Trojaner-Board - Rootkit (Trojan.Generic)

Hallo,

ich hatte noch folgenden Virenscanner laufen: AVg AntiVirus
und es wurden folgende Datein gefunden:

MalSign.Generic.6A4 Objektname: C:\Users\Windows7\Downloads\Setup.exe

und eine beschädigte Datei unter Temp\pdfupd.exe

Soll ich jetzt dann Scan mit Farbar's Recovery Scan Tool (FRST) laufen lassen?

Vielen Dank für die Hilfe !

Sam

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-05-2014 02

Ran by Windows 7 (administrator) on WINDOWS7-PC on 29-05-2014 10:37:48

Running from C:\Users\Windows 7\Downloads

Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard

Internet Explorer Version 11

Boot Mode: Normal
 
 
 

==================== Processes (Whitelisted) =================
 

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Nero AG) C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe

(Prolific Technology Inc.) C:\Windows\SysWOW64\IoctlSvc.exe

() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.7\GoogleCrashHandler64.exe

(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe

(Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe

(Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe

(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe

(Cyberlink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE

(Adobe Sytems) C:\Program Files (x86)\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe

(CANON INC.) C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE

(AVM Berlin) C:\Users\Windows 7\AppData\Local\Apps\2.0\M78GGGQO.3EG\V07WZG26.M1A\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe

(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(Qihu 360 Software Co., Ltd.) C:\Program Files\360\360 Internet Security\deepscan\QHActiveDefense.exe

(Qihu 360 Software Co., Ltd.) C:\Program Files\360\360 Internet Security\360sd.exe

(Qihu 360 Software Co., Ltd.) C:\Program Files\360\360 Internet Security\360rp.exe

(Qihu 360 Software Co., Ltd.) C:\Program Files\360\360 Internet Security\safemon\360Tray.exe

(www.rene-zeidler.de) C:\Users\Windows 7\Desktop\Snipping Tool Plus.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe

(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
 
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2114376 2008-03-17] (CANON INC.)

HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [722256 2008-12-11] (CANON INC.)

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)

HKLM\...\Run: [360sd] => C:\Program Files\360\360 Internet Security\360sdrun.exe [273848 2014-01-09] (Qihu 360 Software Co., Ltd.)

HKLM-x32\...\Run: [RemoteControl] => C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe [71216 2007-02-07] (Cyberlink Corp.)

HKLM-x32\...\Run: [LanguageShortcut] => C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe [54832 2007-02-07] ()

HKLM-x32\...\Run: [NBKeyScan] => C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2221352 2008-12-02] (Nero AG)

HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)

HKLM-x32\...\Run: [AdobeVersionCue] => C:\Program Files (x86)\Adobe\Adobe Version Cue\ControlPanel\VersionCueTray.exe [1732608 2003-10-13] (Adobe Sytems)

HKLM-x32\...\Run: [IJNetworkScanUtility] => C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE [128352 2007-11-19] (CANON INC.)

HKLM-x32\...\Run: [AdobeCS4ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe [611712 2008-08-14] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [KeePass 2 PreLoad] => C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe [1670656 2011-01-02] (Dominik Reichl)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [252848 2012-07-03] (Sun Microsystems, Inc.)

HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)

HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)

HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5181456 2014-05-13] (AVG Technologies CZ, s.r.o.)

HKU\S-1-5-21-2200735082-1387783226-2573227370-1000\...\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe [1840424 2008-12-12] (Nero AG)

HKU\S-1-5-21-2200735082-1387783226-2573227370-1000\...\Run: [AdobeBridge] => [X]

HKU\S-1-5-21-2200735082-1387783226-2573227370-1000\...\Run: [AVMUSBFernanschluss] => C:\Users\Windows 7\AppData\Local\Apps\2.0\M78GGGQO.3EG\V07WZG26.M1A\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\AVMAutoStart.exe [139264 2012-12-21] (AVM Berlin)

HKU\S-1-5-21-2200735082-1387783226-2573227370-1000\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x91000000

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk

ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk

ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe (McAfee, Inc.)

Startup: C:\Users\Windows 7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk

ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de

HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie

SearchScopes: HKLM-x32 - DefaultScope {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2319825

SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2319825

SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch&AF=15627

SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear

SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2319825

SearchScopes: HKCU - {C2A0A83C-D6CE-412C-8B1E-A9BE035F5226} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=&apn_dtid=OSJ000&apn_uid=3B85DC10-F9E6-468E-B9BD-D35268846143&apn_sauid=F9F19B01-9E9F-4E43-A563-21985A590082

SearchScopes: HKCU - {F91988C6-ED36-4199-9E19-A2B87D23DFFC} URL = hxxp://de.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_de&p={searchTerms}

BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

BHO-x32: No Name - {02478D38-C3F9-4efb-9B51-7695ECA05670} -  No File

BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)

BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)

BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

Toolbar: HKLM-x32 - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} -  No File

Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)

Toolbar: HKCU - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} -  No File

Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)

Toolbar: HKCU - No Name - {26647CA4-A2A7-4EAC-8A72-761AA9141DE7} -  No File

Toolbar: HKCU - No Name - {40C3CC16-7269-4B32-9531-17F2950FB06F} -  No File

DPF: HKLM-x32 {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlcdnet.asus.com/pub/ASUS/misc/dlm-activex-2.2.5.0.cab

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
 

FireFox:

========

FF ProfilePath: C:\Users\Windows 7\AppData\Roaming\Mozilla\Firefox\Profiles\dfvzj6it.default

FF SearchEngineOrder.1: Ask.com

FF SelectedSearchEngine: Google

FF Homepage: www.google.de

FF Keyword.URL: hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2325506&q=

FF NetworkProxy: "no_proxies_on", "*.local"

FF NetworkProxy: "type", 0

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_44.dll ()

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File

FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()

FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)

FF Plugin-x32: @java.com/DTPlugin,version=10.7.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.7.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)

FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)

FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF user.js: detected! => C:\Users\Windows 7\AppData\Roaming\Mozilla\Firefox\Profiles\dfvzj6it.default\user.js

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)

FF SearchPlugin: C:\Users\Windows 7\AppData\Roaming\Mozilla\Firefox\Profiles\dfvzj6it.default\searchplugins\askcom.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml

FF Extension: ColorZilla - C:\Users\Windows 7\AppData\Roaming\Mozilla\Firefox\Profiles\dfvzj6it.default\Extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326} [2012-08-01]

FF Extension: DownloadHelper - C:\Users\Windows 7\AppData\Roaming\Mozilla\Firefox\Profiles\dfvzj6it.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-25]

FF Extension: Ghostery - C:\Users\Windows 7\AppData\Roaming\Mozilla\Firefox\Profiles\dfvzj6it.default\Extensions\firefox@ghostery.com.xpi [2013-08-03]

FF Extension: Easy YouTube Video Downloader - C:\Users\Windows 7\AppData\Roaming\Mozilla\Firefox\Profiles\dfvzj6it.default\Extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi [2011-12-02]
 

Chrome: 

=======

CHR HomePage: hxxp://www.google.com

CHR RestoreOnStartup: "hxxp://www.google.com"

CHR Plugin: (Remoting Viewer) - internal-remoting-viewer

CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll No File

CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\pdf.dll No File

CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\gcswf32.dll No File

CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File

CHR Plugin: (Babylon Chrome Plugin) - C:\Users\Windows 7\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.0_0\BabylonChromePI.dll ()

CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)

CHR Plugin: (Microsoft® Windows Media Player Firefox Plugin) - C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll (Microsoft Corporation)

CHR Plugin: (Java Deployment Toolkit 6.0.310.5) - C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll No File

CHR Plugin: (Java(TM) Platform SE 6 U31) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)

CHR Plugin: (2007 Microsoft Office system) - C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL (Microsoft Corporation)

CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll (Apple Inc.)

CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll No File

CHR Plugin: (QuickTime Plug-in 7.7) - C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll No File

CHR Plugin: (Picasa) - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)

CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File

CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File

CHR Extension: (YouTube) - C:\Users\Windows 7\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-06-18]

CHR Extension: (Google-Suche) - C:\Users\Windows 7\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-06-18]

CHR Extension: (Babylon Chrome OCR) - C:\Users\Windows 7\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb [2012-06-18]

CHR Extension: (avast! WebRep) - C:\Users\Windows 7\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda [2012-06-18]

CHR Extension: (Winload) - C:\Users\Windows 7\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngnjhfpfhadncgafgbneeljaginimmmk [2012-06-18]

CHR Extension: (Google Mail) - C:\Users\Windows 7\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-06-18]

CHR HKLM-x32\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonChrome.crx [2010-11-29]

CHR HKLM-x32\...\Chrome\Extension: [icmlaeflemplmjndnaapfdbbnpncnbda] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2010-11-29]

CHR HKLM-x32\...\Chrome\Extension: [ngnjhfpfhadncgafgbneeljaginimmmk] - C:\Users\WINDOW~1\AppData\Local\Temp\tbch.crx [2011-05-26]
 

==================== Services (Whitelisted) =================
 

S2 360rp; C:\Program Files\360\360 Internet Security\360rps.exe [295608 2014-01-09] (Qihu 360 Software Co., Ltd.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [68096 2010-06-14] ()

S3 AdobeVersionCue; C:\Program Files (x86)\Adobe\Adobe Version Cue\service\VersionCue.exe [61440 2003-10-13] (Adobe Sytems)

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3644432 2014-05-13] (AVG Technologies CZ, s.r.o.)

R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [292424 2014-05-13] (AVG Technologies CZ, s.r.o.)

S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)

R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)

R2 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [877864 2008-12-02] (Nero AG)

R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)

R3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [537896 2008-12-12] (Nero AG)

R2 PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.)

R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [173616 2007-02-07] ()

S3 scan; C:\Program Files\360\360 Internet Security\scan.dll [423144 2013-02-20] (S.C. BitDefender S.R.L)

R2 ZhuDongFangYu; C:\Program Files\360\360 Internet Security\deepscan\QHActiveDefense.exe [228800 2013-12-24] (Qihu 360 Software Co., Ltd.)

S2 wuauservcom; "C:\Program Files (x86)\Common Files\Windows Update Components\wuauclt.exe" -delay [X]

S4 YahooUSService; "C:\Program Files (x86)\Common Files\Yahoo!\YahooAUService.exe" -silentupdate [X]
 

==================== Drivers (Whitelisted) ====================
 

R1 360AntiHacker; C:\Windows\System32\Drivers\360AntiHacker64.sys [97480 2013-11-27] (Qihu 360 Software Co., Ltd.)

R3 360AvFlt; C:\Windows\System32\DRIVERS\360AvFlt.sys [67272 2013-03-28] (Qihu 360 Software Co., Ltd.)

R1 360Box64; C:\Windows\System32\DRIVERS\360Box64.sys [305856 2013-11-29] (Qihu 360 Software Co., Ltd.)

S3 360Camera; C:\Windows\System32\Drivers\360Camera64.sys [41152 2013-12-09] (Qihu 360 Software Co., Ltd.)

R1 360fsflt; C:\Windows\System32\DRIVERS\360FsFlt.sys [286912 2013-12-24] (Qihu 360 Software Co., Ltd.)

R2 acedrv10; C:\Windows\system32\drivers\acedrv10.sys [464464 2011-11-29] (Protect Software GmbH)

R2 acehlp10; C:\Windows\system32\drivers\acehlp10.sys [229664 2011-11-29] (Protect Software GmbH)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [14392 2007-12-17] ()

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-05-13] (AVG Technologies CZ, s.r.o.)

R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [236312 2014-05-13] (AVG Technologies CZ, s.r.o.)

R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [191768 2014-05-13] (AVG Technologies CZ, s.r.o.)

R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-05-13] (AVG Technologies CZ, s.r.o.)

R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [323352 2014-05-13] (AVG Technologies CZ, s.r.o.)

R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [130328 2014-05-13] (AVG Technologies CZ, s.r.o.)

R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-05-13] (AVG Technologies CZ, s.r.o.)

R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [273176 2014-05-13] (AVG Technologies CZ, s.r.o.)

R3 avmaudio; C:\Windows\System32\DRIVERS\avmaudio.sys [116096 2011-10-27] (AVM Berlin)

R3 avmaura; C:\Windows\System32\DRIVERS\avmaura.sys [116480 2012-12-21] (AVM Berlin)

R1 BAPIDRV; C:\Windows\System32\Drivers\BAPIDRV64.SYS [179904 2013-12-10] (Qihu 360 Software Co., Ltd.)

U3 Mcxdritus; 

R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)

R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()

R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)

S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)

R2 {95808DC4-FA4A-4c74-92FE-5B863F82066B}; C:\Program Files (x86)\CyberLink\PowerDVD\000.fcl [13560 2006-11-02] (Cyberlink Corp.)

S3 cpuz129; \??\C:\Users\WINDOW~1\AppData\Local\Temp\cpuz_x64.sys [X]

S1 gmehqsew; \??\C:\Windows\system32\drivers\gmehqsew.sys [X]

S1 lfjazogm; \??\C:\Windows\system32\drivers\lfjazogm.sys [X]

S1 mrquivap; \??\C:\Windows\system32\drivers\mrquivap.sys [X]
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2014-05-29 10:32 - 2014-05-29 10:33 - 00037170 _____ () C:\Users\Windows 7\Downloads\Addition.txt

2014-05-29 10:31 - 2014-05-29 10:37 - 00025512 _____ () C:\Users\Windows 7\Downloads\FRST.txt

2014-05-29 10:30 - 2014-05-29 10:37 - 00000000 ____D () C:\FRST

2014-05-29 10:29 - 2014-05-29 10:29 - 02066944 _____ (Farbar) C:\Users\Windows 7\Downloads\FRST64.exe

2014-05-28 22:14 - 2014-05-28 22:14 - 00000000 ____D () C:\Users\Windows 7\AppData\Roaming\AVG2014

2014-05-28 22:13 - 2014-05-28 22:13 - 00000952 _____ () C:\Users\Public\Desktop\AVG 2014.lnk

2014-05-28 22:13 - 2014-05-28 22:13 - 00000000 ____D () C:\Users\Windows 7\AppData\Roaming\TuneUp Software

2014-05-28 22:13 - 2014-05-28 22:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

2014-05-28 22:11 - 2014-05-28 22:13 - 00000000 ____D () C:\ProgramData\AVG2014

2014-05-28 22:08 - 2014-05-28 22:16 - 00000000 ____D () C:\Users\Windows 7\AppData\Local\Avg2014

2014-05-28 22:08 - 2014-05-28 22:08 - 00000000 ____D () C:\Users\Windows 7\AppData\Local\MFAData

2014-05-28 22:06 - 2014-05-28 22:07 - 152430976 _____ (AVG Technologies) C:\Users\Windows 7\Downloads\avg_free_x86_all_2014_4592a7484.exe

2014-05-28 21:27 - 2014-05-28 21:27 - 00526323 _____ () C:\Users\Windows 7\Downloads\web_of_trust_wot-20131118-fx.zip

2014-05-28 18:45 - 2014-05-29 10:29 - 00000000 ____D () C:\Users\Windows 7\AppData\Roaming\360safe

2014-05-28 18:45 - 2014-05-28 18:45 - 00000985 _____ () C:\Users\Public\Desktop\360 Internet Security.lnk

2014-05-28 18:45 - 2014-05-28 18:45 - 00000000 ____D () C:\Users\Windows 7\AppData\Roaming\360SD

2014-05-28 18:45 - 2014-05-28 18:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360 Internet Security

2014-05-28 18:45 - 2014-05-28 18:45 - 00000000 ____D () C:\ProgramData\360SD

2014-05-28 18:45 - 2013-12-06 14:03 - 00022584 _____ (Qihu 360 Software Co., Ltd.) C:\Windows\system32\Drivers\efimon.sys

2014-05-28 18:45 - 2013-03-28 04:11 - 00067272 _____ (Qihu 360 Software Co., Ltd.) C:\Windows\system32\Drivers\360AvFlt.sys

2014-05-28 18:44 - 2014-05-28 18:44 - 00000000 _RSHD () C:\360SANDBOX

2014-05-28 18:44 - 2014-05-28 18:44 - 00000000 ____D () C:\Program Files\360

2014-05-28 18:44 - 2013-12-24 11:27 - 00286912 _____ (Qihu 360 Software Co., Ltd.) C:\Windows\system32\Drivers\360FsFlt.sys

2014-05-28 18:44 - 2013-12-10 05:49 - 00179904 _____ (Qihu 360 Software Co., Ltd.) C:\Windows\system32\Drivers\BAPIDRV64.SYS

2014-05-28 18:44 - 2013-12-09 04:04 - 00041152 _____ (Qihu 360 Software Co., Ltd.) C:\Windows\system32\Drivers\360Camera64.sys

2014-05-28 18:44 - 2013-11-29 09:55 - 00305856 _____ (Qihu 360 Software Co., Ltd.) C:\Windows\system32\Drivers\360Box64.sys

2014-05-28 18:44 - 2013-11-27 14:10 - 00097480 _____ (Qihu 360 Software Co., Ltd.) C:\Windows\system32\Drivers\360AntiHacker64.sys

2014-05-28 18:41 - 2014-05-28 18:43 - 238003336 _____ (Qihu 360 Software Co., Ltd.) C:\Users\Windows 7\Downloads\360is_4.9.0.4900D.exe

2014-05-28 12:56 - 2014-05-28 12:56 - 00000000 ____D () C:\Users\Windows 7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD

2014-05-24 16:48 - 2014-05-24 16:48 - 00000000 _____ () C:\Users\Windows 7\Desktop\Spielplan2014.txt

2014-05-16 03:06 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-05-16 03:06 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-05-16 03:06 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-05-16 03:06 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-05-16 03:06 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-05-16 03:06 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2014-05-15 09:36 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2014-05-15 09:36 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2014-05-15 09:36 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys

2014-05-15 09:36 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys

2014-05-15 09:36 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll

2014-05-15 09:36 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll

2014-05-15 09:36 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe

2014-05-15 09:36 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll

2014-05-15 09:36 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll

2014-05-15 09:36 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll

2014-05-15 09:36 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll

2014-05-15 09:36 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll

2014-05-15 09:36 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll

2014-05-15 09:36 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe

2014-05-15 09:36 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll

2014-05-15 09:36 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll

2014-05-15 09:36 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll

2014-05-15 09:36 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll

2014-05-15 09:36 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll

2014-05-15 09:36 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll

2014-05-15 09:36 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll

2014-05-15 09:36 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll

2014-05-15 09:36 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe

2014-05-15 09:36 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll

2014-05-15 09:36 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll

2014-05-15 09:36 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll

2014-05-15 09:36 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll

2014-05-15 09:36 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll

2014-05-15 09:36 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll

2014-05-15 09:36 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe

2014-05-15 09:36 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe

2014-05-15 09:36 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll

2014-05-15 09:36 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll

2014-05-15 09:36 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll

2014-05-15 09:36 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll

2014-05-15 09:36 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll

2014-05-15 09:36 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll

2014-05-15 09:36 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll

2014-05-15 09:36 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll

2014-05-15 09:36 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll

2014-05-15 09:36 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll

2014-05-15 09:36 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll

2014-05-15 09:36 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll

2014-05-15 09:36 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll

2014-05-15 09:36 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll

2014-05-13 14:20 - 2014-05-13 14:20 - 00273176 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgtdia.sys

2014-05-13 14:20 - 2014-05-13 14:20 - 00235800 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgldx64.sys

2014-05-13 14:06 - 2014-05-13 14:06 - 00323352 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgloga.sys

2014-05-13 14:05 - 2014-05-13 14:05 - 00191768 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsha.sys

2014-05-13 14:05 - 2014-05-13 14:05 - 00152344 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgdiska.sys

2014-05-13 14:05 - 2014-05-13 14:05 - 00130328 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys

2014-05-13 14:04 - 2014-05-13 14:04 - 00236312 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys

2014-05-13 14:04 - 2014-05-13 14:04 - 00031512 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgrkx64.sys

2014-05-12 22:38 - 2014-05-12 22:44 - 00000000 ____D () C:\Users\Windows 7\Desktop\860OKMZO

2014-05-12 22:19 - 2014-05-12 22:19 - 00000000 ____D () C:\Users\Windows 7\Desktop\Aktionstagschule

2014-05-11 20:47 - 2014-05-11 20:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

2014-05-09 16:42 - 2014-05-09 16:42 - 00000000 ____D () C:\Users\Windows 7\Desktop\2014_05_09

2014-05-07 03:00 - 2014-05-16 03:23 - 00000000 ___SD () C:\Windows\system32\CompatTel

2014-05-03 12:58 - 2014-05-03 12:58 - 00000000 __SHD () C:\Users\Windows 7\AppData\Local\EmieUserList

2014-05-03 12:58 - 2014-05-03 12:58 - 00000000 __SHD () C:\Users\Windows 7\AppData\Local\EmieSiteList

2014-04-29 14:07 - 2014-04-30 15:45 - 00968292 _____ () C:\Users\Windows 7\Desktop\vortragschule.ai
 

==================== One Month Modified Files and Folders =======
 

2014-05-29 10:37 - 2014-05-29 10:31 - 00025512 _____ () C:\Users\Windows 7\Downloads\FRST.txt

2014-05-29 10:37 - 2014-05-29 10:30 - 00000000 ____D () C:\FRST

2014-05-29 10:34 - 2009-07-14 06:45 - 00014640 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-05-29 10:34 - 2009-07-14 06:45 - 00014640 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-05-29 10:33 - 2014-05-29 10:32 - 00037170 _____ () C:\Users\Windows 7\Downloads\Addition.txt

2014-05-29 10:29 - 2014-05-29 10:29 - 02066944 _____ (Farbar) C:\Users\Windows 7\Downloads\FRST64.exe

2014-05-29 10:29 - 2014-05-28 18:45 - 00000000 ____D () C:\Users\Windows 7\AppData\Roaming\360safe

2014-05-29 10:24 - 2010-06-04 08:59 - 01433046 _____ () C:\Windows\WindowsUpdate.log

2014-05-29 10:22 - 2010-11-18 15:08 - 00000000 ____D () C:\ProgramData\MFAData

2014-05-29 10:19 - 2010-10-27 20:26 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-05-28 22:16 - 2014-05-28 22:08 - 00000000 ____D () C:\Users\Windows 7\AppData\Local\Avg2014

2014-05-28 22:14 - 2014-05-28 22:14 - 00000000 ____D () C:\Users\Windows 7\AppData\Roaming\AVG2014

2014-05-28 22:13 - 2014-05-28 22:13 - 00000952 _____ () C:\Users\Public\Desktop\AVG 2014.lnk

2014-05-28 22:13 - 2014-05-28 22:13 - 00000000 ____D () C:\Users\Windows 7\AppData\Roaming\TuneUp Software

2014-05-28 22:13 - 2014-05-28 22:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

2014-05-28 22:13 - 2014-05-28 22:11 - 00000000 ____D () C:\ProgramData\AVG2014

2014-05-28 22:11 - 2010-10-13 13:09 - 00000000 ___HD () C:\$AVG

2014-05-28 22:11 - 2010-06-06 20:33 - 00000000 ____D () C:\Program Files (x86)\AVG

2014-05-28 22:08 - 2014-05-28 22:08 - 00000000 ____D () C:\Users\Windows 7\AppData\Local\MFAData

2014-05-28 22:07 - 2014-05-28 22:06 - 152430976 _____ (AVG Technologies) C:\Users\Windows 7\Downloads\avg_free_x86_all_2014_4592a7484.exe

2014-05-28 21:44 - 2011-02-09 10:47 - 00000000 ____D () C:\Users\Windows 7\AppData\Roaming\KeePass

2014-05-28 21:27 - 2014-05-28 21:27 - 00526323 _____ () C:\Users\Windows 7\Downloads\web_of_trust_wot-20131118-fx.zip

2014-05-28 18:45 - 2014-05-28 18:45 - 00000985 _____ () C:\Users\Public\Desktop\360 Internet Security.lnk

2014-05-28 18:45 - 2014-05-28 18:45 - 00000000 ____D () C:\Users\Windows 7\AppData\Roaming\360SD

2014-05-28 18:45 - 2014-05-28 18:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360 Internet Security

2014-05-28 18:45 - 2014-05-28 18:45 - 00000000 ____D () C:\ProgramData\360SD

2014-05-28 18:44 - 2014-05-28 18:44 - 00000000 _RSHD () C:\360SANDBOX

2014-05-28 18:44 - 2014-05-28 18:44 - 00000000 ____D () C:\Program Files\360

2014-05-28 18:43 - 2014-05-28 18:41 - 238003336 _____ (Qihu 360 Software Co., Ltd.) C:\Users\Windows 7\Downloads\360is_4.9.0.4900D.exe

2014-05-28 12:56 - 2014-05-28 12:56 - 00000000 ____D () C:\Users\Windows 7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD

2014-05-28 12:56 - 2010-10-27 20:26 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-05-28 12:54 - 2010-06-04 10:09 - 00000000 ____D () C:\ProgramData\NVIDIA

2014-05-28 12:54 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-05-28 12:54 - 2009-07-14 06:51 - 00130556 _____ () C:\Windows\setupact.log

2014-05-25 22:07 - 2010-06-04 10:19 - 00000000 ____D () C:\ProgramData\Adobe

2014-05-25 22:07 - 2010-06-04 09:37 - 00000000 ____D () C:\Users\Windows 7\AppData\Roaming\Adobe

2014-05-24 16:48 - 2014-05-24 16:48 - 00000000 _____ () C:\Users\Windows 7\Desktop\Spielplan2014.txt

2014-05-19 22:21 - 2014-01-15 15:35 - 00000000 ____D () C:\Users\Windows 7\AppData\Roaming\HandBrake

2014-05-19 16:36 - 2011-02-09 10:47 - 00011118 _____ () C:\Users\Windows 7\Documents\NewDatabase.kdbx

2014-05-16 09:36 - 2012-02-28 00:22 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk

2014-05-16 09:32 - 2010-06-04 09:12 - 00000000 ___RD () C:\Users\Windows 7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

2014-05-16 09:32 - 2010-06-04 09:12 - 00000000 ___RD () C:\Users\Windows 7\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools

2014-05-16 04:03 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache

2014-05-16 03:23 - 2014-05-07 03:00 - 00000000 ___SD () C:\Windows\system32\CompatTel

2014-05-16 03:23 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions

2014-05-16 03:06 - 2010-06-06 08:15 - 00000000 ____D () C:\ProgramData\Microsoft Help

2014-05-16 03:05 - 2013-08-20 03:05 - 00000000 ____D () C:\Windows\system32\MRT

2014-05-16 03:03 - 2010-06-04 09:44 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2014-05-15 17:13 - 2013-06-09 10:33 - 00000000 ____D () C:\Users\Windows 7\Desktop\Julia_Yoga

2014-05-13 14:20 - 2014-05-13 14:20 - 00273176 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgtdia.sys

2014-05-13 14:20 - 2014-05-13 14:20 - 00235800 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgldx64.sys

2014-05-13 14:06 - 2014-05-13 14:06 - 00323352 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgloga.sys

2014-05-13 14:05 - 2014-05-13 14:05 - 00191768 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsha.sys

2014-05-13 14:05 - 2014-05-13 14:05 - 00152344 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgdiska.sys

2014-05-13 14:05 - 2014-05-13 14:05 - 00130328 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys

2014-05-13 14:04 - 2014-05-13 14:04 - 00236312 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys

2014-05-13 14:04 - 2014-05-13 14:04 - 00031512 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgrkx64.sys

2014-05-12 22:44 - 2014-05-12 22:38 - 00000000 ____D () C:\Users\Windows 7\Desktop\860OKMZO

2014-05-12 22:19 - 2014-05-12 22:19 - 00000000 ____D () C:\Users\Windows 7\Desktop\Aktionstagschule

2014-05-12 16:03 - 2012-05-07 14:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service

2014-05-11 20:47 - 2014-05-11 20:47 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

2014-05-09 16:42 - 2014-05-09 16:42 - 00000000 ____D () C:\Users\Windows 7\Desktop\2014_05_09

2014-05-09 10:46 - 2010-10-27 20:26 - 00004112 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA

2014-05-09 10:46 - 2010-10-27 20:26 - 00003860 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore

2014-05-09 08:14 - 2014-05-15 09:36 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2014-05-09 08:11 - 2014-05-15 09:36 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2014-05-06 06:40 - 2014-05-16 03:06 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-05-06 06:17 - 2014-05-16 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-05-06 05:25 - 2014-05-16 03:06 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-05-06 05:07 - 2014-05-16 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-05-06 05:00 - 2014-05-16 03:06 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-05-06 04:10 - 2014-05-16 03:06 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2014-05-03 16:17 - 2014-03-14 11:42 - 00000000 ____D () C:\Users\Windows 7\Desktop\2014_03_14

2014-05-03 12:58 - 2014-05-03 12:58 - 00000000 __SHD () C:\Users\Windows 7\AppData\Local\EmieUserList

2014-05-03 12:58 - 2014-05-03 12:58 - 00000000 __SHD () C:\Users\Windows 7\AppData\Local\EmieSiteList

2014-05-03 12:28 - 2014-02-26 11:58 - 00012934 _____ () C:\Users\Windows 7\Desktop\Einkaufsliste.xlsx

2014-04-30 15:45 - 2014-04-29 14:07 - 00968292 _____ () C:\Users\Windows 7\Desktop\vortragschule.ai
 

Some content of TEMP:

====================

C:\Users\Windows 7\AppData\Local\Temp\cci.exe

C:\Users\Windows 7\AppData\Local\Temp\ConduitEngine.dll

C:\Users\Windows 7\AppData\Local\Temp\contentDATs.exe

C:\Users\Windows 7\AppData\Local\Temp\ffunzip.exe

C:\Users\Windows 7\AppData\Local\Temp\FP_AX_MSI_INSTALLER.exe

C:\Users\Windows 7\AppData\Local\Temp\FP_PL_MSI_INSTALLER.exe

C:\Users\Windows 7\AppData\Local\Temp\GLF641.tmp.ConduitEngineSetup.exe

C:\Users\Windows 7\AppData\Local\Temp\GLF963D.tmp.ConduitEngineSetup.exe

C:\Users\Windows 7\AppData\Local\Temp\GLF9F52.tmp.ConduitEngineSetup.exe

C:\Users\Windows 7\AppData\Local\Temp\i4jdel0.exe

C:\Users\Windows 7\AppData\Local\Temp\jre-6u26-windows-i586-iftw-rv.exe

C:\Users\Windows 7\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe

C:\Users\Windows 7\AppData\Local\Temp\MSETUP4.EXE

C:\Users\Windows 7\AppData\Local\Temp\nsoAA0F.tmp.ConduitEngineEmbbed.exe

C:\Users\Windows 7\AppData\Local\Temp\ose00000.exe

C:\Users\Windows 7\AppData\Local\Temp\p-std.exe

C:\Users\Windows 7\AppData\Local\Temp\prxGLF963D.tmp.tbWinl.dll

C:\Users\Windows 7\AppData\Local\Temp\SecurityScan_Release.exe

C:\Users\Windows 7\AppData\Local\Temp\Softonic-Eng7.exe

C:\Users\Windows 7\AppData\Local\Temp\System.Data.SQLite.dll

C:\Users\Windows 7\AppData\Local\Temp\tbSoft.dll

C:\Users\Windows 7\AppData\Local\Temp\tbWinl.dll

C:\Users\Windows 7\AppData\Local\Temp\tbwww0.dll

C:\Users\Windows 7\AppData\Local\Temp\UninstManager.dll

C:\Users\Windows 7\AppData\Local\Temp\winload_community_tb.exe

C:\Users\Windows 7\AppData\Local\Temp\www.Freeware-download.com.exe

C:\Users\Windows 7\AppData\Local\Temp\ybi2s46s.dll
 
 

==================== Bamital & volsnap Check =================
 

C:\Windows\System32\winlogon.exe => MD5 is legit

C:\Windows\System32\wininit.exe => MD5 is legit

C:\Windows\SysWOW64\wininit.exe => MD5 is legit

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\SysWOW64\explorer.exe => MD5 is legit

C:\Windows\System32\svchost.exe => MD5 is legit

C:\Windows\SysWOW64\svchost.exe => MD5 is legit

C:\Windows\System32\services.exe => MD5 is legit

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => MD5 is legit

C:\Windows\SysWOW64\userinit.exe => MD5 is legit

C:\Windows\System32\rpcss.dll => MD5 is legit

C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 

LastRegBack: 2014-05-29 10:18
 

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

Nochmal ich,

als der Fabar Recovery Scan lief wurde 360 Internet Security aktiv und hat folgendes gefunden:

HEUR/Malware. QVM11.Gen
C:\Windows\mod_frst.exe

Vielen Dank schon mal vorab!!!

Code:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-05-2014 02

Ran by Windows 7 at 2014-05-29 22:00:14

Running from C:\Users\Windows 7\Downloads

Boot Mode: Normal

==========================================================
 
 

==================== Security Center ========================
 

AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}

AV: 360 Internet Security (Enabled - Up to date) {2B66EE1E-E5C8-C2F7-648F-4E55AC68D37D}

AS: 360 Internet Security (Enabled - Up to date) {90070FFA-C3F2-CD79-5E3F-7527D7EF99C0}

AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
 

==================== Installed Programs ======================
 

 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)

360 Internet Security (HKLM-x32\...\360 Internet Security) (Version: 4.9.0.4900 - Qihu 360 Software Co., Ltd.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)

Adobe AIR (x32 Version: 4.0.0.1390 - Adobe Systems Incorporated) Hidden

Adobe Anchor Service CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden

Adobe Bridge CS4 (x32 Version: 3 - Adobe Systems Incorporated) Hidden

Adobe CMaps CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden

Adobe Color EU Extra Settings CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden

Adobe Color JA Extra Settings CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden

Adobe Color NA Recommended Settings CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden

Adobe Creative Suite (HKLM-x32\...\{D52ECEBC-9B20-41A5-81C4-A62DE2367419}) (Version: 2.0 - Adobe Systems,Inc.)

Adobe CSI CS4 (x32 Version: 1 - Adobe Systems Incorporated) Hidden

Adobe CSI CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden

Adobe Default Language CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden

Adobe Device Central CS4 (x32 Version: 2 - Adobe Systems Incorporated) Hidden

Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.5 - Adobe Systems Incorporated)

Adobe Download Assistant (x32 Version: 1.2.5 - Adobe Systems Incorporated) Hidden

Adobe Drive CS4 (x32 Version: 1 - Adobe Systems Incorporated) Hidden

Adobe Drive CS4 x64 (Version: 1 - Adobe Systems Incorporated) Hidden

Adobe Dynamiclink Support (x32 Version: 1 - Adobe Systems Incorporated) Hidden

Adobe ExtendScript Toolkit CS4 (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden

Adobe Extension Manager CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden

Adobe Flash CS4 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden

Adobe Flash CS4 Extension - Flash Lite STI en (x32 Version: 3.0 - Adobe Systems Incorporated) Hidden

Adobe Flash CS4 Professional (HKLM-x32\...\Adobe_a68eec966ce913ddaa63251dc82ed31) (Version: 10.0 - Adobe Systems Incorporated)

Adobe Flash CS4 STI-en (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden

Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.44 - Adobe Systems Incorporated)

Adobe Linguistics CS4 (x32 Version: 4.0.0 - Adobe Systems Incorporated) Hidden

Adobe Media Encoder CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden

Adobe Media Encoder CS4 Importer (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden

Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1 - Adobe Systems Incorporated)

Adobe Media Player (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden

Adobe Output Module (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden

Adobe PDF Library Files CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden

Adobe Reader X (10.1.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)

Adobe Search for Help (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden

Adobe Service Manager Extension (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden

Adobe Setup (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden

Adobe SVG Viewer 3.0 (HKLM-x32\...\Adobe SVG Viewer) (Version:  3.0 - Adobe Systems, Inc.)

Adobe Type Support CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden

Adobe Update Manager CS4 (x32 Version: 6.0.0 - Adobe Systems Incorporated) Hidden

Adobe WinSoft Linguistics Plugin (x32 Version: 1.1 - Adobe Systems Incorporated) Hidden

Adobe XMP Panels CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden

AdobeColorCommonSetCMYK (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden

AdobeColorCommonSetRGB (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden

Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

ASUSUpdate (HKLM-x32\...\{587178E7-B1DF-494E-9838-FA4DD36E873C}) (Version:  - )

AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4592 - AVG Technologies)

AVG 2014 (Version: 14.0.3955 - AVG Technologies) Hidden

AVG 2014 (Version: 14.0.4592 - AVG Technologies) Hidden

BDE Version 5.2.0.2 (HKLM-x32\...\BDE_is1) (Version:  - )

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

BookSmart® 3.4.3 3.4.3 (HKLM-x32\...\BookSmart® 3.4.3 3.4.3) (Version:  - Blurb, Inc)

Canon IJ Network Scan Utility (HKLM-x32\...\Canon_IJ_Network_Scan_UTILITY) (Version:  - )

Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version:  - )

Canon MP Navigator EX 2.1 (HKLM-x32\...\MP Navigator EX 2.1) (Version:  - )

Canon MX860 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX860_series) (Version:  - )

Canon Utilities Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )

Canon Utilities My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )

Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version:  - )

CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4214 - CDBurnerXP)

Color Schemer Studio (HKLM-x32\...\Color Schemer Studio_is1) (Version: Studio v1.5 - Color Schemer)

Connect (x32 Version: 1.0.0.1 - Adobe Systems Incorporated) Hidden

dm-Fotowelt (HKLM-x32\...\dm-Fotowelt) (Version: 5.0.1 - CEWE COLOR AG u Co. OHG)

ElsterFormular (HKLM-x32\...\ElsterFormular 11.5.0.4546) (Version: 11.5.0.4546 - Landesfinanzdirektion Thüringen)

Exact Audio Copy 1.0beta3 (HKLM-x32\...\Exact Audio Copy) (Version: 1.0beta3 - Andre Wiethoff)

Font Viewer 2.0 (HKLM-x32\...\Font Viewer_is1) (Version:  - Thinking BIG Information Technology Inc.)

FRITZ!Box USB-Fernanschluss (HKCU\...\f018cf21c0452c64) (Version: 2.3.0.2 - AVM Berlin)

Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)

Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)

Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden

Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden

Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)

GPSBabel 1.4.4 (HKLM-x32\...\{1B8FE958-A304-4902-BF7A-4E2F0F5B7017}_is1) (Version:  - GPSBabel)

HandBrake 0.9.9 (HKLM-x32\...\HandBrake) (Version: 0.9.9 - )

IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.27 - Irfan Skiljan)

iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)

Java 7 Update 7 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217007FF}) (Version: 7.0.70 - Oracle)

Java Auto Updater (x32 Version: 2.1.9.0 - Sun Microsystems, Inc.) Hidden

Java(TM) 6 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)

KeePass Password Safe 2.14 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version:  - Dominik Reichl)

kuler (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden

Malwarebytes Anti-Malware Version 1.70.0.1100 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.70.0.1100 - Malwarebytes Corporation)

McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)

Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8402.2 - Microsoft Corporation) Hidden

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)

Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden

Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)

Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)

Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden

Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Ultimate 2007 (HKLM-x32\...\ULTIMATER) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft Office Ultimate 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden

Microsoft Security Client DE-DE Language Pack (Version: 2.1.1116.0 - Microsoft Corporation) Hidden

Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Mozilla Firefox 29.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)

MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

Nero 8 (HKLM-x32\...\{1CA7ACD6-B21B-4240-AA05-4FC55F6E1031}) (Version: 8.3.465 - Nero AG)

neroxml (x32 Version: 1.0.0 - Nero AG) Hidden

NVIDIA 3D Vision Controller Driver (x32 Version: 280.19 - NVIDIA Corporation) Hidden

NVIDIA 3D Vision Controller-Treiber 280.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 280.19 - NVIDIA Corporation)

NVIDIA 3D Vision Treiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)

NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.11.9745 - NVIDIA Corporation)

NVIDIA Grafiktreiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)

NVIDIA HD-Audiotreiber 1.2.23.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.2.23.3 - NVIDIA Corporation)

NVIDIA Install Application (Version: 2.1002.108.688 - NVIDIA Corporation) Hidden

NVIDIA PhysX (x32 Version: 9.10.0514 - NVIDIA Corporation) Hidden

NVIDIA PhysX-Systemsoftware 9.10.0514 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.10.0514 - NVIDIA Corporation)

NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.1106 - NVIDIA Corporation) Hidden

NVIDIA Systemsteuerung 311.06 (Version: 311.06 - NVIDIA Corporation) Hidden

NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)

NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden

Oriolus Lernprogramm Deutsch in der Grundschule (HKLM-x32\...\"Deutsch in der Grundschule" - CD35b_is1) (Version:  - )

PDF Settings CS4 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden

Pdf995 (HKLM-x32\...\Pdf995) (Version:  - )

Phase 5 HTML-Editor (HKLM-x32\...\{20B1B020-DEAE-48D1-9960-D4C3185D758B}) (Version: 5.6.2.3 - Systemberatung Schommer)

PhotoFiltre (HKCU\...\PhotoFiltre) (Version:  - )

Photoshop Camera Raw (x32 Version: 5.0 - Adobe Systems Incorporated) Hidden

Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)

Pixel Bender Toolkit (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden

PowerDVD (HKLM-x32\...\InstallShield_{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 7.30.0000 - CyberLink)

PowerDVD (x32 Version: 7.30.0000 - CyberLink) Hidden

ProtectDisc Helper Driver 10 (HKLM-x32\...\ProtectDisc Driver 10) (Version: 10.0.0.5 - )

QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)

Ravensburger tiptoi (HKLM-x32\...\Ravensburger tiptoi) (Version:  - )

Saal Design Software (HKLM-x32\...\SaalDesignSoftware) (Version: 3.2.27 - SSW Software GmbH)

Saal Design Software (x32 Version: 3.2.27 - SSW Software GmbH) Hidden

Suite Shared Configuration CS4 (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden

Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ULTIMATER_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)

Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ULTIMATER_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version:  - Microsoft)

Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2880505) 32-Bit Edition (HKLM-x32\...\{91120000-002E-0000-0000-0000000FF1CE}_ULTIMATER_{2720451F-5D04-43EC-AB1F-26D948FD971B}) (Version:  - Microsoft)

Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ULTIMATER_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)

Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ULTIMATER_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)

Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ULTIMATER_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)

Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ULTIMATER_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)

VCRedistSetup (x32 Version: 1.0.0 - Nero AG) Hidden

Visual C++ 8.0 Runtime Setup Package (x64) (HKLM-x32\...\{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}) (Version: 9.0.0.623 - AVG Technologies CZ, s.r.o.)

Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)

Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)

Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)

Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)

Windows-Treiberpaket - FTDI CDM Driver Package (07/12/2010 2.08.02) (HKLM\...\3312F2E8717BD6AAD0C0D9575CAC3A9F2D84F937) (Version: 07/12/2010 2.08.02 - FTDI)

Windows-Treiberpaket - FTDI CDM Driver Package (07/12/2010 2.08.02) (HKLM\...\C8D62018D4F3215760DA2C5DF738EA5C8BEDF894) (Version: 07/12/2010 2.08.02 - FTDI)

WinRAR (HKLM-x32\...\WinRAR archiver) (Version:  - )

Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)

Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version:  - )
 

==================== Restore Points  =========================
 

10-05-2014 12:07:08 Windows Update

13-05-2014 22:02:42 Windows Update

16-05-2014 01:00:46 Windows Update

19-05-2014 13:17:12 Windows Update

23-05-2014 13:04:07 Windows Update

27-05-2014 07:03:50 Windows Update

28-05-2014 20:10:35 Installed AVG 2014

28-05-2014 20:11:17 Installed AVG 2014
 

==================== Hosts content: ==========================
 

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 

==================== Scheduled Tasks (whitelisted) =============
 

Task: {360A7B88-5C48-4DAA-82C1-514D56B0B6A2} - System32\Tasks\ASUS\ASUS Update Checker => C:\Program Files (x86)\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe [2008-12-11] ()

Task: {48306CC9-A727-49E4-BE12-221764A37A61} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-27] (Google Inc.)

Task: {5060CC7C-FF04-4F21-BB5A-90163C95C3E0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-10-27] (Google Inc.)

Task: {EBD5F332-4035-4B49-A56F-8372E4F1067D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 

==================== Loaded Modules (whitelisted) =============
 

2012-11-18 22:12 - 2013-01-18 17:00 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll

2010-09-15 22:07 - 2006-10-19 21:44 - 00047616 _____ () C:\Windows\System32\pdf995mon64.dll

2010-06-04 10:22 - 2007-02-07 16:29 - 00173616 _____ () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
 

==================== Alternate Data Streams (whitelisted) =========
 
 

==================== Safe Mode (whitelisted) ===================
 
 

==================== EXE Association (whitelisted) =============
 
 

==================== Disabled items from MSCONFIG ==============
 
 

==================== Faulty Device Manager Devices =============
 

Name: Canon MX860 ser Network

Description: Canon MX860 ser Network

Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}

Manufacturer: Canon

Service: StillCam

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (05/29/2014 00:23:44 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in

Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit

einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
 

Error: (05/29/2014 00:23:44 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in

Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit

einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
 

Error: (05/29/2014 00:23:41 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in

Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit

einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 

Error: (05/29/2014 00:17:03 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 15585
 

Error: (05/29/2014 00:17:03 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 15585
 

Error: (05/29/2014 00:17:03 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second
 

Error: (05/28/2014 01:27:35 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in

Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit

einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
 

Error: (05/28/2014 01:27:35 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in

Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit

einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
 

Error: (05/28/2014 01:27:34 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in

Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit

einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 

Error: (05/27/2014 01:33:57 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in

Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit

einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
 
 

System errors:

=============

Error: (05/29/2014 09:55:41 PM) (Source: Service Control Manager) (EventID: 7011) (User: )

Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ShellHWDetection erreicht.
 

Error: (05/29/2014 08:22:49 PM) (Source: Service Control Manager) (EventID: 7011) (User: )

Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ShellHWDetection erreicht.
 

Error: (05/28/2014 00:57:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%1069
 

Error: (05/28/2014 00:57:49 PM) (Source: Service Control Manager) (EventID: 7038) (User: )

Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 

%%1330
 

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
 

Error: (05/28/2014 00:55:54 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)

Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
 

Error: (05/28/2014 00:54:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "Windows Update Components" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%2
 

Error: (05/27/2014 08:55:11 AM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%1069
 

Error: (05/27/2014 08:55:11 AM) (Source: Service Control Manager) (EventID: 7038) (User: )

Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 

%%1330
 

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
 

Error: (05/27/2014 08:53:30 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)

Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
 

Error: (05/27/2014 08:52:29 AM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "Windows Update Components" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%2
 
 

Microsoft Office Sessions:

=========================

Error: (02/19/2013 06:56:58 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )

Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 16175 seconds with 1140 seconds of active time.  This session ended with a crash.
 

Error: (01/12/2012 05:25:37 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )

Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 19679 seconds with 1620 seconds of active time.  This session ended with a crash.
 

Error: (12/19/2011 02:50:10 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )

Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 21269 seconds with 3180 seconds of active time.  This session ended with a crash.
 

Error: (05/26/2011 03:45:41 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )

Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6550.5004, Microsoft Office Version: 12.0.6425.1000. This session lasted 22183 seconds with 2460 seconds of active time.  This session ended with a crash.
 

Error: (11/12/2010 05:47:02 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )

Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2658 seconds with 540 seconds of active time.  This session ended with a crash.
 
 

==================== Memory info =========================== 
 

Percentage of memory in use: 33%

Total physical RAM: 4095.05 MB

Available physical RAM: 2714.89 MB

Total Pagefile: 8188.29 MB

Available Pagefile: 5601.89 MB

Total Virtual: 8192 MB

Available Virtual: 8191.82 MB
 

==================== Drives ================================
 

Drive c: (Feschdplatt) (Fixed) (Total:465.75 GB) (Free:235.79 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 0C850C84)

Partition 1: (Active) - (Size=466 GB) - (Type=07 NTFS)
 

==================== End Of Log ============================