Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Was kann ich tun bei der Avira Meldung: C:\ProgramData\BitGuard\2.7.1832.68\...\loader.dll (https://www.trojaner-board.de/151671-tun-avira-meldung-c-programdata-bitguard-2-7-1832-68-loader-dll.html)

Princess1401 28.03.2014 23:19
Was kann ich tun bei der Avira Meldung: C:\ProgramData\BitGuard\2.7.1832.68\...\loader.dll
 
Mein PC zeigt mir ca alle fünf minuten diese Meldung an. Wenn ich auf Remove klick scannt der Pc und ich werde aufgefordert neu zu starten bzw startet der pc von alleine neu. Das kommt mir aber eher vor als würde er abstürzen und danach fängt das ganze spiel wieder von vorne an.

Ich hoffe hier kann mir jemand helfen :)

Liebe Grüße

schrauber 29.03.2014 07:26
hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


Princess1401 29.03.2014 18:18
Ich bin glaube zu Blond. Wie genau funktioniert das mit dem einfügen der Dateien?

schrauber 30.03.2014 07:41
Guggst Du :)

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

Princess1401 30.03.2014 08:34
FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Lenzes (administrator) on LENZES-PC on 29-03-2014 09:39:07
Running from C:\Users\Lenzes\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

() C:\Program Files (x86)\PHotkey\ASLDRSrv.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
() C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Memeo) C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
() C:\Program Files (x86)\PHotkey\PHotkey.exe
(TODO: <公司名稱>) C:\Program Files (x86)\PHotkey\GPMTray.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
() C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
(Protexis Inc.) c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Program Files (x86)\PHotkey\ATouch64.exe
() C:\Program Files (x86)\PHotkey\PVDesktop.exe
() C:\Program Files (x86)\PHotkey\PVDAgent.exe
() C:\Program Files (x86)\PHotkey\POSD.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(TODO: <Company name>) C:\Program Files (x86)\PHotkey\HCSynApi.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Spotify Ltd) C:\Users\Lenzes\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\system32\wbem\WMIADAP.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12452456 2012-02-22] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1158248 2012-02-08] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2870032 2012-02-10] (Synaptics Incorporated)
HKLM\...\Run: [BLEServicesCtrl] - C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [177936 2012-02-17] (Intel Corporation)
HKLM\...\Run: [BTMTrayAgent] - C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll [11406608 2012-02-22] (Intel Corporation)
HKLM\...\Run: [IntelliType Pro] - c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [1464984 2012-10-12] (Microsoft Corporation)
HKLM\...\Run: [IntelliPoint] - c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2075288 2012-10-12] (Microsoft Corporation)
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\System32\LogiLDA.dll [1832760 2012-09-20] (Logitech, Inc.)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] - C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [507744 2011-12-21] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [CLMLServer] - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe [107816 2010-08-03] (CyberLink)
HKLM-x32\...\Run: [RemoteControl10] - C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [87336 2011-03-30] (CyberLink Corp.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-03-06] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-08-21] (DivX, LLC)
HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-29] ()
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-10-23] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1833877253-1044662488-1079429063-1001\...\Run: [GoogleChromeAutoLaunch_B14DE89967C1243F2B51366E2839DBF7] - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [859976 2014-03-15] (Google Inc.)
HKU\S-1-5-21-1833877253-1044662488-1079429063-1001\...\Run: [EA Core] - "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
HKU\S-1-5-21-1833877253-1044662488-1079429063-1001\...\Run: [Spotify Web Helper] - C:\Users\Lenzes\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-02-11] (Spotify Ltd)
HKU\S-1-5-21-1833877253-1044662488-1079429063-1001\...\Run: [iLivid] - "C:\Users\Lenzes\AppData\Local\iLivid\iLivid.exe" -autorun
HKU\S-1-5-21-1833877253-1044662488-1079429063-1001\...\Run: [swg] - C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2012-08-30] (Google Inc.)
HKU\S-1-5-21-1833877253-1044662488-1079429063-1001\...\MountPoints2: {f8c442e0-f304-11e1-a817-806e6f6e6963} - E:\Autorun.exe
AppInit_DLLs: c:\progra~3\bitguard\271832~1.68\{c16c1~1\loader.dll => C:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\loader.dll [1958880 2013-11-18] ()
AppInit_DLLs:  c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll => c:\progra~3\bitguard\271769~1.27\{c16c1~1\loader.dll File Not Found

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=be0c4f34-1214-4b45-b847-34da7de5d0c9&searchtype=ds&q={searchTerms}&installDate=01/07/2013
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com?SearchSource=10&CUI=UN83917610172022981&UM=2&ctid=CT3312329
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://search.icq.com/search/results.php?ch_id=sk27211&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=204C685D4395359F&affID=124180&tsp=5038
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=be0c4f34-1214-4b45-b847-34da7de5d0c9&searchtype=ds&q={searchTerms}&installDate=01/07/2013
URLSearchHook: HKLM-x32 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
URLSearchHook: HKLM-x32 - (No Name) - {855F3B16-6D32-4fe6-8A56-BBB695989046} - No File
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - DefaultScope {C759FB20-AD4F-4CA5-835C-FDFBBD9E4B6B} URL =
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=be0c4f34-1214-4b45-b847-34da7de5d0c9&searchtype=ds&q={searchTerms}&installDate=01/07/2013
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - bProtectorDefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=be0c4f34-1214-4b45-b847-34da7de5d0c9&searchtype=ds&q={searchTerms}&installDate=01/07/2013
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=204C685D4395359F&affID=124180&tsp=5038
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKCU - {C759FB20-AD4F-4CA5-835C-FDFBBD9E4B6B} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3312329&CUI=UN83917610172022981&UM=2
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: No Name - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -  No File
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: No Name - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -  No File
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1

Chrome:
=======
CHR HomePage: hxxp://search.conduit.com/?ctid=CT3312329&SearchSource=48&CUI=UN22273726642973328&UM=2
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\gcswf32.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Intel Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
CHR Plugin: (Intel Identity Protection Technology) - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
CHR Plugin: (Java(TM) Platform SE 7 U3) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll No File
CHR Extension: (McAfee Security Scan+) - C:\Users\Lenzes\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh [2014-03-27]
CHR Extension: (VIS) - C:\Users\Lenzes\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmlgoencnlndpglbocajlimaikjohmab [2013-10-17]
CHR Extension: (Star Stable Online) - C:\Users\Lenzes\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnlmdkpemkkigkgelegknllpmfclakkk [2012-11-02]
CHR Extension: (Google Wallet) - C:\Users\Lenzes\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-02]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-09-02]
CHR HKCU\...\Chrome\Extension: [pickdmmkcajdddggmoaommkkoafandof] - C:\Users\Lenzes\AppData\Local\CRE\pickdmmkcajdddggmoaommkkoafandof.crx [2013-10-10]
CHR HKLM-x32\...\Chrome\Extension: [gflandjopdloblmlcoiidmncpinmmacn] - C:\Users\Lenzes\AppData\Roaming\zulagames\zulagames.crx [2013-10-03]
CHR HKLM-x32\...\Chrome\Extension: [pickdmmkcajdddggmoaommkkoafandof] - C:\Users\Lenzes\AppData\Local\CRE\pickdmmkcajdddggmoaommkkoafandof.crx [2013-10-10]

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-03-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-03-06] (Avira Operations GmbH & Co. KG)
R2 ASLDRService; C:\Program Files (x86)\PHotkey\ASLDRSrv.exe [104968 2009-12-18] ()
R2 CyberLink PowerDVD 10 MS Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [70952 2011-04-13] (CyberLink)
R2 CyberLink PowerDVD 10 MS Service; C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [312616 2011-04-13] (CyberLink)
R2 GFNEXSrv; C:\Program Files (x86)\PHotkey\GFNEXSrv.exe [156672 2011-10-13] ()
R2 HPSLPSVC; C:\Users\Lenzes\AppData\Local\Temp\7zS06E1\hpslpsvc64.dll [1039360 2012-08-23] (Hewlett-Packard Co.)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [162648 2012-03-15] (Intel Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2012-03-29] ()
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [386344 2010-08-19] ()
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2669840 2012-03-29] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-27] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-01] (Avira Operations GmbH & Co. KG)
R2 PEGAGFN; C:\Program Files (x86)\PHotkey\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-29 09:39 - 2014-03-29 09:39 - 00018738 _____ () C:\Users\Lenzes\Downloads\FRST.txt
2014-03-29 09:39 - 2014-03-29 09:39 - 00000000 ____D () C:\FRST
2014-03-29 09:38 - 2014-03-29 09:38 - 02157056 _____ (Farbar) C:\Users\Lenzes\Downloads\FRST64.exe
2014-03-28 23:07 - 2014-03-28 23:08 - 05192353 _____ (Swearware) C:\Users\Lenzes\Downloads\ComboFix.exe
2014-03-28 22:40 - 2014-03-28 22:40 - 00281120 _____ () C:\Windows\Minidump\032814-69607-01.dmp
2014-03-28 22:31 - 2014-03-28 22:31 - 00281432 _____ () C:\Windows\Minidump\032814-72680-01.dmp
2014-03-28 11:27 - 2014-03-28 22:40 - 00000000 ____D () C:\Windows\Minidump
2014-03-28 11:27 - 2014-03-28 11:27 - 00284904 _____ () C:\Windows\Minidump\032814-41605-01.dmp
2014-03-28 11:26 - 2014-03-28 22:39 - 719344068 _____ () C:\Windows\MEMORY.DMP
2014-03-26 19:04 - 2014-03-26 19:04 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-03-26 14:39 - 2014-03-26 14:39 - 00002314 _____ () C:\Users\Public\Desktop\Die Sims™ 3 Wildes Studentenleben.lnk
2014-03-22 12:53 - 2014-03-22 12:53 - 00000000 ____D () C:\Users\Lenzes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-03-22 12:53 - 2014-03-22 12:53 - 00000000 ____D () C:\Users\Lenzes\AppData\Roaming\Atari
2014-03-22 12:52 - 2014-03-28 23:00 - 00000000 ____D () C:\Users\Lenzes\Documents\RCT3
2014-03-20 18:57 - 2014-03-26 19:04 - 00001935 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-03-20 18:57 - 2014-03-20 18:57 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-20 18:57 - 2014-03-20 18:57 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-03-20 18:57 - 2014-03-20 18:57 - 00000000 ____D () C:\ProgramData\McAfee
2014-03-13 11:48 - 2014-03-01 07:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-13 11:48 - 2014-03-01 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-13 11:48 - 2014-03-01 06:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-13 11:48 - 2014-03-01 05:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-13 11:48 - 2014-03-01 05:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-13 11:48 - 2014-03-01 05:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-13 11:48 - 2014-03-01 05:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-13 11:48 - 2014-03-01 05:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-13 11:48 - 2014-03-01 05:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-13 11:48 - 2014-03-01 05:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-13 11:48 - 2014-03-01 05:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-13 11:48 - 2014-03-01 05:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-13 11:48 - 2014-03-01 05:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-13 11:48 - 2014-03-01 05:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-13 11:48 - 2014-03-01 05:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-13 11:48 - 2014-03-01 05:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-13 11:48 - 2014-03-01 05:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-13 11:48 - 2014-03-01 04:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-13 11:48 - 2014-03-01 04:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-13 11:48 - 2014-03-01 04:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-13 11:48 - 2014-03-01 04:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-13 11:48 - 2014-03-01 04:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-13 11:48 - 2014-03-01 04:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-13 11:48 - 2014-03-01 04:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-13 11:48 - 2014-03-01 04:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-13 11:48 - 2014-03-01 04:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-13 11:48 - 2014-03-01 04:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-13 11:48 - 2014-03-01 04:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-13 11:48 - 2014-03-01 04:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-13 11:48 - 2014-03-01 04:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-13 11:48 - 2014-03-01 04:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-13 11:48 - 2014-03-01 04:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-13 11:48 - 2014-03-01 04:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-13 11:48 - 2014-03-01 04:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-13 11:48 - 2014-03-01 03:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-13 11:48 - 2014-03-01 03:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-13 11:48 - 2014-03-01 03:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-13 11:48 - 2014-03-01 03:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-13 11:48 - 2014-03-01 03:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-13 11:48 - 2014-03-01 03:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-13 11:48 - 2014-02-07 02:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-13 11:48 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-13 11:48 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-13 11:48 - 2014-01-28 03:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-13 11:45 - 2014-02-04 03:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-13 11:45 - 2014-02-04 03:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-13 11:45 - 2014-02-04 03:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-13 11:45 - 2014-02-04 03:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-06 12:59 - 2014-03-06 13:02 - 00000000 ____D () C:\Users\Lenzes\Desktop\Bilder IPhone
2014-02-28 00:10 - 2014-03-01 00:55 - 01594964 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI

==================== One Month Modified Files and Folders =======

2014-03-29 09:39 - 2014-03-29 09:39 - 00018738 _____ () C:\Users\Lenzes\Downloads\FRST.txt
2014-03-29 09:39 - 2014-03-29 09:39 - 00000000 ____D () C:\FRST
2014-03-29 09:39 - 2012-08-30 16:51 - 01295433 _____ () C:\Windows\WindowsUpdate.log
2014-03-29 09:39 - 2011-05-16 15:04 - 00699682 _____ () C:\Windows\system32\perfh007.dat
2014-03-29 09:39 - 2011-05-16 15:04 - 00149790 _____ () C:\Windows\system32\perfc007.dat
2014-03-29 09:39 - 2009-07-14 06:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-29 09:38 - 2014-03-29 09:38 - 02157056 _____ (Farbar) C:\Users\Lenzes\Downloads\FRST64.exe
2014-03-29 09:35 - 2012-08-30 17:07 - 00000000 ____D () C:\Users\Lenzes\Documents\Youcam
2014-03-29 09:33 - 2012-08-30 16:54 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-29 09:32 - 2010-11-21 04:47 - 00448140 _____ () C:\Windows\PFRO.log
2014-03-29 09:32 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-29 09:32 - 2009-07-14 05:51 - 00137503 _____ () C:\Windows\setupact.log
2014-03-28 23:16 - 2013-10-17 14:16 - 00000296 _____ () C:\Windows\Tasks\DigitalSite.job
2014-03-28 23:12 - 2014-02-16 11:12 - 00000296 _____ () C:\Windows\Tasks\Digital Sites.job
2014-03-28 23:08 - 2014-03-28 23:07 - 05192353 _____ (Swearware) C:\Users\Lenzes\Downloads\ComboFix.exe
2014-03-28 23:00 - 2014-03-22 12:52 - 00000000 ____D () C:\Users\Lenzes\Documents\RCT3
2014-03-28 23:00 - 2012-09-02 16:31 - 00000000 ____D () C:\Users\Gast
2014-03-28 23:00 - 2011-07-18 22:23 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-03-28 22:57 - 2012-08-30 16:54 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-28 22:48 - 2009-07-14 05:45 - 00017264 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-28 22:48 - 2009-07-14 05:45 - 00017264 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-28 22:40 - 2014-03-28 22:40 - 00281120 _____ () C:\Windows\Minidump\032814-69607-01.dmp
2014-03-28 22:40 - 2014-03-28 11:27 - 00000000 ____D () C:\Windows\Minidump
2014-03-28 22:39 - 2014-03-28 11:26 - 719344068 _____ () C:\Windows\MEMORY.DMP
2014-03-28 22:37 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-03-28 22:31 - 2014-03-28 22:31 - 00281432 _____ () C:\Windows\Minidump\032814-72680-01.dmp
2014-03-28 11:27 - 2014-03-28 11:27 - 00284904 _____ () C:\Windows\Minidump\032814-41605-01.dmp
2014-03-27 18:52 - 2012-08-30 16:54 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-27 18:52 - 2012-08-30 16:54 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-26 19:04 - 2014-03-26 19:04 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-03-26 19:04 - 2014-03-20 18:57 - 00001935 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-03-26 14:39 - 2014-03-26 14:39 - 00002314 _____ () C:\Users\Public\Desktop\Die Sims™ 3 Wildes Studentenleben.lnk
2014-03-26 14:33 - 2012-12-31 09:43 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts
2014-03-24 13:26 - 2014-01-03 14:32 - 00000000 ____D () C:\Users\Lenzes\Desktop\Ausbildung
2014-03-22 12:53 - 2014-03-22 12:53 - 00000000 ____D () C:\Users\Lenzes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-03-22 12:53 - 2014-03-22 12:53 - 00000000 ____D () C:\Users\Lenzes\AppData\Roaming\Atari
2014-03-22 00:26 - 2013-10-17 15:17 - 00000187 _____ () C:\Users\Lenzes\AppData\Roaming\WB.CFG
2014-03-20 19:53 - 2012-09-05 20:24 - 00000000 ____D () C:\Users\Lenzes\AppData\Local\Adobe
2014-03-20 18:57 - 2014-03-20 18:57 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-20 18:57 - 2014-03-20 18:57 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-03-20 18:57 - 2014-03-20 18:57 - 00000000 ____D () C:\ProgramData\McAfee
2014-03-20 18:57 - 2011-12-01 22:26 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-15 10:33 - 2012-08-30 16:54 - 00002179 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-14 03:22 - 2009-07-14 05:45 - 00451888 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-14 03:21 - 2013-03-14 05:06 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-14 03:21 - 2013-03-14 05:06 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-14 03:03 - 2012-11-01 19:40 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-06 13:02 - 2014-03-06 12:59 - 00000000 ____D () C:\Users\Lenzes\Desktop\Bilder IPhone
2014-03-01 07:05 - 2014-03-13 11:48 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-01 06:17 - 2014-03-13 11:48 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-01 06:16 - 2014-03-13 11:48 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-01 05:58 - 2014-03-13 11:48 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-01 05:52 - 2014-03-13 11:48 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-01 05:51 - 2014-03-13 11:48 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-01 05:42 - 2014-03-13 11:48 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-01 05:40 - 2014-03-13 11:48 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-01 05:37 - 2014-03-13 11:48 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-01 05:33 - 2014-03-13 11:48 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-01 05:33 - 2014-03-13 11:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-01 05:32 - 2014-03-13 11:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-01 05:30 - 2014-03-13 11:48 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-01 05:23 - 2014-03-13 11:48 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-01 05:17 - 2014-03-13 11:48 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-01 05:11 - 2014-03-13 11:48 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-01 05:02 - 2014-03-13 11:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-01 04:54 - 2014-03-13 11:48 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-01 04:52 - 2014-03-13 11:48 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-01 04:51 - 2014-03-13 11:48 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-01 04:47 - 2014-03-13 11:48 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-01 04:43 - 2014-03-13 11:48 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-01 04:43 - 2014-03-13 11:48 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-01 04:42 - 2014-03-13 11:48 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-01 04:40 - 2014-03-13 11:48 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-01 04:38 - 2014-03-13 11:48 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-01 04:37 - 2014-03-13 11:48 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-01 04:35 - 2014-03-13 11:48 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-01 04:18 - 2014-03-13 11:48 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-01 04:16 - 2014-03-13 11:48 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-01 04:14 - 2014-03-13 11:48 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-01 04:10 - 2014-03-13 11:48 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-01 04:03 - 2014-03-13 11:48 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-01 04:00 - 2014-03-13 11:48 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-01 03:57 - 2014-03-13 11:48 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-01 03:38 - 2014-03-13 11:48 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-01 03:32 - 2014-03-13 11:48 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-01 03:27 - 2014-03-13 11:48 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-01 03:25 - 2014-03-13 11:48 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-01 03:25 - 2014-03-13 11:48 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-01 00:55 - 2014-02-28 00:10 - 01594964 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-28 21:33 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache

Some content of TEMP:
====================
C:\Users\Gast\AppData\Local\Temp\AskSLib.dll
C:\Users\Lenzes\AppData\Local\Temp\AskSLib.dll
C:\Users\Lenzes\AppData\Local\Temp\avgnt.exe
C:\Users\Lenzes\AppData\Local\Temp\BackupSetup.exe
C:\Users\Lenzes\AppData\Local\Temp\COMAP.EXE
C:\Users\Lenzes\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Lenzes\AppData\Local\Temp\drm_dyndata_7270012.dll
C:\Users\Lenzes\AppData\Local\Temp\EAD10F0.exe
C:\Users\Lenzes\AppData\Local\Temp\EAD1534.exe
C:\Users\Lenzes\AppData\Local\Temp\EAD1AC0.exe
C:\Users\Lenzes\AppData\Local\Temp\EAD24ED.exe
C:\Users\Lenzes\AppData\Local\Temp\EAD7261.exe
C:\Users\Lenzes\AppData\Local\Temp\EAD849.exe
C:\Users\Lenzes\AppData\Local\Temp\EAD8EB7.exe
C:\Users\Lenzes\AppData\Local\Temp\EAD9C.exe
C:\Users\Lenzes\AppData\Local\Temp\EADAAEE.exe
C:\Users\Lenzes\AppData\Local\Temp\EADB1F0.exe
C:\Users\Lenzes\AppData\Local\Temp\EADB9AD.exe
C:\Users\Lenzes\AppData\Local\Temp\EADC476.exe
C:\Users\Lenzes\AppData\Local\Temp\EADE2B0.exe
C:\Users\Lenzes\AppData\Local\Temp\EADF095.exe
C:\Users\Lenzes\AppData\Local\Temp\FP_AX_MSI_INSTALLER.exe
C:\Users\Lenzes\AppData\Local\Temp\ICReinstall_UltimateCodec.exe
C:\Users\Lenzes\AppData\Local\Temp\installerdll2285414.dll
C:\Users\Lenzes\AppData\Local\Temp\installerdll2299142.dll
C:\Users\Lenzes\AppData\Local\Temp\install_helper.exe
C:\Users\Lenzes\AppData\Local\Temp\MouseKeyboardCenterx64_1031.exe
C:\Users\Lenzes\AppData\Local\Temp\nsh49F3.exe
C:\Users\Lenzes\AppData\Local\Temp\nshE90F.exe
C:\Users\Lenzes\AppData\Local\Temp\nsm3C0B.exe
C:\Users\Lenzes\AppData\Local\Temp\nsmC3FF.exe
C:\Users\Lenzes\AppData\Local\Temp\nst1C3C.exe
C:\Users\Lenzes\AppData\Local\Temp\ose00000.exe
C:\Users\Lenzes\AppData\Local\Temp\rootsupd.exe
C:\Users\Lenzes\AppData\Local\Temp\SeesimilarSetup-29-.exe
C:\Users\Lenzes\AppData\Local\Temp\Setup.exe
C:\Users\Lenzes\AppData\Local\Temp\setup_fsu_cid.exe
C:\Users\Lenzes\AppData\Local\Temp\SIntf16.dll
C:\Users\Lenzes\AppData\Local\Temp\SIntf32.dll
C:\Users\Lenzes\AppData\Local\Temp\SIntfNT.dll
C:\Users\Lenzes\AppData\Local\Temp\SPStub.exe
C:\Users\Lenzes\AppData\Local\Temp\tbappb.dll
C:\Users\Lenzes\AppData\Local\Temp\uninst1.exe
C:\Users\Lenzes\AppData\Local\Temp\UninstallEADM.dll
C:\Users\Lenzes\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Lenzes\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Lenzes\AppData\Local\Temp\vis-de.exe
C:\Users\Lenzes\AppData\Local\Temp\WindowsInstaller-KB893803-v2-x86.exe
C:\Users\Lenzes\AppData\Local\Temp\{613B4A4B-9838-4050-9C64-87D25190C11E}-21.0.1180.89_chrome_installer.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-20 19:28

==================== End Of Log ============================
--- --- ---

--- --- ---


FRST Additions Logfile:
Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Lenzes at 2014-03-29 09:39:56
Running from C:\Users\Lenzes\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

4500_G510nz_Help (x32 Version: 000.0.382.000 - Hewlett-Packard) Hidden
4500G510nz (x32 Version: 000.0.382.000 - Hewlett-Packard) Hidden
4500G510nz_Software_Min (x32 Version: 000.0.382.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 ActiveX 64-bit (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.1.102.63 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader X (10.1.2) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.2 - Adobe Systems Incorporated)
AMI VR-pulse OS Switcher (HKLM\...\{EC1369CF-15BD-4FAF-BA84-65E4788C682E}) (Version: 1.1 - American Megatrends Inc.)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo Burning Studio (HKLM-x32\...\Ashampoo Burning Studio_is1) (Version: 10.0.10 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Commander (HKLM-x32\...\Ashampoo Photo Commander_is1) (Version: 9.2.0 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Optimizer (HKLM-x32\...\Ashampoo Photo Optimizer_is1) (Version: 4.0.0 - Ashampoo GmbH & Co. KG)
Ashampoo Snap (HKLM-x32\...\Ashampoo Snap_is1) (Version: 4.3.0 - Ashampoo GmbH & Co. KG)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
BitGuard (HKLM-x32\...\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}) (Version:  - MediaTechSoft Inc.) <==== ATTENTION
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Control ActiveX de Windows Live Mesh para conexiones remotas (HKLM-x32\...\{04668DF2-D32F-4555-9C7E-35523DCD6544}) (Version: 15.4.5722.2 - Microsoft Corporation)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Controlo ActiveX do Windows Live Mesh para Ligações Remotas (HKLM-x32\...\{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}) (Version: 15.4.5722.2 - Microsoft Corporation)
Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}) (Version: 15.2.0.686 - Corel Corporation)
Corel Graphics - Windows Shell Extension (x32 Version: 15.2.686 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 64 Bit (Version: 15.2.686 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Common (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Connect (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Custom Data (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - DE (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Draw (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - EN (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - ES (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Extra Content (HKLM-x32\...\_{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}) (Version:  - Corel Corporation)
CorelDRAW Essentials X5 - Extra Content (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Filters (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - FR (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IPM (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IT (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - PHOTO-PAINT (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Redist (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Setup Files (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - WT (x32 Version: 15.3 -  Corel Corporation) Hidden
CorelDRAW Essentials X5 (HKLM-x32\...\_{EDBEBF07-F880-48FB-9AA5-0E8E71E02D83}) (Version: 15.2.0.686 - Corel Corporation)
CorelDRAW Essentials X5 (x32 Version: 15.3 - Corel Corporation) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3624 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.3624 - CyberLink Corp.) Hidden
CyberLink MediaEspresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.1508_36229 - CyberLink Corp.)
CyberLink MediaEspresso (x32 Version: 6.5.1508_36229 - CyberLink Corp.) Hidden
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.1.2414a - CyberLink Corp.)
CyberLink MediaShow (x32 Version: 5.1.2414a - CyberLink Corp.) Hidden
CyberLink PhotoDirector 2011 (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.2430 - CyberLink Corp.)
CyberLink PhotoDirector 2011 (x32 Version: 2.0.2430 - CyberLink Corp.) Hidden
CyberLink PhotoNow (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.7717 - CyberLink Corp.)
CyberLink PhotoNow (x32 Version: 1.1.7717 - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1327 - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 7.0.0.1327 - CyberLink Corp.) Hidden
CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 9.0.0.3621 - CyberLink Corp.)
CyberLink PowerDirector (Version: 9.0.0.3621 - CyberLink Corp.) Hidden
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.3622.02 - CyberLink Corp.)
CyberLink PowerDVD 10 (x32 Version: 10.0.3622.02 - CyberLink Corp.) Hidden
CyberLink PowerDVD Copy (HKLM-x32\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.1306 - CyberLink Corp.)
CyberLink PowerDVD Copy (x32 Version: 1.5.1306 - CyberLink Corp.) Hidden
CyberLink WaveEditor (HKLM-x32\...\InstallShield_{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}) (Version: 1.0.1.3320 - CyberLink Corp.)
CyberLink WaveEditor (x32 Version: 1.0.1.3320 - CyberLink Corp.) Hidden
CyberLink YouCam 5 (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.1402 - CyberLink Corp.)
CyberLink YouCam 5 (x32 Version: 5.0.1402 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DC-Bass Source 1.3.0 (HKLM-x32\...\DC-Bass Source) (Version:  - )
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts)
Die Sims™ 3 70er, 80er & 90er Accessoires (HKLM-x32\...\{E1868CAE-E3B9-4099-8C18-AA8944D336FD}) (Version: 17.0.77 - Electronic Arts)
Die Sims™ 3 Design-Garten-Accessoires (HKLM-x32\...\{117B6BF6-82C3-420C-B284-9247C8568E53}) (Version: 7.0.55 - Electronic Arts)
Die Sims™ 3 Diesel Accessoires (HKLM-x32\...\{1C9B6173-6DC9-4EEE-9EFC-6BA115CFBE43}) (Version: 14.0.48 - Electronic Arts)
Die Sims™ 3 Einfach tierisch (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
Die Sims™ 3 Erstelle ein Muster-Tool (HKLM-x32\...\{44EAFE3D-09A9-4478-A2BF-0EED22F4E49F}) (Version: 1.0.0 - Electronic Arts)
Die Sims™ 3 Gib Gas-Accessoires (HKLM-x32\...\{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}) (Version: 5.0.44 - Electronic Arts)
Die Sims™ 3 Inselparadies (HKLM-x32\...\{DB21639E-FE55-432C-BCA2-0C5249E3F79E}) (Version: 19.0.101 - Electronic Arts)
Die Sims™ 3 Jahreszeiten (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
Die Sims™ 3 Katy Perry Süße Welt (HKLM-x32\...\{9B2506E3-9A3F-45B5-96BF-509CAD584650}) (Version: 13.0.62 - Electronic Arts)
Die Sims™ 3 Lebensfreude (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
Die Sims™ 3 Luxus-Accessoires (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts)
Die Sims™ 3 Reiseabenteuer (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts)
Die Sims™ 3 Showtime (HKLM-x32\...\{3BBFD444-5FAB-49F6-98B1-A1954E831399}) (Version: 12.0.273 - Electronic Arts)
Die Sims™ 3 Stadt-Accessoires (HKLM-x32\...\{7B11296A-F894-449C-8DF6-6AAAA7D4D118}) (Version: 9.0.73 - Electronic Arts)
Die Sims™ 3 Traumkarrieren (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.0.87 - Electronic Arts)
Die Sims™ 3 Traumsuite-Accessoires (HKLM-x32\...\{08A25478-C5DD-4EA7-B168-3D687CA987FF}) (Version: 11.0.84 - Electronic Arts)
Die Sims™ 3 Wildes Studentenleben (HKLM-x32\...\{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}) (Version: 18.0.126 - Electronic Arts)
DirectVobSub 2.40.4209 (HKLM-x32\...\vsfilter_is1) (Version: 2.40.4209 - MPC-HC Team)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.8 - DivX, LLC)
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.7000.11 - Dolby Laboratories Inc)
ffdshow v1.1.4399 [2012-03-22] (HKLM-x32\...\ffdshow_is1) (Version: 1.1.4399.0 - )
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych (HKLM-x32\...\{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}) (Version: 15.4.5722.2 - Microsoft Corporation)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Free YouTube to MP3 Converter version 3.12.5.628 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.5.628 - DVDVideoSoft Ltd.)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version:  - )
HP Officejet 4500 G510n-z (HKLM\...\{7E0E61CC-1C99-429D-BEA7-C4DD5B898D2A}) (Version: 13.0 - HP)
ICQ7M (HKLM-x32\...\{781B39EC-2E18-41FC-9B00-B84E4FFCA85F}) (Version: 7.8 - ICQ)
Intel PROSet Wireless (Version:  - ) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.4.1441 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2712 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{37EC048A-81A2-452A-8D1F-3BE2018E767D}) (Version: 15.1.0.0096 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{520C4DD4-2BC7-409B-BA48-E1A4F832662D}) (Version: 2.1.0.0140 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{4E4282C3-F66E-4852-837A-7675527178C2}) (Version: 3.1.26.0 - Intel Corporation)
Intel(R) Wireless Display (HKLM\...\{28EF7372-9087-4AC3-9B9F-D9751FCDF830}) (Version:  - )
Intel® PROSet/Wireless WiFi Software (HKLM\...\{54EB8041-1115-4406-AA4B-44D236E84B3B}) (Version: 15.01.1000.0927 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
iTunes (HKLM\...\{A04DCB25-7040-4935-A30D-8E0A893ABF2D}) (Version: 11.1.2.32 - Apple Inc.)
Java Auto Updater (x32 Version: 2.1.6.0 - Sun Microsystems, Inc.) Hidden
Java(TM) 7 Update 3 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417003FF}) (Version: 7.0.30 - Oracle)
Java(TM) 7 Update 3 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217003FF}) (Version: 7.0.30 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave (HKLM-x32\...\{CA227A9D-09BE-4BFB-9764-48FED2DA5454}) (Version: 15.4.5722.2 - Microsoft Corporation)
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version:  - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)
Medion Home Cinema (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.3216 - CyberLink Corp.)
Medion Home Cinema (x32 Version: 8.0.3216 - CyberLink Corp.) Hidden
Memeo Instant Backup (HKLM-x32\...\{8E666407-AC41-46a2-9692-6C7BFCBFDD37}) (Version: 4.60.0.7943 - Memeo Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Mathematics (64-Bit) (HKLM\...\{E57B7E0A-8BE5-42E2-BE60-C07ED680A063}) (Version: 4.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.0.161.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (Version: 2.0.161.0 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Network64 (Version: 130.0.374.000 - Hewlett-Packard) Hidden
OpenSource Flash Video Splitter 1.0.0.5 (HKLM-x32\...\OpenSource Flash Video Splitter) (Version: 1.0.0.5 - )
Origin (HKLM-x32\...\Origin) (Version: 9.3.10.4710 - Electronic Arts, Inc.)
PCSUITE SHREDDER (HKLM-x32\...\PCSUITE_SHREDDER_PRO_is1) (Version:  - Markement GmbH)
PHotkey (HKLM-x32\...\{E50C224A-BBF2-428D-9DCF-DBF9DF85C40E}) (Version: 1.00.0059 - Pegatron Corporation)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6586 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30127 - Realtek Semiconductor Corp.)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Spelling Dictionaries Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-A00000000004}) (Version: 10.0.0 - Adobe Systems Incorporated)
Spotify (HKCU\...\Spotify) (Version: 0.9.7.16.g4b197456 - Spotify AB)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.45.0 - Synaptics Incorporated)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Codec Pack (HKCU\...\DigitalSite) (Version:  - ) <==== ATTENTION
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2878234) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{EC1934B0-AE0F-4BBD-8955-54BB3247ED9E}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VIS (HKLM-x32\...\VIS) (Version:  - ) <==== ATTENTION
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotótár (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-objekt til fjernforbindelser (HKLM-x32\...\{57220148-3B2B-412A-A2E0-82B9DF423696}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinRAR 5.00 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Restore Points  =========================

11-03-2014 14:48:43 Windows Update
14-03-2014 02:00:39 Windows Update
18-03-2014 23:09:07 Windows Update
22-03-2014 11:47:54 Installiert RollerCoaster Tycoon 3
25-03-2014 06:44:02 Windows Update
26-03-2014 13:33:15 Installiert TheSims3EP9
28-03-2014 09:59:51 Windows Update
28-03-2014 21:45:22 Removed watchmi.
28-03-2014 21:46:29 Removed watchmi.
28-03-2014 21:58:02 Windows Live Mesh ActiveX Control for Remote Connections wird entfernt
28-03-2014 21:58:34 Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz wird entfernt
28-03-2014 21:59:09 Entfernt RollerCoaster Tycoon 3

==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {1D7F6D8D-A14C-4E78-969B-284993A11F7D} - System32\Tasks\DigitalSite => C:\Users\Lenzes\AppData\Roaming\DigitalSite\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION
Task: {2A448C8E-46C3-4A78-AE6A-7F40894ACCD8} - System32\Tasks\Digital Sites => C:\Users\Lenzes\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION
Task: {59274905-BB5F-4C3A-BF33-74C4F3038B12} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-30] (Google Inc.)
Task: {5C2E831F-4DAF-4713-B802-463E9A910A68} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-08-30] (Google Inc.)
Task: {8DB94DB5-1934-484F-AE1D-395DDFA10C35} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [2012-02-02] (CyberLink Corp.)
Task: {9BE1759D-DBD1-4D49-9BB1-735665BAC9CF} - System32\Tasks\AdobeFlashPlayerUpdate 2 => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe
Task: {E621BEC7-1AE6-4423-8642-15916E9A563B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {F0BC348B-7A11-48B2-93F0-5713E090FBE8} - System32\Tasks\AdobeFlashPlayerUpdate => C:\Windows\SysWOW64\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Digital Sites.job => C:\Users\Lenzes\AppData\Roaming\DIGITA~2\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\DigitalSite.job => C:\Users\Lenzes\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-11-22 18:26 - 2013-11-18 15:32 - 01958880 _____ () C:\ProgramData\BitGuard\2.7.1832.68\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\loader.dll
2012-04-11 10:57 - 2009-12-18 23:40 - 00104968 _____ () C:\Program Files (x86)\PHotkey\ASLDRSrv.exe
2012-04-11 10:57 - 2011-10-13 22:38 - 00156672 _____ () C:\Program Files (x86)\PHotkey\GFNEXSrv.exe
2012-04-11 10:57 - 2012-03-27 22:19 - 00826880 _____ () C:\Program Files (x86)\PHotkey\PHotkey.exe
2012-04-11 10:57 - 2010-01-13 01:36 - 00117256 _____ () C:\Program Files (x86)\PHotkey\MsgTranAgt.exe
2012-04-11 10:57 - 2010-01-13 01:36 - 00121864 _____ () C:\Program Files (x86)\PHotkey\MsgTranAgt64.exe
2012-04-11 06:19 - 2010-08-19 17:43 - 00386344 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2012-04-11 10:57 - 2010-12-17 22:04 - 00449032 _____ () C:\Program Files (x86)\PHotkey\ATouch64.exe
2012-04-11 10:57 - 2012-01-13 01:58 - 00552960 _____ () C:\Program Files (x86)\PHotkey\PVDesktop.exe
2012-04-11 10:57 - 2012-01-13 01:58 - 00477696 _____ () C:\Program Files (x86)\PHotkey\PVDAgent.exe
2012-04-11 10:57 - 2012-02-24 22:13 - 03458560 _____ () C:\Program Files (x86)\PHotkey\POSD.exe
2012-04-11 08:57 - 2012-03-27 01:33 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-08-29 01:23 - 2013-08-29 01:23 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2012-10-21 10:54 - 2012-09-19 18:17 - 00397088 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2012-05-30 19:06 - 2012-05-30 19:06 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-05-30 19:06 - 2012-05-30 19:06 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-04-11 10:57 - 2009-12-18 23:36 - 00973432 _____ () C:\Program Files (x86)\PHotkey\acAuth.dll
2012-04-11 10:57 - 2009-12-18 23:41 - 00129544 _____ () C:\Program Files (x86)\PHotkey\GFNEX.dll
2010-08-03 23:39 - 2010-08-03 23:39 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2010-08-03 23:39 - 2010-08-03 23:39 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2013-08-29 01:25 - 2013-08-29 01:25 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2014-03-15 10:33 - 2014-03-15 01:50 - 00051016 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\chrome_elf.dll
2014-03-15 10:33 - 2014-03-15 01:50 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libglesv2.dll
2014-03-15 10:33 - 2014-03-15 01:50 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libegl.dll
2014-03-15 10:33 - 2014-03-15 01:50 - 04061000 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll
2014-03-15 10:33 - 2014-03-15 01:50 - 00394568 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll
2014-03-15 10:33 - 2014-03-15 01:50 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ffmpegsumo.dll
2014-02-27 21:33 - 2014-02-27 21:33 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\b162055347700182d96325676dd591c4\IsdiInterop.ni.dll
2012-04-11 09:39 - 2011-11-30 04:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-04-11 09:31 - 2012-03-06 14:27 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-03-15 10:33 - 2014-03-15 01:50 - 13637448 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: LIFETAB_E10320
Description: LIFETAB_E10320
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: LENOVO
Service: WUDFRd
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/29/2014 09:33:07 AM) (Source: MemeoBackgroundService) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
  bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
  bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
  bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
  --- Ende der internen Ausnahmestapelüberwachung ---
  bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
  bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
  bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
  bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
  bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
  bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration.  bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
  bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
  bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)

Error: (03/28/2014 10:48:00 PM) (Source: Microsoft-Windows-RestartManager) (User: Lenzes-PC)
Description: Die Anwendung oder der Dienst "watchmi service" konnte nicht neu gestartet werden.

Error: (03/28/2014 10:40:32 PM) (Source: MemeoBackgroundService) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
  bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
  bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
  bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
  --- Ende der internen Ausnahmestapelüberwachung ---
  bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
  bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
  bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
  bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
  bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
  bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration.  bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
  bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
  bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)

Error: (03/28/2014 10:31:35 PM) (Source: MemeoBackgroundService) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
  bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
  bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
  bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
  --- Ende der internen Ausnahmestapelüberwachung ---
  bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
  bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
  bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
  bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
  bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
  bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration.  bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
  bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
  bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)

Error: (03/28/2014 11:27:38 AM) (Source: MemeoBackgroundService) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
  bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
  bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
  bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
  --- Ende der internen Ausnahmestapelüberwachung ---
  bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
  bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
  bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
  bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
  bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
  bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration.  bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
  bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
  bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)

Error: (03/28/2014 08:04:28 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8206

Error: (03/28/2014 08:04:28 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8206

Error: (03/28/2014 08:04:28 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/28/2014 08:04:27 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7208

Error: (03/28/2014 08:04:27 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7208


System errors:
=============
Error: (03/29/2014 09:32:21 AM) (Source: Application Popup) (User: )
Description: Treiber ACPI hat eine ungültige ID für das untergeordnete Gerät (1) zurückgegeben.

Error: (03/28/2014 10:41:09 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Intel(R) PROSet/Wireless Zero Configuration Service" wurde mit folgendem Fehler beendet:
%%-2147196306

Error: (03/28/2014 10:40:08 PM) (Source: BugCheck) (User: )
Description: 0x000000f4 (0x0000000000000003, 0xfffffa8007140a80, 0xfffffa8007140d60, 0xfffff80003bdf7b0)C:\Windows\MEMORY.DMP032814-69607-01

Error: (03/28/2014 10:40:00 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎28.‎03.‎2014 um 22:37:02 unerwartet heruntergefahren.

Error: (03/28/2014 10:38:54 PM) (Source: Application Popup) (User: )
Description: Treiber ACPI hat eine ungültige ID für das untergeordnete Gerät (1) zurückgegeben.

Error: (03/28/2014 10:31:09 PM) (Source: BugCheck) (User: )
Description: 0x000000f4 (0x0000000000000003, 0xfffffa8007149640, 0xfffffa8007149920, 0xfffff80003b847b0)C:\Windows\MEMORY.DMP032814-72680-01

Error: (03/28/2014 10:31:00 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎28.‎03.‎2014 um 22:28:25 unerwartet heruntergefahren.

Error: (03/28/2014 10:29:51 PM) (Source: Application Popup) (User: )
Description: Treiber ACPI hat eine ungültige ID für das untergeordnete Gerät (1) zurückgegeben.

Error: (03/28/2014 11:27:17 AM) (Source: BugCheck) (User: )
Description: 0x000000f4 (0x0000000000000003, 0xfffffa800415d040, 0xfffffa800415d320, 0xfffff80003bd67b0)C:\Windows\MEMORY.DMP032814-41605-01

Error: (03/28/2014 11:27:08 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎28.‎03.‎2014 um 11:24:05 unerwartet heruntergefahren.


Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Percentage of memory in use: 53%
Total physical RAM: 3990.83 MB
Available physical RAM: 1850.41 MB
Total Pagefile: 7979.84 MB
Available Pagefile: 5399.74 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (Boot) (Fixed) (Total:647.54 GB) (Free:525.72 GB) NTFS
Drive d: (Recover) (Fixed) (Total:50 GB) (Free:15.58 GB) NTFS
Drive e: (Sims3EP10) (CDROM) (Total:4.37 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 699 GB) (Disk ID: 2BD2C32A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=648 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=50 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)

==================== End Of Log ============================
--- --- ---

schrauber 31.03.2014 09:30
Revo Uninstaller - Download - Filepony
Damit alles deinstallieren was Du in der Additional.txt findest mit dem Zusatz <== ATTENTION

Mit Revo auch Moderat die Reste entfernen lassen.



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.


Alle Zeitangaben in WEZ +1. Es ist jetzt 20:29 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131