| Nitram1107 | 06.02.2014 17:29 |
FRST Logfile:
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 05-02-2014
Ran by user (administrator) on USER-PC on 06-02-2014 17:23:15
Running from C:\Users\user\Downloads
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgwdsvc.exe
() C:\Program Files\Launch Manager\LaunchAp.exe
(Wistron) C:\Program Files\Launch Manager\HotkeyApp.exe
(Wistron Corp.) C:\Program Files\Launch Manager\OSD.exe
(Wistron) C:\Program Files\Launch Manager\WButton.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgui.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgemcx.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPStart.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Wistron Corp.) C:\Program Files\Launch Manager\WisLMSvc.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Setup © ) C:\Users\user\AppData\Local\Temp\MySearchDial.exe
(Systweak Inc) C:\Program Files\RegClean Pro\RegCleanPro.exe
(MyPCBackup.com) C:\Program Files\MyPC Backup\MyPC Backup.exe
() C:\Program Files\RightSurf\updateRightSurf.exe
(Google Inc.) C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [LaunchAp] - C:\Program Files\Launch Manager\LaunchAp.exe [32768 2007-09-01] ()
HKLM\...\Run: [HotkeyApp] - C:\Program Files\Launch Manager\HotkeyApp.exe [188416 2007-09-06] (Wistron)
HKLM\...\Run: [LMgrOSD] - C:\Program Files\Launch Manager\OSD.exe [180224 2006-12-26] (Wistron Corp.)
HKLM\...\Run: [Wbutton] - C:\Program Files\Launch Manager\Wbutton.exe [86016 2007-09-07] (Wistron)
HKLM\...\Run: [UCam_Menu] - C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [222504 2007-09-13] (CyberLink Corp.)
HKLM\...\Run: [AVG_UI] - C:\Program Files\AVG\AVG2014\avgui.exe [4956176 2013-11-07] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [4718592 2007-12-17] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] - C:\Windows\Skytel.exe [1826816 2007-11-20] (Realtek Semiconductor Corp.)
HKLM\...\Run: [SynTPStart] - C:\Program Files\Synaptics\SynTP\SynTPStart.exe [102400 2007-08-31] (Synaptics, Inc.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Runonce: [Del74872945] - cmd.exe /Q /D /c del "C:\Users\user\AppData\Local\Temp\0.del"
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\.DEFAULT\...\Run: [Picasa Media Detector] - C:\Program Files\Picasa2\PicasaMediaDetector.exe [443968 2008-08-21] (Google Inc.)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-1794580170-1125773471-1513792877-1000\...\Run: [Spybot-S&D Cleaning] - C:\Program Files\Spybot - Search & Destroy 2\SDCleaner.exe [3642312 2013-05-16] (Safer-Networking Ltd.)
HKU\S-1-5-21-1794580170-1125773471-1513792877-1000\...\Run: [WMPNSCFG] - C:\Program Files\Windows Media Player\WMPNSCFG.exe [202240 2008-01-21] (Microsoft Corporation)
HKU\S-1-5-21-1794580170-1125773471-1513792877-1000\...\Run: [Google Update] - C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-08-12] (Google Inc.)
HKU\S-1-5-21-1794580170-1125773471-1513792877-1000\...\RunOnce: [Del74872929] - cmd.exe /Q /D /c del "C:\Users\user\AppData\Local\Temp\0.del"
HKU\S-1-5-21-1794580170-1125773471-1513792877-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-1794580170-1125773471-1513792877-1000\...\MountPoints2: {19463509-e3c4-11e1-a90e-806e6f6e6963} - E:\o2Start.exe
HKU\S-1-5-21-1794580170-1125773471-1513792877-1000\...\MountPoints2: {e99b53b3-67e0-11e2-b37c-0016d3882de2} - G:\LaunchU3.exe -a
Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.mysearchdial.com/?f=1&a=dsites0103&cd=2XzuyEtN2Y1L1QzutDtDtC0FtA0C0BzzyE0ByD0F0F0EyEtAtN0D0Tzu0CyByCzztN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1879132143&ir=
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.medion.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.mysearchdial.com/?f=1&a=dsites0103&cd=2XzuyEtN2Y1L1QzutDtDtC0FtA0C0BzzyE0ByD0F0F0EyEtAtN0D0Tzu0CyByCzztN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1879132143&ir=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.medion.com/
SearchScopes: HKLM - DefaultScope {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites0103&cd=2XzuyEtN2Y1L1QzutDtDtC0FtA0C0BzzyE0ByD0F0F0EyEtAtN0D0Tzu0CyByCzztN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1879132143&ir=
SearchScopes: HKLM - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites0103&cd=2XzuyEtN2Y1L1QzutDtDtC0FtA0C0BzzyE0ByD0F0F0EyEtAtN0D0Tzu0CyByCzztN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1879132143&ir=
SearchScopes: HKCU - DefaultScope {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites0103&cd=2XzuyEtN2Y1L1QzutDtDtC0FtA0C0BzzyE0ByD0F0F0EyEtAtN0D0Tzu0CyByCzztN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1879132143&ir=
SearchScopes: HKCU - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dsites0103&cd=2XzuyEtN2Y1L1QzutDtDtC0FtA0C0BzzyE0ByD0F0F0EyEtAtN0D0Tzu0CyByCzztN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1879132143&ir=
SearchScopes: HKCU - {FE330803-19A9-4DAE-8FFB-CD679B9A3B3A} URL = hxxp://search.softonic.com/MOY00621/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=a8ddfe43000000000000001f3cb84b5f&r=389
BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: RightSurf - {88be1aa9-6740-461c-9e3e-f35eb8fa741c} - C:\Program Files\RightSurf\RightSurfbho.dll (RightSurf)
BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: mysearchdial Helper Object - {EF5625A3-37AB-4BDB-9875-2A3D91CD0DFD} - C:\Program Files\Mysearchdial\1.8.21.0\bh\mysearchdial.dll (MySearchDial)
BHO: Adblock Plus for IE Browser Helper Object - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll (Adblock Plus)
Toolbar: HKLM - mysearchdial Toolbar - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\Program Files\Mysearchdial\1.8.21.0\mysearchdialTlbr.dll (MySearchDial)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_25-windows-i586.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.8.5.1302.1018.dll (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Chrome:
=======
CHR HomePage: hxxp://www.google.com
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR DefaultSearchProvider: Search the web (Softonic)
CHR DefaultSearchURL: hxxp://www.google.com
CHR Extension: (No Name) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf [2013-11-14]
CHR Extension: (No Name) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\engeblojhfeingnjnfpiceofljnjpldp [2013-01-07]
CHR HKLM\...\Chrome\Extension: [engeblojhfeingnjnfpiceofljnjpldp] - C:\Users\user\AppData\Local\CRE\engeblojhfeingnjnfpiceofljnjpldp.crx [2012-12-01]
CHR HKCU\...\Chrome\Extension: [engeblojhfeingnjnfpiceofljnjpldp] - C:\Users\user\AppData\Local\CRE\engeblojhfeingnjnfpiceofljnjpldp.crx [2012-12-01]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2012-12-01]
========================== Services (Whitelisted) =================
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3478544 2013-11-11] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-24] (AVG Technologies CZ, s.r.o.)
S2 BackupStack; C:\Program Files\MyPC Backup\BackupStack.exe [36392 2014-01-27] (Just Develop It)
S2 BstHdAndroidSvc; C:\Program Files\BlueStacks\HD-Service.exe [393032 2013-07-04] (BlueStack Systems, Inc.)
S4 BstHdLogRotatorSvc; C:\Program Files\BlueStacks\HD-LogRotatorService.exe [384840 2013-07-04] (BlueStack Systems, Inc.)
S2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [106280 2013-11-15] (SurfRight B.V.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [235216 2013-09-06] (McAfee, Inc.)
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
R2 Update RightSurf; C:\Program Files\RightSurf\updateRightSurf.exe [80160 2014-02-05] ()
S3 usnjsvc; C:\Program Files\Windows Live\Messenger\usnsvc.exe [98328 2007-10-18] (Microsoft Corporation)
R3 WisLMSvc; C:\Program Files\Launch Manager\WisLMSvc.exe [118784 2007-09-11] (Wistron Corp.)
S3 WLSetupSvc; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [266240 2007-10-25] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [120600 2013-11-05] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [209176 2013-11-04] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [147768 2013-10-24] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [22840 2013-09-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [176952 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [222520 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [102712 2013-10-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27448 2013-09-10] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [193848 2013-08-01] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [33112 2013-02-19] (AVG Technologies)
R2 BstHdDrv; C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [63816 2013-07-04] (BlueStack Systems)
S3 Cam5607; C:\Windows\System32\Drivers\BisonC07.sys [980904 2007-08-15] (Bison Electronics. Inc. )
R3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [30976 2014-02-05] ()
R1 Hotkey; C:\Windows\system32\Drivers\Hotkey.sys [9867 2003-04-28] ()
S3 NETw4x32; C:\Windows\System32\DRIVERS\NETw4x32.sys [2211456 2007-08-08] (Intel Corporation)
R0 Si3531; C:\Windows\System32\DRIVERS\Si3531.sys [210736 2007-06-01] (Silicon Image, Inc)
R0 SiFilter; C:\Windows\System32\DRIVERS\SiWinAcc.sys [17328 2007-05-25] (Silicon Image, Inc.)
R0 SiRemFil; C:\Windows\System32\DRIVERS\SiRemFil.sys [12464 2007-05-25] (Silicon Image, Inc.)
S3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [27416 2006-11-30] (X10 Wireless Technology, Inc.)
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 Tosrfcom; No ImagePath
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-02-06 17:21 - 2014-02-06 17:23 - 00025673 _____ () C:\Users\user\Downloads\Addition.txt
2014-02-06 17:20 - 2014-02-06 17:23 - 00015439 _____ () C:\Users\user\Downloads\FRST.txt
2014-02-06 17:19 - 2014-02-06 17:23 - 00000000 ____D () C:\FRST
2014-02-06 17:14 - 2014-02-06 17:14 - 00001758 _____ () C:\Users\user\Desktop\Sync Folder.lnk
2014-02-06 17:14 - 2014-02-06 17:14 - 00001002 _____ () C:\Users\Public\Desktop\Advanced System Protector.lnk
2014-02-06 17:14 - 2014-02-06 17:14 - 00000000 ____D () C:\ProgramData\Systweak
2014-02-06 17:14 - 2014-02-06 17:14 - 00000000 ____D () C:\Program Files\RightSurf
2014-02-06 17:14 - 2014-02-06 17:14 - 00000000 ____D () C:\Program Files\Advanced System Protector
2014-02-06 17:14 - 2012-07-25 12:03 - 00017136 _____ () C:\Windows\system32\sasnative32.exe
2014-02-06 17:13 - 2014-02-06 17:14 - 00000000 ____D () C:\Users\user\AppData\Roaming\systweak
2014-02-06 17:13 - 2014-02-06 17:14 - 00000000 ____D () C:\Program Files\MyPC Backup
2014-02-06 17:13 - 2014-02-06 17:13 - 00000907 _____ () C:\Users\Public\Desktop\Open It!.lnk
2014-02-06 17:13 - 2014-02-06 17:13 - 00000888 _____ () C:\Users\user\Desktop\MyPC Backup.lnk
2014-02-06 17:13 - 2014-02-06 17:13 - 00000851 _____ () C:\Users\Public\Desktop\RegClean Pro.lnk
2014-02-06 17:13 - 2014-02-06 17:13 - 00000393 _____ () C:\Users\user\Desktop\MySearchDial.url
2014-02-06 17:13 - 2014-02-06 17:13 - 00000388 _____ () C:\Users\user\Desktop\FREE Games.url
2014-02-06 17:13 - 2014-02-06 17:13 - 00000288 _____ () C:\Windows\Tasks\Digital Sites.job
2014-02-06 17:13 - 2014-02-06 17:13 - 00000270 _____ () C:\Windows\Tasks\RegClean Pro_UPDATES.job
2014-02-06 17:13 - 2014-02-06 17:13 - 00000262 _____ () C:\Windows\Tasks\RegClean Pro_DEFAULT.job
2014-02-06 17:13 - 2014-02-06 17:13 - 00000000 ____D () C:\Users\user\AppData\Roaming\mysearchdial
2014-02-06 17:13 - 2014-02-06 17:13 - 00000000 ____D () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-02-06 17:13 - 2014-02-06 17:13 - 00000000 ____D () C:\Users\user\AppData\Roaming\DigitalSites
2014-02-06 17:13 - 2014-02-06 17:13 - 00000000 ____D () C:\Users\user\AppData\Roaming\0D0S1L2Z1P1B
2014-02-06 17:13 - 2014-02-06 17:13 - 00000000 ____D () C:\Program Files\RegClean Pro
2014-02-06 17:13 - 2014-02-06 17:13 - 00000000 ____D () C:\Program Files\OpenIt
2014-02-06 17:13 - 2014-02-06 17:13 - 00000000 ____D () C:\Program Files\Mysearchdial
2014-02-06 17:13 - 2013-12-27 18:10 - 00018776 _____ (Systweak Inc., (www.systweak.com)) C:\Windows\system32\roboot.exe
2014-02-06 17:12 - 2014-02-06 17:12 - 00670920 _____ () C:\Users\user\Downloads\ZipExtractorSetup.exe
2014-02-06 17:11 - 2014-02-06 17:11 - 01139200 _____ (Farbar) C:\Users\user\Downloads\FRST.exe
2014-02-05 20:27 - 2014-02-05 20:27 - 00030976 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys
2014-02-05 20:20 - 2014-02-05 20:22 - 00000000 ____D () C:\AdwCleaner
2014-02-05 20:20 - 2014-02-05 20:20 - 01166132 _____ () C:\Users\user\Downloads\adwcleaner (1).exe
2014-02-05 20:16 - 2014-02-05 20:20 - 00001947 _____ () C:\Users\user\Desktop\AdwCleaner - CHIP Downloader.lnk
2014-02-05 20:14 - 2014-02-05 20:14 - 00614784 _____ (Chip Digital GmbH) C:\Users\user\Downloads\AdwCleaner - CHIP-Downloader.exe
2014-01-29 02:43 - 2014-02-05 15:57 - 00001923 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-01-29 02:43 - 2014-02-05 15:57 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-01-29 02:43 - 2014-01-29 02:44 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-01-29 02:43 - 2014-01-29 02:43 - 00000000 ____D () C:\ProgramData\McAfee
2014-01-29 01:18 - 2014-01-29 01:18 - 00000000 ____D () C:\ProgramData\Package Cache
2014-01-29 01:18 - 2014-01-29 01:18 - 00000000 ____D () C:\Program Files\Adblock Plus for IE
2014-01-15 21:53 - 2014-01-15 21:53 - 00000000 ____D () C:\Program Files\GUMDDF0.tmp
2014-01-08 19:25 - 2014-01-15 18:07 - 00000000 ____D () C:\Users\user\Desktop\Neuer Ordner
2014-01-07 18:26 - 2014-01-07 18:26 - 00000000 ____D () C:\Users\user\Desktop\One.Piece.E337.Der.singende.Knochenmann.UNCUT.German.Dubbed.1999.ANiME.HDTV.XviD-STARS
==================== One Month Modified Files and Folders =======
2016-11-21 00:41 - 2008-06-25 08:31 - 00000012 _____ () C:\Windows\csup.txt
2014-02-06 17:23 - 2014-02-06 17:21 - 00025673 _____ () C:\Users\user\Downloads\Addition.txt
2014-02-06 17:23 - 2014-02-06 17:20 - 00015439 _____ () C:\Users\user\Downloads\FRST.txt
2014-02-06 17:23 - 2014-02-06 17:19 - 00000000 ____D () C:\FRST
2014-02-06 17:20 - 2013-09-19 10:44 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-06 17:14 - 2014-02-06 17:14 - 00001758 _____ () C:\Users\user\Desktop\Sync Folder.lnk
2014-02-06 17:14 - 2014-02-06 17:14 - 00001002 _____ () C:\Users\Public\Desktop\Advanced System Protector.lnk
2014-02-06 17:14 - 2014-02-06 17:14 - 00000000 ____D () C:\ProgramData\Systweak
2014-02-06 17:14 - 2014-02-06 17:14 - 00000000 ____D () C:\Program Files\RightSurf
2014-02-06 17:14 - 2014-02-06 17:14 - 00000000 ____D () C:\Program Files\Advanced System Protector
2014-02-06 17:14 - 2014-02-06 17:13 - 00000000 ____D () C:\Users\user\AppData\Roaming\systweak
2014-02-06 17:14 - 2014-02-06 17:13 - 00000000 ____D () C:\Program Files\MyPC Backup
2014-02-06 17:13 - 2014-02-06 17:13 - 00000907 _____ () C:\Users\Public\Desktop\Open It!.lnk
2014-02-06 17:13 - 2014-02-06 17:13 - 00000888 _____ () C:\Users\user\Desktop\MyPC Backup.lnk
2014-02-06 17:13 - 2014-02-06 17:13 - 00000851 _____ () C:\Users\Public\Desktop\RegClean Pro.lnk
2014-02-06 17:13 - 2014-02-06 17:13 - 00000393 _____ () C:\Users\user\Desktop\MySearchDial.url
2014-02-06 17:13 - 2014-02-06 17:13 - 00000388 _____ () C:\Users\user\Desktop\FREE Games.url
2014-02-06 17:13 - 2014-02-06 17:13 - 00000288 _____ () C:\Windows\Tasks\Digital Sites.job
2014-02-06 17:13 - 2014-02-06 17:13 - 00000270 _____ () C:\Windows\Tasks\RegClean Pro_UPDATES.job
2014-02-06 17:13 - 2014-02-06 17:13 - 00000262 _____ () C:\Windows\Tasks\RegClean Pro_DEFAULT.job
2014-02-06 17:13 - 2014-02-06 17:13 - 00000000 ____D () C:\Users\user\AppData\Roaming\mysearchdial
2014-02-06 17:13 - 2014-02-06 17:13 - 00000000 ____D () C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-02-06 17:13 - 2014-02-06 17:13 - 00000000 ____D () C:\Users\user\AppData\Roaming\DigitalSites
2014-02-06 17:13 - 2014-02-06 17:13 - 00000000 ____D () C:\Users\user\AppData\Roaming\0D0S1L2Z1P1B
2014-02-06 17:13 - 2014-02-06 17:13 - 00000000 ____D () C:\Program Files\RegClean Pro
2014-02-06 17:13 - 2014-02-06 17:13 - 00000000 ____D () C:\Program Files\OpenIt
2014-02-06 17:13 - 2014-02-06 17:13 - 00000000 ____D () C:\Program Files\Mysearchdial
2014-02-06 17:12 - 2014-02-06 17:12 - 00670920 _____ () C:\Users\user\Downloads\ZipExtractorSetup.exe
2014-02-06 17:11 - 2014-02-06 17:11 - 01139200 _____ (Farbar) C:\Users\user\Downloads\FRST.exe
2014-02-06 17:10 - 2012-08-11 16:24 - 00000000 ____D () C:\ProgramData\MFAData
2014-02-06 16:59 - 2012-08-12 11:45 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1794580170-1125773471-1513792877-1000UA.job
2014-02-06 16:41 - 2013-07-26 07:09 - 01519906 _____ () C:\Windows\WindowsUpdate.log
2014-02-06 15:27 - 2006-11-02 13:47 - 00003744 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-06 15:27 - 2006-11-02 13:47 - 00003744 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-06 13:27 - 2012-10-05 13:20 - 00008240 _____ () C:\Users\user\AppData\Local\d3d9caps.dat
2014-02-05 22:00 - 2012-08-12 11:44 - 00001064 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1794580170-1125773471-1513792877-1000Core.job
2014-02-05 20:27 - 2014-02-05 20:27 - 00030976 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys
2014-02-05 20:26 - 2006-11-02 14:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-05 20:24 - 2006-11-02 14:01 - 00032516 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-05 20:22 - 2014-02-05 20:20 - 00000000 ____D () C:\AdwCleaner
2014-02-05 20:20 - 2014-02-05 20:20 - 01166132 _____ () C:\Users\user\Downloads\adwcleaner (1).exe
2014-02-05 20:20 - 2014-02-05 20:16 - 00001947 _____ () C:\Users\user\Desktop\AdwCleaner - CHIP Downloader.lnk
2014-02-05 20:20 - 2013-09-19 10:44 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-02-05 20:20 - 2013-09-19 10:44 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-02-05 20:14 - 2014-02-05 20:14 - 00614784 _____ (Chip Digital GmbH) C:\Users\user\Downloads\AdwCleaner - CHIP-Downloader.exe
2014-02-05 15:57 - 2014-01-29 02:43 - 00001923 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-02-05 15:57 - 2014-01-29 02:43 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-02-02 10:41 - 2012-08-12 16:07 - 00051712 _____ () C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-01-29 02:44 - 2014-01-29 02:43 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-01-29 02:44 - 2012-09-02 20:49 - 00000000 ____D () C:\Users\user\AppData\Local\Adobe
2014-01-29 02:43 - 2014-01-29 02:43 - 00000000 ____D () C:\ProgramData\McAfee
2014-01-29 01:18 - 2014-01-29 01:18 - 00000000 ____D () C:\ProgramData\Package Cache
2014-01-29 01:18 - 2014-01-29 01:18 - 00000000 ____D () C:\Program Files\Adblock Plus for IE
2014-01-16 03:05 - 2013-08-02 02:01 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-16 03:01 - 2006-11-02 11:24 - 83425928 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2014-01-15 21:53 - 2014-01-15 21:53 - 00000000 ____D () C:\Program Files\GUMDDF0.tmp
2014-01-15 18:07 - 2014-01-08 19:25 - 00000000 ____D () C:\Users\user\Desktop\Neuer Ordner
2014-01-10 16:28 - 2013-02-13 11:21 - 00000000 ____D () C:\Users\user\AppData\Roaming\vlc
2014-01-07 18:26 - 2014-01-07 18:26 - 00000000 ____D () C:\Users\user\Desktop\One.Piece.E337.Der.singende.Knochenmann.UNCUT.German.Dubbed.1999.ANiME.HDTV.XviD-STARS
2014-01-07 04:00 - 2008-01-21 08:16 - 01445310 _____ () C:\Windows\system32\PerfStringBackup.INI
Some content of TEMP:
====================
C:\Users\user\AppData\Local\Temp\BackupSetup.exe
C:\Users\user\AppData\Local\Temp\HitmanPro.exe
C:\Users\user\AppData\Local\Temp\MySearchDial.exe
C:\Users\user\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-02-05 20:33
==================== End Of Log ============================
--- --- ---
--- --- ---
--- --- --- Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 05-02-2014
Ran by user at 2014-02-06 17:23:56
Running from C:\Users\user\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: AVG AntiVirus 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: AVG AntiVirus 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
==================== Installed Programs ======================
Adblock Plus for IE (32-bit) (Version: 1.1 - Eyeo GmbH)
Adblock Plus for IE (Version: 1.1 - )
Adobe AIR (Version: 3.4.0.2540 - Adobe Systems Incorporated)
Adobe AIR (Version: 3.4.0.2540 - Adobe Systems Incorporated) Hidden
Adobe Download Assistant (Version: 1.2.3 - Adobe Systems Incorporated)
Adobe Download Assistant (Version: 1.2.3 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (Version: 12.0.0.44 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 - Deutsch (Version: 9.5.5 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (Version: 12.0.4.144 - Adobe Systems, Inc.)
Advanced System Protector (Version: 2.1.1000.12580 - Systweak Software) <==== ATTENTION
Agere Systems HDA Modem (Version: - Agere Systems)
AVG 2014 (Version: 14.0.3684 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4259 - AVG Technologies) Hidden
AVG 2014 (Version: 2014.0.4259 - AVG Technologies)
AVG PC TuneUp Language Pack (de-DE) (Version: 12.0.4000.108 - AVG Technologies) Hidden
BlueStacks App Player (Version: 0.7.8.829 - BlueStack Systems, Inc.)
BlueStacks Notification Center (Version: 0.7.15.909 - BlueStack Systems, Inc.)
Canon MP510 Benutzerregistrierung (Version: - )
CCleaner (Version: 4.06 - Piriform)
CyberLink YouCam (Version: 1.0.1415 - CyberLink Corp.)
CyberLink YouCam (Version: 1.0.1415 - CyberLink Corp.) Hidden
Free YouTube Download version 3.2.16.1030 (Version: 3.2.16.1030 - DVDVideoSoft Ltd.)
GIMP 2.8.2 (Version: 2.8.2 - The GIMP Team)
Google Chrome (HKCU Version: 32.0.1700.107 - Google Inc.)
Google Update Helper (Version: 1.3.22.3 - Google Inc.) Hidden
HitmanPro 3.7 (Version: 3.7.8.208 - SurfRight B.V.)
Java 7 Update 45 (Version: 7.0.450 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 5 (Version: 1.6.0.50 - Sun Microsystems, Inc.)
Launch Manager V1.4.9 (Version: 1.4.9 - Wistron Corp.)
McAfee Security Scan Plus (Version: 3.8.130.10 - McAfee, Inc.)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 3.5 SP1 (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Silverlight (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [DEU] (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (Version: 4.30.2107.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0 - Microsoft Corporation)
MyPC Backup (Version: - JDi Backup Ltd) <==== ATTENTION
neroxml (Version: 1.0.0 - Nero AG) Hidden
NVIDIA Drivers (Version: - )
Open It! (Version: 1.1.1 - OpenIt)
OpenOffice.org 3.0 (Version: 3.0.9379 - OpenOffice.org)
PhotoScape (Version: - )
Picasa 2 (Version: 2.0 - Google, Inc.)
Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista (Version: 1.00.0000 - Realtek)
Realtek High Definition Audio Driver (Version: 6.0.1.5532 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (Version: - Realtek Semiconductor Corp.)
RegClean Pro (Version: 6.21 - Systweak Inc) <==== ATTENTION
RightSurf (Version: 2014.02.05.222251 - RightSurf) <==== ATTENTION
Spelling Dictionaries Support For Adobe Reader 9 (Version: 9.0.0 - Adobe Systems Incorporated)
Spybot - Search & Destroy (Version: 2.1.21 - Safer-Networking Ltd.)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (Version: 10.0.14.0 - Synaptics)
TuneUp Utilities 2014 (de-DE) (Version: 14.0.1000.89 - TuneUp Software) Hidden
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (Version: 3 - Microsoft Corporation)
Update for Zip Extractor (HKCU Version: - Update for Zip Extractor) <==== ATTENTION
Visual Studio 2012 x86 Redistributables (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.0.6 (Version: 2.0.6 - VideoLAN)
Windows Live Fotogalerie (Version: 12.0.1347.0718 - Microsoft Corporation)
Windows Live installer (Version: 12.0.1471.1025 - Microsoft Corporation)
Windows Live Mail (Version: 12.0.1606.1023 - Microsoft Corporation)
Windows Live Messenger (Version: 8.5.1302.1018 - Microsoft Corporation)
Windows Live Sign-in Assistant (Version: 5.000.742.2 - Microsoft Corporation)
Windows Live Writer (Version: 12.0.1370.0325 - Microsoft Corporation)
WinRAR 4.20 (32-Bit) (Version: 4.20.0 - win.rar GmbH)
Zip Extractor Packages (HKCU Version: - ) <==== ATTENTION
==================== Restore Points =========================
03-01-2014 10:20:52 Geplanter Prüfpunkt
04-01-2014 07:45:03 Geplanter Prüfpunkt
06-01-2014 00:20:44 Geplanter Prüfpunkt
07-01-2014 00:07:33 Geplanter Prüfpunkt
11-01-2014 14:53:12 Geplanter Prüfpunkt
13-01-2014 03:37:55 Geplanter Prüfpunkt
14-01-2014 02:48:08 Geplanter Prüfpunkt
15-01-2014 23:18:29 Geplanter Prüfpunkt
16-01-2014 02:00:12 Windows Update
17-01-2014 21:35:39 Geplanter Prüfpunkt
18-01-2014 14:37:03 Geplanter Prüfpunkt
23-01-2014 16:44:07 Geplanter Prüfpunkt
24-01-2014 17:09:09 Geplanter Prüfpunkt
27-01-2014 13:47:26 Geplanter Prüfpunkt
28-01-2014 04:02:19 Geplanter Prüfpunkt
29-01-2014 00:17:07 Adblock Plus for IE
01-02-2014 14:55:39 Geplanter Prüfpunkt
==================== Hosts content: ==========================
2006-11-02 11:23 - 2014-02-01 23:56 - 00450628 ____R C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
There are 1000 more lines.
==================== Scheduled Tasks (whitelisted) =============
Task: {07901D55-7BC3-4CFE-B90E-4335D5CA86F8} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-09-19] (Piriform Ltd)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {1CF8C3DB-DA67-4560-AD2C-D8269C18F6FD} - System32\Tasks\Advanced System Protector => C:\Program Files\RegClean Pro\SystweakASP.exe [2013-08-23] (Systweak Inc ) <==== ATTENTION
Task: {2B704F30-B4F6-485A-8F90-4AA68C24065C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1794580170-1125773471-1513792877-1000Core => C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-12] (Google Inc.)
Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {39C26517-D592-469C-A28B-9BDB97C53ABA} - System32\Tasks\RegClean Pro_DEFAULT => C:\Program Files\RegClean Pro\RegCleanPro.exe [2013-12-27] (Systweak Inc) <==== ATTENTION
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {3DDCA960-E8B5-4F12-B884-362D8FA677BD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-09-02] (Google Inc.)
Task: {424771E5-17C1-4EF0-A9FB-094D3D669422} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04] (Adobe Systems Incorporated)
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)
Task: {4ADA2EC1-83FB-4755-B3AA-85D206897D41} - System32\Tasks\Digital Sites => C:\Users\user\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe [2013-04-12] ()
Task: {4D21A69F-0FA2-4A50-80D9-E57E3F019033} - System32\Tasks\RegClean Pro => C:\Program Files\RegClean Pro\RegCleanPro.exe [2013-12-27] (Systweak Inc) <==== ATTENTION
Task: {595C61A6-5D13-4618-98D4-68A7E7771D87} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {5C3ECCFE-B5B2-42A7-85BC-A2A9531A95EB} - System32\Tasks\ScanSoft Background Update => C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe
Task: {5FE665EC-D38D-49A6-A1E1-55851B0C69F9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1794580170-1125773471-1513792877-1000UA => C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-12] (Google Inc.)
Task: {7AD3ACF8-BE57-4781-8285-E80C2253703D} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)
Task: {7B95678F-6316-445B-AD3F-ED6E4ECE1087} - System32\Tasks\RegClean Pro_UPDATES => C:\Program Files\RegClean Pro\RegCleanPro.exe [2013-12-27] (Systweak Inc) <==== ATTENTION
Task: {7BCF2662-319E-44D4-A867-4A9AB657E031} - System32\Tasks\Refresh immunization (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
Task: {A4475B13-586B-4555-A526-F1B39492C470} - System32\Tasks\Google Updater and Installer => C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-12] (Google Inc.)
Task: {A489D516-E38D-47F7-B8AB-D2C43FAC5522} - System32\Tasks\Check for updates (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
Task: {B0EDDBDD-C0E2-4D70-9723-9469CCB2411C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-05] (Adobe Systems Incorporated)
Task: {B41D497B-82F7-48DB-9F7E-57F770FF3C2B} - System32\Tasks\Advanced System Protector_startup => C:\Program Files\Advanced System Protector\AdvancedSystemProtector.exe [2013-12-23] (Systweak) <==== ATTENTION
Task: {B714333D-A52A-4860-BF7E-BC3BBAC8F447} - System32\Tasks\Scan the system (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe
Task: {C9DCC007-66EF-4D52-B27D-EC6BE1E531FD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-09-02] (Google Inc.)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
Task: C:\Windows\Tasks\Digital Sites.job => C:\Users\user\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1794580170-1125773471-1513792877-1000Core.job => C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1794580170-1125773471-1513792877-1000UA.job => C:\Users\user\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
Task: C:\Windows\Tasks\RegClean Pro_DEFAULT.job => C:\Program Files\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: C:\Windows\Tasks\RegClean Pro_UPDATES.job => C:\Program Files\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe
==================== Loaded Modules (whitelisted) =============
2013-09-20 18:59 - 2013-05-16 09:55 - 00113496 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2013-09-20 18:59 - 2013-05-16 09:55 - 00416600 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
2013-09-20 18:59 - 2013-05-16 09:55 - 00161112 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2013-09-20 18:59 - 2012-08-23 09:38 - 00574840 _____ () C:\Program Files\Spybot - Search & Destroy 2\sqlite3.dll
2013-09-20 18:59 - 2012-04-03 16:06 - 00565640 _____ () C:\Program Files\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-01-27 16:23 - 2014-01-27 16:23 - 00012288 _____ () C:\Program Files\MyPC Backup\GetText.dll
2014-01-27 16:05 - 2014-01-27 16:05 - 00904704 _____ () C:\Program Files\MyPC Backup\x86\System.Data.SQLite.dll
2014-02-04 03:20 - 2014-02-02 00:42 - 04055368 _____ () C:\Users\user\AppData\Local\Google\Chrome\Application\32.0.1700.107\pdf.dll
2014-02-04 03:20 - 2014-02-02 00:42 - 00399688 _____ () C:\Users\user\AppData\Local\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll
2014-02-04 03:20 - 2014-02-02 00:41 - 01634632 _____ () C:\Users\user\AppData\Local\Google\Chrome\Application\32.0.1700.107\ffmpegsumo.dll
2014-02-04 03:20 - 2014-02-02 00:42 - 13616456 _____ () C:\Users\user\AppData\Local\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (02/05/2014 08:27:29 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/29/2014 02:37:29 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/29/2014 01:14:30 AM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung iexplore.exe, Version 9.0.8112.16526, Zeitstempel 0x52855173, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000, Ausnahmecode 0xc0000005, Fehleroffset 0x0cb82375,
Prozess-ID 0xeac, Anwendungsstartzeit iexplore.exe0.
Error: (01/18/2014 10:54:00 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/06/2014 11:49:41 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/02/2014 02:28:34 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/27/2013 02:36:59 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/13/2013 10:01:35 PM) (Source: Application Error) (User: )
Description: Fehlerhafte Anwendung Explorer.EXE, Version 6.0.6002.18005, Zeitstempel 0x49e01da5, fehlerhaftes Modul unknown, Version 0.0.0.0, Zeitstempel 0x00000000, Ausnahmecode 0xc0000005, Fehleroffset 0x00550051,
Prozess-ID 0x338, Anwendungsstartzeit Explorer.EXE0.
Error: (12/12/2013 04:33:51 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/12/2013 03:45:17 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (02/06/2014 02:26:31 PM) (Source: Service Control Manager) (User: )
Description: Spybot-S&D 2 Updating Service1600001Neustart des Diensts
Error: (02/06/2014 02:26:26 PM) (Source: Service Control Manager) (User: )
Description: Spybot-S&D 2 Scanner Service1600001Neustart des Diensts
Error: (02/06/2014 02:24:57 PM) (Source: Service Control Manager) (User: )
Description: HitmanPro Scheduler1
Error: (02/05/2014 08:27:29 PM) (Source: Service Control Manager) (User: )
Description: Spybot-S&D 2 Scanner Service%%1053
Error: (02/05/2014 08:27:29 PM) (Source: Service Control Manager) (User: )
Description: 30000Spybot-S&D 2 Scanner Service
Error: (02/05/2014 08:27:29 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058
Error: (02/05/2014 08:26:31 PM) (Source: Microsoft-Windows-ResourcePublication) (User: NT-AUTORITÄT)
Description: Provider\Microsoft.Base.Publication/Publication/Computer
Error: (02/05/2014 03:55:15 PM) (Source: Service Control Manager) (User: )
Description: 30000WerSvc
Error: (02/04/2014 07:15:51 PM) (Source: Service Control Manager) (User: )
Description: 30000HitmanProScheduler
Error: (02/03/2014 04:11:32 PM) (Source: Service Control Manager) (User: )
Description: 30000PlugPlay
Microsoft Office Sessions:
=========================
Error: (02/05/2014 08:27:29 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/29/2014 02:37:29 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/29/2014 01:14:30 AM) (Source: Application Error)(User: )
Description: iexplore.exe9.0.8112.1652652855173unknown0.0.0.000000000c00000050cb82375eac01cf1c86e5797f30
Error: (01/18/2014 10:54:00 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/06/2014 11:49:41 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (01/02/2014 02:28:34 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/27/2013 02:36:59 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/13/2013 10:01:35 PM) (Source: Application Error)(User: )
Description: Explorer.EXE6.0.6002.1800549e01da5unknown0.0.0.000000000c00000050055005133801cef74f7a4e8eb3
Error: (12/12/2013 04:33:51 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/12/2013 03:45:17 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
CodeIntegrity Errors:
===================================
Date: 2014-02-06 17:23:23.790
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-06 17:23:23.464
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-06 17:23:23.130
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-06 17:23:22.764
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-06 17:23:22.417
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\avgidsdriverx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-06 17:23:22.076
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\avgidsdriverx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-06 17:23:21.747
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\avgidsdriverx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-06 17:23:21.417
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\avgidsdriverx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-06 17:20:57.612
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-06 17:20:57.300
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\avgidshx.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 47%
Total physical RAM: 3069.5 MB
Available physical RAM: 1609.77 MB
Total Pagefile: 6357.29 MB
Available Pagefile: 4749.39 MB
Total Virtual: 2047.88 MB
Available Virtual: 1893.86 MB
==================== Drives ================================
Drive c: (BOOT) (Fixed) (Total:195.31 GB) (Free:126.12 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVER) (Fixed) (Total:29.28 GB) (Free:23.95 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 233 GB) (Disk ID: 7796FB1C)
Partition 1: (Active) - (Size=195 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=29 GB) - (Type=OF Extended)
==================== End Of Log ============================
|
FRST 32-Bit | FRST 64-Bit
Malwarebytes Anti-Malware 
AdwCleaner auf deinen Desktop.
SecurityCheck und:
