRIVERS\avipbb.sys DBAB18B20FDA2542EEF8C588D878B7B5
C:\Windows\System32\DRIVERS\avkmgr.sys 390184FAD8FCC1B6DA25AEBAE928C3B6
C:\Windows\system32\DRIVERS\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\cdrom.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys EBF28856F69CF094A902F884CF989706
C:\Windows\system32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Dot4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Dot4Prt.sys E9F5969233C5D89F3C35E3A66A52A361
C:\Windows\System32\DRIVERS\dot4usb.sys ==> MD5 is legit
C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys 88612F1CE3BF42256913BF6E61C70D52
C:\Windows\system32\DRIVERS\evbda.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\fssfltr.sys 53DAB1791917A72738539AD25C4EED7F
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\system32\drivers\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidir.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\system32\DRIVERS\iirsp.sys ==> MD5 is legit
C:\Windows\System32\drivers\RTKVHD64.sys 31C32BC56D85D109EBB0C526BE5CACA7
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\kbdclass.sys ==> MD5 is legit
C:\Windows\system32\drivers\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ksecdd.sys 8F489706472F7E9A06BAAA198703FA64
C:\Windows\System32\Drivers\ksecpkg.sys 868A2CAAB12EFC7A021682BCA0EEC54C
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\system32\drivers\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys 1A4F75E63C9FB84B85DFFC6B63FD5404
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\system32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys B98F8C6E31CD07B2E6F71F7F648E38C0
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nvmf6264.sys 9C3024E48DB4C98E50AF7D8B72D0EF89
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\System32\DRIVERS\nvstor64.sys 6BA747B1A9297A6C0271700D12FDD495
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql2300.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\RDPWD.sys E61608AA35E98999AF9AAEEEA6114B0A
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\system32\DRIVERS\stexstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit
C:\Windows\System32\drivers\tcpip.sys 40AF23633D197905F03AB5628C558C51
C:\Windows\System32\DRIVERS\tcpip.sys 40AF23633D197905F03AB5628C558C51
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys 4CE278FC9671BA81A138D70823FCAA09
C:\Windows\System32\drivers\tsusbflt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\system32\drivers\umbus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\umpass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbccgp.sys 6F1A3157A1C89435352CEB543CDB359C
C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31
C:\Windows\System32\DRIVERS\usbehci.sys C025055FE7B87701EB042095DF1A2D7B
C:\Windows\System32\DRIVERS\usbhub.sys 287C6C9410B111B68B52CA298F7B8C24
C:\Windows\System32\DRIVERS\usbohci.sys 9840FC418B4CBD632D3D0A667A725C31
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\system32\drivers\usbscan.sys 9661DA76B4531B2DA272ECCE25A8AF24
C:\Windows\system32\drivers\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\system32\drivers\usbuhci.sys 62069A34518BCF9C1FD9E74B3F6DB7CD
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\drivers\vwifibus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWow64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-22 10:48 - 2013-12-22 10:48 - 00000000 ____D C:\FRST
2013-12-14 20:53 - 2013-12-14 20:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-14 20:46 - 2013-12-14 20:46 - 00072720 _____ C:\Users\Expert\Downloads\adobeflashplayerv10.2.152.32(2).exe
2013-12-14 20:45 - 2013-12-14 20:45 - 00072720 _____ C:\Users\Expert\Downloads\adobeflashplayerv10.2.152.32(1).exe
2013-12-14 20:44 - 2013-12-14 20:44 - 00072720 _____ C:\Users\Expert\Downloads\adobeflashplayerv10.2.152.32.exe
2013-12-12 09:19 - 2013-05-09 21:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\System32\wmp.dll
2013-12-12 09:19 - 2013-05-09 21:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\System32\wmploc.DLL
2013-12-12 09:19 - 2013-05-09 20:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-12 09:19 - 2013-05-09 20:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-12 09:17 - 2013-11-26 03:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-12-12 09:17 - 2013-11-26 02:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-12-12 09:17 - 2013-11-26 02:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollectorres.dll
2013-12-12 09:17 - 2013-11-26 02:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-12 09:17 - 2013-11-26 01:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-12-12 09:17 - 2013-11-26 01:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\ieetwproxystub.dll
2013-12-12 09:17 - 2013-11-26 01:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-12-12 09:17 - 2013-11-26 01:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-12-12 09:17 - 2013-11-26 01:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-12-12 09:17 - 2013-11-26 01:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-12 09:17 - 2013-11-26 01:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-12-12 09:17 - 2013-11-26 01:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-12-12 09:17 - 2013-11-26 01:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe
2013-12-12 09:17 - 2013-11-26 01:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll
2013-12-12 09:17 - 2013-11-26 00:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-12-12 09:17 - 2013-11-26 00:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-12 09:17 - 2013-11-26 00:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-12 09:17 - 2013-11-26 00:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-12-12 09:17 - 2013-11-26 00:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-12 09:17 - 2013-11-26 00:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-12 09:17 - 2013-11-26 00:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-12 09:17 - 2013-11-26 00:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-12-12 09:17 - 2013-11-25 23:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-12-12 09:17 - 2013-11-25 23:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-12 09:17 - 2013-11-25 23:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-12 09:17 - 2013-11-25 23:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-12-12 09:17 - 2013-11-25 22:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-12-12 09:17 - 2013-11-25 22:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-12-12 09:17 - 2013-11-25 22:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-12 09:17 - 2013-11-25 22:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-12 09:17 - 2013-11-25 22:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-12 08:41 - 2013-11-23 10:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-12 08:41 - 2013-11-23 09:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2013-12-12 08:41 - 2013-10-29 18:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\System32\msieftp.dll
2013-12-12 08:41 - 2013-10-29 18:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-12 08:41 - 2013-10-29 17:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2013-12-12 08:40 - 2013-10-18 18:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\System32\imagehlp.dll
2013-12-12 08:40 - 2013-10-18 17:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-12 08:35 - 2013-11-11 18:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\System32\tzres.dll
2013-12-12 08:35 - 2013-11-11 18:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-12 08:35 - 2013-10-03 18:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\drmk.sys
2013-12-12 08:35 - 2013-10-03 17:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\portcls.sys
2013-12-12 08:34 - 2013-10-11 18:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\System32\wshom.ocx
2013-12-12 08:34 - 2013-10-11 18:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\System32\scrrun.dll
2013-12-12 08:34 - 2013-10-11 18:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-12 08:34 - 2013-10-11 18:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-12 08:34 - 2013-10-11 17:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\System32\wscript.exe
2013-12-12 08:34 - 2013-10-11 17:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\System32\cscript.exe
2013-12-12 08:34 - 2013-10-11 17:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-12 08:34 - 2013-10-11 17:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-11-29 23:03 - 2013-10-14 09:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\System32\IEUDINIT.EXE
2013-11-29 22:59 - 2013-11-29 22:59 - 01228800 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00942592 _____ (Microsoft Corporation) C:\Windows\System32\jsIntl.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00940032 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-11-29 22:59 - 2013-11-29 22:59 - 00774144 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00626176 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-29 22:59 - 2013-11-29 22:59 - 00616104 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-11-29 22:59 - 2013-11-29 22:59 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00548352 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00453120 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00413696 _____ (Microsoft Corporation) C:\Windows\System32\html.iec
2013-11-29 22:59 - 2013-11-29 22:59 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-29 22:59 - 2013-11-29 22:59 - 00296960 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00263376 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00247808 _____ (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00243200 _____ (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00235520 _____ (Microsoft Corporation) C:\Windows\System32\url.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00235008 _____ (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00195584 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00167424 _____ (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-11-29 22:59 - 2013-11-29 22:59 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-29 22:59 - 2013-11-29 22:59 - 00147968 _____ (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00143872 _____ (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-11-29 22:59 - 2013-11-29 22:59 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-29 22:59 - 2013-11-29 22:59 - 00135680 _____ (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00131072 _____ (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-29 22:59 - 2013-11-29 22:59 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00105984 _____ (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00101376 _____ (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00090112 _____ (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-11-29 22:59 - 2013-11-29 22:59 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00086016 _____ (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-11-29 22:59 - 2013-11-29 22:59 - 00084992 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00083968 _____ (Microsoft Corporation) C:\Windows\System32\MshtmlDac.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00081408 _____ (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00077312 _____ (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-11-29 22:59 - 2013-11-29 22:59 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-29 22:59 - 2013-11-29 22:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-29 22:59 - 2013-11-29 22:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-29 22:59 - 2013-11-29 22:59 - 00062464 _____ (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00052224 _____ (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00048128 _____ (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00040448 _____ (Microsoft Corporation) C:\Windows\System32\JavaScriptCollectionAgent.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00030208 _____ (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00013824 _____ (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-11-29 22:59 - 2013-11-29 22:59 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-29 22:59 - 2013-11-29 22:59 - 00013312 _____ (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-11-29 22:59 - 2013-11-29 22:59 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-29 22:57 - 2013-11-29 23:03 - 00010791 _____ C:\Windows\IE11_main.log

==================== One Month Modified Files and Folders =======

2013-12-22 10:48 - 2013-12-22 10:48 - 00000000 ____D C:\FRST
2013-12-18 07:12 - 2009-11-13 12:56 - 02021142 _____ C:\Windows\WindowsUpdate.log
2013-12-18 07:12 - 2009-07-13 20:45 - 00015792 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-18 07:12 - 2009-07-13 20:45 - 00015792 ____H C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-18 07:10 - 2012-04-25 09:34 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-18 07:09 - 2012-05-14 07:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-18 07:09 - 2009-07-13 21:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-18 07:09 - 2009-07-13 20:51 - 00065183 _____ C:\Windows\setupact.log
2013-12-14 20:53 - 2013-12-14 20:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-14 20:46 - 2013-12-14 20:46 - 00072720 _____ C:\Users\Expert\Downloads\adobeflashplayerv10.2.152.32(2).exe
2013-12-14 20:45 - 2013-12-14 20:45 - 00072720 _____ C:\Users\Expert\Downloads\adobeflashplayerv10.2.152.32(1).exe
2013-12-14 20:44 - 2013-12-14 20:44 - 00072720 _____ C:\Users\Expert\Downloads\adobeflashplayerv10.2.152.32.exe
2013-12-14 20:44 - 2009-11-14 03:12 - 00654150 _____ C:\Windows\System32\perfh007.dat
2013-12-14 20:44 - 2009-11-14 03:12 - 00130022 _____ C:\Windows\System32\perfc007.dat
2013-12-14 20:44 - 2009-07-13 21:13 - 01498742 _____ C:\Windows\System32\PerfStringBackup.INI
2013-12-14 20:39 - 2009-07-13 21:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-12-14 20:38 - 2009-07-13 20:45 - 00331880 _____ C:\Windows\System32\FNTCACHE.DAT
2013-12-12 08:28 - 2012-04-25 09:34 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-12 08:28 - 2012-04-25 09:34 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-12 08:28 - 2011-09-14 09:48 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-12 08:22 - 2010-02-07 04:08 - 00000000 ____D C:\Users\Expert\AppData\Local\Adobe
2013-12-12 08:19 - 2010-02-23 10:10 - 00000000 ____D C:\Users\Expert\AppData\Roaming\HP Support Assistant
2013-12-12 08:19 - 2010-01-14 11:46 - 00000000 ____D C:\Users\Expert\AppData\Roaming\HpUpdate
2013-12-05 08:09 - 2013-10-20 00:00 - 00107416 _____ (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avgntflt.sys
2013-12-03 10:21 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-11-29 23:03 - 2013-11-29 22:57 - 00010791 _____ C:\Windows\IE11_main.log
2013-11-29 22:59 - 2013-11-29 22:59 - 01228800 _____ (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00942592 _____ (Microsoft Corporation) C:\Windows\System32\jsIntl.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00940032 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-11-29 22:59 - 2013-11-29 22:59 - 00774144 _____ (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00626176 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-29 22:59 - 2013-11-29 22:59 - 00616104 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-11-29 22:59 - 2013-11-29 22:59 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00548352 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00453120 _____ (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00413696 _____ (Microsoft Corporation) C:\Windows\System32\html.iec
2013-11-29 22:59 - 2013-11-29 22:59 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-29 22:59 - 2013-11-29 22:59 - 00296960 _____ (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00263376 _____ (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00247808 _____ (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00243200 _____ (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00235520 _____ (Microsoft Corporation) C:\Windows\System32\url.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00235008 _____ (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00195584 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00167424 _____ (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-11-29 22:59 - 2013-11-29 22:59 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-29 22:59 - 2013-11-29 22:59 - 00147968 _____ (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00143872 _____ (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-11-29 22:59 - 2013-11-29 22:59 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-29 22:59 - 2013-11-29 22:59 - 00135680 _____ (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00131072 _____ (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-29 22:59 - 2013-11-29 22:59 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00105984 _____ (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00101376 _____ (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00090112 _____ (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-11-29 22:59 - 2013-11-29 22:59 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00086016 _____ (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-11-29 22:59 - 2013-11-29 22:59 - 00084992 _____ (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00083968 _____ (Microsoft Corporation) C:\Windows\System32\MshtmlDac.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00081408 _____ (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00077312 _____ (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-11-29 22:59 - 2013-11-29 22:59 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-29 22:59 - 2013-11-29 22:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-29 22:59 - 2013-11-29 22:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-29 22:59 - 2013-11-29 22:59 - 00062464 _____ (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00052224 _____ (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00048128 _____ (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00040448 _____ (Microsoft Corporation) C:\Windows\System32\JavaScriptCollectionAgent.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00030208 _____ (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-29 22:59 - 2013-11-29 22:59 - 00013824 _____ (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-11-29 22:59 - 2013-11-29 22:59 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-29 22:59 - 2013-11-29 22:59 - 00013312 _____ (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-11-29 22:59 - 2013-11-29 22:59 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-29 22:13 - 2009-07-13 19:20 - 00000000 ____D C:\Windows\rescache
2013-11-26 03:54 - 2013-12-12 09:17 - 23183360 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-11-26 02:19 - 2013-12-12 09:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-11-26 02:18 - 2013-12-12 09:17 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollectorres.dll
2013-11-26 02:11 - 2013-12-12 09:17 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-26 01:48 - 2013-12-12 09:17 - 00066048 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-11-26 01:46 - 2013-12-12 09:17 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\ieetwproxystub.dll
2013-11-26 01:41 - 2013-12-12 09:17 - 02764288 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-11-26 01:29 - 2013-12-12 09:17 - 00053760 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-11-26 01:27 - 2013-12-12 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-11-26 01:23 - 2013-12-12 09:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-26 01:21 - 2013-12-12 09:17 - 00574976 _____ (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-11-26 01:18 - 2013-12-12 09:17 - 00139264 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-11-26 01:18 - 2013-12-12 09:17 - 00111616 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe
2013-11-26 01:16 - 2013-12-12 09:17 - 00708608 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll
2013-11-26 00:57 - 2013-12-12 09:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-11-26 00:38 - 2013-12-12 09:17 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-26 00:38 - 2013-12-12 09:17 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-26 00:35 - 2013-12-12 09:17 - 05769216 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-11-26 00:32 - 2013-12-12 09:17 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-26 00:28 - 2013-12-12 09:17 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-26 00:16 - 2013-12-12 09:17 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-26 00:02 - 2013-12-12 09:17 - 01995264 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-11-25 23:48 - 2013-12-12 09:17 - 12996608 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-11-25 23:32 - 2013-12-12 09:17 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-25 23:26 - 2013-12-12 09:17 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-25 23:07 - 2013-12-12 09:17 - 02334208 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-11-25 22:40 - 2013-12-12 09:17 - 01395200 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-11-25 22:34 - 2013-12-12 09:17 - 00817664 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-11-25 22:34 - 2013-12-12 09:17 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-25 22:33 - 2013-12-12 09:17 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-25 22:27 - 2013-12-12 09:17 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-25 09:21 - 2013-10-20 00:03 - 00083160 _____ (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avnetflt.sys
2013-11-25 09:21 - 2013-10-20 00:00 - 00132600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avipbb.sys
2013-11-25 09:21 - 2013-10-20 00:00 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\System32\Drivers\avkmgr.sys
2013-11-23 10:26 - 2013-12-12 08:41 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-11-23 09:47 - 2013-12-12 08:41 - 00465920 _____ (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll

Some content of TEMP:
====================
C:\Users\Expert\AppData\Local\Temp\APNStub.exe
C:\Users\Expert\AppData\Local\Temp\AskSLib.dll
C:\Users\Expert\AppData\Local\Temp\avgnt.exe
C:\Users\Expert\AppData\Local\Temp\FlashPlayerUpdate.exe
C:\Users\Expert\AppData\Local\Temp\FP_AX_MSI_INSTALLER.exe
C:\Users\Expert\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Expert\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Expert\AppData\Local\Temp\Resource.exe
C:\Users\Expert\AppData\Local\Temp\softonic_s_de3.exe
C:\Users\Expert\AppData\Local\Temp\sp46257.exe
C:\Users\Expert\AppData\Local\Temp\sp49905.exe.exe
C:\Users\Expert\AppData\Local\Temp\sp53904.exe
C:\Users\Expert\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\Expert\AppData\Local\Temp\UninstallHPTCA.exe
C:\Users\Expert\AppData\Local\Temp\vcredist_x64.exe


==================== Known DLLs (Whitelisted) ================


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points  =========================

Restore point made on: 2013-10-19 23:48:07
Restore point made on: 2013-10-27 00:52:16
Restore point made on: 2013-11-03 03:23:40
Restore point made on: 2013-11-14 09:12:14
Restore point made on: 2013-11-20 10:22:26
Restore point made on: 2013-11-29 22:12:44
Restore point made on: 2013-11-29 22:56:34
Restore point made on: 2013-12-12 09:16:32
Restore point made on: 2013-12-14 20:59:05
Restore point made on: 2013-12-14 21:30:53
Restore point made on: 2013-12-15 00:25:14

==================== BCD ================================

Windows-Start-Manager
---------------------
Bezeichner              {bootmgr}
device                  partition=Y:
description            Windows Boot Manager
locale                  de-DE
inherit                {globalsettings}
extendedinput          Yes
default                {default}
resumeobject            {2109fe80-d10e-11de-9150-002481cbf031}
displayorder            {default}
toolsdisplayorder      {memdiag}
timeout                30
customactions          0x1000085000001
                        0x5400000f
custom:5400000f        {current}

Windows-Startladeprogramm
-------------------------
Bezeichner              {default}
device                  partition=C:
path                    \Windows\system32\winload.exe
description            Windows 7
locale                  de-DE
inherit                {bootloadersettings}
recoverysequence        {current}
recoveryenabled        Yes
osdevice                partition=C:
systemroot              \Windows
resumeobject            {2109fe80-d10e-11de-9150-002481cbf031}
nx                      OptIn

Windows-Startladeprogramm
-------------------------
Bezeichner              {current}
device                  ramdisk=[E:]\Recovery\WindowsRE\Winre.wim,{2109fe83-d10e-11de-9150-002481cbf031}
path                    \windows\system32\winload.exe
description            Windows Recovery Environment
inherit                {bootloadersettings}
osdevice                ramdisk=[E:]\Recovery\WindowsRE\Winre.wim,{2109fe83-d10e-11de-9150-002481cbf031}
systemroot              \windows
nx                      OptIn
winpe                  Yes

Wiederaufnahme aus dem Ruhezustand
----------------------------------
Bezeichner              {2109fe80-d10e-11de-9150-002481cbf031}
device                  partition=C:
path                    \Windows\system32\winresume.exe
description            Windows Resume Application
locale                  de-DE
inherit                {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No

Windows-Speichertestprogramm
----------------------------
Bezeichner              {memdiag}
device                  partition=Y:
path                    \boot\memtest.exe
description            Windows Memory Diagnostic
locale                  de-DE
inherit                {globalsettings}
badmemoryaccess        Yes

EMS-Einstellungen
-----------------
Bezeichner              {emssettings}
bootems                Yes

Debuggereinstellungen
---------------------
Bezeichner              {dbgsettings}
debugtype              Serial
debugport              1
baudrate                115200

RAM-Defekte
-----------
Bezeichner              {badmemory}

Globale Einstellungen
---------------------
Bezeichner              {globalsettings}
inherit                {dbgsettings}
                        {emssettings}
                        {badmemory}

Startladeprogramm-Einstellungen
-------------------------------
Bezeichner              {bootloadersettings}
inherit                {globalsettings}
                        {hypervisorsettings}

Hypervisoreinstellungen
-------------------
Bezeichner              {hypervisorsettings}
hypervisordebugtype    Serial
hypervisordebugport    1
hypervisorbaudrate      115200

Einstellungen zur Ladeprogrammfortsetzung
-----------------------------------------
Bezeichner              {resumeloadersettings}
inherit                {globalsettings}

Ger„teoptionen
--------------
Bezeichner              {2109fe83-d10e-11de-9150-002481cbf031}
description            Ramdisk Options
ramdisksdidevice        partition=E:
ramdisksdipath          \Recovery\WindowsRE\boot.sdi


==================== Memory info ===========================

Percentage of memory in use: 18%
Total physical RAM: 4095.3 MB
Available physical RAM: 3330.88 MB
Total Pagefile: 4093.45 MB
Available Pagefile: 3309.3 MB
Total Virtual: 8192 MB
Available Virtual: 8191.88 MB

==================== Drives ================================

Drive c: (COMPAQ) (Fixed) (Total:918.22 GB) (Free:864.93 GB) NTFS
Drive e: (FACTORY_IMAGE) (Fixed) (Total:13.2 GB) (Free:2.35 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive g: () (Removable) (Total:0.96 GB) (Free:0.96 GB) FAT
Drive x: (Boot) (Fixed) (Total:0.08 GB) (Free:0.07 GB) NTFS
Drive y: (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=918 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 984 MB) (Disk ID: FF40C686)
Partition 1: (Not Active) - (Size=984 MB) - (Type=06)


LastRegBack: 2013-11-29 22:05

==================== End Of Log ============================
--- --- ---

--- --- ---


hoffe ich hab das file richtig gepostet :)

aharonov 23.12.2013 11:29
Hallo,

startet der Rechner nach diesem Fix wieder normal?


Drücke bitte die + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
C:\Users\Expert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Other.exe
Speichere diese bitte als Fixlist.txt auf deinem USB Stick.
  • Starte deinen Rechner erneut in die Reparaturoptionen
  • Starte nun die FRST.exe erneut und klicke den Entfernen Button.

Das Tool erstellt eine Fixlog.txt auf deinem USB Stick. Poste den Inhalt bitte hier.

Pille77 23.12.2013 21:13
hallo,
hier das fixlog.txt

Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 18-12-2013 01
Ran by SYSTEM at 2013-12-23 21:10:39 Run:1
Running from G:\
Boot Mode: Recovery
==============================================

Content of fixlist:
*****************
C:\Users\Expert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Other.exe
       
*****************

C:\Users\Expert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Other.exe => Moved successfully.

==== End of Fixlog ====
mehr ist da nicht drin.

der rechenr startet zwar, aber nach ein paar minuten wird der bildschirm komplett weiß.
danach das fix gemacht.


gruß christine

aharonov 23.12.2013 21:27
Also nachdem du den Fix ausgeführt hast, startet der Rechner immer noch nicht normal?

Pille77 23.12.2013 21:42
Nein, davor,
Jetzt gehts es, kein weißer Bildschirm und ich komme normal ins Internet.
Also auch ohne weißen Schirm und Zahlungsaufforderungen

aharonov 23.12.2013 21:44
Gut, dann verschiebe die frst64.exe vom USB-Stick auf den Desktop.
  • Starte dann FRST.
  • Setze bei Optional Scan den Haken bei Addition.txt und drücke Scan.
  • Wenn der Scan abgeschlossen ist, werden zwei neue Logfiles FRST.txt und Addition.txt erstellt und auf dem Desktop gespeichert.
  • Poste den Inhalt dieser beiden Logfiles bitte hier in deinen Thread.

Pille77 23.12.2013 21:58
ok

1. frst

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-12-2013 01
Ran by Expert (administrator) on EXPERT-PC on 23-12-2013 21:49:34
Running from C:\Users\Expert\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\BBSvc.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\hp\Digital Imaging\bin\hpqtra08.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
() C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe
(Hewlett-Packard) C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe
(Ask) C:\Program Files (x86)\Ask.com\Updater\Updater.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\hp\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\hp\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\hp\Digital Imaging\bin\hpqgpc01.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\ipmgui.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\SeaPort.EXE
(Microsoft Corporation) \\?\C:\Windows\system32\wbem\WMIADAP.EXE

==================== Registry (Whitelisted) ==================

HKCU\...\Run: [HPADVISOR] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1668664 2009-07-15] (Hewlett-Packard)
HKCU\...\Policies\system: [DisableLockWorkstation] 0
HKCU\...\Policies\system: [DisableChangePassword] 0
HKLM-x32\...\Run: [hpsysdrv] - C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM-x32\...\Run: [HP Remote Solution] - C:\Program Files (x86)\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe [656896 2009-05-26] ()
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-05-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe [54576 2008-12-08] (Hewlett-Packard)
HKLM-x32\...\Run: [Easybits Recovery] - C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [60464 2009-06-22] (EasyBits Software AS)
HKLM-x32\...\Run: [UpdatePRCShortCut] - C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [ApnUpdater] - C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1644680 2013-02-08] (Ask)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [684600 2013-12-23] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKU\Default\...\Run: [HPADVISOR] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1668664 2009-07-15] (Hewlett-Packard)
HKU\Gast\...\Run: [HPADVISOR] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1668664 2009-07-15] (Hewlett-Packard)
HKU\Gast\...\Policies\system: [DisableLockWorkstation] 0
HKU\Gast\...\Policies\system: [DisableChangePassword] 0

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_DE&c=94&bd=Presario&pf=cndt
URLSearchHook: HKCU - UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
SearchScopes: HKLM - DefaultScope {762E9D06-E269-41B0-9DE1-7FE6F005F7AF} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcndtie7-de-de
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {079DFAA1-762A-4C20-ADC9-F03C427ACFEA} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
SearchScopes: HKLM - {762E9D06-E269-41B0-9DE1-7FE6F005F7AF} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcndtie7-de-de
SearchScopes: HKLM - {C44AFE91-ABF0-4701-B0C3-25D81ED33D20} URL = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
SearchScopes: HKLM-x32 - DefaultScope {762E9D06-E269-41B0-9DE1-7FE6F005F7AF} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcndtie7-de-de
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {079DFAA1-762A-4C20-ADC9-F03C427ACFEA} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
SearchScopes: HKLM-x32 - {762E9D06-E269-41B0-9DE1-7FE6F005F7AF} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcndtie7-de-de
SearchScopes: HKLM-x32 - {C44AFE91-ABF0-4701-B0C3-25D81ED33D20} URL = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
SearchScopes: HKCU - DefaultScope {762E9D06-E269-41B0-9DE1-7FE6F005F7AF} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcndtie7-de-de
SearchScopes: HKCU - {079DFAA1-762A-4C20-ADC9-F03C427ACFEA} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008
SearchScopes: HKCU - {762E9D06-E269-41B0-9DE1-7FE6F005F7AF} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1145&query={searchTerms}&invocationType=tb50hpcndtie7-de-de
SearchScopes: HKCU - {7EFB4E16-57FF-4FC7-9D4C-8EA0EB08F94C} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYDE&apn_uid=1E3E7CE9-E973-4E86-926D-175014CD3E58&apn_sauid=B2F68082-0C8D-4815-98B6-819DBBC90833
SearchScopes: HKCU - {C44AFE91-ABF0-4701-B0C3-25D81ED33D20} URL = hxxp://de.kelkoopartners.net/ctl/do/search?siteSearchQuery={searchTerms}&fromform=true&x=true&y=true&partner=hp&partnerId=96913933
BHO: Windows Live Family Safety Browser Helper Class - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation)
BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\hp\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\hp\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.107.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52272 2009-11-14] (EasyBits Software Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Expert\AppData\Roaming\Mozilla\Firefox\Profiles\m7czn5n7.default
FF SearchEngineOrder.1: Ask.com
FF SelectedSearchEngine: Google
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Expert\AppData\Roaming\Mozilla\Firefox\Profiles\m7czn5n7.default\searchplugins\askcom.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Ask Toolbar - C:\Users\Expert\AppData\Roaming\Mozilla\Firefox\Profiles\m7czn5n7.default\Extensions\toolbar@ask.com
FF Extension: Default Full Zoom Level - C:\Users\Expert\AppData\Roaming\Mozilla\Firefox\Profiles\m7czn5n7.default\Extensions\{D9A7CBEC-DE1A-444f-A092-844461596C4D}
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440376 2013-12-23] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-25] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1011768 2013-12-23] (Avira Operations GmbH & Co. KG)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
R2 ezSharedSvc; C:\Windows\System32\ezsvc7.dll [x]

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-23] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-23] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-25] (Avira Operations GmbH & Co. KG)
S3 StarOpen; No ImagePath
S3 PCDSRVC{F36B3A4C-F95654BD-06000000}_0; \??\c:\program files\pc-doctor for windows\pcdsrvc_x64.pkms [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-23 21:49 - 2013-12-23 21:50 - 00014407 _____ C:\Users\Expert\Desktop\FRST.txt
2013-12-23 21:48 - 2013-12-18 10:26 - 01928984 _____ (Farbar) C:\Users\Expert\Desktop\FRST64.exe
2013-12-22 19:48 - 2013-12-22 19:48 - 00000000 ____D C:\FRST
2013-12-15 05:53 - 2013-12-15 05:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-15 05:46 - 2013-12-15 05:46 - 00072720 _____ C:\Users\Expert\Downloads\adobeflashplayerv10.2.152.32(2).exe
2013-12-15 05:45 - 2013-12-15 05:45 - 00072720 _____ C:\Users\Expert\Downloads\adobeflashplayerv10.2.152.32(1).exe
2013-12-15 05:44 - 2013-12-15 05:44 - 00072720 _____ C:\Users\Expert\Downloads\adobeflashplayerv10.2.152.32.exe
2013-12-12 18:19 - 2013-05-10 06:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-12-12 18:19 - 2013-05-10 06:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-12-12 18:19 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-12-12 18:19 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-12-12 18:17 - 2013-11-26 12:54 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-12-12 18:17 - 2013-11-26 11:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-12-12 18:17 - 2013-11-26 11:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-12-12 18:17 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-12-12 18:17 - 2013-11-26 10:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-12-12 18:17 - 2013-11-26 10:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-12-12 18:17 - 2013-11-26 10:41 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-12-12 18:17 - 2013-11-26 10:29 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-12-12 18:17 - 2013-11-26 10:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-12-12 18:17 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-12-12 18:17 - 2013-11-26 10:21 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-12-12 18:17 - 2013-11-26 10:18 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-12-12 18:17 - 2013-11-26 10:18 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-12-12 18:17 - 2013-11-26 10:16 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-12-12 18:17 - 2013-11-26 09:57 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-12-12 18:17 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-12-12 18:17 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-12-12 18:17 - 2013-11-26 09:35 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-12-12 18:17 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-12-12 18:17 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-12-12 18:17 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-12-12 18:17 - 2013-11-26 09:02 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-12-12 18:17 - 2013-11-26 08:48 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-12-12 18:17 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-12-12 18:17 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-12-12 18:17 - 2013-11-26 08:07 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-12-12 18:17 - 2013-11-26 07:40 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-12-12 18:17 - 2013-11-26 07:34 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-12-12 18:17 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-12-12 18:17 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-12-12 18:17 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-12-12 17:41 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-12-12 17:41 - 2013-11-23 18:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2013-12-12 17:41 - 2013-10-30 03:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2013-12-12 17:41 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2013-12-12 17:41 - 2013-10-30 02:24 - 03155968 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-12-12 17:40 - 2013-10-19 03:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-12-12 17:40 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-12-12 17:35 - 2013-11-12 03:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-12-12 17:35 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-12-12 17:35 - 2013-10-04 03:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2013-12-12 17:35 - 2013-10-04 02:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2013-12-12 17:34 - 2013-10-12 03:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2013-12-12 17:34 - 2013-10-12 03:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2013-12-12 17:34 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2013-12-12 17:34 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2013-12-12 17:34 - 2013-10-12 02:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2013-12-12 17:34 - 2013-10-12 02:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2013-12-12 17:34 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2013-12-12 17:34 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2013-11-30 08:03 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-11-30 07:59 - 2013-11-30 07:59 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-30 07:59 - 2013-11-30 07:59 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-30 07:59 - 2013-11-30 07:59 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-30 07:59 - 2013-11-30 07:59 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-30 07:59 - 2013-11-30 07:59 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-30 07:59 - 2013-11-30 07:59 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-30 07:59 - 2013-11-30 07:59 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-30 07:59 - 2013-11-30 07:59 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-30 07:59 - 2013-11-30 07:59 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-30 07:59 - 2013-11-30 07:59 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-30 07:59 - 2013-11-30 07:59 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-30 07:59 - 2013-11-30 07:59 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-30 07:59 - 2013-11-30 07:59 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-30 07:59 - 2013-11-30 07:59 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-30 07:59 - 2013-11-30 07:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-30 07:59 - 2013-11-30 07:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-30 07:59 - 2013-11-30 07:59 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-30 07:59 - 2013-11-30 07:59 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-30 07:59 - 2013-11-30 07:59 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-30 07:59 - 2013-11-30 07:59 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-30 07:57 - 2013-11-30 08:03 - 00010791 _____ C:\Windows\IE11_main.log

==================== One Month Modified Files and Folders =======

2013-12-24 06:10 - 2009-12-10 18:50 - 00000000 ___RD C:\Users\Expert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-12-23 21:50 - 2013-12-23 21:49 - 00014407 _____ C:\Users\Expert\Desktop\FRST.txt
2013-12-23 21:49 - 2009-11-14 12:12 - 00654150 _____ C:\Windows\system32\perfh007.dat
2013-12-23 21:49 - 2009-11-14 12:12 - 00130022 _____ C:\Windows\system32\perfc007.dat
2013-12-23 21:49 - 2009-07-14 06:13 - 01498742 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-23 21:47 - 2009-11-13 21:56 - 02057358 _____ C:\Windows\WindowsUpdate.log
2013-12-23 21:46 - 2013-08-25 05:05 - 00000000 ____D C:\Windows\system32\MRT
2013-12-23 21:46 - 2009-07-14 05:45 - 00015792 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-23 21:46 - 2009-07-14 05:45 - 00015792 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-23 21:45 - 2013-10-20 09:03 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-12-23 21:45 - 2013-10-20 09:00 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-12-23 21:45 - 2013-10-20 09:00 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-12-23 21:43 - 2010-02-10 15:58 - 90708896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-12-23 21:38 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-23 21:38 - 2009-07-14 05:51 - 00065329 _____ C:\Windows\setupact.log
2013-12-22 19:48 - 2013-12-22 19:48 - 00000000 ____D C:\FRST
2013-12-18 16:10 - 2012-04-25 18:34 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-18 16:09 - 2012-05-14 16:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-12-18 10:26 - 2013-12-23 21:48 - 01928984 _____ (Farbar) C:\Users\Expert\Desktop\FRST64.exe
2013-12-15 05:53 - 2013-12-15 05:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-12-15 05:46 - 2013-12-15 05:46 - 00072720 _____ C:\Users\Expert\Downloads\adobeflashplayerv10.2.152.32(2).exe
2013-12-15 05:45 - 2013-12-15 05:45 - 00072720 _____ C:\Users\Expert\Downloads\adobeflashplayerv10.2.152.32(1).exe
2013-12-15 05:44 - 2013-12-15 05:44 - 00072720 _____ C:\Users\Expert\Downloads\adobeflashplayerv10.2.152.32.exe
2013-12-15 05:39 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2013-12-15 05:38 - 2009-07-14 05:45 - 00331880 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-12 17:28 - 2012-04-25 18:34 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-12-12 17:28 - 2012-04-25 18:34 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-12-12 17:28 - 2011-09-14 18:48 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-12-12 17:22 - 2010-02-07 13:08 - 00000000 ____D C:\Users\Expert\AppData\Local\Adobe
2013-12-12 17:19 - 2010-02-23 19:10 - 00000000 ____D C:\Users\Expert\AppData\Roaming\HP Support Assistant
2013-12-12 17:19 - 2010-01-14 20:46 - 00000000 ____D C:\Users\Expert\AppData\Roaming\HpUpdate
2013-12-03 19:22 - 2009-12-10 18:50 - 00001419 _____ C:\Users\Expert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-12-03 19:21 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-11-30 08:03 - 2013-11-30 07:57 - 00010791 _____ C:\Windows\IE11_main.log
2013-11-30 07:59 - 2013-11-30 07:59 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-30 07:59 - 2013-11-30 07:59 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-30 07:59 - 2013-11-30 07:59 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-30 07:59 - 2013-11-30 07:59 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-30 07:59 - 2013-11-30 07:59 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-30 07:59 - 2013-11-30 07:59 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-30 07:59 - 2013-11-30 07:59 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-30 07:59 - 2013-11-30 07:59 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-30 07:59 - 2013-11-30 07:59 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-30 07:59 - 2013-11-30 07:59 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-30 07:59 - 2013-11-30 07:59 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-30 07:59 - 2013-11-30 07:59 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-30 07:59 - 2013-11-30 07:59 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-30 07:59 - 2013-11-30 07:59 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-30 07:59 - 2013-11-30 07:59 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-30 07:59 - 2013-11-30 07:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-30 07:59 - 2013-11-30 07:59 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-30 07:59 - 2013-11-30 07:59 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-30 07:59 - 2013-11-30 07:59 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-30 07:59 - 2013-11-30 07:59 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-30 07:59 - 2013-11-30 07:59 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-30 07:13 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-11-26 12:54 - 2013-12-12 18:17 - 23183360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-26 11:19 - 2013-12-12 18:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-26 11:18 - 2013-12-12 18:17 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-26 11:11 - 2013-12-12 18:17 - 17112576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-26 10:48 - 2013-12-12 18:17 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-26 10:46 - 2013-12-12 18:17 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-26 10:41 - 2013-12-12 18:17 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-26 10:29 - 2013-12-12 18:17 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-26 10:27 - 2013-12-12 18:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-26 10:23 - 2013-12-12 18:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-26 10:21 - 2013-12-12 18:17 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-26 10:18 - 2013-12-12 18:17 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-26 10:18 - 2013-12-12 18:17 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-26 10:16 - 2013-12-12 18:17 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-26 09:57 - 2013-12-12 18:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-26 09:38 - 2013-12-12 18:17 - 02166784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-26 09:38 - 2013-12-12 18:17 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-26 09:35 - 2013-12-12 18:17 - 05769216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-26 09:32 - 2013-12-12 18:17 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-26 09:28 - 2013-12-12 18:17 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-26 09:16 - 2013-12-12 18:17 - 04243968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-26 09:02 - 2013-12-12 18:17 - 01995264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-26 08:48 - 2013-12-12 18:17 - 12996608 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-26 08:32 - 2013-12-12 18:17 - 01928192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-26 08:26 - 2013-12-12 18:17 - 11221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-26 08:07 - 2013-12-12 18:17 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-26 07:40 - 2013-12-12 18:17 - 01395200 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-26 07:34 - 2013-12-12 18:17 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-26 07:34 - 2013-12-12 18:17 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-26 07:33 - 2013-12-12 18:17 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-26 07:27 - 2013-12-12 18:17 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-25 18:21 - 2013-10-20 09:00 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-11-23 19:26 - 2013-12-12 17:41 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2013-11-23 18:47 - 2013-12-12 17:41 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll

Some content of TEMP:
====================
C:\Users\Expert\AppData\Local\Temp\APNStub.exe
C:\Users\Expert\AppData\Local\Temp\AskSLib.dll
C:\Users\Expert\AppData\Local\Temp\avgnt.exe
C:\Users\Expert\AppData\Local\Temp\FlashPlayerUpdate.exe
C:\Users\Expert\AppData\Local\Temp\FP_AX_MSI_INSTALLER.exe
C:\Users\Expert\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Expert\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Expert\AppData\Local\Temp\Resource.exe
C:\Users\Expert\AppData\Local\Temp\softonic_s_de3.exe
C:\Users\Expert\AppData\Local\Temp\sp46257.exe
C:\Users\Expert\AppData\Local\Temp\sp49905.exe.exe
C:\Users\Expert\AppData\Local\Temp\sp53904.exe
C:\Users\Expert\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\Expert\AppData\Local\Temp\UninstallHPTCA.exe
C:\Users\Expert\AppData\Local\Temp\vcredist_x64.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-11-30 07:05

==================== End Of Log ============================
--- --- ---

--- --- ---



2.

Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-12-2013 01
Ran by Expert at 2013-12-23 21:50:54
Running from C:\Users\Expert\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

64 Bit HP CIO Components Installer (Version: 7.2.8)
Adobe Flash Player 10 ActiveX (x32 Version: 10.0.22.87)
Adobe Flash Player 10 ActiveX (x32 Version: 10.0.32.18)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.170)
Adobe Reader XI - Deutsch (x32 Version: 11.0.00)
Amazon MP3-Downloader 1.0.9 (x32)
Ask Toolbar (x32 Version: 1.15.15.0) <==== ATTENTION
Ask Toolbar Updater (HKCU Version: 1.2.4.36191) <==== ATTENTION
ATI Catalyst Install Manager (Version: 3.0.728.0)
Avira Free Antivirus (x32 Version: 14.0.2.286)
Bing Bar (x32 Version: 7.3.107.0)
BufferChm (x32 Version: 130.0.331.000)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center Core Implementation (x32 Version: 2009.0520.1631.27815)
Catalyst Control Center Graphics Full Existing (x32 Version: 2009.0520.1631.27815)
Catalyst Control Center Graphics Full New (x32 Version: 2009.0520.1631.27815)
Catalyst Control Center Graphics Light (x32 Version: 2009.0520.1631.27815)
Catalyst Control Center HydraVision Full (x32 Version: 2009.0520.1631.27815)
Catalyst Control Center InstallProxy (x32 Version: 2009.0520.1631.27815)
Catalyst Control Center Localization All (x32 Version: 2009.0520.1631.27815)
CCC Help Chinese Standard (x32 Version: 2009.0520.1630.27815)
CCC Help Chinese Traditional (x32 Version: 2009.0520.1630.27815)
CCC Help Czech (x32 Version: 2009.0520.1630.27815)
CCC Help Danish (x32 Version: 2009.0520.1630.27815)
CCC Help Dutch (x32 Version: 2009.0520.1630.27815)
CCC Help English (x32 Version: 2009.0520.1630.27815)
CCC Help Finnish (x32 Version: 2009.0520.1630.27815)
CCC Help French (x32 Version: 2009.0520.1630.27815)
CCC Help German (x32 Version: 2009.0520.1630.27815)
CCC Help Greek (x32 Version: 2009.0520.1630.27815)
CCC Help Hungarian (x32 Version: 2009.0520.1630.27815)
CCC Help Italian (x32 Version: 2009.0520.1630.27815)
CCC Help Japanese (x32 Version: 2009.0520.1630.27815)
CCC Help Korean (x32 Version: 2009.0520.1630.27815)
CCC Help Norwegian (x32 Version: 2009.0520.1630.27815)
CCC Help Polish (x32 Version: 2009.0520.1630.27815)
CCC Help Portuguese (x32 Version: 2009.0520.1630.27815)
CCC Help Russian (x32 Version: 2009.0520.1630.27815)
CCC Help Spanish (x32 Version: 2009.0520.1630.27815)
CCC Help Swedish (x32 Version: 2009.0520.1630.27815)
CCC Help Thai (x32 Version: 2009.0520.1630.27815)
CCC Help Turkish (x32 Version: 2009.0520.1630.27815)
ccc-core-static (x32 Version: 2009.0520.1631.27815)
ccc-utility64 (Version: 2009.0520.1631.27815)
Compatibility Pack für 2007 Office System (x32 Version: 12.0.6612.1000)
Copy (x32 Version: 130.0.366.000)
CyberLink DVD Suite Deluxe (x32 Version: 6.0.3101)
Destinations (x32 Version: 140.0.77.000)
DeviceDiscovery (x32 Version: 130.0.372.000)
DirectX for Managed Code Update (Summer 2004) (x32 Version: 9.02.2904)
DJ_AIO_06_F2400_SW_Min (x32 Version: 130.0.373.000)
Download Updater (AOL LLC) (x32)
ElsterFormular-Update (x32 Version: 1.0)
F2400 (x32 Version: 130.0.373.000)
GPBaseService2 (x32 Version: 130.0.371.000)
Hardwarediagnosetools (Version: 6.0.5205.31)
Hewlett-Packard ACLM.NET v1.1.1.0 (x32 Version: 1.00.0000)
HP Advisor (x32 Version: 3.2.8946.3086)
HP Customer Experience Enhancements (x32 Version: 6.0.1.3)
HP Customer Participation Program 13.0 (Version: 13.0)
HP Deskjet F2400 All-In-One Driver Software 13.0 Rel .6 (Version: 13.0)
HP Games (x32 Version: 1.0.0.71)
HP Imaging Device Functions 13.0 (Version: 13.0)
HP Odometer (x32 Version: 2.10.0000)
HP Print Projects 1.0 (Version: 1.0)
HP Remote Solution (x32 Version: 1.1.9.0)
HP Setup (x32 Version: 1.2.3220.3079)
HP Smart Web Printing 4.5 (Version: 4.5)
HP Solution Center 13.0 (Version: 13.0)
HP Support Assistant (x32 Version: 6.0.5.4)
HP Support Information (x32 Version: 10.1.0002)
HP Update (x32 Version: 5.001.000.014)
HPPhotoGadget (x32 Version: 130.0.282.000)
hpPrintProjects (x32 Version: 130.0.303.000)
HPProductAssistant (x32 Version: 130.0.371.000)
hpWLPGInstaller (x32 Version: 130.0.303.000)
HydraVision (x32 Version: 4.2.98.0)
Java 7 Update 45 (x32 Version: 7.0.450)
Java Auto Updater (x32 Version: 2.1.9.8)
Junk Mail filter update (x32 Version: 14.0.8089.726)
LabelPrint (x32 Version: 2.5.1901)
LightScribe System Software (x32 Version: 1.18.5.1)
Magic Desktop (x32)
MarketResearch (x32 Version: 130.0.374.000)
McAfee Security Scan Plus (Version: 3.8.130.10)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Choice Guard (x32 Version: 2.0.48.0)
Microsoft Office PowerPoint Viewer 2007 (German) (x32 Version: 12.0.6612.1000)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
Microsoft Sync Framework Runtime Native v1.0 (x86) (x32 Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (x32 Version: 1.0.1215.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Microsoft Works (x32 Version: 9.7.0621)
Mozilla Firefox 26.0 (x86 de) (x32 Version: 26.0)
Mozilla Maintenance Service (x32 Version: 26.0)
MSVCRT (x32 Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
NVIDIA Drivers (Version: 1.3)
Power2Go (x32 Version: 6.0.3101)
PowerDirector (x32 Version: 7.0.3101)
PowerRecover (x32 Version: 5.5.1923)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.5882)
Scan (x32 Version: 140.0.80.000)
SmartWebPrinting (x32 Version: 130.0.373.000)
SolutionCenter (x32 Version: 130.0.373.000)
Status (x32 Version: 130.0.373.000)
Testversion von Microsoft Office Home and Student 2007
Toolbox (x32 Version: 130.0.648.000)
Total Commander (Remove or Repair) (x32)
TrayApp (x32 Version: 130.0.376.000)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3)
WebReg (x32 Version: 130.0.132.017)
Windows Live Anmelde-Assistent (x32 Version: 5.000.818.5)
Windows Live Communications Platform (x32 Version: 14.0.8098.930)
Windows Live Essentials (x32 Version: 14.0.8089.0726)
Windows Live Essentials (x32 Version: 14.0.8089.726)
Windows Live Family Safety (Version: 14.0.8093.805)
Windows Live Fotogalerie (x32 Version: 14.0.8081.709)
Windows Live Mail (x32 Version: 14.0.8089.0726)
Windows Live Movie Maker (x32 Version: 14.0.8091.0730)
Windows Live Sync (x32 Version: 14.0.8089.726)
Windows Live Writer (x32 Version: 14.0.8089.0726)
Windows Live-Uploadtool (x32 Version: 14.0.8014.1029)

==================== Restore Points  =========================

20-10-2013 07:47:53 Windows Update
27-10-2013 08:52:05 Installed Java 7 Update 45
03-11-2013 11:23:23 Geplanter Prüfpunkt
14-11-2013 17:12:00 Windows Update
20-11-2013 18:21:52 Windows Update
30-11-2013 06:12:29 Geplanter Prüfpunkt
30-11-2013 06:56:29 Windows Update
12-12-2013 17:16:19 Windows Update
23-12-2013 20:42:28 Windows Update

==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0A8A9442-D675-4097-987F-BD2816B9D826} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-12] (Adobe Systems Incorporated)
Task: {23406741-1F24-465C-B847-C72658074C53} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-06-21] (Hewlett-Packard Company)
Task: {3311F643-FF1D-444E-9C31-1C490B1F394E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2011-06-21] (Hewlett-Packard Company)
Task: {33C978FE-CD8F-45E5-92C9-46CBAAD9E69C} - System32\Tasks\Scheduled Update for Ask Toolbar => C:\Program Files (x86)\Ask.com\UpdateTask.exe [2013-02-08] ()
Task: {95D00214-A3CD-4376-90A4-46186AACE63C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFUpdater.exe [2011-06-14] (Hewlett-Packard)
Task: {C08682E5-F58C-4725-835D-3785868A76CA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFMessenger\HPSFMsgr.exe [2011-06-21] (Hewlett-Packard Company)
Task: {DB5BB986-6B9D-4D0E-A610-467A4B6E4053} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Total Care Tune-Up => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPTuneUp.exe [2011-03-22] (Hewlett-Packard Company)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2009-06-08 16:45 - 2009-06-08 16:45 - 00098304 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2009-11-14 03:27 - 2009-11-14 03:27 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2009-07-15 17:51 - 2009-07-15 17:51 - 00061440 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\PCAlerts\PCAlertsPillar.dll
2009-07-15 17:51 - 2009-07-15 17:51 - 00131072 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Pillars\ECenter\ECLibrary.dll
2009-07-15 17:50 - 2009-07-15 17:50 - 00040960 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingServer.dll
2009-07-15 17:50 - 2009-07-15 17:50 - 00005632 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingInterface.dll
2009-07-15 17:50 - 2009-07-15 17:50 - 00018944 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingMessages.dll
2009-07-15 17:50 - 2009-07-15 17:50 - 00036864 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\MessagingClients.dll
2009-07-15 17:50 - 2009-07-15 17:50 - 00028672 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Microsoft.Practices.EnterpriseLibrary.ExceptionHandling.Logging.dll
2009-07-15 17:50 - 2009-07-15 17:50 - 00007680 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Advisor\RemotingClient.dll
2013-10-20 09:00 - 2013-10-20 08:43 - 00394824 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/18/2013 04:10:27 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc000041d
Fehleroffset: 0x0000000000052f80
ID des fehlerhaften Prozesses: 0x6c4
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3

Error: (12/18/2013 04:10:13 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d672ee4
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000052f80
ID des fehlerhaften Prozesses: 0x6c4
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3

Error: (12/12/2013 05:21:08 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (12/12/2013 05:21:08 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error: (11/30/2013 07:07:53 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile  WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (11/24/2013 07:07:54 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: avnotify.exe, Version: 13.6.20.2100, Zeitstempel: 0x51e6b921
Name des fehlerhaften Moduls: avnotify.exe, Version: 13.6.20.2100, Zeitstempel: 0x51e6b921
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00001487
ID des fehlerhaften Prozesses: 0x360
Startzeit der fehlerhaften Anwendung: 0xavnotify.exe0
Pfad der fehlerhaften Anwendung: avnotify.exe1
Pfad des fehlerhaften Moduls: avnotify.exe2
Berichtskennung: avnotify.exe3

Error: (11/20/2013 07:28:18 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: HPSF_Tasks.exe, Version: 6.0.5.4, Zeitstempel: 0x4e00bf33
Name des fehlerhaften Moduls: hpupdatecomponent.dll, Version: 1.0.14.0, Zeitstempel: 0x4a049c3c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000b3c1
ID des fehlerhaften Prozesses: 0x%9
Startzeit der fehlerhaften Anwendung: 0xHPSF_Tasks.exe0
Pfad der fehlerhaften Anwendung: HPSF_Tasks.exe1
Pfad des fehlerhaften Moduls: HPSF_Tasks.exe2
Berichtskennung: HPSF_Tasks.exe3

Error: (11/06/2013 06:53:45 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: avnotify.exe, Version: 13.6.20.2100, Zeitstempel: 0x51e6b921
Name des fehlerhaften Moduls: avnotify.exe, Version: 13.6.20.2100, Zeitstempel: 0x51e6b921
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00001487
ID des fehlerhaften Prozesses: 0xa60
Startzeit der fehlerhaften Anwendung: 0xavnotify.exe0
Pfad der fehlerhaften Anwendung: avnotify.exe1
Pfad des fehlerhaften Moduls: avnotify.exe2
Berichtskennung: avnotify.exe3

Error: (11/03/2013 00:18:15 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"1". Fehler in Manifest- oder Richtliniendatei "WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"2" in Zeile  WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition: WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (11/03/2013 11:45:21 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: avnotify.exe, Version: 13.6.20.2100, Zeitstempel: 0x51e6b921
Name des fehlerhaften Moduls: avnotify.exe, Version: 13.6.20.2100, Zeitstempel: 0x51e6b921
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00001487
ID des fehlerhaften Prozesses: 0xac0
Startzeit der fehlerhaften Anwendung: 0xavnotify.exe0
Pfad der fehlerhaften Anwendung: avnotify.exe1
Pfad des fehlerhaften Moduls: avnotify.exe2
Berichtskennung: avnotify.exe3


System errors:
=============
Error: (11/20/2013 07:19:10 PM) (Source: DCOM) (User: )
Description: 1053WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (11/20/2013 07:19:10 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (11/20/2013 07:19:10 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Search erreicht.

Error: (09/01/2013 01:03:00 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x8000ffff fehlgeschlagen: Sicherheitsupdate für Windows 7 für x64-basierte Systeme (KB2862966)

Error: (09/01/2013 01:02:52 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x8000ffff fehlgeschlagen: Sicherheitsupdate für Microsoft .NET Framework 3.5.1 unter Windows 7 und Windows Server 2008 R2 SP1 für x64-basierte Systeme (KB2844286)

Error: (09/01/2013 01:02:41 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x8000ffff fehlgeschlagen: Kumulatives Sicherheitsupdate für Internet Explorer 10 unter Windows 7 Service Pack 1 für x64-basierte Systeme (KB2862772)

Error: (07/31/2013 02:15:53 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎30.‎07.‎2013 um 12:45:27 unerwartet heruntergefahren.

Error: (05/20/2013 03:01:02 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AMD External Events Utility" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (05/20/2013 03:01:02 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst AMD External Events Utility erreicht.

Error: (12/17/2012 06:03:54 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}


Microsoft Office Sessions:
=========================
Error: (12/18/2013 04:10:27 PM) (Source: Application Error)(User: )
Description: Explorer.EXE6.1.7601.175674d672ee4ntdll.dll6.1.7601.18247521eaf24c000041d0000000000052f806c401cefc032dc47be0C:\Windows\Explorer.EXEC:\Windows\SYSTEM32\ntdll.dll86953520-67f6-11e3-a95e-00265538a615

Error: (12/18/2013 04:10:13 PM) (Source: Application Error)(User: )
Description: Explorer.EXE6.1.7601.175674d672ee4ntdll.dll6.1.7601.18247521eaf24c00000050000000000052f806c401cefc032dc47be0C:\Windows\Explorer.EXEC:\Windows\SYSTEM32\ntdll.dll7e217340-67f6-11e3-a95e-00265538a615

Error: (12/12/2013 05:21:08 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Users\Expert\Downloads\SoftonicDownloader_fuer_elsterformular-2009-2010(2).exe

Error: (12/12/2013 05:21:08 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Users\Expert\Downloads\SoftonicDownloader_fuer_elsterformular-2009-2010.exe

Error: (11/30/2013 07:07:53 AM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"c:\program files (x86)\windows live\photo gallery\MovieMaker.Exec:\program files (x86)\windows live\photo gallery\WLMFDS.DLL8

Error: (11/24/2013 07:07:54 AM) (Source: Application Error)(User: )
Description: avnotify.exe13.6.20.210051e6b921avnotify.exe13.6.20.210051e6b921c00000050000148736001cee8db7a9bfc80C:\Program Files (x86)\Avira\AntiVir Desktop\avnotify.exeC:\Program Files (x86)\Avira\AntiVir Desktop\avnotify.exec1596400-54ce-11e3-9341-00265538a615

Error: (11/20/2013 07:28:18 PM) (Source: Application Error)(User: )
Description: HPSF_Tasks.exe6.0.5.44e00bf33hpupdatecomponent.dll1.0.14.04a049c3cc00000050000b3c1

Error: (11/06/2013 06:53:45 PM) (Source: Application Error)(User: )
Description: avnotify.exe13.6.20.210051e6b921avnotify.exe13.6.20.210051e6b921c000000500001487a6001cedb1916159e80C:\Program Files (x86)\Avira\AntiVir Desktop\avnotify.exeC:\Program Files (x86)\Avira\AntiVir Desktop\avnotify.exe60f3e880-470c-11e3-94f3-00265538a615

Error: (11/03/2013 00:18:15 PM) (Source: SideBySide)(User: )
Description: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1"WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1"c:\program files (x86)\windows live\photo gallery\MovieMaker.Exec:\program files (x86)\windows live\photo gallery\WLMFDS.DLL8

Error: (11/03/2013 11:45:21 AM) (Source: Application Error)(User: )
Description: avnotify.exe13.6.20.210051e6b921avnotify.exe13.6.20.210051e6b921c000000500001487ac001ced881c12f33c0C:\Program Files (x86)\Avira\AntiVir Desktop\avnotify.exeC:\Program Files (x86)\Avira\AntiVir Desktop\avnotify.exe08d380a0-4475-11e3-81f3-00265538a615


==================== Memory info ===========================

Percentage of memory in use: 33%
Total physical RAM: 4095.3 MB
Available physical RAM: 2714.32 MB
Total Pagefile: 8188.79 MB
Available Pagefile: 6512.46 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (COMPAQ) (Fixed) (Total:918.22 GB) (Free:864.28 GB) NTFS
Drive d: (FACTORY_IMAGE) (Fixed) (Total:13.2 GB) (Free:2.35 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive g: () (Removable) (Total:0.96 GB) (Free:0.96 GB) FAT

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 1549F232)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=918 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 984 MB) (Disk ID: FF40C686)
Partition 1: (Not Active) - (Size=984 MB) - (Type=06)

==================== End Of Log ============================
ach so, während ich das hier mache, hat der antivir angeschlagen.
3 viren oder unwerwünschte programme


Alle Zeitangaben in WEZ +1. Es ist jetzt 22:41 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131