Trojaner-Board - Ständig Pop ups, Malwarebytes findet Malware

Hallo Matthias,

vielen Dank für Deine Hilfe.

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:01-06-2014

Ran by Miriam (administrator) on MIRIAM-PC on 01-06-2014 12:30:54

Running from C:\Users\Miriam\Downloads

Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: German Standard

Internet Explorer Version 11

Boot Mode: Normal
 
 
 

==================== Processes (Whitelisted) =================
 

(AMD) C:\Windows\System32\atiesrxx.exe

(AMD) C:\Windows\System32\atieclxx.exe

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe

(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore.exe

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe

(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(AVerMedia) C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe

() C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe

(Microsoft Corp.) C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(CyberLink) C:\Program Files\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe

(CyberLink) C:\Program Files\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe

(Teruten) C:\Windows\System32\FsUsbExService.Exe

() C:\Program Files\Canon\IJPLM\ijplmsvc.exe

(pdfforge GmbH) C:\Program Files\PDF Architect\HelperService.exe

(pdfforge GmbH) C:\Program Files\PDF Architect\ConversionService.exe

(Secunia) C:\Program Files\Secunia\PSI\psia.exe

(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe

(Telefónica I+D) C:\Program Files\o2\Mobile Connection Manager\ImpWiFiSvc.exe

(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE

(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe

(Secunia) C:\Program Files\Secunia\PSI\sua.exe

(CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

(Microsoft Corp.) C:\Program Files\Microsoft\BingDesktop\BingDesktop.exe

(Wondershare) C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe

(Geek Software GmbH) C:\Program Files\PDF24\pdf24.exe

(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE

(Secure Banking) C:\Program Files\Secure Banking\SecureBanking.exe

(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe

(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe

(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe

(Secunia) C:\Program Files\Secunia\PSI\psi_tray.exe

() C:\Program Files\Secure Banking\sbservice.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\APSDaemon.exe

(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer.exe

(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\tv_w32.exe

(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreamsDownloader.exe

(Microsoft Corp.) C:\Program Files\Microsoft\BingDesktop\BDExtHost.exe

(Microsoft Corp.) C:\Program Files\Microsoft\BingDesktop\BDAppHost.exe

(Microsoft Corp.) C:\Program Files\Microsoft\BingDesktop\BDRuntimeHost.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(AMD) C:\Windows\System32\atieclxx.exe

(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer.exe

(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\tv_w32.exe

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

(Wondershare) C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe

(Geek Software GmbH) C:\Program Files\PDF24\pdf24.exe

(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe

(Secunia) C:\Program Files\Secunia\PSI\psi_tray.exe

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\ipmgui.exe

(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
 
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [hpqSRMon] => C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)

HKLM\...\Run: [] => [X]

HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-20] (Avira Operations GmbH & Co. KG)

HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)

HKLM\...\Run: [BingDesktop] => C:\Program Files\Microsoft\BingDesktop\BingDesktop.exe [2353880 2013-11-01] (Microsoft Corp.)

HKLM\...\Run: [WSHelperSetup.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1985824 2013-07-25] (Wondershare)

HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1985824 2013-07-25] (Wondershare)

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)

HKLM\...\Run: [PDFPrint] => C:\Program Files\PDF24\pdf24.exe [189480 2014-02-06] (Geek Software GmbH)

HKLM\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] - "C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe" "C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware" [54072 2014-05-12] (Malwarebytes Corporation)

HKU\S-1-5-21-699669428-1510781343-25146314-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [5625624 2014-01-21] (SUPERAntiSpyware)

HKU\S-1-5-21-699669428-1510781343-25146314-1001\...\Run: [] => [X]

HKU\S-1-5-21-699669428-1510781343-25146314-1001\...\Run: [SecureBanking] => C:\Program Files\Secure Banking\SecureBanking.exe [507904 2013-06-30] (Secure Banking)

HKU\S-1-5-21-699669428-1510781343-25146314-1001\...\Run: [WSHelperSetup.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1985824 2013-07-25] (Wondershare)

HKU\S-1-5-21-699669428-1510781343-25146314-1001\...\Run: [iCloudServices] => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)

HKU\S-1-5-21-699669428-1510781343-25146314-1001\...\Run: [ApplePhotoStreams] => C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)

HKU\S-1-5-21-699669428-1510781343-25146314-1001\...\Policies\system: [LogonHoursAction] 2

HKU\S-1-5-21-699669428-1510781343-25146314-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1

HKU\S-1-5-21-699669428-1510781343-25146314-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [5625624 2014-01-21] (SUPERAntiSpyware)

HKU\S-1-5-21-699669428-1510781343-25146314-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [] => [X]

HKU\S-1-5-21-699669428-1510781343-25146314-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [SecureBanking] => C:\Program Files\Secure Banking\SecureBanking.exe [507904 2013-06-30] (Secure Banking)

HKU\S-1-5-21-699669428-1510781343-25146314-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [WSHelperSetup.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1985824 2013-07-25] (Wondershare)

HKU\S-1-5-21-699669428-1510781343-25146314-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [iCloudServices] => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)

HKU\S-1-5-21-699669428-1510781343-25146314-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [ApplePhotoStreams] => C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)

HKU\S-1-5-21-699669428-1510781343-25146314-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [LogonHoursAction] 2

HKU\S-1-5-21-699669428-1510781343-25146314-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [DontDisplayLogonHoursWarnings] 1

HKU\S-1-5-21-699669428-1510781343-25146314-1003\...\Policies\system: [LogonHoursAction] 2

HKU\S-1-5-21-699669428-1510781343-25146314-1003\...\Policies\system: [DontDisplayLogonHoursWarnings] 1

HKU\S-1-5-21-699669428-1510781343-25146314-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)

HKU\S-1-5-21-699669428-1510781343-25146314-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Policies\system: [LogonHoursAction] 2

HKU\S-1-5-21-699669428-1510781343-25146314-1003-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Policies\system: [DontDisplayLogonHoursWarnings] 1

HKU\S-1-5-21-699669428-1510781343-25146314-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)

HKU\S-1-5-21-699669428-1510781343-25146314-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Melodx] => "C:\Users\Dominik\AppData\Local\melodx.com\Melodx\1.1.0.3\Melodx.exe"  nocmnd

HKU\S-1-5-21-699669428-1510781343-25146314-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [LogonHoursAction] 2

HKU\S-1-5-21-699669428-1510781343-25146314-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [DontDisplayLogonHoursWarnings] 1

HKU\S-1-5-21-699669428-1510781343-25146314-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)

HKU\S-1-5-21-699669428-1510781343-25146314-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Policies\system: [LogonHoursAction] 2

HKU\S-1-5-21-699669428-1510781343-25146314-1004-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Policies\system: [DontDisplayLogonHoursWarnings] 1

HKU\S-1-5-21-699669428-1510781343-25146314-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)

HKU\S-1-5-21-699669428-1510781343-25146314-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [LogonHoursAction] 2

HKU\S-1-5-21-699669428-1510781343-25146314-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [DontDisplayLogonHoursWarnings] 1

HKU\S-1-5-21-699669428-1510781343-25146314-1142-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Run: [GoogleChromeAutoLaunch_8346E5D268A0322AD74C96FA797996DB] => C:\Program Files\Google\Chrome\Application\chrome.exe [860488 2014-05-14] (Google Inc.)

HKU\S-1-5-21-699669428-1510781343-25146314-1142-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\RunOnce: [Application Restart #0] - C:\Program Files\Microsoft\BingDesktop\BingDesktop.exe [2353880 2013-11-01] (Microsoft Corp.)

HKU\S-1-5-21-699669428-1510781343-25146314-1142-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\RunOnce: [Application Restart #1] - C:\Program Files\Google\Chrome\Application\chrome.exe [860488 2014-05-14] (Google Inc.)

HKU\S-1-5-21-699669428-1510781343-25146314-1142-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Policies\system: [LogonHoursAction] 2

HKU\S-1-5-21-699669428-1510781343-25146314-1142-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Policies\system: [DontDisplayLogonHoursWarnings] 1

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk

ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk

ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe (McAfee, Inc.)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk

ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia)

Startup: C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk

ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()

Startup: C:\Users\Lon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk

ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()

GroupPolicyUsers\S-1-5-21-699669428-1510781343-25146314-1142\User: Group Policy restriction detected <======= ATTENTION

GroupPolicyUsers\S-1-5-21-699669428-1510781343-25146314-1003\User: Group Policy restriction detected <======= ATTENTION
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x2422A44CDF9BCD01

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE

SearchScopes: HKLM - DefaultScope value is missing.

BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)

BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)

BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)

BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
 

FireFox:

========

FF ProfilePath: C:\Users\Miriam\AppData\Roaming\Mozilla\Firefox\Profiles\a042n12q.default

FF DefaultSearchEngine: user_pref("browser.search.defaultenginename", "");

FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()

FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)

FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml

FF Extension: WOT - C:\Users\Miriam\AppData\Roaming\Mozilla\Firefox\Profiles\a042n12q.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-12-08]

FF Extension: ReminderFox - C:\Users\Miriam\AppData\Roaming\Mozilla\Firefox\Profiles\a042n12q.default\Extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae} [2014-05-22]

FF Extension: DownloadHelper - C:\Users\Miriam\AppData\Roaming\Mozilla\Firefox\Profiles\a042n12q.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-04-30]

FF Extension: AutoPager - C:\Users\Miriam\AppData\Roaming\Mozilla\Firefox\Profiles\a042n12q.default\Extensions\autopager@mozilla.org.xpi [2012-07-31]

FF Extension: Drag &amp; DropZones - C:\Users\Miriam\AppData\Roaming\Mozilla\Firefox\Profiles\a042n12q.default\Extensions\dendzones@captaincaveman.nl.xpi [2012-07-30]

FF Extension: Ciuvo - C:\Users\Miriam\AppData\Roaming\Mozilla\Firefox\Profiles\a042n12q.default\Extensions\extension@ciuvo.com.xpi [2012-07-30]

FF Extension: Firebug - C:\Users\Miriam\AppData\Roaming\Mozilla\Firefox\Profiles\a042n12q.default\Extensions\firebug@software.joehewitt.com.xpi [2012-07-31]

FF Extension: FastestFox - C:\Users\Miriam\AppData\Roaming\Mozilla\Firefox\Profiles\a042n12q.default\Extensions\smarterwiki@wikiatic.com.xpi [2012-07-30]

FF Extension: WiseStamp - C:\Users\Miriam\AppData\Roaming\Mozilla\Firefox\Profiles\a042n12q.default\Extensions\wisestamp@wisestamp.com.xpi [2012-07-31]

FF Extension: Flagfox - C:\Users\Miriam\AppData\Roaming\Mozilla\Firefox\Profiles\a042n12q.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2014-04-08]

FF Extension: NoScript - C:\Users\Miriam\AppData\Roaming\Mozilla\Firefox\Profiles\a042n12q.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2012-07-31]

FF Extension: Adblock Plus - C:\Users\Miriam\AppData\Roaming\Mozilla\Firefox\Profiles\a042n12q.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-07-31]

FF Extension: Greasemonkey - C:\Users\Miriam\AppData\Roaming\Mozilla\Firefox\Profiles\a042n12q.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2012-08-25]

FF Extension: PDF Architect Converter For Firefox - C:\Program Files\PDF Architect\FFPDFArchitectExt [2014-01-21]

FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-02-14]

FF HKLM\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files\PDF Architect\FFPDFArchitectExt

FF Extension: PDF Architect Converter For Firefox - C:\Program Files\PDF Architect\FFPDFArchitectExt [2014-01-21]

FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-02-14]
 

Chrome: 

=======

CHR HomePage: 

CHR StartupUrls: "https://www.google.de/", "hxxp://start.iminent.com/?appId=A677F5DA-BFEB-46C2-A647-F197C95AD284"

CHR Plugin: (Shockwave Flash) - C:\Users\Miriam\AppData\Local\Google\Chrome\Application\22.0.1229.79\PepperFlash\pepflashplayer.dll No File

CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll No File

CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer

CHR Plugin: (Native Client) - C:\Program Files\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll ()

CHR Plugin: (Chrome PDF Viewer) - C:\Program Files\Google\Chrome\Application\35.0.1916.114\pdf.dll ()

CHR Plugin: (Conduit Chrome Plugin) - C:\Users\Miriam\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngnjhfpfhadncgafgbneeljaginimmmk\10.11.21.5_0\plugins/ConduitChromeApiPlugin.dll No File

CHR Plugin: (Conduit Radio Plugin) - C:\Users\Miriam\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngnjhfpfhadncgafgbneeljaginimmmk\10.11.21.5_0\plugins/np-cwmp.dll No File

CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File

CHR Plugin: (Shockwave for Director) - C:\Program Files\Mozilla Firefox\plugins\np32dsw.dll No File

CHR Plugin: (LoadTubes Plugin) - C:\Program Files\Mozilla Firefox\plugins\npmieze.dll No File

CHR Plugin: (Google Earth Plugin) - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)

CHR Plugin: (Google Update) - C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll No File

CHR Plugin: (Java(TM) Platform SE 7 U7) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

CHR Plugin: (Java Deployment Toolkit 7.0.70.11) - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)

CHR Extension: (Doodle Jump Deluxe Flash HD ) - C:\Users\Miriam\AppData\Local\Google\Chrome\User Data\Default\Extensions\abkhhgjpfcnmmpmhghohpfkcgoineebk [2013-06-25]

CHR Extension: (Angry Birds) - C:\Users\Miriam\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2013-06-25]

CHR Extension: (Wetter (Erweiterung)) - C:\Users\Miriam\AppData\Local\Google\Chrome\User Data\Default\Extensions\beapnbfmjmjhhfpaoajfhjbbfnnlfpnc [2013-01-15]

CHR Extension: (WOT) - C:\Users\Miriam\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2013-01-15]

CHR Extension: (Adblock Plus) - C:\Users\Miriam\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-06-25]

CHR Extension: (iCloud-Lesezeichen) - C:\Users\Miriam\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2014-01-22]

CHR Extension: (avast! Online Security) - C:\Users\Miriam\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-05-21]

CHR Extension: (eBay-Erweiterung für Google Chrome™) - C:\Users\Miriam\AppData\Local\Google\Chrome\User Data\Default\Extensions\khhckppjhonfmcpegdjdibmngahahhck [2013-01-15]

CHR Extension: (FastestFox – Schneller browsen) - C:\Users\Miriam\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmffncokckfccddfenhkhnllmlobdahm [2014-05-31]

CHR Extension: (DVDVideoSoft Browser Extension) - C:\Users\Miriam\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2012-11-27]

CHR Extension: (Google Wallet) - C:\Users\Miriam\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]

CHR Extension: (Facebook Lite for Chrome) - C:\Users\Miriam\AppData\Local\Google\Chrome\User Data\Default\Extensions\npmllfhdnjcijofddghkhhknagamimip [2013-01-15]

CHR Extension: (Google Calendar Checker) - C:\Users\Miriam\AppData\Local\Google\Chrome\User Data\Default\Extensions\ookhcbgokankfmjafalglpofmolfopek [2013-01-15]

CHR HKLM\...\Chrome\Extension: [lfffjahnfbocnaooecgijfnbpcfekoik] - C:\ProgramData\adawaretb\shortcuts\chrome\adawaretb.crx [2013-01-15]

CHR HKLM\...\Chrome\Extension: [ngnjhfpfhadncgafgbneeljaginimmmk] - C:\Users\Miriam\AppData\Local\CRE\ngnjhfpfhadncgafgbneeljaginimmmk.crx [2013-01-15]

CHR HKCU\...\Chrome\Extension: [ngnjhfpfhadncgafgbneeljaginimmmk] - C:\Users\Miriam\AppData\Local\CRE\ngnjhfpfhadncgafgbneeljaginimmmk.crx [2013-01-15]

CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Users\Miriam\AppData\Roaming\DVDVideoSoft\DVDVideoSoftBrowserExtension.crx [2012-11-27]
 

========================== Services (Whitelisted) =================
 

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [116608 2012-07-11] (SUPERAntiSpyware.com)

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)

R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)

S4 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1017424 2014-02-20] (Avira Operations GmbH & Co. KG)

R2 AVerRemote; C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe [344064 2009-04-08] (AVerMedia)

R2 AVerScheduleService; C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe [397312 2009-12-06] ()

R2 BingDesktopUpdate; C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe [173272 2013-11-01] (Microsoft Corp.)

R2 CLHNServiceForPowerDVD12; C:\Program Files\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [87336 2012-01-12] (CyberLink Corp.)

R2 CyberLink PowerDVD 12 Media Server Monitor Service; C:\Program Files\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [75048 2012-01-12] (CyberLink)

R2 CyberLink PowerDVD 12 Media Server Service; C:\Program Files\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [296232 2012-01-12] (CyberLink)

R2 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [116104 2010-04-05] ()

S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [235696 2014-01-16] (McAfee, Inc.)

R2 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)

R2 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)

R2 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [1227800 2013-04-18] (Secunia)

R2 Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [659992 2013-04-18] (Secunia)

R2 TGCM_ImportWiFiSvc; C:\Program Files\o2\Mobile Connection Manager\ImpWiFiSvc.exe [199600 2010-11-11] (Telefónica I+D)
 

==================== Drivers (Whitelisted) ====================
 

R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [121248 2012-08-26] (SlySoft, Inc.)

S3 AVerPola; C:\Windows\System32\DRIVERS\AVerPola.sys [314752 2009-08-13] (AVerMedia TECHNOLOGIES, Inc.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [90400 2013-12-17] (Avira Operations GmbH & Co. KG)

R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135648 2013-12-17] (Avira Operations GmbH & Co. KG)

R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-12-02] (Avira Operations GmbH & Co. KG)

S3 AVPolCIR; C:\Windows\System32\DRIVERS\AVPolCIR.sys [32896 2009-08-13] (AVerMedia TECHNOLOGIES, Inc.)

R0 BootDefragDriver; C:\Windows\System32\drivers\BootDefragDriver.sys [14528 2014-01-06] (Glarysoft Ltd)

R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [31088 2010-12-17] (Elaborate Bytes AG)

R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [37344 2013-02-05] ()

R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [13560 2013-04-15] (GFI Software)

S3 massfilter_hs; C:\Windows\System32\drivers\massfilter_hs.sys [9728 2009-02-03] (ZTE Incorporated)

R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-05-31] (Malwarebytes Corporation)

R2 ntk_PowerDVD12; C:\Program Files\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12.sys [120432 2011-10-27] (Cyberlink Corp.)

R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_x86.sys [16024 2013-04-18] (Secunia)

R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-11-05] (Avira GmbH)

S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [15872 2013-02-12] (Microsoft Corporation)

R2 {329F96B6-DF1E-4328-BFDA-39EA953C1312}; C:\Program Files\CyberLink\PowerDVD12\Common\NavFilter\000.fcl [87536 2012-01-11] (CyberLink Corp.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)

U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation)

S3 XDva409; \??\C:\Windows\system32\XDva409.sys [X]
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2014-06-01 12:30 - 2014-06-01 12:31 - 00030754 _____ () C:\Users\Miriam\Downloads\FRST.txt

2014-06-01 12:30 - 2014-06-01 12:31 - 00000000 ____D () C:\FRST

2014-06-01 12:29 - 2014-06-01 12:29 - 01057792 _____ (Farbar) C:\Users\Miriam\Downloads\FRST.exe

2014-06-01 10:41 - 2014-06-01 10:42 - 00814735 _____ () C:\Users\TEMP\Downloads\OptiFine_1.7.9_HD_U_D2 (1).jar

2014-06-01 10:38 - 2014-06-01 10:38 - 00814735 _____ () C:\Users\TEMP\Downloads\OptiFine_1.7.9_HD_U_D2.jar

2014-06-01 10:24 - 2014-06-01 10:24 - 00000000 ____D () C:\Users\TEMP\AppData\Roaming\Avira

2014-06-01 10:23 - 2014-06-01 10:23 - 00065568 _____ () C:\Users\TEMP\AppData\Local\GDIPFONTCACHEV1.DAT

2014-06-01 10:20 - 2014-06-01 10:50 - 00000000 ____D () C:\Users\TEMP\AppData\Roaming\.minecraft

2014-06-01 10:20 - 2014-06-01 10:20 - 00000000 __SHD () C:\Users\TEMP\AppData\Local\EmieUserList

2014-06-01 10:20 - 2014-06-01 10:20 - 00000000 __SHD () C:\Users\TEMP\AppData\Local\EmieSiteList

2014-06-01 10:19 - 2014-06-01 10:19 - 00000000 ____D () C:\Users\TEMP\AppData\Local\Wondershare

2014-06-01 10:17 - 2014-06-01 10:50 - 00000000 ____D () C:\Users\TEMP\AppData\Local\temp

2014-06-01 10:17 - 2014-06-01 10:18 - 00000000 ____D () C:\Users\TEMP

2014-06-01 10:17 - 2014-06-01 10:17 - 00001417 _____ () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2014-06-01 10:17 - 2014-06-01 10:17 - 00001332 __RSH () C:\Users\TEMP\ntuser.pol

2014-06-01 10:17 - 2014-06-01 10:17 - 00000020 ___SH () C:\Users\TEMP\ntuser.ini

2014-06-01 10:17 - 2014-06-01 10:17 - 00000000 _SHDL () C:\Users\TEMP\Startmenü

2014-06-01 10:17 - 2014-06-01 10:17 - 00000000 _SHDL () C:\Users\TEMP\Netzwerkumgebung

2014-06-01 10:17 - 2014-06-01 10:17 - 00000000 _SHDL () C:\Users\TEMP\Druckumgebung

2014-06-01 10:17 - 2014-06-01 10:17 - 00000000 _SHDL () C:\Users\TEMP\Documents\Eigene Musik

2014-06-01 10:17 - 2014-06-01 10:17 - 00000000 _SHDL () C:\Users\TEMP\Documents\Eigene Bilder

2014-06-01 10:17 - 2014-06-01 10:17 - 00000000 _SHDL () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2014-06-01 10:17 - 2014-06-01 10:17 - 00000000 _SHDL () C:\Users\TEMP\AppData\Local\Verlauf

2014-06-01 10:17 - 2014-06-01 10:17 - 00000000 ____D () C:\Users\TEMP\AppData\Roaming\Adobe

2014-06-01 10:17 - 2014-06-01 10:17 - 00000000 ____D () C:\Users\TEMP\AppData\Local\VirtualStore

2014-06-01 10:17 - 2014-01-20 11:55 - 00000000 ____D () C:\Users\TEMP\AppData\Local\Google

2014-06-01 10:17 - 2013-06-26 20:32 - 00000000 ____D () C:\Users\TEMP\AppData\LocalGoogle

2014-06-01 10:17 - 2013-05-18 13:07 - 00000000 ____D () C:\Users\TEMP\AppData\Roaming\Apple Computer

2014-06-01 10:17 - 2013-05-18 13:07 - 00000000 ____D () C:\Users\TEMP\AppData\Local\Apple Computer

2014-06-01 10:17 - 2009-07-14 06:42 - 00000000 ___RD () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2014-06-01 10:17 - 2009-07-14 06:37 - 00000000 ___RD () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance

2014-06-01 09:44 - 2014-06-01 09:44 - 00003871 _____ () C:\Users\Miriam\Desktop\mbam.txt

2014-05-31 22:49 - 2014-05-31 22:50 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-05-31 22:48 - 2014-05-31 22:48 - 00001056 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-05-31 22:48 - 2014-05-31 22:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-05-31 22:48 - 2014-05-31 22:48 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware

2014-05-31 22:48 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2014-05-31 22:48 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-05-31 22:45 - 2014-05-31 22:46 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Miriam\Downloads\mbam-setup-2.0.2.1012.exe

2014-05-23 08:53 - 2014-05-23 11:09 - 00000000 ____D () C:\Users\Lon\Documents\23.05.14

2014-05-20 16:10 - 2014-05-24 09:03 - 00217600 _____ () C:\Users\Dominik\Desktop\jacob-1.17-M2-x64.dll

2014-05-20 16:10 - 2014-05-24 09:03 - 00176128 _____ () C:\Users\Dominik\Desktop\jacob-1.17-M2-x86.dll

2014-05-20 16:04 - 2014-05-20 16:08 - 00000000 ____D () C:\Users\Dominik\Desktop\Unleashed

2014-05-20 16:03 - 2014-05-20 16:03 - 00000000 _____ () C:\Users\Dominik\Desktop\FTBOSSent1.3.8.txt

2014-05-19 16:23 - 2014-05-19 16:23 - 00395853 _____ () C:\Users\Dominik\Desktop\ShadersMod-v2.3.15mc1.7.5-installer.jar

2014-05-19 15:37 - 2014-05-19 15:37 - 00000000 ____D () C:\Users\Dominik\Desktop\FTB

2014-05-16 09:56 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-05-16 09:56 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-05-16 09:56 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-05-15 16:43 - 2014-05-09 09:06 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2014-05-15 16:43 - 2014-05-09 09:04 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2014-05-15 16:43 - 2014-04-12 04:15 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys

2014-05-15 16:43 - 2014-04-12 04:15 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys

2014-05-15 16:43 - 2014-04-12 04:12 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll

2014-05-15 16:43 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll

2014-05-15 16:43 - 2014-04-12 04:12 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll

2014-05-15 16:43 - 2014-04-12 04:11 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll

2014-05-15 16:43 - 2014-04-12 04:11 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe

2014-05-15 16:43 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe

2014-05-15 16:43 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe

2014-05-15 16:43 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll

2014-05-15 16:43 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll

2014-05-15 16:43 - 2014-03-04 11:17 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe

2014-05-15 16:43 - 2014-03-04 11:17 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll

2014-05-15 16:43 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll

2014-05-15 16:43 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll

2014-05-15 16:43 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll

2014-05-15 16:43 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll

2014-05-15 16:43 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll

2014-05-15 16:43 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll

2014-05-15 16:43 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll

2014-05-15 16:43 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll

2014-05-15 16:43 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll

2014-05-15 16:43 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll

2014-05-15 16:43 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll

2014-05-15 16:42 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll

2014-05-10 15:59 - 2014-05-10 15:59 - 00000000 ____D () C:\Program Files\Mozilla Firefox

2014-05-09 15:23 - 2014-05-09 15:23 - 00036400 _____ () C:\Users\Dominik\Downloads\PlunderPixels Shaders 1.7.x.zip

2014-05-09 15:16 - 2014-05-09 15:16 - 00814735 _____ () C:\Users\Dominik\Downloads\OptiFine_1.7.9_HD_U_D2.jar

2014-05-08 22:18 - 2014-05-08 22:19 - 55546880 _____ () C:\Users\Miriam\Downloads\calibre-1.35.0.msi

2014-05-07 22:14 - 2014-05-07 22:14 - 00016949 _____ () C:\Users\Lon\Documents\initiativBewerbung.odt

2014-05-07 20:08 - 2013-08-20 13:53 - 00017809 _____ () C:\Users\Dominik\Documents\Washington D.C. (2).odt

2014-05-07 19:58 - 2014-05-07 19:58 - 00000000 ____D () C:\Users\Miriam\Documents\Glückwünsche

2014-05-07 19:49 - 2014-05-07 21:47 - 00000000 ____D () C:\Users\Miriam\Documents\Mark Berisha

2014-05-07 19:48 - 2014-05-16 11:05 - 00000000 ____D () C:\Users\Miriam\Documents\Bezirksamt

2014-05-07 19:07 - 2014-05-07 19:07 - 00000000 __SHD () C:\Users\Miriam\AppData\Local\EmieUserList

2014-05-07 19:07 - 2014-05-07 19:07 - 00000000 __SHD () C:\Users\Miriam\AppData\Local\EmieSiteList

2014-05-07 03:18 - 2014-05-16 14:33 - 00000000 ___SD () C:\Windows\system32\CompatTel

2014-05-06 23:17 - 2014-05-07 19:11 - 00000000 ____D () C:\Users\Miriam\Bilder

2014-05-06 22:14 - 2014-05-06 22:14 - 00065568 _____ () C:\Users\Miriam Standard\AppData\Local\GDIPFONTCACHEV1.DAT

2014-05-06 22:09 - 2014-05-06 22:09 - 00000000 ____D () C:\Users\Miriam Standard\AppData\Roaming\Avira

2014-05-06 22:04 - 2014-05-06 22:04 - 00000000 ____D () C:\Users\Miriam Standard\AppData\Local\Wondershare

2014-05-06 22:03 - 2014-05-07 03:17 - 00000000 ____D () C:\Users\Miriam Standard\AppData\Local\temp

2014-05-06 22:03 - 2014-05-06 22:52 - 00001020 __RSH () C:\Users\Miriam Standard\ntuser.pol

2014-05-06 22:03 - 2014-05-06 22:52 - 00000000 ____D () C:\Users\Miriam Standard

2014-05-06 22:03 - 2014-05-06 22:03 - 00001417 _____ () C:\Users\Miriam Standard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2014-05-06 22:03 - 2014-05-06 22:03 - 00000020 ___SH () C:\Users\Miriam Standard\ntuser.ini

2014-05-06 22:03 - 2014-05-06 22:03 - 00000000 _SHDL () C:\Users\Miriam Standard\Startmenü

2014-05-06 22:03 - 2014-05-06 22:03 - 00000000 _SHDL () C:\Users\Miriam Standard\Netzwerkumgebung

2014-05-06 22:03 - 2014-05-06 22:03 - 00000000 _SHDL () C:\Users\Miriam Standard\Druckumgebung

2014-05-06 22:03 - 2014-05-06 22:03 - 00000000 _SHDL () C:\Users\Miriam Standard\Documents\Eigene Musik

2014-05-06 22:03 - 2014-05-06 22:03 - 00000000 _SHDL () C:\Users\Miriam Standard\Documents\Eigene Bilder

2014-05-06 22:03 - 2014-05-06 22:03 - 00000000 _SHDL () C:\Users\Miriam Standard\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2014-05-06 22:03 - 2014-05-06 22:03 - 00000000 _SHDL () C:\Users\Miriam Standard\AppData\Local\Verlauf

2014-05-06 22:03 - 2014-05-06 22:03 - 00000000 ____D () C:\Users\Miriam Standard\AppData\Roaming\Adobe

2014-05-06 22:03 - 2014-05-06 22:03 - 00000000 ____D () C:\Users\Miriam Standard\AppData\Local\VirtualStore

2014-05-06 22:03 - 2014-01-20 11:55 - 00000000 ____D () C:\Users\Miriam Standard\AppData\Local\Google

2014-05-06 22:03 - 2013-06-26 20:32 - 00000000 ____D () C:\Users\Miriam Standard\AppData\LocalGoogle

2014-05-06 22:03 - 2013-05-18 13:07 - 00000000 ____D () C:\Users\Miriam Standard\AppData\Roaming\Apple Computer

2014-05-06 22:03 - 2013-05-18 13:07 - 00000000 ____D () C:\Users\Miriam Standard\AppData\Local\Apple Computer

2014-05-06 22:03 - 2009-07-14 06:42 - 00000000 ___RD () C:\Users\Miriam Standard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2014-05-06 22:03 - 2009-07-14 06:37 - 00000000 ___RD () C:\Users\Miriam Standard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
 

==================== One Month Modified Files and Folders =======
 

2014-06-01 12:32 - 2013-05-01 21:34 - 00000000 ____D () C:\Users\Miriam\AppData\Local\temp

2014-06-01 12:31 - 2014-06-01 12:30 - 00030754 _____ () C:\Users\Miriam\Downloads\FRST.txt

2014-06-01 12:31 - 2014-06-01 12:30 - 00000000 ____D () C:\FRST

2014-06-01 12:29 - 2014-06-01 12:29 - 01057792 _____ (Farbar) C:\Users\Miriam\Downloads\FRST.exe

2014-06-01 12:10 - 2012-07-31 15:30 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-06-01 11:45 - 2012-08-26 13:49 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-06-01 11:45 - 2012-08-26 13:49 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-06-01 10:50 - 2014-06-01 10:20 - 00000000 ____D () C:\Users\TEMP\AppData\Roaming\.minecraft

2014-06-01 10:50 - 2014-06-01 10:17 - 00000000 ____D () C:\Users\TEMP\AppData\Local\temp

2014-06-01 10:42 - 2014-06-01 10:41 - 00814735 _____ () C:\Users\TEMP\Downloads\OptiFine_1.7.9_HD_U_D2 (1).jar

2014-06-01 10:38 - 2014-06-01 10:38 - 00814735 _____ () C:\Users\TEMP\Downloads\OptiFine_1.7.9_HD_U_D2.jar

2014-06-01 10:24 - 2014-06-01 10:24 - 00000000 ____D () C:\Users\TEMP\AppData\Roaming\Avira

2014-06-01 10:24 - 2012-10-11 22:56 - 00000000 ____D () C:\Users\Dominik\Minecraft Texture Pack 1.0

2014-06-01 10:23 - 2014-06-01 10:23 - 00065568 _____ () C:\Users\TEMP\AppData\Local\GDIPFONTCACHEV1.DAT

2014-06-01 10:20 - 2014-06-01 10:20 - 00000000 __SHD () C:\Users\TEMP\AppData\Local\EmieUserList

2014-06-01 10:20 - 2014-06-01 10:20 - 00000000 __SHD () C:\Users\TEMP\AppData\Local\EmieSiteList

2014-06-01 10:19 - 2014-06-01 10:19 - 00000000 ____D () C:\Users\TEMP\AppData\Local\Wondershare

2014-06-01 10:18 - 2014-06-01 10:17 - 00000000 ____D () C:\Users\TEMP

2014-06-01 10:18 - 2014-01-21 12:19 - 00000324 _____ () C:\Windows\Tasks\GlaryInitialize 4.job

2014-06-01 10:17 - 2014-06-01 10:17 - 00001417 _____ () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2014-06-01 10:17 - 2014-06-01 10:17 - 00001332 __RSH () C:\Users\TEMP\ntuser.pol

2014-06-01 10:17 - 2014-06-01 10:17 - 00000020 ___SH () C:\Users\TEMP\ntuser.ini

2014-06-01 10:17 - 2014-06-01 10:17 - 00000000 _SHDL () C:\Users\TEMP\Startmenü

2014-06-01 10:17 - 2014-06-01 10:17 - 00000000 _SHDL () C:\Users\TEMP\Netzwerkumgebung

2014-06-01 10:17 - 2014-06-01 10:17 - 00000000 _SHDL () C:\Users\TEMP\Druckumgebung

2014-06-01 10:17 - 2014-06-01 10:17 - 00000000 _SHDL () C:\Users\TEMP\Documents\Eigene Musik

2014-06-01 10:17 - 2014-06-01 10:17 - 00000000 _SHDL () C:\Users\TEMP\Documents\Eigene Bilder

2014-06-01 10:17 - 2014-06-01 10:17 - 00000000 _SHDL () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2014-06-01 10:17 - 2014-06-01 10:17 - 00000000 _SHDL () C:\Users\TEMP\AppData\Local\Verlauf

2014-06-01 10:17 - 2014-06-01 10:17 - 00000000 ____D () C:\Users\TEMP\AppData\Roaming\Adobe

2014-06-01 10:17 - 2014-06-01 10:17 - 00000000 ____D () C:\Users\TEMP\AppData\Local\VirtualStore

2014-06-01 09:44 - 2014-06-01 09:44 - 00003871 _____ () C:\Users\Miriam\Desktop\mbam.txt

2014-05-31 22:50 - 2014-05-31 22:49 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-05-31 22:48 - 2014-05-31 22:48 - 00001056 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-05-31 22:48 - 2014-05-31 22:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-05-31 22:48 - 2014-05-31 22:48 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware

2014-05-31 22:48 - 2013-05-02 09:46 - 00000000 ____D () C:\Users\Miriam\AppData\Roaming\Malwarebytes

2014-05-31 22:48 - 2013-04-30 23:14 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-05-31 22:46 - 2014-05-31 22:45 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Miriam\Downloads\mbam-setup-2.0.2.1012.exe

2014-05-31 17:09 - 2009-07-14 06:34 - 00013536 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-05-31 17:09 - 2009-07-14 06:34 - 00013536 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-05-31 17:00 - 2014-01-22 09:51 - 00010897 _____ () C:\Windows\setupact.log

2014-05-31 17:00 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-05-31 14:16 - 2012-09-02 11:02 - 00000000 ____D () C:\Users\Dominik\AppData\Roaming\Skype

2014-05-31 13:48 - 2012-08-24 20:29 - 00000000 ____D () C:\Users\Dominik\AppData\Roaming\.minecraft

2014-05-31 12:55 - 2013-05-01 21:51 - 00000000 ____D () C:\Users\Dominik\AppData\Local\temp

2014-05-30 23:05 - 2012-07-30 22:55 - 01349849 _____ () C:\Windows\WindowsUpdate.log

2014-05-29 20:55 - 2013-03-21 22:03 - 00000000 ____D () C:\BrickForce

2014-05-28 20:30 - 2012-07-30 23:41 - 00001332 __RSH () C:\Users\Dominik\ntuser.pol

2014-05-28 20:30 - 2012-07-30 23:41 - 00000000 ____D () C:\Users\Dominik

2014-05-28 20:21 - 2012-07-30 23:38 - 00000680 __RSH () C:\Users\Lon\ntuser.pol

2014-05-28 20:21 - 2012-07-30 23:38 - 00000000 ____D () C:\Users\Lon

2014-05-28 20:21 - 2012-07-30 23:31 - 00000680 __RSH () C:\Users\Miriam\ntuser.pol

2014-05-28 20:21 - 2012-07-30 23:24 - 00000000 ____D () C:\Users\Miriam

2014-05-28 20:15 - 2012-08-26 18:29 - 00000000 ____D () C:\Users\Lon\AppData\Roaming\Skype

2014-05-28 11:11 - 2013-05-01 21:51 - 00000000 ____D () C:\Users\Lon\AppData\Local\temp

2014-05-24 09:03 - 2014-05-20 16:10 - 00217600 _____ () C:\Users\Dominik\Desktop\jacob-1.17-M2-x64.dll

2014-05-24 09:03 - 2014-05-20 16:10 - 00176128 _____ () C:\Users\Dominik\Desktop\jacob-1.17-M2-x86.dll

2014-05-24 09:00 - 2014-04-21 21:05 - 00000000 ____D () C:\Users\Dominik\Desktop\authlib

2014-05-23 11:09 - 2014-05-23 08:53 - 00000000 ____D () C:\Users\Lon\Documents\23.05.14

2014-05-23 09:24 - 2013-10-07 17:59 - 00000000 ____D () C:\Users\Miriam\AppData\Local\CrashDumps

2014-05-22 22:30 - 2014-01-21 14:04 - 00002121 _____ () C:\Users\Public\Desktop\Google Chrome.lnk

2014-05-20 16:08 - 2014-05-20 16:04 - 00000000 ____D () C:\Users\Dominik\Desktop\Unleashed

2014-05-20 16:03 - 2014-05-20 16:03 - 00000000 _____ () C:\Users\Dominik\Desktop\FTBOSSent1.3.8.txt

2014-05-19 16:23 - 2014-05-19 16:23 - 00395853 _____ () C:\Users\Dominik\Desktop\ShadersMod-v2.3.15mc1.7.5-installer.jar

2014-05-19 15:37 - 2014-05-19 15:37 - 00000000 ____D () C:\Users\Dominik\Desktop\FTB

2014-05-19 11:23 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache

2014-05-16 15:51 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET

2014-05-16 14:33 - 2014-05-07 03:18 - 00000000 ___SD () C:\Windows\system32\CompatTel

2014-05-16 14:33 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\de-DE

2014-05-16 11:05 - 2014-05-07 19:48 - 00000000 ____D () C:\Users\Miriam\Documents\Bezirksamt

2014-05-16 10:05 - 2013-08-02 10:15 - 00000000 ____D () C:\Windows\system32\MRT

2014-05-16 10:00 - 2012-08-03 21:09 - 90547776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2014-05-16 09:49 - 2012-07-30 23:53 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service

2014-05-15 16:21 - 2009-07-14 06:53 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

2014-05-13 22:10 - 2012-07-31 15:30 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe

2014-05-13 22:10 - 2012-07-31 15:30 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl

2014-05-13 21:01 - 2013-06-06 14:47 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk

2014-05-12 13:13 - 2014-04-12 23:05 - 00018778 _____ () C:\Users\Lon\Desktop\Imbiss Preisliste.odt

2014-05-12 07:26 - 2014-05-31 22:48 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2014-05-12 07:25 - 2014-05-31 22:48 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-05-12 07:25 - 2014-01-21 22:11 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2014-05-10 15:59 - 2014-05-10 15:59 - 00000000 ____D () C:\Program Files\Mozilla Firefox

2014-05-09 15:23 - 2014-05-09 15:23 - 00036400 _____ () C:\Users\Dominik\Downloads\PlunderPixels Shaders 1.7.x.zip

2014-05-09 15:16 - 2014-05-09 15:16 - 00814735 _____ () C:\Users\Dominik\Downloads\OptiFine_1.7.9_HD_U_D2.jar

2014-05-09 09:06 - 2014-05-15 16:43 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2014-05-09 09:04 - 2014-05-15 16:43 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2014-05-08 23:12 - 2014-03-11 00:04 - 00000000 ____D () C:\Users\Miriam\Documents\Calibre-Bibliothek

2014-05-08 22:24 - 2014-03-11 00:03 - 00000930 _____ () C:\Users\Public\Desktop\calibre - E-book management.lnk

2014-05-08 22:24 - 2014-03-11 00:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management

2014-05-08 22:24 - 2014-03-11 00:03 - 00000000 ____D () C:\Program Files\Calibre2

2014-05-08 22:19 - 2014-05-08 22:18 - 55546880 _____ () C:\Users\Miriam\Downloads\calibre-1.35.0.msi

2014-05-08 22:19 - 2012-07-30 23:26 - 01627104 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-05-07 22:16 - 2014-04-10 14:03 - 00000000 ____D () C:\Users\Lon\Documents\10042014

2014-05-07 22:14 - 2014-05-07 22:14 - 00016949 _____ () C:\Users\Lon\Documents\initiativBewerbung.odt

2014-05-07 21:47 - 2014-05-07 19:49 - 00000000 ____D () C:\Users\Miriam\Documents\Mark Berisha

2014-05-07 19:58 - 2014-05-07 19:58 - 00000000 ____D () C:\Users\Miriam\Documents\Glückwünsche

2014-05-07 19:11 - 2014-05-06 23:17 - 00000000 ____D () C:\Users\Miriam\Bilder

2014-05-07 19:08 - 2012-08-02 00:00 - 00000000 ____D () C:\Users\Miriam\Documents\Arbeit

2014-05-07 19:07 - 2014-05-07 19:07 - 00000000 __SHD () C:\Users\Miriam\AppData\Local\EmieUserList

2014-05-07 19:07 - 2014-05-07 19:07 - 00000000 __SHD () C:\Users\Miriam\AppData\Local\EmieSiteList

2014-05-07 19:04 - 2013-09-16 14:25 - 00000000 ____D () C:\Users\Miriam\Documents\Wohnung

2014-05-07 19:03 - 2013-11-07 13:14 - 00000000 ____D () C:\Users\Miriam\Documents\ebay

2014-05-07 08:40 - 2013-05-21 21:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive

2014-05-07 03:17 - 2014-05-06 22:03 - 00000000 ____D () C:\Users\Miriam Standard\AppData\Local\temp

2014-05-06 22:52 - 2014-05-06 22:03 - 00001020 __RSH () C:\Users\Miriam Standard\ntuser.pol

2014-05-06 22:52 - 2014-05-06 22:03 - 00000000 ____D () C:\Users\Miriam Standard

2014-05-06 22:14 - 2014-05-06 22:14 - 00065568 _____ () C:\Users\Miriam Standard\AppData\Local\GDIPFONTCACHEV1.DAT

2014-05-06 22:09 - 2014-05-06 22:09 - 00000000 ____D () C:\Users\Miriam Standard\AppData\Roaming\Avira

2014-05-06 22:04 - 2014-05-06 22:04 - 00000000 ____D () C:\Users\Miriam Standard\AppData\Local\Wondershare

2014-05-06 22:03 - 2014-05-06 22:03 - 00001417 _____ () C:\Users\Miriam Standard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2014-05-06 22:03 - 2014-05-06 22:03 - 00000020 ___SH () C:\Users\Miriam Standard\ntuser.ini

2014-05-06 22:03 - 2014-05-06 22:03 - 00000000 _SHDL () C:\Users\Miriam Standard\Startmenü

2014-05-06 22:03 - 2014-05-06 22:03 - 00000000 _SHDL () C:\Users\Miriam Standard\Netzwerkumgebung

2014-05-06 22:03 - 2014-05-06 22:03 - 00000000 _SHDL () C:\Users\Miriam Standard\Druckumgebung

2014-05-06 22:03 - 2014-05-06 22:03 - 00000000 _SHDL () C:\Users\Miriam Standard\Documents\Eigene Musik

2014-05-06 22:03 - 2014-05-06 22:03 - 00000000 _SHDL () C:\Users\Miriam Standard\Documents\Eigene Bilder

2014-05-06 22:03 - 2014-05-06 22:03 - 00000000 _SHDL () C:\Users\Miriam Standard\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2014-05-06 22:03 - 2014-05-06 22:03 - 00000000 _SHDL () C:\Users\Miriam Standard\AppData\Local\Verlauf

2014-05-06 22:03 - 2014-05-06 22:03 - 00000000 ____D () C:\Users\Miriam Standard\AppData\Roaming\Adobe

2014-05-06 22:03 - 2014-05-06 22:03 - 00000000 ____D () C:\Users\Miriam Standard\AppData\Local\VirtualStore

2014-05-06 21:51 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\NDF

2014-05-06 21:33 - 2013-04-29 14:49 - 00000000 ____D () C:\Users\Miriam\Documents\Computer

2014-05-06 05:25 - 2014-05-16 09:56 - 17382912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-05-06 05:07 - 2014-05-16 09:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-05-06 04:10 - 2014-05-16 09:56 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-05-02 22:52 - 2014-03-28 15:17 - 00000000 ____D () C:\Users\Miriam\Desktop\Neuer Ordner
 

Some content of TEMP:

====================

C:\Users\Dominik\AppData\Local\temp\avgnt.exe

C:\Users\Lon\AppData\Local\temp\avgnt.exe

C:\Users\Miriam\AppData\Local\temp\avgnt.exe

C:\Users\Miriam Standard\AppData\Local\temp\avgnt.exe

C:\Users\TEMP\AppData\Local\temp\avgnt.exe
 
 

==================== Bamital & volsnap Check =================
 

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\system32\winlogon.exe

[2014-05-15 16:43] - [2014-03-04 11:17] - 0304128 ____A (Microsoft Corporation) 998507B046BA314CE8245364C686FA67
 

C:\Windows\system32\wininit.exe => MD5 is legit

C:\Windows\system32\svchost.exe => MD5 is legit

C:\Windows\system32\services.exe => MD5 is legit

C:\Windows\system32\User32.dll => MD5 is legit

C:\Windows\system32\userinit.exe => MD5 is legit

C:\Windows\system32\rpcss.dll => MD5 is legit

C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
 
 

LastRegBack: 2014-05-29 18:01
 

==================== End Of Log ============================

--- --- ---

Code:

Additional scan result of Farbar Recovery Scan Tool (x86) Version:01-06-2014

Ran by Miriam at 2014-06-01 12:32:23

Running from C:\Users\Miriam\Downloads

Boot Mode: Normal

==========================================================
 
 

==================== Security Center ========================
 

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}

AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 

==================== Installed Programs ======================
 

32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden

Adobe Digital Editions 2.0 (HKLM\...\Adobe Digital Editions 2.0) (Version: 2.0 - Adobe Systems Incorporated)

Adobe Flash Player 13 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)

Adobe Flash Player 13 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)

Adobe Reader XI (11.0.07) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)

Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)

AIO_CDA_Software (Version: 130.0.365.000 - Hewlett-Packard) Hidden

AIO_Scan (Version: 130.0.365.000 - Hewlett-Packard) Hidden

AnyDVD (HKLM\...\AnyDVD) (Version: 7.1.2.0 - SlySoft)

Apple Application Support (HKLM\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{18D47FA1-0440-48D3-A7E0-DA09537FF471}) (Version: 7.1.1.3 - Apple Inc.)

Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

Audible Download Manager (HKLM\...\AudibleDownloadManager) (Version: 6.6.0.15 - Audible, Inc.)

AVerMedia Gaming Plug-in 2.0.10.0 (HKLM\...\AVerMedia Gaming Plug-in) (Version: 2.0.10.0 - AVerMedia TECHNOLOGIES, Inc.)

AVerMedia H830 USB Hybrid TV 10.0.0.25 (HKLM\...\AVerMedia H830 USB Hybrid TV) (Version: 10.0.0.25 - AVerMedia TECHNOLOGIES, Inc.)

AVerTV (HKLM\...\InstallShield_{E28B1E6F-E0AA-4228-AB89-DB4A0C89D426}) (Version: 6.0.18 - AVerMedia Technologies, Inc.)

AVerTV (Version: 6.0.18 - AVerMedia Technologies, Inc.) Hidden

Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)

AVM FRITZ!Box Dokumentation (HKLM\...\AVMFBox) (Version:  - AVM Berlin)

AVM FRITZ!Box Druckeranschluss (HKLM\...\AVMFBoxPrinter) (Version:  - AVM Berlin)

Bing-Desktop (HKLM\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.3.347.0 - Microsoft Corporation)

Black and White (HKLM\...\{E51B4CD9-A0A6-4324-B26A-31B3F2DE26CE}) (Version:  - )

Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)

Brick-Force  (HKLM\...\Brick-Force) (Version:  - Infernum Productions AG)

BufferChm (Version: 130.0.331.000 - Hewlett-Packard) Hidden

calibre (HKLM\...\{54ED2E2F-68EE-461C-888C-DB7EBE85C340}) (Version: 1.35.0 - Kovid Goyal)

Camtasia Studio 8 (HKLM\...\{8F6F7194-0734-4CDA-8C04-6B766F2241A6}) (Version: 8.0.4.1060 - TechSmith Corporation)

Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM\...\CANONIJPLM100) (Version:  - )

Canon MP Navigator EX 4.0 (HKLM\...\MP Navigator EX 4.0) (Version:  - )

Canon Solution Menu EX (HKLM\...\CanonSolutionMenuEX) (Version:  - )

CanoScan LiDE 110 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_cnq2414) (Version:  - )

CCleaner (HKLM\...\CCleaner) (Version: 4.09 - Piriform)

Content Manager 2 (HKLM\...\Content Manager 2) (Version: 3.4.1.11834 - NNG Llc.)

Copy (Version: 130.0.428.000 - Hewlett-Packard) Hidden

CyberLink PowerDVD 12 (HKLM\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.1312.54 - CyberLink Corp.)

CyberLink PowerDVD 12 (Version: 12.0.1312.54 - CyberLink Corp.) Hidden

D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden

Destinations (Version: 130.0.0.0 - Hewlett-Packard) Hidden

DeviceDiscovery (Version: 130.0.465.000 - Hewlett-Packard) Hidden

DocProc (Version: 13.0.0.0 - Hewlett-Packard) Hidden

EmoDio (HKLM\...\InstallShield_{C20CE592-B0F8-4D20-BF31-0151CA6331A6}) (Version: 1.0 - SAMSUNG)

EmoDio (Version: 1.0 - SAMSUNG) Hidden

FastStone Image Viewer 4.9 (HKLM\...\FastStone Image Viewer) (Version: 4.9 - FastStone Soft)

Fax (Version: 130.0.418.000 - Hewlett-Packard) Hidden

FormatFactory 3.1.1 (HKLM\...\FormatFactory) (Version: 3.1.1 - Free Time)

Free Audio CD to MP3 Converter version 1.3.12.1228 (HKLM\...\Free Audio CD to MP3 Converter_is1) (Version: 1.3.12.1228 - DVDVideoSoft Ltd.)

Free MP4 Video Converter version 5.0.32.1219 (HKLM\...\Free MP4 Video Converter_is1) (Version: 5.0.32.1219 - DVDVideoSoft Ltd.)

Free YouTube Download version 3.1.40.1031 (HKLM\...\Free YouTube Download_is1) (Version: 3.1.40.1031 - DVDVideoSoft Ltd.)

Free YouTube to MP3 Converter version 3.11.35.1031 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.11.35.1031 - DVDVideoSoft Ltd.)

GIMP 2.8.2 (HKLM\...\GIMP-2_is1) (Version: 2.8.2 - The GIMP Team)

Glary Utilities 4.4 (HKLM\...\Glary Utilities 4) (Version: 4.4.0.86 - Glarysoft Ltd)

Google Chrome (HKLM\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)

Google Drive (HKLM\...\{418BAAD1-754D-48B4-B078-46EF4F25AF42}) (Version: 1.15.6556.8063 - Google, Inc.)

Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)

Google Update Helper (Version: 1.3.24.7 - Google Inc.) Hidden

GPBaseService2 (Version: 130.0.371.000 - Hewlett-Packard) Hidden

HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)

HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)

HP Photosmart All-In-One Driver Software 13.0 Rel. A (HKLM\...\{17016DA1-F040-4032-BD36-34DD317BC9D5}) (Version: 13.0 - HP)

HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)

HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)

HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)

HP Update (HKLM\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.001 - Hewlett-Packard)

HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden

HPPhotoGadget (Version: 130.0.282.000 - Hewlett-Packard) Hidden

HPPhotoSmartDiscLabelContent1 (Version: 2.04.0000 - Hewlett-Packard) Hidden

HPPhotosmartEssential (Version: 2.04.0000 - Hewlett-Packard) Hidden

HPProductAssistant (Version: 130.0.371.000 - Hewlett-Packard) Hidden

HPSSupply (Version: 130.0.371.000 - Hewlett-Packard) Hidden

iCloud (HKLM\...\{00A61104-74B5-4056-AD00-4397EF4FB141}) (Version: 3.1.0.40 - Apple Inc.)

IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.37 - Irfan Skiljan)

iTunes (HKLM\...\{2F21564D-DE05-4C6D-B21E-08B9D313FAB3}) (Version: 11.1.5.5 - Apple Inc.)

Java 7 Update 25 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)

Java Auto Updater (Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden

Junk Mail filter update (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

MAGIX mp3 maker SE (HKLM\...\MAGIX mp3 maker SE) (Version: 1.1.1.664 - MAGIX AG)

Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)

MarketResearch (Version: 130.0.374.000 - Hewlett-Packard) Hidden

McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)

Mein CEWE FOTOBUCH (HKLM\...\Mein CEWE FOTOBUCH) (Version: 5.0.1 - CEWE COLOR AG u Co. OHG)

Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft XML Parser (Version: 8.0.7820.0 - Microsoft Corporation) Hidden

Mobile Connection Manager (HKLM\...\o2DE) (Version:  - Mobile Connection Manager)

Mozilla Firefox 29.0.1 (x86 de) (HKLM\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)

Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)

Mp3tag v2.58 (HKLM\...\Mp3tag) (Version: v2.58 - Florian Heidenreich)

MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden

MSVCRT110 (Version: 16.4.1108.0727 - Microsoft) Hidden

MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)

MyPhoneExplorer (HKLM\...\MPE) (Version: 1.8.4 - F.J. Wechselberger)

Need for Speed™ Most Wanted (HKLM\...\{A48B9CD8-C2BA-4EC9-0081-7260D238C7CF}) (Version:  - )

Network (Version: 130.0.572.000 - Hewlett-Packard) Hidden

OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)

OpenOffice.org 3.4.1 (HKLM\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)

Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41417}) (Version: 3.61.0 - dotPDN LLC)

PDF Architect (HKLM\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)

PDF24 Creator 6.3.2 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)

PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.2 - pdfforge)

PhotoCardMaker 1.0.4 (HKLM\...\PhotoCardMaker_is1) (Version:  - Kigosoft Inc.)

Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.3.3.12085_7 - Samsung Electronics Co., Ltd.)

Samsung Kies (Version: 2.3.3.12085_7 - Samsung Electronics Co., Ltd.) Hidden

SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.18.0 - SAMSUNG Electronics Co., Ltd.)

Scan (Version: 13.0.0.0 - Hewlett-Packard) Hidden

Secunia PSI (3.0.0.7009) (HKLM\...\Secunia PSI) (Version: 3.0.0.7009 - Secunia)

Secure Banking Version 1.5.2 (HKLM\...\{0BEE0AF9-79F3-4C4F-B374-90C0A16BF294}_is1) (Version: 1.5.2 - Hopfgartner Niklas)

Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)

Skype™ 6.14 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)

SmartWebPrinting (Version: 130.0.457.000 - Hewlett-Packard) Hidden

SolutionCenter (Version: 130.0.373.000 - Hewlett-Packard) Hidden

Status (Version: 130.0.469.000 - Hewlett-Packard) Hidden

Stronghold Crusader Extreme (HKLM\...\{8C3727F2-8E37-49E4-820C-03B1677F53B6}) (Version: 1.20.0000 - Firefly Studios)

SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1014 - SUPERAntiSpyware.com)

swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden

TeamViewer 8 (HKLM\...\TeamViewer 8) (Version: 8.0.26038 - TeamViewer)

Toolbox (Version: 130.0.648.000 - Hewlett-Packard) Hidden

TrayApp (Version: 130.0.422.000 - Hewlett-Packard) Hidden

UnloadSupport (Version: 11.0.0 - Hewlett-Packard) Hidden

WebReg (Version: 130.0.132.017 - Hewlett-Packard) Hidden

Windows Live Communications Platform (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)

Windows Live Essentials (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden

Windows Live Installer (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Windows Live Mail (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Windows Live MIME IFilter (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Windows Live Photo Common (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Windows Live PIMT Platform (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Windows Live SOXE (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Windows Live SOXE Definitions (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Windows Live UX Platform (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Windows Live UX Platform Language Pack (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Windows Live Writer (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Windows Live Writer Resources (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

ZTE USB Driver (HKLM\...\ZTE USB Driver) (Version: 1.0.1.25_TME - ZTE Corporation)
 

==================== Restore Points  =========================
 

08-05-2014 20:21:15 Installed calibre

15-05-2014 14:29:53 Windows Update

16-05-2014 07:55:00 Windows Update

21-05-2014 15:02:48 Windows Update

29-05-2014 17:26:35 Geplanter Prüfpunkt

30-05-2014 15:02:47 Windows Update
 

==================== Hosts content: ==========================
 

2009-07-14 04:04 - 2013-05-01 21:32 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost
 

==================== Scheduled Tasks (whitelisted) =============
 

Task: {28C8B46F-FF08-4E68-8A0E-161199794483} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-03-12] (Oracle Corporation)

Task: {305714BB-D746-4A03-AC23-1FA05FCEEA9B} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2011-10-28] (Hewlett-Packard)

Task: {439022B6-30CA-4A32-939C-5E22280B7DD2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-08-26] (Google Inc.)

Task: {47029342-4FB1-4596-81C6-FFEDB7F33118} - System32\Tasks\Ad-Aware Antivirus Scheduled Scan => C:\PROGRA~1\AD-AWA~1\AdAwareLauncher.exe

Task: {4D110B67-5D67-4BCF-B4CE-B3B7DF579B3E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {5EE09F43-9C0B-415F-A376-D93F87FEAAB5} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)

Task: {78A4EB2A-89C8-4B1D-9A04-00CE1A7EF415} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)

Task: {948216FE-4B4F-4186-8C3F-14E0F336746C} - System32\Tasks\Google Updater and Installer => C:\Users\Miriam\AppData\Local\Google\Update\GoogleUpdate.exe

Task: {A075EACF-7F3E-4AA8-989C-F99DD1F2057C} - System32\Tasks\GlaryInitialize 4 => C:\Program Files\Glary Utilities 4\Initialize.exe [2014-01-06] (Glarysoft Ltd)

Task: {B72DA5A0-94ED-43A0-9425-D047BE042A2C} - System32\Tasks\GU4SkipUAC => C:\Program Files\Glary Utilities 4\Integrator.exe [2014-01-06] (Glarysoft Ltd)

Task: {B970EB18-119E-4F37-863A-6646ED3790C1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-13] (Adobe Systems Incorporated)

Task: {C1BAAE46-A46C-4B20-8E2F-F7AABFC8B4A9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-08-26] (Google Inc.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\GlaryInitialize 4.job => C:\Program Files\Glary Utilities 4\Initialize.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
 

==================== Loaded Modules (whitelisted) =============
 

2013-11-05 22:00 - 2013-11-05 21:59 - 00394824 _____ () C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll

2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll

2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll

2012-12-25 14:00 - 2009-12-06 23:13 - 00397312 _____ () C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe

2013-02-12 18:00 - 2010-04-05 21:55 - 00116104 _____ () C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE

2014-01-22 13:18 - 2013-07-24 10:24 - 00137728 _____ () C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll

2013-09-14 02:51 - 2013-09-14 02:51 - 00087952 _____ () C:\Program Files\Common Files\Apple\Internet Services\zlib1.dll

2013-09-14 02:50 - 2013-09-14 02:50 - 01242952 _____ () C:\Program Files\Common Files\Apple\Internet Services\libxml2.dll

2014-01-21 11:25 - 2012-09-07 18:30 - 00002560 _____ () C:\Program Files\Secure Banking\sbservice.exe

2014-01-21 11:25 - 2013-06-30 18:01 - 00017920 _____ () C:\Program Files\Secure Banking\SecureBanking.dll

2014-01-21 11:25 - 2013-05-26 14:13 - 00008704 _____ () C:\Program Files\Secure Banking\funcs.dll

2014-05-22 22:30 - 2014-05-14 01:40 - 00716616 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.114\libglesv2.dll

2014-05-22 22:30 - 2014-05-14 01:40 - 00126280 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.114\libegl.dll

2014-05-22 22:30 - 2014-05-14 01:40 - 04217672 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.114\pdf.dll

2014-05-22 22:30 - 2014-05-14 01:40 - 00414536 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll

2014-05-22 22:30 - 2014-05-14 01:40 - 01732424 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll

2014-05-22 22:30 - 2014-05-14 01:40 - 13695816 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll
 

==================== Alternate Data Streams (whitelisted) =========
 
 

==================== Safe Mode (whitelisted) ===================
 
 

==================== EXE Association (whitelisted) =============
 
 

==================== Disabled items from MSCONFIG ==============
 

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Audible Download Manager.lnk => C:\Windows\pss\Audible Download Manager.lnk.CommonStartup

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AVer HID Receiver.lnk => C:\Windows\pss\AVer HID Receiver.lnk.CommonStartup

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AVerQuick.lnk => C:\Windows\pss\AVerQuick.lnk.CommonStartup

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup

MSCONFIG\startupfolder: C:^Users^Miriam^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk => C:\Windows\pss\OpenOffice.org 3.4.1.lnk.Startup

MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"

MSCONFIG\startupreg: KiesAirMessage => C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup                                                                                                                                                                                                                

MSCONFIG\startupreg: KiesPDLR => C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe                                                                                                                                                                                                       

MSCONFIG\startupreg: KiesPreload => C:\Program Files\Samsung\Kies\Kies.exe /preload                                                                                                                                                                                                                          

MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe

MSCONFIG\startupreg: PowerDVD12Agent => "C:\Program Files\CyberLink\PowerDVD12\PowerDVD12Agent.exe"

MSCONFIG\startupreg: PowerDVD12DMREngine => "C:\Program Files\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe"
 

==================== Faulty Device Manager Devices =============
 

Name: Bluetooth-Peripheriegerät

Description: Bluetooth-Peripheriegerät

Class Guid: 

Manufacturer: 

Service: 

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 

Name: Officejet J4680 series

Description: Officejet J4680 series

Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}

Manufacturer: HP

Service: 

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 

Name: Bluetooth-Peripheriegerät

Description: Bluetooth-Peripheriegerät

Class Guid: 

Manufacturer: 

Service: 

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 

Name: Basissystemgerät

Description: Basissystemgerät

Class Guid: 

Manufacturer: 

Service: 

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (06/01/2014 10:17:25 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: Miriam-PC)

Description: Das lokale Benutzerprofil wurde nicht gefunden. Sie werden mit einem temporären Benutzerprofil angemeldet. Änderungen, die Sie am Benutzerprofil vornehmen, gehen bei der Abmeldung verloren.
 

Error: (06/01/2014 10:17:25 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1515) (User: Miriam-PC)

Description: Dieses Benutzerprofil wurde gesichert. Bei der nächsten Anmeldung dieses Benutzers wird automatisch versucht, dieses gesicherte Profil zu verwenden.
 

Error: (06/01/2014 10:17:24 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1502) (User: Miriam-PC)

Description: Das lokal gespeicherte Profil kann nicht geladen werden. Mögliche Fehlerursachen sind nicht ausreichende Sicherheitsrechte oder ein beschädigtes lokales Profil. 
 

 Details - Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
 

Error: (06/01/2014 10:17:24 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT-AUTORITÄT)

Description: Die Registrierung konnte nicht geladen werden. Dieses Problem wird oft durch zuwenig Arbeitsspeicher oder nicht ausreichende Sicherheitsberechtigungen verursacht. 
 

 Details - Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.

 for C:\Users\Dominik\ntuser.dat
 

Error: (06/01/2014 09:13:36 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 13261676
 

Error: (06/01/2014 09:13:36 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 13261676
 

Error: (06/01/2014 09:13:36 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second
 

Error: (06/01/2014 05:32:48 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 12901
 

Error: (06/01/2014 05:32:48 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 12901
 

Error: (06/01/2014 05:32:48 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second
 
 

System errors:

=============

Error: (06/01/2014 11:50:26 AM) (Source: atikmdag) (EventID: 10261) (User: )

Description: Display is not active
 

Error: (06/01/2014 11:50:11 AM) (Source: atikmdag) (EventID: 10261) (User: )

Description: Display is not active
 

Error: (06/01/2014 10:17:00 AM) (Source: atikmdag) (EventID: 10261) (User: )

Description: Display is not active
 

Error: (06/01/2014 09:13:38 AM) (Source: atikmdag) (EventID: 10261) (User: )

Description: Display is not active
 

Error: (06/01/2014 05:32:21 AM) (Source: atikmdag) (EventID: 10261) (User: )

Description: Display is not active
 

Error: (05/31/2014 05:00:18 PM) (Source: atikmdag) (EventID: 10261) (User: )

Description: Display is not active
 

Error: (05/31/2014 05:00:18 PM) (Source: atikmdag) (EventID: 19468) (User: )

Description: CPLIB :: General - Invalid Parameter
 

Error: (05/31/2014 05:00:18 PM) (Source: EventLog) (EventID: 6008) (User: )

Description: Das System wurde zuvor am ‎31.‎05.‎2014 um 14:20:37 unerwartet heruntergefahren.
 

Error: (05/31/2014 01:35:11 PM) (Source: atikmdag) (EventID: 10261) (User: )

Description: Display is not active
 

Error: (05/31/2014 11:54:41 AM) (Source: atikmdag) (EventID: 10261) (User: )

Description: Display is not active
 
 

Microsoft Office Sessions:

=========================

Error: (06/01/2014 10:17:25 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1511) (User: Miriam-PC)

Description: 
 

Error: (06/01/2014 10:17:25 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1515) (User: Miriam-PC)

Description: 
 

Error: (06/01/2014 10:17:24 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1502) (User: Miriam-PC)

Description: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.
 

Error: (06/01/2014 10:17:24 AM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT-AUTORITÄT)

Description: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.

C:\Users\Dominik\ntuser.dat
 

Error: (06/01/2014 09:13:36 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 13261676
 

Error: (06/01/2014 09:13:36 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 13261676
 

Error: (06/01/2014 09:13:36 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second
 

Error: (06/01/2014 05:32:48 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 12901
 

Error: (06/01/2014 05:32:48 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 12901
 

Error: (06/01/2014 05:32:48 AM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second
 
 

==================== Memory info =========================== 
 

Percentage of memory in use: 62%

Total physical RAM: 3039.03 MB

Available physical RAM: 1142.5 MB

Total Pagefile: 6076.34 MB

Available Pagefile: 2798.08 MB

Total Virtual: 2047.88 MB

Available Virtual: 1894.93 MB
 

==================== Drives ================================
 

Drive c: () (Fixed) (Total:455.56 GB) (Free:42.04 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 4DC0A6C6)

Partition 1: (Not Active) - (Size=10 GB) - (Type=27)

Partition 2: (Active) - (Size=456 GB) - (Type=07 NTFS)
 

==================== End Of Log ============================

Soo... das war jetzt etwas umfangreicher....

Code:

# AdwCleaner v3.211 - Bericht erstellt am 02/06/2014 um 21:53:30

# Aktualisiert 26/05/2014 von Xplode

# Betriebssystem : Windows 7 Home Premium Service Pack 1 (32 bits)

# Benutzername : Miriam - MIRIAM-PC

# Gestartet von : C:\Users\Miriam\Desktop\adwcleaner_3.211.exe

# Option : Suchen
 

***** [ Dienste ] *****
 
 

***** [ Dateien / Ordner ] *****
 

Ordner Gefunden : C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh

Ordner Gefunden : C:\Users\Miriam Standard\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh

Ordner Gefunden : C:\Users\Miriam\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp
 

***** [ Verknüpfungen ] *****
 
 

***** [ Registrierungsdatenbank ] *****
 

Schlüssel Gefunden : HKCU\Software\AppDataLow\Software

Schlüssel Gefunden : HKCU\Software\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp

Schlüssel Gefunden : HKCU\Software\OCS

Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
 

***** [ Browser ] *****
 

-\\ Internet Explorer v11.0.9600.17041
 
 

-\\ Mozilla Firefox v29.0.1 (de)
 

[ Datei : C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\3onebcgf.default\prefs.js ]
 
 

[ Datei : C:\Users\Lon\AppData\Roaming\Mozilla\Firefox\Profiles\fpf7ybj1.default\prefs.js ]
 
 

[ Datei : C:\Users\Miriam\AppData\Roaming\Mozilla\Firefox\Profiles\a042n12q.default\prefs.js ]
 
 

-\\ Google Chrome v35.0.1916.114
 

[ Datei : C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 

[ Datei : C:\Users\Miriam\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 

Gefunden [Search Provider] : hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&ctid=CT2319825

Gefunden [Search Provider] : hxxp://start.iminent.com/?appId=A677F5DA-BFEB-46C2-A647-F197C95AD284&ref=toolbox&q={searchTerms}

Gefunden [Search Provider] : hxxp://www.softonic.de/s/{searchTerms}

Gefunden [Search Provider] : hxxp://search.babylon.com/?q={searchTerms}&affID=110187&tt=270912_7a_3912_5&babsrc=SP_ss&mntrId=004ba7a10000000000004cedde2d789d

Gefunden [Startup_urls] : hxxp://start.iminent.com/?appId=A677F5DA-BFEB-46C2-A647-F197C95AD284

Gefunden [Extension] : bopakagnckmlgajfccecajhnimjiiedh

Gefunden [Extension] : dcillohgikpecbmgioknapdpcjofaafl

Gefunden [Extension] : fmlgoencnlndpglbocajlimaikjohmab

Gefunden [Extension] : jpmbfleldcgkldadpdinhjjopdfpjfjp

Gefunden [Extension] : nikpibnbobmbdbheedjfogjlikpgpnhp

Gefunden [Extension] : pkhojieggfgllhllcegoffdcnmdeojgb
 

[ Datei : C:\Users\Miriam Standard\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 

Gefunden [Search Provider] : hxxp://start.iminent.com/?appId=A677F5DA-BFEB-46C2-A647-F197C95AD284&ref=toolbox&q={searchTerms}

Gefunden [Search Provider] : hxxp://search.conduit.com/Results.aspx?q={searchTerms}&SearchSource=49&ctid=CT2319825

Gefunden [Search Provider] : hxxp://www.softonic.de/s/{searchTerms}

Gefunden [Extension] : bopakagnckmlgajfccecajhnimjiiedh

Gefunden [Extension] : fmlgoencnlndpglbocajlimaikjohmab
 

*************************
 

AdwCleaner[R0].txt - [1909 octets] - [27/03/2014 23:24:24]

AdwCleaner[R1].txt - [1973 octets] - [27/03/2014 23:57:37]

AdwCleaner[R2].txt - [3318 octets] - [02/06/2014 21:53:30]

AdwCleaner[S0].txt - [2038 octets] - [28/03/2014 00:02:07]
 

########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [3438 octets] ##########

Code:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.1.4 (04.06.2014:1)

OS: Windows 7 Home Premium x86

Ran by Miriam on 03.06.2014 at 10:11:05,49

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 

~~~ Services
 
 
 

~~~ Registry Values
 
 
 

~~~ Registry Keys
 
 
 

~~~ Files
 
 
 

~~~ Folders
 
 
 

~~~ Event Viewer Logs were cleared
 
 
 
 
 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 03.06.2014 at 10:14:15,17

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Code:

Malwarebytes Anti-Malware

www.malwarebytes.org
 

Suchlauf Datum: 03.06.2014

Suchlauf-Zeit: 10:20:54

Logdatei: mbam1.txt

Administrator: Ja
 

Version: 2.00.2.1012

Malware Datenbank: v2014.06.03.03

Rootkit Datenbank: v2014.06.02.01

Lizenz: Kostenlos

Malware Schutz: Deaktiviert

Bösartiger Webseiten Schutz: Deaktiviert

Self-protection: Deaktiviert
 

Betriebssystem: Windows 7 Service Pack 1

CPU: x86

Dateisystem: NTFS

Benutzer: Miriam
 

Suchlauf-Art: Bedrohungs-Suchlauf

Ergebnis: Abgeschlossen

Durchsuchte Objekte: 385554

Verstrichene Zeit: 21 Min, 19 Sek
 

Speicher: Aktiviert

Autostart: Aktiviert

Dateisystem: Aktiviert

Archive: Aktiviert

Rootkits: Deaktiviert

Heuristics: Aktiviert

PUP: Aktiviert

PUM: Aktiviert
 

Prozesse: 0

(No malicious items detected)
 

Module: 0

(No malicious items detected)
 

Registrierungsschlüssel: 0

(No malicious items detected)
 

Registrierungswerte: 0

(No malicious items detected)
 

Registrierungsdaten: 0

(No malicious items detected)
 

Ordner: 0

(No malicious items detected)
 

Dateien: 3

PUP.Optional.Superfish.A, C:\Users\Miriam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage, Löschen bei Neustart, [35dacba9502b3df9bf94b9dea65c3fc1], 

PUP.Optional.Superfish.A, C:\Users\Miriam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal, In Quarantäne, [9a754d27c0bbfd399ab9fb9c51b128d8], 

PUP.Optional.Iminent.A, C:\Users\Miriam\AppData\Local\Google\Chrome\User Data\Default\Preferences, Gut: (), Schlecht: (      "startup_urls": [ "https://www.google.de/", "hxxp://start.iminent.com/?appId=A677F5DA-BFEB-46C2-A647-F197C95AD284" ],), Ersetzt,[dd323e36502b0531602c7a17e420ff01]
 

Physische Sektoren: 0

(No malicious items detected)
 
 

(end)

Code:

Zoek.exe v5.0.0.0 Updated 02-June-2014

Tool run by Miriam on 03.06.2014 at 21:18:30,96.

Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Miriam\Desktop\zoek.exe [Scan all users] [Script inserted] 
 

==== System Restore Info ======================
 

03.06.2014 21:27:03 Zoek.exe System Restore Point Created Succesfully.
 

==== Deleting CLSID Registry Keys ======================
 
 

==== Deleting CLSID Registry Values ======================
 
 

==== Deleting Services ======================
 
 

==== FireFox Fix ======================
 

Deleted from C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\3onebcgf.default\prefs.js:

user_pref("browser.startup.homepage", "hxxp://securesearch.lavasoft.com/?source=f439e2c0&tbp=homepage&toolbarid=adawaretb&v=2_5&u=B4A998E2C741F500CF7A36516C5CDC1D");

user_pref("browser.search.selectedEngine", "SecureSearch");
 

Added to C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\3onebcgf.default\prefs.js:

user_pref("browser.startup.homepage", "hxxp://www.google.com");

user_pref("browser.search.defaulturl", "hxxp://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.newtab.url", "hxxp://www.google.com/");

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.defaultenginename", "Google");

user_pref("browser.search.selectedEngine", "Google");

user_pref("browser.search.order.1", "Google");

user_pref("keyword.URL", "hxxp://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.search.suggest.enabled", true);

user_pref("browser.search.useDBForOrder", true);
 

Deleted from C:\Users\Lon\AppData\Roaming\Mozilla\Firefox\Profiles\fpf7ybj1.default\prefs.js:

user_pref("browser.startup.homepage", "hxxp://securesearch.lavasoft.com/?source=f439e2c0&tbp=homepage&toolbarid=adawaretb&v=2_5&u=B4A998E2C741F500CF7A36516C5CDC1D");

user_pref("browser.search.selectedEngine", "SecureSearch");
 

Added to C:\Users\Lon\AppData\Roaming\Mozilla\Firefox\Profiles\fpf7ybj1.default\prefs.js:

user_pref("browser.startup.homepage", "hxxp://www.google.com");

user_pref("browser.search.defaulturl", "hxxp://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.newtab.url", "hxxp://www.google.com/");

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.defaultenginename", "Google");

user_pref("browser.search.selectedEngine", "Google");

user_pref("browser.search.order.1", "Google");

user_pref("keyword.URL", "hxxp://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.search.suggest.enabled", true);

user_pref("browser.search.useDBForOrder", true);
 

Deleted from C:\Users\Miriam\AppData\Roaming\Mozilla\Firefox\Profiles\a042n12q.default\prefs.js:

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.defaultenginename", "");

user_pref("browser.search.selectedEngine", "");

user_pref("browser.search.useDBForOrder", "false");
 

Added to C:\Users\Miriam\AppData\Roaming\Mozilla\Firefox\Profiles\a042n12q.default\prefs.js:

user_pref("browser.startup.homepage", "hxxp://www.google.com");

user_pref("browser.search.defaulturl", "hxxp://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.newtab.url", "hxxp://www.google.com/");

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.defaultenginename", "Google");

user_pref("browser.search.selectedEngine", "Google");

user_pref("browser.search.order.1", "Google");

user_pref("keyword.URL", "hxxp://www.google.com/search?btnG=Google+Search&q=");

user_pref("browser.search.suggest.enabled", true);

user_pref("browser.search.useDBForOrder", true);
 

ProfilePath: C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\3onebcgf.default
 

user.js not found

---- Lines iminent modified from prefs.js ----
 

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"wrc@avast.com\":{\"descriptor\":\"C:\\\\Program Files\\\\AVAST So

---- FireFox user.js and prefs.js backups ---- 
 

prefs__2141_.backup
 

ProfilePath: C:\Users\Lon\AppData\Roaming\Mozilla\Firefox\Profiles\fpf7ybj1.default
 

user.js not found

---- Lines iminent modified from prefs.js ----
 

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"wrc@avast.com\":{\"descriptor\":\"C:\\\\Program Files\\\\AVAST So

---- FireFox user.js and prefs.js backups ---- 
 

prefs__2141_.backup
 

ProfilePath: C:\Users\Miriam\AppData\Roaming\Mozilla\Firefox\Profiles\a042n12q.default
 

user.js not found

---- Lines ask.com removed from prefs.js ----

user_pref("weboftrust.search.ask.display", "Ask.com Web Search");

---- Lines FFPDFArchitectConverter@pdfarchitect.com modified from prefs.js ----
 

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"smartwebprinting@hp.com\":{\"descriptor\":\"C:\\\\Program Files\\

---- FireFox user.js and prefs.js backups ---- 
 

prefs__2141_.backup
 

==== Deleting Files \ Folders ======================
 

C:\PROGRA~2\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} deleted

C:\PROGRA~2\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} deleted

C:\Users\Miriam\.android deleted

C:\Program Files\Common Files\DVDVideoSoft\bin deleted

C:\Program Files\Yahoo! deleted

C:\Users\Miriam\AppData\Roaming\Yahoo! deleted

C:\Users\Dominik\AppData\Local\Wondershare deleted

C:\Users\Dominik\AppData\Local\adawarebp deleted

C:\Users\Lon\AppData\Local\Wondershare deleted

C:\Users\Lon\AppData\Local\adawarebp deleted

C:\Users\Miriam\AppData\Local\Wondershare deleted

C:\Users\Miriam Standard\AppData\Local\Wondershare deleted

C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\3onebcgf.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack deleted

C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\3onebcgf.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c} deleted

C:\Users\Lon\AppData\Roaming\Mozilla\Firefox\Profiles\fpf7ybj1.default\extensions\jid1-yZwVFzbsyfMrqQ@jetpack deleted

C:\Users\Lon\AppData\Roaming\Mozilla\Firefox\Profiles\fpf7ybj1.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c} deleted

"C:\Users\Miriam\AppData\Roaming\convert\convert.exe" deleted

"C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll" deleted

"C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll" deleted

"C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe" deleted

"C:\Users\Miriam\AppData\Roaming\convert" deleted

"C:\Program Files\Common Files\Wondershare" deleted

"C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact" deleted
 

==== Firefox Extensions Registry ======================
 

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]

"FFPDFArchitectConverter@pdfarchitect.com"=hex(2):43,00,3a,00,5c,00,50,00,72,\ []

[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]

"{e4f94d1e-2f53-401e-8885-681602c0ddd8}"="C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi" [04.04.2014 12:36]
 

==== Firefox Extensions ======================
 

ProfilePath: C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\3onebcgf.default

- Battlefield Play4Free - %ProfilePath%\extensions\battlefieldplay4free@ea.com

- Melodx - %ProfilePath%\extensions\{CBAB4215-15C6-4198-A78E-C54BCD05BFF3}.xpi
 

ProfilePath: C:\Users\Miriam\AppData\Roaming\Mozilla\Firefox\Profiles\a042n12q.default

- PDF Architect Converter For Firefox - C:\Program Files\PDF Architect\FFPDFArchitectExt

- WOT - %ProfilePath%\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}

- ReminderFox - %ProfilePath%\extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae}

- DownloadHelper - %ProfilePath%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

- AutoPager - %ProfilePath%\extensions\autopager@mozilla.org.xpi

- Drag amp; DropZones - %ProfilePath%\extensions\dendzones@captaincaveman.nl.xpi

- Ciuvo Preisvergleich - %ProfilePath%\extensions\extension@ciuvo.com.xpi

- Firebug - %ProfilePath%\extensions\firebug@software.joehewitt.com.xpi

- FastestFox - %ProfilePath%\extensions\smarterwiki@wikiatic.com.xpi

- WiseStamp - %ProfilePath%\extensions\wisestamp@wisestamp.com.xpi

- Flagfox - %ProfilePath%\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi

- NoScript - %ProfilePath%\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi

- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

- Greasemonkey - %ProfilePath%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
 

AppDir: C:\Program Files\Mozilla Firefox

- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 

==== Firefox Plugins ======================
 

Profilepath: C:\Users\Miriam\AppData\Roaming\Mozilla\Firefox\Profiles\a042n12q.default

A58DE0A570148AF5FF3512B2A340D09F        - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll -        Shockwave Flash

14365399E83D7BC15760E8676E890C87        - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll -        Adobe Acrobat

14365399E83D7BC15760E8676E890C87        - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll -        Adobe Acrobat

785105A23650755A8F7A72405EB0D923        - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll -        Google Update

49CFBB2130C682FFDF2CEBEE9A2D556E        - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll -        iTunes Application Detector

01D93217A9EE48DD37072B671378CC9C        - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll -        Silverlight Plug-In

5B92CB0A3EEE50F6B9AE036B4F9B0F0C        - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll -        Google Earth Plugin

0C0C5C207121C7A78414A8250E8E099A        - C:\Windows\system32\Adobe\Director\np32dsw_1204144.dll -        Shockwave for Director / Shockwave for Director

ABCB4A6EAB701C629378255ABCB308E5        - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll -        Java(TM) Platform SE 7 U25

D7324EB1EDCB8990F8522DE0311359E9        - C:\Windows\system32\npDeployJava1.dll -        Java Deployment Toolkit 7.0.250.17

3CFE1412C5B99ADEBAB31EEEF32948BC        - C:\Program Files\PDF Architect\FFPDFArchitectExt\plugins\NPPDFArchitectPreviewerPlugin.dll -        FireFox PDF Architect Previewer

15E298B5EC5B89C5994A59863969D9FF        - C:\Windows\system32\npmproxy.dll -        Microsoft® Windows® Operating System

28986F0A2342A033345EF9E70D395E4F        - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrlui.dll -        Microsoft® Silverlight
 
 

==== Chrome Look ======================
 

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

bopakagnckmlgajfccecajhnimjiiedh - No path found[]

lfffjahnfbocnaooecgijfnbpcfekoik - C:\ProgramData\adawaretb\shortcuts\chrome\adawaretb.crx[]

ngnjhfpfhadncgafgbneeljaginimmmk - C:\Users\Miriam\AppData\Local\CRE\ngnjhfpfhadncgafgbneeljaginimmmk.crx[]
 

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions

ngnjhfpfhadncgafgbneeljaginimmmk - C:\Users\Miriam\AppData\Local\CRE\ngnjhfpfhadncgafgbneeljaginimmmk.crx[]

nikpibnbobmbdbheedjfogjlikpgpnhp - C:\Users\Miriam\AppData\Roaming\DVDVideoSoft\DVDVideoSoftBrowserExtension.crx[27.11.2012 23:01]
 

MSS+ Extension - Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh

Angry Birds - Miriam\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj

WOT - Miriam\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp

avast Online Security - Miriam\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki

Facebook Lite for Chrome - Miriam\AppData\Local\Google\Chrome\User Data\Default\Extensions\npmllfhdnjcijofddghkhhknagamimip

Angry Birds - Miriam Standard\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj

WOT - Miriam Standard\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp

MSS+ Extension - Miriam Standard\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh

avast Online Security - Miriam Standard\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
 

==== Chrome Fix ======================
 

C:\Users\Miriam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_avast-internet-security.softonic.de_0.localstorage-journal deleted successfully

C:\Users\Miriam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_format-factory.softonic.de_0.localstorage-journal deleted successfully

C:\Users\Miriam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_photo-card-maker.softonic.de_0.localstorage-journal deleted successfully

C:\Users\Miriam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_vlc-media-player.softonic.de_0.localstorage-journal deleted successfully

C:\Users\Miriam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fmlgoencnlndpglbocajlimaikjohmab_0.localstorage deleted successfully

C:\Users\Miriam\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fmlgoencnlndpglbocajlimaikjohmab_0.localstorage-journal deleted successfully

C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh deleted successfully

C:\Users\Miriam Standard\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh deleted successfully
 

==== Set IE to Default ======================
 

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="hxxp://www.google.com/"
 

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="hxxp://www.google.com/"
 

==== All HKCU SearchScopes ======================
 

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
 

==== Reset Google Chrome ======================
 

C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully

C:\Users\Default User\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully

C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully

C:\Users\Miriam\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully

C:\Users\Miriam Standard\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully

C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

C:\Users\Default User\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

C:\Users\Miriam\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

C:\Users\Miriam Standard\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
 

==== Deleting CLSID Registry Keys ======================
 
 

==== Deleting CLSID Registry Values ======================
 

HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\FFPDFArchitectConverter@pdfarchitect.com deleted successfully
 

==== Reset IE Proxy ======================
 

Value(s) before fix:

"ProxyOverride"="*.local"

"ProxyEnable"=dword:00000000
 

Value(s) after fix:

"ProxyEnable"=dword:00000000
 

==== Deleting Registry Keys ======================
 

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\lfffjahnfbocnaooecgijfnbpcfekoik deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\ngnjhfpfhadncgafgbneeljaginimmmk deleted successfully

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\ngnjhfpfhadncgafgbneeljaginimmmk deleted successfully
 

==== Empty IE Cache ======================
 

C:\Users\Dominik\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Lon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Miriam\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Miriam\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\Miriam Standard\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
 

==== Empty FireFox Cache ======================
 

C:\Users\Dominik\AppData\Local\Mozilla\Firefox\Profiles\3onebcgf.default\Cache will be emptied at reboot

C:\Users\Lon\AppData\Local\Mozilla\Firefox\Profiles\fpf7ybj1.default\Cache emptied successfully

C:\Users\Miriam\AppData\Local\Mozilla\Firefox\Profiles\a042n12q.default\Cache emptied successfully
 

==== Empty Chrome Cache ======================
 

C:\Users\Default\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

C:\Users\Default User\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

C:\Users\Dominik\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

C:\Users\Miriam\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

C:\Users\Miriam Standard\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
 

==== Empty All Flash Cache ======================
 

Flash Cache Emptied Successfully
 

==== Empty All Java Cache ======================
 

Java Cache cleared successfully
 

==== C:\zoek_backup content ======================
 

C:\zoek_backup (files=7192 folders=174 128577251 bytes)
 

==== Empty Temp Folders ======================
 

C:\Users\Administrator\AppData\Local\temp emptied successfully

C:\Users\Default\AppData\Local\temp emptied successfully

C:\Users\Default User\AppData\Local\temp emptied successfully

C:\Users\Dominik\AppData\Local\temp emptied successfully

C:\Users\Lon\AppData\Local\temp emptied successfully

C:\Users\Miriam\AppData\Local\temp will be emptied at reboot

C:\Users\Miriam Standard\AppData\Local\temp emptied successfully

C:\Users\Public\AppData\Local\temp emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully

C:\Windows\Temp will be emptied at reboot
 

==== After Reboot ======================
 

==== Empty Temp Folders ======================
 

C:\Windows\Temp successfully emptied

C:\Users\Miriam\AppData\Local\Temp successfully emptied
 

==== Empty Recycle Bin ======================
 

C:\$RECYCLE.BIN successfully emptied
 

==== EOF on 03.06.2014 at 22:04:47,35 ======================

FRST Logfile:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:02-06-2014

Ran by Miriam (administrator) on MIRIAM-PC on 03-06-2014 22:11:27

Running from C:\Users\Miriam\Desktop

Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) OS Language: German Standard

Internet Explorer Version 11

Boot Mode: Normal
 
 
 

==================== Processes (Whitelisted) =================
 

(AMD) C:\Windows\System32\atiesrxx.exe

(AMD) C:\Windows\System32\atieclxx.exe

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe

(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore.exe

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe

(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(AVerMedia) C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe

() C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe

(Microsoft Corp.) C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(CyberLink) C:\Program Files\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe

(CyberLink) C:\Program Files\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe

(Teruten) C:\Windows\System32\FsUsbExService.Exe

() C:\Program Files\Canon\IJPLM\ijplmsvc.exe

(pdfforge GmbH) C:\Program Files\PDF Architect\HelperService.exe

(pdfforge GmbH) C:\Program Files\PDF Architect\ConversionService.exe

(Secunia) C:\Program Files\Secunia\PSI\psia.exe

(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe

(Telefónica I+D) C:\Program Files\o2\Mobile Connection Manager\ImpWiFiSvc.exe

(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE

(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE

(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer.exe

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe

(Secunia) C:\Program Files\Secunia\PSI\sua.exe

(TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\tv_w32.exe

(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe

(Microsoft Corp.) C:\Program Files\Microsoft\BingDesktop\BingDesktop.exe

(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe

(Geek Software GmbH) C:\Program Files\PDF24\pdf24.exe

(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE

(Secure Banking) C:\Program Files\Secure Banking\SecureBanking.exe

(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe

(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe

(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe

(Secunia) C:\Program Files\Secunia\PSI\psi_tray.exe

() C:\Program Files\Secure Banking\sbservice.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(Microsoft Corp.) C:\Program Files\Microsoft\BingDesktop\BDExtHost.exe

(Microsoft Corp.) C:\Program Files\Microsoft\BingDesktop\BDAppHost.exe

(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\APSDaemon.exe

(Microsoft Corp.) C:\Program Files\Microsoft\BingDesktop\BDRuntimeHost.exe

(CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
 
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [hpqSRMon] => C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)

HKLM\...\Run: [avgnt] => C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-20] (Avira Operations GmbH & Co. KG)

HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)

HKLM\...\Run: [BingDesktop] => C:\Program Files\Microsoft\BingDesktop\BingDesktop.exe [2353880 2013-11-01] (Microsoft Corp.)

HKLM\...\Run: [WSHelperSetup.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)

HKLM\...\Run: [PDFPrint] => C:\Program Files\PDF24\pdf24.exe [189480 2014-02-06] (Geek Software GmbH)

HKU\S-1-5-21-699669428-1510781343-25146314-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [5625624 2014-01-21] (SUPERAntiSpyware)

HKU\S-1-5-21-699669428-1510781343-25146314-1001\...\Run: [SecureBanking] => C:\Program Files\Secure Banking\SecureBanking.exe [507904 2013-06-30] (Secure Banking)

HKU\S-1-5-21-699669428-1510781343-25146314-1001\...\Run: [WSHelperSetup.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

HKU\S-1-5-21-699669428-1510781343-25146314-1001\...\Run: [iCloudServices] => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)

HKU\S-1-5-21-699669428-1510781343-25146314-1001\...\Run: [ApplePhotoStreams] => C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)

HKU\S-1-5-21-699669428-1510781343-25146314-1001\...\Policies\system: [LogonHoursAction] 2

HKU\S-1-5-21-699669428-1510781343-25146314-1001\...\Policies\system: [DontDisplayLogonHoursWarnings] 1

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk

ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk

ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk

ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia)

Startup: C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk

ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()

Startup: C:\Users\Lon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk

ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()

GroupPolicyUsers\S-1-5-21-699669428-1510781343-25146314-1142\User: Group Policy restriction detected <======= ATTENTION

GroupPolicyUsers\S-1-5-21-699669428-1510781343-25146314-1003\User: Group Policy restriction detected <======= ATTENTION
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x2422A44CDF9BCD01

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE

SearchScopes: HKLM - DefaultScope value is missing.

SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}

BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)

BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)

BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)

BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Winsock: Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
 

FireFox:

========

FF ProfilePath: C:\Users\Miriam\AppData\Roaming\Mozilla\Firefox\Profiles\a042n12q.default

FF NewTab: hxxp://www.google.com/

FF DefaultSearchEngine: Google

FF SearchEngineOrder.1: Google

FF SelectedSearchEngine: Google

FF Homepage: hxxp://www.google.com

FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()

FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)

FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)

FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml

FF Extension: WOT - C:\Users\Miriam\AppData\Roaming\Mozilla\Firefox\Profiles\a042n12q.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-12-08]

FF Extension: ReminderFox - C:\Users\Miriam\AppData\Roaming\Mozilla\Firefox\Profiles\a042n12q.default\Extensions\{ada4b710-8346-4b82-8199-5de2b400a6ae} [2014-05-22]

FF Extension: DownloadHelper - C:\Users\Miriam\AppData\Roaming\Mozilla\Firefox\Profiles\a042n12q.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-04-30]

FF Extension: AutoPager - C:\Users\Miriam\AppData\Roaming\Mozilla\Firefox\Profiles\a042n12q.default\Extensions\autopager@mozilla.org.xpi [2012-07-31]

FF Extension: Drag &amp; DropZones - C:\Users\Miriam\AppData\Roaming\Mozilla\Firefox\Profiles\a042n12q.default\Extensions\dendzones@captaincaveman.nl.xpi [2012-07-30]

FF Extension: Ciuvo - C:\Users\Miriam\AppData\Roaming\Mozilla\Firefox\Profiles\a042n12q.default\Extensions\extension@ciuvo.com.xpi [2012-07-30]

FF Extension: Firebug - C:\Users\Miriam\AppData\Roaming\Mozilla\Firefox\Profiles\a042n12q.default\Extensions\firebug@software.joehewitt.com.xpi [2012-07-31]

FF Extension: FastestFox - C:\Users\Miriam\AppData\Roaming\Mozilla\Firefox\Profiles\a042n12q.default\Extensions\smarterwiki@wikiatic.com.xpi [2012-07-30]

FF Extension: WiseStamp - C:\Users\Miriam\AppData\Roaming\Mozilla\Firefox\Profiles\a042n12q.default\Extensions\wisestamp@wisestamp.com.xpi [2012-07-31]

FF Extension: Flagfox - C:\Users\Miriam\AppData\Roaming\Mozilla\Firefox\Profiles\a042n12q.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2014-04-08]

FF Extension: NoScript - C:\Users\Miriam\AppData\Roaming\Mozilla\Firefox\Profiles\a042n12q.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2012-07-31]

FF Extension: Adblock Plus - C:\Users\Miriam\AppData\Roaming\Mozilla\Firefox\Profiles\a042n12q.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-07-31]

FF Extension: Greasemonkey - C:\Users\Miriam\AppData\Roaming\Mozilla\Firefox\Profiles\a042n12q.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2012-08-25]

FF Extension: PDF Architect Converter For Firefox - C:\Program Files\PDF Architect\FFPDFArchitectExt [2014-01-21]

FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-02-14]

FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

FF Extension: HP Smart Web Printing - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-02-14]

FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi

FF Extension: No Name - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]
 

Chrome: 

=======

CHR Extension: (Google Docs) - C:\Users\Miriam\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-03]

CHR Extension: (Google Drive) - C:\Users\Miriam\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-06-03]

CHR Extension: (YouTube) - C:\Users\Miriam\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-06-03]

CHR Extension: (Google-Suche) - C:\Users\Miriam\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-06-03]

CHR Extension: (DVDVideoSoft Browser Extension) - C:\Users\Miriam\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp [2012-11-27]

CHR Extension: (Google Wallet) - C:\Users\Miriam\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]

CHR Extension: (Google Mail) - C:\Users\Miriam\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-06-03]

CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Users\Miriam\AppData\Roaming\DVDVideoSoft\DVDVideoSoftBrowserExtension.crx [2012-11-27]
 

========================== Services (Whitelisted) =================
 

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [116608 2012-07-11] (SUPERAntiSpyware.com)

R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)

R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)

S4 AntiVirWebService; C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE [1017424 2014-02-20] (Avira Operations GmbH & Co. KG)

R2 AVerRemote; C:\Program Files\Common Files\AVerMedia\Service\AVerRemote.exe [344064 2009-04-08] (AVerMedia)

R2 AVerScheduleService; C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe [397312 2009-12-06] ()

R2 BingDesktopUpdate; C:\Program Files\Microsoft\BingDesktop\BingDesktopUpdater.exe [173272 2013-11-01] (Microsoft Corp.)

R2 CLHNServiceForPowerDVD12; C:\Program Files\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [87336 2012-01-12] (CyberLink Corp.)

R2 CyberLink PowerDVD 12 Media Server Monitor Service; C:\Program Files\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [75048 2012-01-12] (CyberLink)

R2 CyberLink PowerDVD 12 Media Server Service; C:\Program Files\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [296232 2012-01-12] (CyberLink)

R2 IJPLMSVC; C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [116104 2010-04-05] ()

S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)

R2 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)

R2 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)

R2 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [1227800 2013-04-18] (Secunia)

R2 Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [659992 2013-04-18] (Secunia)

R2 TGCM_ImportWiFiSvc; C:\Program Files\o2\Mobile Connection Manager\ImpWiFiSvc.exe [199600 2010-11-11] (Telefónica I+D)
 

==================== Drivers (Whitelisted) ====================
 

R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [121248 2012-08-26] (SlySoft, Inc.)

S3 AVerPola; C:\Windows\System32\DRIVERS\AVerPola.sys [314752 2009-08-13] (AVerMedia TECHNOLOGIES, Inc.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [90400 2013-12-17] (Avira Operations GmbH & Co. KG)

R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135648 2013-12-17] (Avira Operations GmbH & Co. KG)

R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-12-02] (Avira Operations GmbH & Co. KG)

S3 AVPolCIR; C:\Windows\System32\DRIVERS\AVPolCIR.sys [32896 2009-08-13] (AVerMedia TECHNOLOGIES, Inc.)

R0 BootDefragDriver; C:\Windows\System32\drivers\BootDefragDriver.sys [14528 2014-01-06] (Glarysoft Ltd)

R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [31088 2010-12-17] (Elaborate Bytes AG)

R3 FsUsbExDisk; C:\Windows\system32\FsUsbExDisk.SYS [37344 2013-02-05] ()

R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [13560 2013-04-15] (GFI Software)

S3 massfilter_hs; C:\Windows\System32\drivers\massfilter_hs.sys [9728 2009-02-03] (ZTE Incorporated)

R2 ntk_PowerDVD12; C:\Program Files\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12.sys [120432 2011-10-27] (Cyberlink Corp.)

R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_x86.sys [16024 2013-04-18] (Secunia)

R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)

R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-11-05] (Avira GmbH)

S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [15872 2013-02-12] (Microsoft Corporation)

R2 {329F96B6-DF1E-4328-BFDA-39EA953C1312}; C:\Program Files\CyberLink\PowerDVD12\Common\NavFilter\000.fcl [87536 2012-01-11] (CyberLink Corp.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)

S3 catchme; \??\C:\Users\Miriam\AppData\Local\Temp\catchme.sys [X]

U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-14] (Microsoft Corporation)

S3 XDva409; \??\C:\Windows\system32\XDva409.sys [X]
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2014-06-03 22:11 - 2014-06-03 22:12 - 00020187 _____ () C:\Users\Miriam\Desktop\FRST.txt

2014-06-03 22:09 - 2014-06-03 22:09 - 00000000 ____D () C:\Users\Miriam\Desktop\FRST-OlderVersion

2014-06-03 21:57 - 2014-06-03 22:12 - 00000000 ____D () C:\Users\Miriam\AppData\Local\Temp

2014-06-03 21:57 - 2014-06-03 21:57 - 00000000 ____D () C:\Users\Public\AppData\Local\temp

2014-06-03 21:57 - 2014-06-03 21:57 - 00000000 ____D () C:\Users\Miriam Standard\AppData\Local\temp

2014-06-03 21:57 - 2014-06-03 21:57 - 00000000 ____D () C:\Users\Lon\AppData\Local\temp

2014-06-03 21:57 - 2014-06-03 21:57 - 00000000 ____D () C:\Users\Dominik\AppData\Local\temp

2014-06-03 21:57 - 2014-06-03 21:57 - 00000000 ____D () C:\Users\Default\AppData\Local\temp

2014-06-03 21:57 - 2014-06-03 21:57 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp

2014-06-03 21:57 - 2014-06-03 21:57 - 00000000 ____D () C:\Users\Administrator\AppData\Local\temp

2014-06-03 21:57 - 2014-06-03 21:18 - 00024064 _____ () C:\Windows\zoek-delete.exe

2014-06-03 21:56 - 2014-06-03 21:56 - 00000084 _____ () C:\folders.txt

2014-06-03 21:26 - 2014-06-03 22:04 - 00019700 _____ () C:\zoek-results.log

2014-06-03 21:23 - 2014-06-03 21:23 - 01285120 _____ () C:\Users\Miriam\Downloads\zoek (3).exe

2014-06-03 21:21 - 2014-06-03 21:22 - 01285120 _____ () C:\Users\Miriam\Downloads\zoek (2).exe

2014-06-03 21:20 - 2014-06-03 21:20 - 01285120 _____ () C:\Users\Miriam\Desktop\zoek (1).exe

2014-06-03 21:19 - 2014-06-03 21:20 - 01285120 _____ () C:\Users\Miriam\Downloads\zoek (1).exe

2014-06-03 14:54 - 2014-06-03 21:47 - 00000000 ____D () C:\zoek_backup

2014-06-03 14:54 - 2014-06-03 14:54 - 01285120 _____ () C:\Users\Miriam\Desktop\zoek.exe

2014-06-03 14:53 - 2014-06-03 14:54 - 01285120 _____ () C:\Users\Miriam\Downloads\zoek.exe

2014-06-03 14:42 - 2014-06-03 14:42 - 00001822 _____ () C:\Users\Miriam\Desktop\mbam1.txt

2014-06-03 10:14 - 2014-06-03 10:14 - 00000626 _____ () C:\Users\Miriam\Desktop\JRT.txt

2014-06-03 10:09 - 2014-06-03 10:09 - 01016261 _____ (Thisisu) C:\Users\Miriam\Downloads\JRT.exe

2014-06-03 10:09 - 2014-06-03 10:09 - 01016261 _____ (Thisisu) C:\Users\Miriam\Downloads\JRT (1).exe

2014-06-03 10:09 - 2014-06-03 10:09 - 01016261 _____ (Thisisu) C:\Users\Miriam\Desktop\JRT.exe

2014-06-02 22:27 - 2014-06-02 22:55 - 00000000 ____D () C:\Users\Lon\Documents\Krankenkasse

2014-06-02 21:54 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll

2014-06-02 21:53 - 2014-06-02 21:53 - 01327971 _____ () C:\Users\Miriam\Desktop\adwcleaner_3.211.exe

2014-06-02 21:52 - 2014-06-02 21:53 - 01327971 _____ () C:\Users\Miriam\Downloads\adwcleaner_3.211.exe

2014-06-02 21:52 - 2014-06-02 21:53 - 01327971 _____ () C:\Users\Miriam\Downloads\adwcleaner_3.211 (1).exe

2014-06-02 21:51 - 2014-06-02 21:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus

2014-06-02 21:51 - 2014-06-02 21:51 - 00000000 ____D () C:\Program Files\McAfee Security Scan

2014-06-02 12:55 - 2014-06-02 12:55 - 00675988 _____ () C:\Users\Dominik\Desktop\Minecraft.exe

2014-06-01 14:28 - 2014-06-01 14:28 - 00023530 _____ () C:\ComboFix.txt

2014-06-01 13:55 - 2014-06-01 14:28 - 00000000 ____D () C:\ComboFix

2014-06-01 13:55 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe

2014-06-01 13:55 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe

2014-06-01 13:55 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe

2014-06-01 13:55 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe

2014-06-01 13:55 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe

2014-06-01 13:55 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe

2014-06-01 13:55 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe

2014-06-01 13:55 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe

2014-06-01 13:54 - 2014-06-01 14:28 - 00000000 ____D () C:\Qoobox

2014-06-01 13:47 - 2014-06-01 13:48 - 05203398 ____R (Swearware) C:\Users\Miriam\Desktop\ComboFix.exe

2014-06-01 12:32 - 2014-06-01 12:33 - 00029101 _____ () C:\Users\Miriam\Downloads\Addition.txt

2014-06-01 12:30 - 2014-06-03 22:11 - 00000000 ____D () C:\FRST

2014-06-01 12:30 - 2014-06-01 12:33 - 00056435 _____ () C:\Users\Miriam\Downloads\FRST.txt

2014-06-01 12:29 - 2014-06-03 22:09 - 01059840 _____ (Farbar) C:\Users\Miriam\Desktop\FRST.exe

2014-06-01 09:44 - 2014-06-01 09:44 - 00003871 _____ () C:\Users\Miriam\Desktop\mbam.txt

2014-05-31 22:49 - 2014-06-03 10:20 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-05-31 22:48 - 2014-05-31 22:48 - 00001056 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-05-31 22:48 - 2014-05-31 22:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-05-31 22:48 - 2014-05-31 22:48 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware

2014-05-31 22:48 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2014-05-31 22:48 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-05-31 22:45 - 2014-05-31 22:46 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Miriam\Downloads\mbam-setup-2.0.2.1012.exe

2014-05-23 08:53 - 2014-05-23 11:09 - 00000000 ____D () C:\Users\Lon\Documents\23.05.14

2014-05-20 16:10 - 2014-05-24 09:03 - 00217600 _____ () C:\Users\Dominik\Desktop\jacob-1.17-M2-x64.dll

2014-05-20 16:10 - 2014-05-24 09:03 - 00176128 _____ () C:\Users\Dominik\Desktop\jacob-1.17-M2-x86.dll

2014-05-20 16:04 - 2014-05-20 16:08 - 00000000 ____D () C:\Users\Dominik\Desktop\Unleashed

2014-05-20 16:03 - 2014-05-20 16:03 - 00000000 _____ () C:\Users\Dominik\Desktop\FTBOSSent1.3.8.txt

2014-05-19 16:23 - 2014-05-19 16:23 - 00395853 _____ () C:\Users\Dominik\Desktop\ShadersMod-v2.3.15mc1.7.5-installer.jar

2014-05-19 15:37 - 2014-05-19 15:37 - 00000000 ____D () C:\Users\Dominik\Desktop\FTB

2014-05-16 09:56 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-05-16 09:56 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-05-16 09:56 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-05-15 16:43 - 2014-05-09 09:06 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2014-05-15 16:43 - 2014-05-09 09:04 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2014-05-15 16:43 - 2014-04-12 04:15 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys

2014-05-15 16:43 - 2014-04-12 04:15 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys

2014-05-15 16:43 - 2014-04-12 04:12 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll

2014-05-15 16:43 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll

2014-05-15 16:43 - 2014-04-12 04:12 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll

2014-05-15 16:43 - 2014-04-12 04:11 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll

2014-05-15 16:43 - 2014-04-12 04:11 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe

2014-05-15 16:43 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe

2014-05-15 16:43 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe

2014-05-15 16:43 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll

2014-05-15 16:43 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll

2014-05-15 16:43 - 2014-03-04 11:17 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe

2014-05-15 16:43 - 2014-03-04 11:17 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll

2014-05-15 16:43 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll

2014-05-15 16:43 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll

2014-05-15 16:43 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll

2014-05-15 16:43 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll

2014-05-15 16:43 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll

2014-05-15 16:43 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll

2014-05-15 16:43 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll

2014-05-15 16:43 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll

2014-05-15 16:43 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll

2014-05-15 16:43 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll

2014-05-15 16:43 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll

2014-05-15 16:42 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll

2014-05-10 15:59 - 2014-05-10 15:59 - 00000000 ____D () C:\Program Files\Mozilla Firefox

2014-05-09 15:23 - 2014-05-09 15:23 - 00036400 _____ () C:\Users\Dominik\Downloads\PlunderPixels Shaders 1.7.x.zip

2014-05-09 15:16 - 2014-05-09 15:16 - 00814735 _____ () C:\Users\Dominik\Downloads\OptiFine_1.7.9_HD_U_D2.jar

2014-05-08 22:18 - 2014-05-08 22:19 - 55546880 _____ () C:\Users\Miriam\Downloads\calibre-1.35.0.msi

2014-05-07 22:14 - 2014-05-07 22:14 - 00016949 _____ () C:\Users\Lon\Documents\initiativBewerbung.odt

2014-05-07 20:08 - 2013-08-20 13:53 - 00017809 _____ () C:\Users\Dominik\Documents\Washington D.C. (2).odt

2014-05-07 19:58 - 2014-05-07 19:58 - 00000000 ____D () C:\Users\Miriam\Documents\Glückwünsche

2014-05-07 19:49 - 2014-05-07 21:47 - 00000000 ____D () C:\Users\Miriam\Documents\Mark Berisha

2014-05-07 19:48 - 2014-05-16 11:05 - 00000000 ____D () C:\Users\Miriam\Documents\Bezirksamt

2014-05-07 19:07 - 2014-05-07 19:07 - 00000000 __SHD () C:\Users\Miriam\AppData\Local\EmieUserList

2014-05-07 19:07 - 2014-05-07 19:07 - 00000000 __SHD () C:\Users\Miriam\AppData\Local\EmieSiteList

2014-05-07 03:18 - 2014-05-16 14:33 - 00000000 ___SD () C:\Windows\system32\CompatTel

2014-05-06 23:17 - 2014-05-07 19:11 - 00000000 ____D () C:\Users\Miriam\Bilder

2014-05-06 22:14 - 2014-05-06 22:14 - 00065568 _____ () C:\Users\Miriam Standard\AppData\Local\GDIPFONTCACHEV1.DAT

2014-05-06 22:09 - 2014-05-06 22:09 - 00000000 ____D () C:\Users\Miriam Standard\AppData\Roaming\Avira

2014-05-06 22:03 - 2014-05-06 22:52 - 00001020 __RSH () C:\Users\Miriam Standard\ntuser.pol

2014-05-06 22:03 - 2014-05-06 22:52 - 00000000 ____D () C:\Users\Miriam Standard

2014-05-06 22:03 - 2014-05-06 22:03 - 00001417 _____ () C:\Users\Miriam Standard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2014-05-06 22:03 - 2014-05-06 22:03 - 00000020 ___SH () C:\Users\Miriam Standard\ntuser.ini

2014-05-06 22:03 - 2014-05-06 22:03 - 00000000 _SHDL () C:\Users\Miriam Standard\Startmenü

2014-05-06 22:03 - 2014-05-06 22:03 - 00000000 _SHDL () C:\Users\Miriam Standard\Netzwerkumgebung

2014-05-06 22:03 - 2014-05-06 22:03 - 00000000 _SHDL () C:\Users\Miriam Standard\Druckumgebung

2014-05-06 22:03 - 2014-05-06 22:03 - 00000000 _SHDL () C:\Users\Miriam Standard\Documents\Eigene Musik

2014-05-06 22:03 - 2014-05-06 22:03 - 00000000 _SHDL () C:\Users\Miriam Standard\Documents\Eigene Bilder

2014-05-06 22:03 - 2014-05-06 22:03 - 00000000 _SHDL () C:\Users\Miriam Standard\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2014-05-06 22:03 - 2014-05-06 22:03 - 00000000 _SHDL () C:\Users\Miriam Standard\AppData\Local\Verlauf

2014-05-06 22:03 - 2014-05-06 22:03 - 00000000 ____D () C:\Users\Miriam Standard\AppData\Roaming\Adobe

2014-05-06 22:03 - 2014-05-06 22:03 - 00000000 ____D () C:\Users\Miriam Standard\AppData\Local\VirtualStore

2014-05-06 22:03 - 2014-01-20 11:55 - 00000000 ____D () C:\Users\Miriam Standard\AppData\Local\Google

2014-05-06 22:03 - 2013-06-26 20:32 - 00000000 ____D () C:\Users\Miriam Standard\AppData\LocalGoogle

2014-05-06 22:03 - 2013-05-18 13:07 - 00000000 ____D () C:\Users\Miriam Standard\AppData\Roaming\Apple Computer

2014-05-06 22:03 - 2013-05-18 13:07 - 00000000 ____D () C:\Users\Miriam Standard\AppData\Local\Apple Computer

2014-05-06 22:03 - 2009-07-14 06:42 - 00000000 ___RD () C:\Users\Miriam Standard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

2014-05-06 22:03 - 2009-07-14 06:37 - 00000000 ___RD () C:\Users\Miriam Standard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
 

==================== One Month Modified Files and Folders =======
 

2014-06-03 22:12 - 2014-06-03 22:11 - 00020187 _____ () C:\Users\Miriam\Desktop\FRST.txt

2014-06-03 22:12 - 2014-06-03 21:57 - 00000000 ____D () C:\Users\Miriam\AppData\Local\Temp

2014-06-03 22:11 - 2014-06-01 12:30 - 00000000 ____D () C:\FRST

2014-06-03 22:11 - 2009-07-14 06:34 - 00013536 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-06-03 22:11 - 2009-07-14 06:34 - 00013536 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-06-03 22:10 - 2012-07-31 15:30 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-06-03 22:09 - 2014-06-03 22:09 - 00000000 ____D () C:\Users\Miriam\Desktop\FRST-OlderVersion

2014-06-03 22:09 - 2014-06-01 12:29 - 01059840 _____ (Farbar) C:\Users\Miriam\Desktop\FRST.exe

2014-06-03 22:05 - 2014-01-21 12:19 - 00000324 _____ () C:\Windows\Tasks\GlaryInitialize 4.job

2014-06-03 22:04 - 2014-06-03 21:26 - 00019700 _____ () C:\zoek-results.log

2014-06-03 22:04 - 2012-08-26 13:49 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-06-03 22:03 - 2014-01-22 09:51 - 00011401 _____ () C:\Windows\setupact.log

2014-06-03 22:03 - 2014-01-22 09:51 - 00005274 _____ () C:\Windows\PFRO.log

2014-06-03 22:03 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-06-03 22:02 - 2012-07-30 22:55 - 01448022 _____ () C:\Windows\WindowsUpdate.log

2014-06-03 21:57 - 2014-06-03 21:57 - 00000000 ____D () C:\Users\Public\AppData\Local\temp

2014-06-03 21:57 - 2014-06-03 21:57 - 00000000 ____D () C:\Users\Miriam Standard\AppData\Local\temp

2014-06-03 21:57 - 2014-06-03 21:57 - 00000000 ____D () C:\Users\Lon\AppData\Local\temp

2014-06-03 21:57 - 2014-06-03 21:57 - 00000000 ____D () C:\Users\Dominik\AppData\Local\temp

2014-06-03 21:57 - 2014-06-03 21:57 - 00000000 ____D () C:\Users\Default\AppData\Local\temp

2014-06-03 21:57 - 2014-06-03 21:57 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp

2014-06-03 21:57 - 2014-06-03 21:57 - 00000000 ____D () C:\Users\Administrator\AppData\Local\temp

2014-06-03 21:56 - 2014-06-03 21:56 - 00000084 _____ () C:\folders.txt

2014-06-03 21:47 - 2014-06-03 14:54 - 00000000 ____D () C:\zoek_backup

2014-06-03 21:45 - 2012-08-26 13:49 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-06-03 21:44 - 2012-11-27 22:54 - 00000000 ____D () C:\Program Files\Common Files\DVDVideoSoft

2014-06-03 21:44 - 2012-07-30 23:24 - 00000000 ____D () C:\Users\Miriam

2014-06-03 21:35 - 2012-07-30 23:31 - 00000680 __RSH () C:\Users\Miriam\ntuser.pol

2014-06-03 21:23 - 2014-06-03 21:23 - 01285120 _____ () C:\Users\Miriam\Downloads\zoek (3).exe

2014-06-03 21:22 - 2014-06-03 21:21 - 01285120 _____ () C:\Users\Miriam\Downloads\zoek (2).exe

2014-06-03 21:20 - 2014-06-03 21:20 - 01285120 _____ () C:\Users\Miriam\Desktop\zoek (1).exe

2014-06-03 21:20 - 2014-06-03 21:19 - 01285120 _____ () C:\Users\Miriam\Downloads\zoek (1).exe

2014-06-03 21:18 - 2014-06-03 21:57 - 00024064 _____ () C:\Windows\zoek-delete.exe

2014-06-03 20:59 - 2012-09-02 11:02 - 00000000 ____D () C:\Users\Dominik\AppData\Roaming\Skype

2014-06-03 19:58 - 2012-08-24 20:29 - 00000000 ____D () C:\Users\Dominik\AppData\Roaming\.minecraft

2014-06-03 19:57 - 2012-07-30 23:41 - 00001332 __RSH () C:\Users\Dominik\ntuser.pol

2014-06-03 19:57 - 2012-07-30 23:41 - 00000000 ____D () C:\Users\Dominik

2014-06-03 14:54 - 2014-06-03 14:54 - 01285120 _____ () C:\Users\Miriam\Desktop\zoek.exe

2014-06-03 14:54 - 2014-06-03 14:53 - 01285120 _____ () C:\Users\Miriam\Downloads\zoek.exe

2014-06-03 14:46 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\schemas

2014-06-03 14:42 - 2014-06-03 14:42 - 00001822 _____ () C:\Users\Miriam\Desktop\mbam1.txt

2014-06-03 10:20 - 2014-05-31 22:49 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-06-03 10:14 - 2014-06-03 10:14 - 00000626 _____ () C:\Users\Miriam\Desktop\JRT.txt

2014-06-03 10:09 - 2014-06-03 10:09 - 01016261 _____ (Thisisu) C:\Users\Miriam\Downloads\JRT.exe

2014-06-03 10:09 - 2014-06-03 10:09 - 01016261 _____ (Thisisu) C:\Users\Miriam\Downloads\JRT (1).exe

2014-06-03 10:09 - 2014-06-03 10:09 - 01016261 _____ (Thisisu) C:\Users\Miriam\Desktop\JRT.exe

2014-06-02 23:59 - 2014-03-27 23:24 - 00000000 ____D () C:\AdwCleaner

2014-06-02 22:55 - 2014-06-02 22:27 - 00000000 ____D () C:\Users\Lon\Documents\Krankenkasse

2014-06-02 22:13 - 2013-09-16 14:25 - 00000000 ____D () C:\Users\Miriam\Documents\Wohnung

2014-06-02 21:53 - 2014-06-02 21:53 - 01327971 _____ () C:\Users\Miriam\Desktop\adwcleaner_3.211.exe

2014-06-02 21:53 - 2014-06-02 21:52 - 01327971 _____ () C:\Users\Miriam\Downloads\adwcleaner_3.211.exe

2014-06-02 21:53 - 2014-06-02 21:52 - 01327971 _____ () C:\Users\Miriam\Downloads\adwcleaner_3.211 (1).exe

2014-06-02 21:51 - 2014-06-02 21:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus

2014-06-02 21:51 - 2014-06-02 21:51 - 00000000 ____D () C:\Program Files\McAfee Security Scan

2014-06-02 21:51 - 2014-04-09 21:03 - 00002012 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk

2014-06-02 21:51 - 2014-04-09 21:03 - 00000000 ____D () C:\ProgramData\McAfee Security Scan

2014-06-02 12:55 - 2014-06-02 12:55 - 00675988 _____ () C:\Users\Dominik\Desktop\Minecraft.exe

2014-06-01 18:30 - 2012-10-11 22:56 - 00000000 ____D () C:\Users\Dominik\Minecraft Texture Pack 1.0

2014-06-01 17:15 - 2012-08-26 18:28 - 00000000 ____D () C:\ProgramData\Skype

2014-06-01 14:28 - 2014-06-01 14:28 - 00023530 _____ () C:\ComboFix.txt

2014-06-01 14:28 - 2014-06-01 13:55 - 00000000 ____D () C:\ComboFix

2014-06-01 14:28 - 2014-06-01 13:54 - 00000000 ____D () C:\Qoobox

2014-06-01 14:25 - 2009-07-14 04:04 - 00000215 _____ () C:\Windows\system.ini

2014-06-01 14:20 - 2013-10-07 17:59 - 00000000 ____D () C:\Users\Miriam\AppData\Local\CrashDumps

2014-06-01 13:48 - 2014-06-01 13:47 - 05203398 ____R (Swearware) C:\Users\Miriam\Desktop\ComboFix.exe

2014-06-01 12:33 - 2014-06-01 12:32 - 00029101 _____ () C:\Users\Miriam\Downloads\Addition.txt

2014-06-01 12:33 - 2014-06-01 12:30 - 00056435 _____ () C:\Users\Miriam\Downloads\FRST.txt

2014-06-01 09:44 - 2014-06-01 09:44 - 00003871 _____ () C:\Users\Miriam\Desktop\mbam.txt

2014-05-31 22:48 - 2014-05-31 22:48 - 00001056 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-05-31 22:48 - 2014-05-31 22:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-05-31 22:48 - 2014-05-31 22:48 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware

2014-05-31 22:48 - 2013-05-02 09:46 - 00000000 ____D () C:\Users\Miriam\AppData\Roaming\Malwarebytes

2014-05-31 22:48 - 2013-04-30 23:14 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-05-31 22:46 - 2014-05-31 22:45 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Miriam\Downloads\mbam-setup-2.0.2.1012.exe

2014-05-29 20:55 - 2013-03-21 22:03 - 00000000 ____D () C:\BrickForce

2014-05-28 20:21 - 2012-07-30 23:38 - 00000680 __RSH () C:\Users\Lon\ntuser.pol

2014-05-28 20:21 - 2012-07-30 23:38 - 00000000 ____D () C:\Users\Lon

2014-05-28 20:15 - 2012-08-26 18:29 - 00000000 ____D () C:\Users\Lon\AppData\Roaming\Skype

2014-05-24 09:03 - 2014-05-20 16:10 - 00217600 _____ () C:\Users\Dominik\Desktop\jacob-1.17-M2-x64.dll

2014-05-24 09:03 - 2014-05-20 16:10 - 00176128 _____ () C:\Users\Dominik\Desktop\jacob-1.17-M2-x86.dll

2014-05-24 09:00 - 2014-04-21 21:05 - 00000000 ____D () C:\Users\Dominik\Desktop\authlib

2014-05-23 11:09 - 2014-05-23 08:53 - 00000000 ____D () C:\Users\Lon\Documents\23.05.14

2014-05-22 22:30 - 2014-01-21 14:04 - 00002121 _____ () C:\Users\Public\Desktop\Google Chrome.lnk

2014-05-20 16:08 - 2014-05-20 16:04 - 00000000 ____D () C:\Users\Dominik\Desktop\Unleashed

2014-05-20 16:03 - 2014-05-20 16:03 - 00000000 _____ () C:\Users\Dominik\Desktop\FTBOSSent1.3.8.txt

2014-05-19 16:23 - 2014-05-19 16:23 - 00395853 _____ () C:\Users\Dominik\Desktop\ShadersMod-v2.3.15mc1.7.5-installer.jar

2014-05-19 15:37 - 2014-05-19 15:37 - 00000000 ____D () C:\Users\Dominik\Desktop\FTB

2014-05-19 11:23 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache

2014-05-16 15:51 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET

2014-05-16 14:33 - 2014-05-07 03:18 - 00000000 ___SD () C:\Windows\system32\CompatTel

2014-05-16 14:33 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\de-DE

2014-05-16 11:05 - 2014-05-07 19:48 - 00000000 ____D () C:\Users\Miriam\Documents\Bezirksamt

2014-05-16 10:05 - 2013-08-02 10:15 - 00000000 ____D () C:\Windows\system32\MRT

2014-05-16 10:00 - 2012-08-03 21:09 - 90547776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2014-05-16 09:49 - 2012-07-30 23:53 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service

2014-05-15 16:21 - 2009-07-14 06:53 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

2014-05-13 22:10 - 2012-07-31 15:30 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe

2014-05-13 22:10 - 2012-07-31 15:30 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl

2014-05-13 21:01 - 2013-06-06 14:47 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk

2014-05-12 13:13 - 2014-04-12 23:05 - 00018778 _____ () C:\Users\Lon\Desktop\Imbiss Preisliste.odt

2014-05-12 07:26 - 2014-05-31 22:48 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2014-05-12 07:25 - 2014-05-31 22:48 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-05-12 07:25 - 2014-01-21 22:11 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2014-05-10 15:59 - 2014-05-10 15:59 - 00000000 ____D () C:\Program Files\Mozilla Firefox

2014-05-09 15:23 - 2014-05-09 15:23 - 00036400 _____ () C:\Users\Dominik\Downloads\PlunderPixels Shaders 1.7.x.zip

2014-05-09 15:16 - 2014-05-09 15:16 - 00814735 _____ () C:\Users\Dominik\Downloads\OptiFine_1.7.9_HD_U_D2.jar

2014-05-09 09:06 - 2014-05-15 16:43 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2014-05-09 09:04 - 2014-05-15 16:43 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2014-05-08 23:12 - 2014-03-11 00:04 - 00000000 ____D () C:\Users\Miriam\Documents\Calibre-Bibliothek

2014-05-08 22:24 - 2014-03-11 00:03 - 00000930 _____ () C:\Users\Public\Desktop\calibre - E-book management.lnk

2014-05-08 22:24 - 2014-03-11 00:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management

2014-05-08 22:24 - 2014-03-11 00:03 - 00000000 ____D () C:\Program Files\Calibre2

2014-05-08 22:19 - 2014-05-08 22:18 - 55546880 _____ () C:\Users\Miriam\Downloads\calibre-1.35.0.msi

2014-05-08 22:19 - 2012-07-30 23:26 - 01627104 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-05-07 22:16 - 2014-04-10 14:03 - 00000000 ____D () C:\Users\Lon\Documents\10042014

2014-05-07 22:14 - 2014-05-07 22:14 - 00016949 _____ () C:\Users\Lon\Documents\initiativBewerbung.odt

2014-05-07 21:47 - 2014-05-07 19:49 - 00000000 ____D () C:\Users\Miriam\Documents\Mark Berisha

2014-05-07 19:58 - 2014-05-07 19:58 - 00000000 ____D () C:\Users\Miriam\Documents\Glückwünsche

2014-05-07 19:11 - 2014-05-06 23:17 - 00000000 ____D () C:\Users\Miriam\Bilder

2014-05-07 19:08 - 2012-08-02 00:00 - 00000000 ____D () C:\Users\Miriam\Documents\Arbeit

2014-05-07 19:07 - 2014-05-07 19:07 - 00000000 __SHD () C:\Users\Miriam\AppData\Local\EmieUserList

2014-05-07 19:07 - 2014-05-07 19:07 - 00000000 __SHD () C:\Users\Miriam\AppData\Local\EmieSiteList

2014-05-07 19:03 - 2013-11-07 13:14 - 00000000 ____D () C:\Users\Miriam\Documents\ebay

2014-05-07 08:40 - 2013-05-21 21:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive

2014-05-06 22:52 - 2014-05-06 22:03 - 00001020 __RSH () C:\Users\Miriam Standard\ntuser.pol

2014-05-06 22:52 - 2014-05-06 22:03 - 00000000 ____D () C:\Users\Miriam Standard

2014-05-06 22:14 - 2014-05-06 22:14 - 00065568 _____ () C:\Users\Miriam Standard\AppData\Local\GDIPFONTCACHEV1.DAT

2014-05-06 22:09 - 2014-05-06 22:09 - 00000000 ____D () C:\Users\Miriam Standard\AppData\Roaming\Avira

2014-05-06 22:03 - 2014-05-06 22:03 - 00001417 _____ () C:\Users\Miriam Standard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2014-05-06 22:03 - 2014-05-06 22:03 - 00000020 ___SH () C:\Users\Miriam Standard\ntuser.ini

2014-05-06 22:03 - 2014-05-06 22:03 - 00000000 _SHDL () C:\Users\Miriam Standard\Startmenü

2014-05-06 22:03 - 2014-05-06 22:03 - 00000000 _SHDL () C:\Users\Miriam Standard\Netzwerkumgebung

2014-05-06 22:03 - 2014-05-06 22:03 - 00000000 _SHDL () C:\Users\Miriam Standard\Druckumgebung

2014-05-06 22:03 - 2014-05-06 22:03 - 00000000 _SHDL () C:\Users\Miriam Standard\Documents\Eigene Musik

2014-05-06 22:03 - 2014-05-06 22:03 - 00000000 _SHDL () C:\Users\Miriam Standard\Documents\Eigene Bilder

2014-05-06 22:03 - 2014-05-06 22:03 - 00000000 _SHDL () C:\Users\Miriam Standard\AppData\Roaming\Microsoft\Windows\Start Menu\Programme

2014-05-06 22:03 - 2014-05-06 22:03 - 00000000 _SHDL () C:\Users\Miriam Standard\AppData\Local\Verlauf

2014-05-06 22:03 - 2014-05-06 22:03 - 00000000 ____D () C:\Users\Miriam Standard\AppData\Roaming\Adobe

2014-05-06 22:03 - 2014-05-06 22:03 - 00000000 ____D () C:\Users\Miriam Standard\AppData\Local\VirtualStore

2014-05-06 21:51 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\NDF

2014-05-06 21:33 - 2013-04-29 14:49 - 00000000 ____D () C:\Users\Miriam\Documents\Computer

2014-05-06 05:25 - 2014-05-16 09:56 - 17382912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-05-06 05:07 - 2014-05-16 09:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-05-06 04:10 - 2014-05-16 09:56 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
 

Some content of TEMP:

====================

C:\Users\Miriam\AppData\Local\Temp\avgnt.exe
 
 

==================== Bamital & volsnap Check =================
 

C:\Windows\explorer.exe => MD5 is legit

C:\Windows\system32\winlogon.exe => MD5 is legit

C:\Windows\system32\wininit.exe => MD5 is legit

C:\Windows\system32\svchost.exe => MD5 is legit

C:\Windows\system32\services.exe => MD5 is legit

C:\Windows\system32\User32.dll => MD5 is legit

C:\Windows\system32\userinit.exe => MD5 is legit

C:\Windows\system32\rpcss.dll => MD5 is legit

C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
 
 

LastRegBack: 2014-05-29 18:01
 

==================== End Of Log ============================

--- --- ---

--- --- ---

Code:

Additional scan result of Farbar Recovery Scan Tool (x86) Version:02-06-2014

Ran by Miriam at 2014-06-03 22:13:45

Running from C:\Users\Miriam\Desktop

Boot Mode: Normal

==========================================================
 
 

==================== Security Center ========================
 

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}

AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 

==================== Installed Programs ======================
 

32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden

Adobe Digital Editions 2.0 (HKLM\...\Adobe Digital Editions 2.0) (Version: 2.0 - Adobe Systems Incorporated)

Adobe Flash Player 13 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)

Adobe Flash Player 13 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)

Adobe Reader XI (11.0.07) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)

Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.4.144 - Adobe Systems, Inc.)

AIO_CDA_Software (Version: 130.0.365.000 - Hewlett-Packard) Hidden

AIO_Scan (Version: 130.0.365.000 - Hewlett-Packard) Hidden

AnyDVD (HKLM\...\AnyDVD) (Version: 7.1.2.0 - SlySoft)

Apple Application Support (HKLM\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{18D47FA1-0440-48D3-A7E0-DA09537FF471}) (Version: 7.1.1.3 - Apple Inc.)

Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

Audible Download Manager (HKLM\...\AudibleDownloadManager) (Version: 6.6.0.15 - Audible, Inc.)

AVerMedia Gaming Plug-in 2.0.10.0 (HKLM\...\AVerMedia Gaming Plug-in) (Version: 2.0.10.0 - AVerMedia TECHNOLOGIES, Inc.)

AVerMedia H830 USB Hybrid TV 10.0.0.25 (HKLM\...\AVerMedia H830 USB Hybrid TV) (Version: 10.0.0.25 - AVerMedia TECHNOLOGIES, Inc.)

AVerTV (HKLM\...\InstallShield_{E28B1E6F-E0AA-4228-AB89-DB4A0C89D426}) (Version: 6.0.18 - AVerMedia Technologies, Inc.)

AVerTV (Version: 6.0.18 - AVerMedia Technologies, Inc.) Hidden

Avira Free Antivirus (HKLM\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)

AVM FRITZ!Box Dokumentation (HKLM\...\AVMFBox) (Version:  - AVM Berlin)

AVM FRITZ!Box Druckeranschluss (HKLM\...\AVMFBoxPrinter) (Version:  - AVM Berlin)

Bing-Desktop (HKLM\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.3.347.0 - Microsoft Corporation)

Black and White (HKLM\...\{E51B4CD9-A0A6-4324-B26A-31B3F2DE26CE}) (Version:  - )

Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)

Brick-Force  (HKLM\...\Brick-Force) (Version:  - Infernum Productions AG)

BufferChm (Version: 130.0.331.000 - Hewlett-Packard) Hidden

calibre (HKLM\...\{54ED2E2F-68EE-461C-888C-DB7EBE85C340}) (Version: 1.35.0 - Kovid Goyal)

Camtasia Studio 8 (HKLM\...\{8F6F7194-0734-4CDA-8C04-6B766F2241A6}) (Version: 8.0.4.1060 - TechSmith Corporation)

Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM\...\CANONIJPLM100) (Version:  - )

Canon MP Navigator EX 4.0 (HKLM\...\MP Navigator EX 4.0) (Version:  - )

Canon Solution Menu EX (HKLM\...\CanonSolutionMenuEX) (Version:  - )

CanoScan LiDE 110 Scanner Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_cnq2414) (Version:  - )

CCleaner (HKLM\...\CCleaner) (Version: 4.09 - Piriform)

Content Manager 2 (HKLM\...\Content Manager 2) (Version: 3.4.1.11834 - NNG Llc.)

Copy (Version: 130.0.428.000 - Hewlett-Packard) Hidden

CyberLink PowerDVD 12 (HKLM\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.1312.54 - CyberLink Corp.)

CyberLink PowerDVD 12 (Version: 12.0.1312.54 - CyberLink Corp.) Hidden

D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden

Destinations (Version: 130.0.0.0 - Hewlett-Packard) Hidden

DeviceDiscovery (Version: 130.0.465.000 - Hewlett-Packard) Hidden

DocProc (Version: 13.0.0.0 - Hewlett-Packard) Hidden

EmoDio (HKLM\...\InstallShield_{C20CE592-B0F8-4D20-BF31-0151CA6331A6}) (Version: 1.0 - SAMSUNG)

EmoDio (Version: 1.0 - SAMSUNG) Hidden

FastStone Image Viewer 4.9 (HKLM\...\FastStone Image Viewer) (Version: 4.9 - FastStone Soft)

Fax (Version: 130.0.418.000 - Hewlett-Packard) Hidden

FormatFactory 3.1.1 (HKLM\...\FormatFactory) (Version: 3.1.1 - Free Time)

Free Audio CD to MP3 Converter version 1.3.12.1228 (HKLM\...\Free Audio CD to MP3 Converter_is1) (Version: 1.3.12.1228 - DVDVideoSoft Ltd.)

Free MP4 Video Converter version 5.0.32.1219 (HKLM\...\Free MP4 Video Converter_is1) (Version: 5.0.32.1219 - DVDVideoSoft Ltd.)

Free YouTube Download version 3.1.40.1031 (HKLM\...\Free YouTube Download_is1) (Version: 3.1.40.1031 - DVDVideoSoft Ltd.)

Free YouTube to MP3 Converter version 3.11.35.1031 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.11.35.1031 - DVDVideoSoft Ltd.)

GIMP 2.8.2 (HKLM\...\GIMP-2_is1) (Version: 2.8.2 - The GIMP Team)

Glary Utilities 4.4 (HKLM\...\Glary Utilities 4) (Version: 4.4.0.86 - Glarysoft Ltd)

Google Chrome (HKLM\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)

Google Drive (HKLM\...\{418BAAD1-754D-48B4-B078-46EF4F25AF42}) (Version: 1.15.6556.8063 - Google, Inc.)

Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)

Google Update Helper (Version: 1.3.24.7 - Google Inc.) Hidden

GPBaseService2 (Version: 130.0.371.000 - Hewlett-Packard) Hidden

HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)

HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)

HP Photosmart All-In-One Driver Software 13.0 Rel. A (HKLM\...\{17016DA1-F040-4032-BD36-34DD317BC9D5}) (Version: 13.0 - HP)

HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)

HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)

HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)

HP Update (HKLM\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.001 - Hewlett-Packard)

HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden

HPPhotoGadget (Version: 130.0.282.000 - Hewlett-Packard) Hidden

HPPhotoSmartDiscLabelContent1 (Version: 2.04.0000 - Hewlett-Packard) Hidden

HPPhotosmartEssential (Version: 2.04.0000 - Hewlett-Packard) Hidden

HPProductAssistant (Version: 130.0.371.000 - Hewlett-Packard) Hidden

HPSSupply (Version: 130.0.371.000 - Hewlett-Packard) Hidden

iCloud (HKLM\...\{00A61104-74B5-4056-AD00-4397EF4FB141}) (Version: 3.1.0.40 - Apple Inc.)

IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.37 - Irfan Skiljan)

iTunes (HKLM\...\{2F21564D-DE05-4C6D-B21E-08B9D313FAB3}) (Version: 11.1.5.5 - Apple Inc.)

Java 7 Update 25 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)

Java Auto Updater (Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden

Junk Mail filter update (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

MAGIX mp3 maker SE (HKLM\...\MAGIX mp3 maker SE) (Version: 1.1.1.664 - MAGIX AG)

Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)

MarketResearch (Version: 130.0.374.000 - Hewlett-Packard) Hidden

McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)

Mein CEWE FOTOBUCH (HKLM\...\Mein CEWE FOTOBUCH) (Version: 5.0.1 - CEWE COLOR AG u Co. OHG)

Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft XML Parser (Version: 8.0.7820.0 - Microsoft Corporation) Hidden

Mobile Connection Manager (HKLM\...\o2DE) (Version:  - Mobile Connection Manager)

Mozilla Firefox 29.0.1 (x86 de) (HKLM\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)

Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)

Mp3tag v2.58 (HKLM\...\Mp3tag) (Version: v2.58 - Florian Heidenreich)

MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden

MSVCRT110 (Version: 16.4.1108.0727 - Microsoft) Hidden

MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)

MyPhoneExplorer (HKLM\...\MPE) (Version: 1.8.4 - F.J. Wechselberger)

Need for Speed™ Most Wanted (HKLM\...\{A48B9CD8-C2BA-4EC9-0081-7260D238C7CF}) (Version:  - )

Network (Version: 130.0.572.000 - Hewlett-Packard) Hidden

OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)

OpenOffice.org 3.4.1 (HKLM\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)

Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41417}) (Version: 3.61.0 - dotPDN LLC)

PDF Architect (HKLM\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)

PDF24 Creator 6.3.2 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)

PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.2 - pdfforge)

PhotoCardMaker 1.0.4 (HKLM\...\PhotoCardMaker_is1) (Version:  - Kigosoft Inc.)

Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.3.3.12085_7 - Samsung Electronics Co., Ltd.)

Samsung Kies (Version: 2.3.3.12085_7 - Samsung Electronics Co., Ltd.) Hidden

SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.18.0 - SAMSUNG Electronics Co., Ltd.)

Scan (Version: 13.0.0.0 - Hewlett-Packard) Hidden

Secunia PSI (3.0.0.7009) (HKLM\...\Secunia PSI) (Version: 3.0.0.7009 - Secunia)

Secure Banking Version 1.5.2 (HKLM\...\{0BEE0AF9-79F3-4C4F-B374-90C0A16BF294}_is1) (Version: 1.5.2 - Hopfgartner Niklas)

Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)

Skype™ 6.14 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)

SmartWebPrinting (Version: 130.0.457.000 - Hewlett-Packard) Hidden

SolutionCenter (Version: 130.0.373.000 - Hewlett-Packard) Hidden

Status (Version: 130.0.469.000 - Hewlett-Packard) Hidden

Stronghold Crusader Extreme (HKLM\...\{8C3727F2-8E37-49E4-820C-03B1677F53B6}) (Version: 1.20.0000 - Firefly Studios)

SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.6.1014 - SUPERAntiSpyware.com)

swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden

TeamViewer 8 (HKLM\...\TeamViewer 8) (Version: 8.0.26038 - TeamViewer)

Toolbox (Version: 130.0.648.000 - Hewlett-Packard) Hidden

TrayApp (Version: 130.0.422.000 - Hewlett-Packard) Hidden

UnloadSupport (Version: 11.0.0 - Hewlett-Packard) Hidden

WebReg (Version: 130.0.132.017 - Hewlett-Packard) Hidden

Windows Live Communications Platform (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)

Windows Live Essentials (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden

Windows Live Installer (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Windows Live Mail (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Windows Live MIME IFilter (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Windows Live Photo Common (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Windows Live PIMT Platform (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Windows Live SOXE (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Windows Live SOXE Definitions (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Windows Live UX Platform (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Windows Live UX Platform Language Pack (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Windows Live Writer (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

Windows Live Writer Resources (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

ZTE USB Driver (HKLM\...\ZTE USB Driver) (Version: 1.0.1.25_TME - ZTE Corporation)
 

==================== Restore Points  =========================
 

16-05-2014 07:55:00 Windows Update

21-05-2014 15:02:48 Windows Update

29-05-2014 17:26:35 Geplanter Prüfpunkt

30-05-2014 15:02:47 Windows Update

01-06-2014 11:56:10 ComboFix created restore point

03-06-2014 05:54:50 Windows Update

03-06-2014 19:26:25 zoek.exe restore point
 

==================== Hosts content: ==========================
 

2009-07-14 04:04 - 2013-05-01 21:32 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost
 

==================== Scheduled Tasks (whitelisted) =============
 

Task: {28C8B46F-FF08-4E68-8A0E-161199794483} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-03-12] (Oracle Corporation)

Task: {305714BB-D746-4A03-AC23-1FA05FCEEA9B} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2011-10-28] (Hewlett-Packard)

Task: {439022B6-30CA-4A32-939C-5E22280B7DD2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-08-26] (Google Inc.)

Task: {47029342-4FB1-4596-81C6-FFEDB7F33118} - System32\Tasks\Ad-Aware Antivirus Scheduled Scan => C:\PROGRA~1\AD-AWA~1\AdAwareLauncher.exe

Task: {4D110B67-5D67-4BCF-B4CE-B3B7DF579B3E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {5EE09F43-9C0B-415F-A376-D93F87FEAAB5} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)

Task: {78A4EB2A-89C8-4B1D-9A04-00CE1A7EF415} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)

Task: {948216FE-4B4F-4186-8C3F-14E0F336746C} - System32\Tasks\Google Updater and Installer => C:\Users\Miriam\AppData\Local\Google\Update\GoogleUpdate.exe

Task: {A075EACF-7F3E-4AA8-989C-F99DD1F2057C} - System32\Tasks\GlaryInitialize 4 => C:\Program Files\Glary Utilities 4\Initialize.exe [2014-01-06] (Glarysoft Ltd)

Task: {B72DA5A0-94ED-43A0-9425-D047BE042A2C} - System32\Tasks\GU4SkipUAC => C:\Program Files\Glary Utilities 4\Integrator.exe [2014-01-06] (Glarysoft Ltd)

Task: {B970EB18-119E-4F37-863A-6646ED3790C1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-13] (Adobe Systems Incorporated)

Task: {C1BAAE46-A46C-4B20-8E2F-F7AABFC8B4A9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2012-08-26] (Google Inc.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\GlaryInitialize 4.job => C:\Program Files\Glary Utilities 4\Initialize.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
 

==================== Loaded Modules (whitelisted) =============
 

2013-11-05 22:00 - 2013-11-05 21:59 - 00394824 _____ () C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll

2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll

2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll

2012-12-25 14:00 - 2009-12-06 23:13 - 00397312 _____ () C:\Program Files\Common Files\AVerMedia\Service\AVerScheduleService.exe

2013-02-12 18:00 - 2010-04-05 21:55 - 00116104 _____ () C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE

2013-09-14 02:51 - 2013-09-14 02:51 - 00087952 _____ () C:\Program Files\Common Files\Apple\Internet Services\zlib1.dll

2013-09-14 02:50 - 2013-09-14 02:50 - 01242952 _____ () C:\Program Files\Common Files\Apple\Internet Services\libxml2.dll

2014-01-21 11:25 - 2012-09-07 18:30 - 00002560 _____ () C:\Program Files\Secure Banking\sbservice.exe

2014-01-21 11:25 - 2013-06-30 18:01 - 00017920 _____ () C:\Program Files\Secure Banking\SecureBanking.dll

2014-01-21 11:25 - 2013-05-26 14:13 - 00008704 _____ () C:\Program Files\Secure Banking\funcs.dll

2014-05-22 22:30 - 2014-05-14 01:40 - 00716616 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.114\libglesv2.dll

2014-05-22 22:30 - 2014-05-14 01:40 - 00126280 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.114\libegl.dll

2014-05-22 22:30 - 2014-05-14 01:40 - 04217672 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.114\pdf.dll

2014-05-22 22:30 - 2014-05-14 01:40 - 00414536 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll

2014-05-22 22:30 - 2014-05-14 01:40 - 01732424 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll
 

==================== Alternate Data Streams (whitelisted) =========
 
 

==================== Safe Mode (whitelisted) ===================
 
 

==================== EXE Association (whitelisted) =============
 
 

==================== Disabled items from MSCONFIG ==============
 

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Audible Download Manager.lnk => C:\Windows\pss\Audible Download Manager.lnk.CommonStartup

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AVer HID Receiver.lnk => C:\Windows\pss\AVer HID Receiver.lnk.CommonStartup

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AVerQuick.lnk => C:\Windows\pss\AVerQuick.lnk.CommonStartup

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup

MSCONFIG\startupfolder: C:^Users^Miriam^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk => C:\Windows\pss\OpenOffice.org 3.4.1.lnk.Startup

MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"

MSCONFIG\startupreg: KiesAirMessage => C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup                                                                                                                                                                                                                

MSCONFIG\startupreg: KiesPDLR => C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe                                                                                                                                                                                                       

MSCONFIG\startupreg: KiesPreload => C:\Program Files\Samsung\Kies\Kies.exe /preload                                                                                                                                                                                                                          

MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe

MSCONFIG\startupreg: PowerDVD12Agent => "C:\Program Files\CyberLink\PowerDVD12\PowerDVD12Agent.exe"

MSCONFIG\startupreg: PowerDVD12DMREngine => "C:\Program Files\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe"
 

==================== Faulty Device Manager Devices =============
 

Name: Officejet J4680 series

Description: Officejet J4680 series

Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}

Manufacturer: HP

Service: 

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 

Name: Bluetooth-Peripheriegerät

Description: Bluetooth-Peripheriegerät

Class Guid: 

Manufacturer: 

Service: 

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 

Name: Bluetooth-Peripheriegerät

Description: Bluetooth-Peripheriegerät

Class Guid: 

Manufacturer: 

Service: 

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 

Name: Basissystemgerät

Description: Basissystemgerät

Class Guid: 

Manufacturer: 

Service: 

Problem: : The drivers for this device are not installed. (Code 28)

Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (06/03/2014 02:40:41 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 5312817
 

Error: (06/03/2014 02:40:41 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 5312817
 

Error: (06/03/2014 02:40:41 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second
 

Error: (06/03/2014 02:40:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 5311818
 

Error: (06/03/2014 02:40:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 5311818
 

Error: (06/03/2014 02:40:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second
 

Error: (06/03/2014 02:40:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 5310789
 

Error: (06/03/2014 02:40:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 5310789
 

Error: (06/03/2014 02:40:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second
 

Error: (06/03/2014 01:12:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 4103
 
 

System errors:

=============

Error: (06/03/2014 10:03:33 PM) (Source: atikmdag) (EventID: 10261) (User: )

Description: Display is not active
 

Error: (06/03/2014 10:03:33 PM) (Source: atikmdag) (EventID: 19468) (User: )

Description: CPLIB :: General - Invalid Parameter
 

Error: (06/03/2014 09:41:13 PM) (Source: Service Control Manager) (EventID: 7030) (User: )

Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
 

Error: (06/03/2014 09:41:12 PM) (Source: Service Control Manager) (EventID: 7030) (User: )

Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
 

Error: (06/03/2014 09:41:11 PM) (Source: Service Control Manager) (EventID: 7030) (User: )

Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
 

Error: (06/03/2014 09:41:11 PM) (Source: Service Control Manager) (EventID: 7030) (User: )

Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
 

Error: (06/03/2014 09:41:10 PM) (Source: Service Control Manager) (EventID: 7030) (User: )

Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
 

Error: (06/03/2014 09:05:06 PM) (Source: atikmdag) (EventID: 10261) (User: )

Description: Display is not active
 

Error: (06/03/2014 08:59:51 PM) (Source: atikmdag) (EventID: 10261) (User: )

Description: Display is not active
 

Error: (06/03/2014 07:57:45 PM) (Source: atikmdag) (EventID: 10261) (User: )

Description: Display is not active
 
 

Microsoft Office Sessions:

=========================

Error: (06/03/2014 02:40:41 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 5312817
 

Error: (06/03/2014 02:40:41 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 5312817
 

Error: (06/03/2014 02:40:41 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second
 

Error: (06/03/2014 02:40:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 5311818
 

Error: (06/03/2014 02:40:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 5311818
 

Error: (06/03/2014 02:40:40 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second
 

Error: (06/03/2014 02:40:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 5310789
 

Error: (06/03/2014 02:40:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 5310789
 

Error: (06/03/2014 02:40:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second
 

Error: (06/03/2014 01:12:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 4103
 
 

==================== Memory info =========================== 
 

Percentage of memory in use: 39%

Total physical RAM: 3039.03 MB

Available physical RAM: 1850 MB

Total Pagefile: 6076.34 MB

Available Pagefile: 4501.98 MB

Total Virtual: 2047.88 MB

Available Virtual: 1905.45 MB
 

==================== Drives ================================
 

Drive c: () (Fixed) (Total:455.56 GB) (Free:56.12 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 4DC0A6C6)

Partition 1: (Not Active) - (Size=10 GB) - (Type=27)

Partition 2: (Active) - (Size=456 GB) - (Type=07 NTFS)
 

==================== End Of Log ============================