Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   webssearches.com als Startseite in Firefox lässt sich nicht deinstallieren (https://www.trojaner-board.de/157354-webssearches-com-startseite-firefox-laesst-deinstallieren.html)

wiedehopf 08.08.2014 00:32
webssearches.com als Startseite in Firefox lässt sich nicht deinstallieren
 
Hallo,
ich kann webssearches auf einem Rechner mit W8.1 64-bit nicht deinstallieren. Es bleibt festgeschrieben im MOZILLA FIREFOX, abwohl ich die Startseite dort geändert habe, was auch eingetragen bleibt, aber nicht beachtet wird ;--(

Habe nach Suche im web bereits verschiedene Wege ausprobiert, die aber nicht geholfen haben.
Nun sehe ich hier im Forum, dass der hiesige Ansatz ein ganz anderer ist: Schade, zu spät entdeckt!

Nach meinen bisherigen Versuchen, die alle damit begannen über die normale Deinstallationsroutine zu gehen habe ich im Ergebnis jetzt folgende Situation:

Unter SYSTEMSTEUERUNG/PROGRAMME..../DEINSTALLIEREN wird webssearches NICHT MEHR angezeigt. Zuvor waren 5-6 Deinstallationsversuche gescheitert, weil sich das Propgramm immer an der gleichen Stelle aufgehängt hatte.
Probiert habe ich folgende Programme zur Deinstallation bzw. Suche (alle erfolglos):
- Ad-Aware Antivirus
- Malwarebytes Anti-Malware
- CCleaner
- GDATA
- Spybot

P.S.: Es ist ein Rechner einer Freundin, der ich "vollmundig" gesagt habe: "Das kriegen wir schon hin!" ;--)) Nach 4 Stunden Herumprobieren bin ich nun ziemlich ratlos und hoffe auf Hilfestellung! Habe das Forum leider zu spät entdeckt - schade!

Soll ich jetzt einfach die hier im Forum genannten weiteren Programm einfach ausprobieren oder gibt es eine andere Hilfestellung?

Ich danke im Voraus für jeden Versuch zu helfen!

Gruß
wiedehopf

schrauber 08.08.2014 00:38
Hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


wiedehopf 08.08.2014 07:56
Guten Morgen!

Zunächst einmal: Stark, wie schnell ich eine Antwort erhalten habe! Danke sehr!

Hier die weiteren Infodateie, nämlich die
FRST.txt
als erste:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-08-2014
Ran by heidehenning at 2014-08-08 08:45:41
Running from C:\Viren+Spyware_PRGS 2014
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: G Data InternetSecurity CBE (Enabled - Out of date) {545C8713-0744-B079-87F8-349A6D5C8CF0}
AV: Ad-Aware Antivirus (Disabled - Out of date) {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Ad-Aware Antivirus (Disabled - Out of date) {631A84A5-349B-D564-3A83-A0F22C2DF32B}
AS: G Data InternetSecurity CBE (Enabled - Out of date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
FW: G Data Personal Firewall (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}
FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Ad-Aware Antivirus (HKLM\...\{9F965DAA-2FFD-41E3-8125-893BFBBE01D6}_AdAwareUpdater) (Version: 11.2.5952.0 - Lavasoft)
Ad-Aware Security Toolbar (HKLM-x32\...\adawaretb) (Version: 3.9.0.26 - Lavasoft)
AdAwareInstaller (Version: 11.2.5952.0 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.2.5952.0 - Lavasoft) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19120 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 2.6.0.19120 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 2.00.01 - ASUSTeK Computer Inc.)
AMD APP SDK Runtime (Version: 10.0.938.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{4BB61CE0-3A91-92B4-4D4F-0BD958F89B33}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
AMD Fuel (Version: 2014.0423.449.6734 - Advanced Micro Devices, Inc.) Hidden
AMD VISION Engine Control Center (HKLM-x32\...\{8B1A559A-FB9D-42F5-A8A7-2F132CF28414}) (Version: 1.00.0000 - )
AntimalwareEngine (Version: 3.0.0.56 - Lavasoft) Hidden
AOL Deutschland Toolbar (HKLM-x32\...\AOL Deutschland Toolbar) (Version: - AOL Inc.)
ASUS Easy Update (HKLM-x32\...\{E7AA854E-6756-424E-84C2-4E47D5729AFF}) (Version: 2.00.28 - ASUSTeK Computer Inc)
ASUS Music Maker (HKLM-x32\...\MAGIX_{5E00D8DF-905B-41C7-B562-C126DE3A4167}) (Version: 18.0.3.3 - MAGIX AG)
ASUS Music Maker (Version: 18.0.3.3 - MAGIX AG) Hidden
ASUS MX Suite (HKLM-x32\...\MAGIX_{9204F334-2A46-49F1-89C4-65CEB7AC1974}) (Version: 1.13.0.121 - MAGIX AG)
ASUS MX Suite (Version: 1.13.0.121 - MAGIX AG) Hidden
ASUS Video easy (HKLM-x32\...\MAGIX_{7DB84618-76E3-4999-A9A0-D7D756E14129}) (Version: 3.0.1.42 - MAGIX AG)
ASUS Video easy (Version: 3.0.1.42 - MAGIX AG) Hidden
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4127.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.4127.52 - CyberLink Corp.) Hidden
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.0828.2156.37465 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0423.449.6734 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2014.0423.449.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2014.0423.449.6734 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
devolo dLAN Cockpit (HKLM-x32\...\dlancockpit) (Version: 3.2.0.0 - devolo AG)
devolo dLAN-Konfigurationsassistent (HKLM-x32\...\dlanconf) (Version: 20.0.0.0 - devolo AG)
devolo Informer (HKLM-x32\...\dslmon) (Version: 28.0.0.0 - devolo AG)
dLAN Cockpit (x32 Version: 3.2.28 - devolo AG) Hidden
Download Updater (AOL Inc.) (HKLM-x32\...\SoftwareUpdUtility) (Version: - AOL Inc.) <==== ATTENTION
eManual (HKLM-x32\...\{0C84E634-EB68-4A54-B21E-A05EC87A4CC5}) (Version: 1.00.01 - ASUSTeK Computer Inc.)
Everything 1.2.1.371 (HKLM-x32\...\Everything) (Version: - )
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{6C5F8503-55D2-4398-858C-362B7A7AF51C}) (Version: 2.1.31.0 - MAGIX AG)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
G Data InternetSecurity CBE (HKLM-x32\...\{85203592-3610-4FB9-AA11-15B2255B5A12}) (Version: 25.0.1.2 - G Data Software AG)
Galeria de Fotografias (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
HydraVision (x32 Version: 4.2.236.0 - Advanced Micro Devices, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4041.0512 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft VC9 runtime libraries (x32 Version: 2.0.0 - AOL Inc.) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 31.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
Mozilla Thunderbird 31.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.0 (x86 de)) (Version: 31.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nero 12 Essentials OEM.a01 (HKLM-x32\...\{2AC099EA-CC1C-4E4E-BDFC-0353DCF13DD0}) (Version: 12.5.00400 - Nero AG)
Nero ControlCenter (x32 Version: 11.0.15200 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (x32 Version: 12.0.0003 - Nero AG) Hidden
Nero Core Components (x32 Version: 11.0.17800 - Nero AG) Hidden
Nero Express (x32 Version: 12.0.19000 - Nero AG) Hidden
Nero Express Help (CHM) (x32 Version: 12.0.1000 - Nero AG) Hidden
Nero Launcher (x32 Version: 12.2.2000 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.11800.31.0 - Nero AG) Hidden
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Prerequisite installer (x32 Version: 12.0.0002 - Nero AG) Hidden
Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.30175 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Trend Micro Titanium (Version: 6.00 - Trend Micro Inc.) Hidden
Trend Micro Titanium Internet Security (HKLM\...\{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}) (Version: 6.0 - Trend Micro Inc.)
Why ASUS PC (HKLM-x32\...\{5648F9D9-299E-408C-AC1F-59DC75894A1F}) (Version: 1.00.02 - ASUSTeK Computer Inc.)
Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live 程式集 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live 软件包 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Συλλογή φωτογραφιών (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
影像中心 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
照片库 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2132803774-3776117452-2317121195-1003_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\heidehenning\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2132803774-3776117452-2317121195-1003_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\heidehenning\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2132803774-3776117452-2317121195-1003_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\heidehenning\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2132803774-3776117452-2317121195-1003_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\heidehenning\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2132803774-3776117452-2317121195-1003_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\heidehenning\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points =========================

20-07-2014 09:41:21 Geplanter Prüfpunkt
29-07-2014 07:57:28 Advanced Driver Updater
04-08-2014 16:24:22 Removed 7-Zip 9.21
07-08-2014 18:35:21 AA11

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {075D4BAD-9411-4498-A274-D8DE53DA7908} - System32\Tasks\ParetoLogic Registration3 => Rundll32.exe "C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\UUS3.dll" RunUns
Task: {096BDA63-66C4-4564-AE21-94149902A4E7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-21] (Google Inc.)
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {1DE0CA86-2FC0-42EE-B3E5-675AE49C6571} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2559CBD2-D54B-411A-84C9-E2A689E2115A} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-03-18] (Microsoft Corporation)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {5B3BE1CC-6BB2-4A6C-B305-13B317D128D8} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {5B59233F-3F39-4E53-9C04-E99DBDEC3BB0} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {65AC2682-198D-45E3-B4DD-A8361EBFA8EA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-21] (Google Inc.)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7BB1EC61-3140-48A7-9245-3DD56ECC42BA} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A17543F5-9F29-41E3-9D9C-11CBCB11B588} - System32\Tasks\ParetoLogic Update Version3 => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2011-03-30] (ParetoLogic Inc.)
Task: {A22D1DEC-698B-4F23-B450-297D5EEB85DD} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-28] (Adobe Systems Incorporated)
Task: {B44F6000-CE83-4E84-86DF-E4A4F4A0B66D} - \Gridmonetize Boot Trigger Task No Task File <==== ATTENTION
Task: {BACBA27B-44D5-488D-A87B-6772619848C2} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {C713547A-5C2E-4637-8563-10F53CF01F48} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2012-03-13] (ASUSTeK Computer Inc.)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D4F1838F-B2D1-4B45-AEF2-FB800DF0E0ED} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {D5784366-0042-4684-AFAF-8A883983EE53} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {F30B0409-F167-4A87-A886-EB214834ACEB} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-07-13] (Microsoft Corporation)
Task: {F4AFB92D-113C-4E38-B9CA-ACD0CBD4662E} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: {F797A162-F6DB-4FE4-B8C4-2374F175EB2F} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\ParetoLogic Registration3.job => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\UUS3.dll
Task: C:\WINDOWS\Tasks\ParetoLogic Update Version3.job => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe

==================== Loaded Modules (whitelisted) =============

2012-11-29 19:07 - 2012-06-01 11:42 - 00920736 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2014-06-03 15:47 - 2014-06-03 15:47 - 00706864 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareService.exe
2014-06-03 16:19 - 2014-06-03 16:19 - 00103800 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\boost_thread-vc100-mt-1_55.dll
2014-06-03 16:19 - 2014-06-03 16:19 - 00024440 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\boost_system-vc100-mt-1_55.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00055680 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\boost_date_time-vc100-mt-1_55.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00123776 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\boost_filesystem-vc100-mt-1_55.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00033656 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\boost_chrono-vc100-mt-1_55.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 10070888 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareServiceKernel.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00685904 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\SQLite.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 03393352 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\RCF.dll
2014-06-03 16:19 - 2014-06-03 16:19 - 00788856 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\boost_regex-vc100-mt-1_55.dll
2014-06-03 16:17 - 2014-06-03 16:17 - 00604520 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareActivation.dll
2014-06-03 16:19 - 2014-06-03 16:19 - 00158032 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\pugixml.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00360312 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareApplicationUpdater.dll
2014-06-03 16:19 - 2014-06-03 16:19 - 00149840 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\libssh2.dll
2014-06-03 16:19 - 2014-06-03 16:19 - 00106824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\zlib.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00142696 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareGamingMode.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00098648 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareReset.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00120152 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareTime.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00290168 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareDefinitionsUpdater.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00198024 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareDefinitionsUpdaterScheduler.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00417128 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareIgnoreList.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00245608 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareQuarantine.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00336752 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareAntiMalwareEngine.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00212336 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareAntiRootkitEngine.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00509808 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareScannerHistory.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00610144 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareScanner.dll
2014-06-03 16:19 - 2014-06-03 16:19 - 00035192 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\boost_timer-vc100-mt-1_55.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00326000 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareScannerScheduler.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00453496 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareRealTimeProtection.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00227688 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareIncompatibles.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00218976 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareAntiSpam.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00171368 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareAntiPhishing.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00786800 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareParentalControl.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 01936744 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareWebProtection.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00422256 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareEmailProtection.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00650608 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareNetworkProtection.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00358744 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwarePromo.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00298336 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareFeedback.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00371576 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareThreatWorkAlliance.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00154464 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\SecurityCenter.dll
2014-08-04 18:36 - 2014-07-30 13:17 - 02845792 ___SH () C:\Program Files (x86)\OgenistSwomating\OgenistSwomating.exe
2014-08-04 18:36 - 2014-07-30 13:17 - 00204384 ___SH () C:\Program Files (x86)\OgenistSwomating\HttpsProxy.exe
2014-07-29 11:09 - 2014-07-28 20:24 - 04795904 _____ () C:\WINDOWS\score.exe
2014-08-04 18:36 - 2014-08-04 18:36 - 00108128 ____R () C:\Program Files (x86)\OgenistSwomating\OgenistSwomatingHelper.exe
2013-12-19 04:42 - 2013-12-19 04:42 - 00350840 ____N () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 02082160 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareShellExtension.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 07715160 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareTray.exe
2014-06-03 16:18 - 2014-06-03 16:18 - 00500088 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\boost_locale-vc100-mt-1_55.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00364896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\HtmlFramework.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00066904 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\DllStorage.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00803696 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareTrayDefaultSkin.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00139608 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\Localization.dll
2012-11-29 19:07 - 2014-08-07 22:51 - 00024576 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2012-11-29 19:07 - 2010-06-29 04:58 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2014-08-07 19:16 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-08-07 19:16 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-08-07 19:16 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-08-07 19:16 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-08-07 19:16 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2012-11-29 19:22 - 2012-05-24 20:27 - 00050688 _____ () C:\Program Files (x86)\ASUS\ASUS Easy Update\AsMultiLang.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\heidehenning\Documents\GCO.eml:OECustomProperty

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============

Name: AMD Radeon HD 7600 Series
Description: AMD Radeon HD 7600 Series
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Advanced Micro Devices, Inc.
Service: amdkmdap
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: =========================

Application errors:
==================
Error: (08/07/2014 06:53:56 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoID={84D394EB-431D-41A6-A360-6AE4EFF85790}: Der Benutzer "Sunny\heidehenning" hat eine Verbindung mit dem Namen "Breitbandverbindung" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 651.

Error: (08/05/2014 09:17:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AVKProxy.exe, Version: 1.5.14043.574, Zeitstempel: 0x52fb3224
Name des fehlerhaften Moduls: combase.dll, Version: 6.3.9600.17031, Zeitstempel: 0x53086d7c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00016d64
ID des fehlerhaften Prozesses: 0x674
Startzeit der fehlerhaften Anwendung: 0xAVKProxy.exe0
Pfad der fehlerhaften Anwendung: AVKProxy.exe1
Pfad des fehlerhaften Moduls: AVKProxy.exe2
Berichtskennung: AVKProxy.exe3
Vollständiger Name des fehlerhaften Pakets: AVKProxy.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AVKProxy.exe5

Error: (08/04/2014 06:36:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: FlashPlayerPlugin_14_0_0_145.exe, Version: 14.0.0.145, Zeitstempel: 0x53aa1aea
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x709b90df
ID des fehlerhaften Prozesses: 0x770
Startzeit der fehlerhaften Anwendung: 0xFlashPlayerPlugin_14_0_0_145.exe0
Pfad der fehlerhaften Anwendung: FlashPlayerPlugin_14_0_0_145.exe1
Pfad des fehlerhaften Moduls: FlashPlayerPlugin_14_0_0_145.exe2
Berichtskennung: FlashPlayerPlugin_14_0_0_145.exe3
Vollständiger Name des fehlerhaften Pakets: FlashPlayerPlugin_14_0_0_145.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: FlashPlayerPlugin_14_0_0_145.exe5

Error: (08/04/2014 06:36:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: FlashPlayerPlugin_14_0_0_145.exe, Version: 14.0.0.145, Zeitstempel: 0x53aa1aea
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc00001a5
Fehleroffset: 0x00614fa0
ID des fehlerhaften Prozesses: 0x770
Startzeit der fehlerhaften Anwendung: 0xFlashPlayerPlugin_14_0_0_145.exe0
Pfad der fehlerhaften Anwendung: FlashPlayerPlugin_14_0_0_145.exe1
Pfad des fehlerhaften Moduls: FlashPlayerPlugin_14_0_0_145.exe2
Berichtskennung: FlashPlayerPlugin_14_0_0_145.exe3
Vollständiger Name des fehlerhaften Pakets: FlashPlayerPlugin_14_0_0_145.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: FlashPlayerPlugin_14_0_0_145.exe5

Error: (08/04/2014 06:21:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 31.0.0.5310, Zeitstempel: 0x53c75e91
Name des fehlerhaften Moduls: mozalloc.dll, Version: 31.0.0.5310, Zeitstempel: 0x53c72e91
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x294c
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5

Error: (08/02/2014 07:10:59 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm firefox.exe, Version 31.0.0.5310 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1f34

Startzeit: 01cfae74a8739805

Endzeit: 0

Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Berichts-ID: f3e9d399-1a67-11e4-bef1-60a44c22f9df

Vollständiger Name des fehlerhaften Pakets:

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (08/02/2014 07:09:48 PM) (Source: AllDaySavingsService64) (EventID: 1) (User: )
Description: AllDaySavingsService64In SvcInstall, CreateService failed (1073)
failed with 1073

Error: (08/02/2014 07:05:12 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm iexplore.exe, Version 11.0.9600.17126 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: cc8

Startzeit: 01cfae5172d679f9

Endzeit: 0

Anwendungspfad: C:\Program Files\Internet Explorer\iexplore.exe

Berichts-ID: 10bcb8c0-1a67-11e4-bef1-60a44c22f9df

Vollständiger Name des fehlerhaften Pakets:

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (08/02/2014 05:17:38 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Sunny)
Description: Bei der Aktivierung der App „Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (08/02/2014 02:58:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm iexplore.exe, Version 11.0.9600.17126 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 19cc

Startzeit: 01cfae50e22004c0

Endzeit: 52

Anwendungspfad: C:\Program Files\Internet Explorer\iexplore.exe

Berichts-ID: 9ba658fe-1a44-11e4-bef1-60a44c22f9df

Vollständiger Name des fehlerhaften Pakets:

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:


System errors:
=============
Error: (08/07/2014 08:25:34 PM) (Source: DCOM) (EventID: 10010) (User: Sunny)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (08/07/2014 07:20:03 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.

Error: (08/07/2014 06:37:30 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT-AUTORITÄT)
Description: 32212256841141792

Error: (08/07/2014 06:37:48 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎07.‎08.‎2014 um 18:32:48 unerwartet heruntergefahren.

Error: (08/07/2014 06:32:28 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT-AUTORITÄT)
Description: 32212256841135392

Error: (08/07/2014 06:32:48 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎07.‎08.‎2014 um 08:33:50 unerwartet heruntergefahren.

Error: (08/07/2014 06:47:25 AM) (Source: DCOM) (EventID: 10010) (User: Sunny)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (08/07/2014 06:46:55 AM) (Source: DCOM) (EventID: 10010) (User: Sunny)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (08/05/2014 10:58:05 AM) (Source: DCOM) (EventID: 10010) (User: Sunny)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (08/05/2014 10:57:55 AM) (Source: DCOM) (EventID: 10010) (User: Sunny)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}


Microsoft Office Sessions:
=========================
Error: (08/07/2014 06:53:56 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: {84D394EB-431D-41A6-A360-6AE4EFF85790}Sunny\heidehenningBreitbandverbindung651

Error: (08/05/2014 09:17:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: AVKProxy.exe1.5.14043.57452fb3224combase.dll6.3.9600.1703153086d7cc000000500016d6467401cfb006126a1884C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exeC:\WINDOWS\SYSTEM32\combase.dll9755fdfb-1c70-11e4-bef5-60a44c22f9df

Error: (08/04/2014 06:36:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: FlashPlayerPlugin_14_0_0_145.exe14.0.0.14553aa1aeaunknown0.0.0.000000000c0000005709b90df77001cfb002480ec654C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPla yerPlugin_14_0_0_145.exeunknown86990c09-1bf5-11e4-bef3-60a44c22f9df

Error: (08/04/2014 06:36:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: FlashPlayerPlugin_14_0_0_145.exe14.0.0.14553aa1aeaunknown0.0.0.000000000c00001a500614fa077001cfb002480ec654C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPla yerPlugin_14_0_0_145.exeunknown85ce63fa-1bf5-11e4-bef3-60a44c22f9df

Error: (08/04/2014 06:21:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe31.0.0.531053c75e91mozalloc.dll31.0.0.531053c72e91800000030000141b294c01cfafc0ccd042c7C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll68740c7e-1bf3-11e4-bef3-60a44c22f9df

Error: (08/02/2014 07:10:59 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: firefox.exe31.0.0.53101f3401cfae74a87398050C:\Program Files (x86)\Mozilla Firefox\firefox.exef3e9d399-1a67-11e4-bef1-60a44c22f9df

Error: (08/02/2014 07:09:48 PM) (Source: AllDaySavingsService64) (EventID: 1) (User: )
Description: AllDaySavingsService64In SvcInstall, CreateService failed (1073)
failed with 1073

Error: (08/02/2014 07:05:12 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: iexplore.exe11.0.9600.17126cc801cfae5172d679f90C:\Program Files\Internet Explorer\iexplore.exe10bcb8c0-1a67-11e4-bef1-60a44c22f9df

Error: (08/02/2014 05:17:38 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Sunny)
Description: Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe!App-2144927142

Error: (08/02/2014 02:58:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: iexplore.exe11.0.9600.1712619cc01cfae50e22004c052C:\Program Files\Internet Explorer\iexplore.exe9ba658fe-1a44-11e4-bef1-60a44c22f9df


==================== Memory info ===========================

Percentage of memory in use: 18%
Total physical RAM: 8143.33 MB
Available physical RAM: 6640.88 MB
Total Pagefile: 9423.33 MB
Available Pagefile: 6931.01 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:149.56 GB) (Free:109.06 GB) NTFS
Drive d: (Data) (Fixed) (Total:765.35 GB) (Free:752.34 GB) NTFS
Drive e: (USB 16GB) (Removable) (Total:14.89 GB) (Free:13.39 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 932 GB) (Disk ID: A96A2DAE)

Partition: GPT Partition Type.

========================================================
Disk: 1 (Size: 15 GB) (Disk ID: 43C20C32)
Partition 1: (Not Active) - (Size=15 GB) - (Type=0C)

==================== End Of Log ============================




UND HIER DIE additional.txt:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-08-2014
Ran by heidehenning at 2014-08-08 08:45:41
Running from C:\Viren+Spyware_PRGS 2014
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: G Data InternetSecurity CBE (Enabled - Out of date) {545C8713-0744-B079-87F8-349A6D5C8CF0}
AV: Ad-Aware Antivirus (Disabled - Out of date) {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Ad-Aware Antivirus (Disabled - Out of date) {631A84A5-349B-D564-3A83-A0F22C2DF32B}
AS: G Data InternetSecurity CBE (Enabled - Out of date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
FW: G Data Personal Firewall (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B}
FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Ad-Aware Antivirus (HKLM\...\{9F965DAA-2FFD-41E3-8125-893BFBBE01D6}_AdAwareUpdater) (Version: 11.2.5952.0 - Lavasoft)
Ad-Aware Security Toolbar (HKLM-x32\...\adawaretb) (Version: 3.9.0.26 - Lavasoft)
AdAwareInstaller (Version: 11.2.5952.0 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.2.5952.0 - Lavasoft) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19120 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 2.6.0.19120 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 2.00.01 - ASUSTeK Computer Inc.)
AMD APP SDK Runtime (Version: 10.0.938.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{4BB61CE0-3A91-92B4-4D4F-0BD958F89B33}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
AMD Fuel (Version: 2014.0423.449.6734 - Advanced Micro Devices, Inc.) Hidden
AMD VISION Engine Control Center (HKLM-x32\...\{8B1A559A-FB9D-42F5-A8A7-2F132CF28414}) (Version: 1.00.0000 - )
AntimalwareEngine (Version: 3.0.0.56 - Lavasoft) Hidden
AOL Deutschland Toolbar (HKLM-x32\...\AOL Deutschland Toolbar) (Version: - AOL Inc.)
ASUS Easy Update (HKLM-x32\...\{E7AA854E-6756-424E-84C2-4E47D5729AFF}) (Version: 2.00.28 - ASUSTeK Computer Inc)
ASUS Music Maker (HKLM-x32\...\MAGIX_{5E00D8DF-905B-41C7-B562-C126DE3A4167}) (Version: 18.0.3.3 - MAGIX AG)
ASUS Music Maker (Version: 18.0.3.3 - MAGIX AG) Hidden
ASUS MX Suite (HKLM-x32\...\MAGIX_{9204F334-2A46-49F1-89C4-65CEB7AC1974}) (Version: 1.13.0.121 - MAGIX AG)
ASUS MX Suite (Version: 1.13.0.121 - MAGIX AG) Hidden
ASUS Video easy (HKLM-x32\...\MAGIX_{7DB84618-76E3-4999-A9A0-D7D756E14129}) (Version: 3.0.1.42 - MAGIX AG)
ASUS Video easy (Version: 3.0.1.42 - MAGIX AG) Hidden
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.4127.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.4127.52 - CyberLink Corp.) Hidden
Bing Bar (HKLM-x32\...\{3365E735-48A6-4194-9988-CE59AC5AE503}) (Version: 7.3.132.0 - Microsoft Corporation)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.0828.2156.37465 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0423.449.6734 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2014.0423.449.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2014.0423.0448.6734 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2014.0423.449.6734 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
devolo dLAN Cockpit (HKLM-x32\...\dlancockpit) (Version: 3.2.0.0 - devolo AG)
devolo dLAN-Konfigurationsassistent (HKLM-x32\...\dlanconf) (Version: 20.0.0.0 - devolo AG)
devolo Informer (HKLM-x32\...\dslmon) (Version: 28.0.0.0 - devolo AG)
dLAN Cockpit (x32 Version: 3.2.28 - devolo AG) Hidden
Download Updater (AOL Inc.) (HKLM-x32\...\SoftwareUpdUtility) (Version: - AOL Inc.) <==== ATTENTION
eManual (HKLM-x32\...\{0C84E634-EB68-4A54-B21E-A05EC87A4CC5}) (Version: 1.00.01 - ASUSTeK Computer Inc.)
Everything 1.2.1.371 (HKLM-x32\...\Everything) (Version: - )
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{6C5F8503-55D2-4398-858C-362B7A7AF51C}) (Version: 2.1.31.0 - MAGIX AG)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
G Data InternetSecurity CBE (HKLM-x32\...\{85203592-3610-4FB9-AA11-15B2255B5A12}) (Version: 25.0.1.2 - G Data Software AG)
Galeria de Fotografias (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
HydraVision (x32 Version: 4.2.236.0 - Advanced Micro Devices, Inc.) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.150.1 - McAfee, Inc.)
Microsoft App Update for microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe (x64) (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.6120.5004 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4041.0512 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft VC9 runtime libraries (x32 Version: 2.0.0 - AOL Inc.) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 31.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
Mozilla Thunderbird 31.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.0 (x86 de)) (Version: 31.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nero 12 Essentials OEM.a01 (HKLM-x32\...\{2AC099EA-CC1C-4E4E-BDFC-0353DCF13DD0}) (Version: 12.5.00400 - Nero AG)
Nero ControlCenter (x32 Version: 11.0.15200 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (x32 Version: 12.0.0003 - Nero AG) Hidden
Nero Core Components (x32 Version: 11.0.17800 - Nero AG) Hidden
Nero Express (x32 Version: 12.0.19000 - Nero AG) Hidden
Nero Express Help (CHM) (x32 Version: 12.0.1000 - Nero AG) Hidden
Nero Launcher (x32 Version: 12.2.2000 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.11800.31.0 - Nero AG) Hidden
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Prerequisite installer (x32 Version: 12.0.0002 - Nero AG) Hidden
Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.30175 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Trend Micro Titanium (Version: 6.00 - Trend Micro Inc.) Hidden
Trend Micro Titanium Internet Security (HKLM\...\{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}) (Version: 6.0 - Trend Micro Inc.)
Why ASUS PC (HKLM-x32\...\{5648F9D9-299E-408C-AC1F-59DC75894A1F}) (Version: 1.00.02 - ASUSTeK Computer Inc.)
Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live 程式集 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live 软件包 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Συλλογή φωτογραφιών (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
影像中心 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
照片库 (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2132803774-3776117452-2317121195-1003_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\heidehenning\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2132803774-3776117452-2317121195-1003_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\heidehenning\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2132803774-3776117452-2317121195-1003_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\heidehenning\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2132803774-3776117452-2317121195-1003_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\heidehenning\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2132803774-3776117452-2317121195-1003_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\heidehenning\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\FileSyncApi64.dll (Microsoft Corporation)

==================== Restore Points =========================

20-07-2014 09:41:21 Geplanter Prüfpunkt
29-07-2014 07:57:28 Advanced Driver Updater
04-08-2014 16:24:22 Removed 7-Zip 9.21
07-08-2014 18:35:21 AA11

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {075D4BAD-9411-4498-A274-D8DE53DA7908} - System32\Tasks\ParetoLogic Registration3 => Rundll32.exe "C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\UUS3.dll" RunUns
Task: {096BDA63-66C4-4564-AE21-94149902A4E7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-21] (Google Inc.)
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {1DE0CA86-2FC0-42EE-B3E5-675AE49C6571} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2559CBD2-D54B-411A-84C9-E2A689E2115A} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-03-18] (Microsoft Corporation)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {5B3BE1CC-6BB2-4A6C-B305-13B317D128D8} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {5B59233F-3F39-4E53-9C04-E99DBDEC3BB0} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {65AC2682-198D-45E3-B4DD-A8361EBFA8EA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-21] (Google Inc.)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7BB1EC61-3140-48A7-9245-3DD56ECC42BA} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A17543F5-9F29-41E3-9D9C-11CBCB11B588} - System32\Tasks\ParetoLogic Update Version3 => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2011-03-30] (ParetoLogic Inc.)
Task: {A22D1DEC-698B-4F23-B450-297D5EEB85DD} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-28] (Adobe Systems Incorporated)
Task: {B44F6000-CE83-4E84-86DF-E4A4F4A0B66D} - \Gridmonetize Boot Trigger Task No Task File <==== ATTENTION
Task: {BACBA27B-44D5-488D-A87B-6772619848C2} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {C713547A-5C2E-4637-8563-10F53CF01F48} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2012-03-13] (ASUSTeK Computer Inc.)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D4F1838F-B2D1-4B45-AEF2-FB800DF0E0ED} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {D5784366-0042-4684-AFAF-8A883983EE53} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {F30B0409-F167-4A87-A886-EB214834ACEB} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-07-13] (Microsoft Corporation)
Task: {F4AFB92D-113C-4E38-B9CA-ACD0CBD4662E} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: {F797A162-F6DB-4FE4-B8C4-2374F175EB2F} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\ParetoLogic Registration3.job => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\UUS3.dll
Task: C:\WINDOWS\Tasks\ParetoLogic Update Version3.job => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe

==================== Loaded Modules (whitelisted) =============

2012-11-29 19:07 - 2012-06-01 11:42 - 00920736 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2014-06-03 15:47 - 2014-06-03 15:47 - 00706864 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareService.exe
2014-06-03 16:19 - 2014-06-03 16:19 - 00103800 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\boost_thread-vc100-mt-1_55.dll
2014-06-03 16:19 - 2014-06-03 16:19 - 00024440 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\boost_system-vc100-mt-1_55.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00055680 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\boost_date_time-vc100-mt-1_55.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00123776 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\boost_filesystem-vc100-mt-1_55.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00033656 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\boost_chrono-vc100-mt-1_55.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 10070888 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareServiceKernel.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00685904 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\SQLite.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 03393352 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\RCF.dll
2014-06-03 16:19 - 2014-06-03 16:19 - 00788856 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\boost_regex-vc100-mt-1_55.dll
2014-06-03 16:17 - 2014-06-03 16:17 - 00604520 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareActivation.dll
2014-06-03 16:19 - 2014-06-03 16:19 - 00158032 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\pugixml.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00360312 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareApplicationUpdater.dll
2014-06-03 16:19 - 2014-06-03 16:19 - 00149840 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\libssh2.dll
2014-06-03 16:19 - 2014-06-03 16:19 - 00106824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\zlib.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00142696 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareGamingMode.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00098648 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareReset.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00120152 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareTime.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00290168 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareDefinitionsUpdater.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00198024 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareDefinitionsUpdaterScheduler.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00417128 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareIgnoreList.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00245608 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareQuarantine.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00336752 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareAntiMalwareEngine.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00212336 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareAntiRootkitEngine.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00509808 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareScannerHistory.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00610144 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareScanner.dll
2014-06-03 16:19 - 2014-06-03 16:19 - 00035192 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\boost_timer-vc100-mt-1_55.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00326000 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareScannerScheduler.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00453496 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareRealTimeProtection.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00227688 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareIncompatibles.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00218976 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareAntiSpam.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00171368 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareAntiPhishing.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00786800 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareParentalControl.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 01936744 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareWebProtection.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00422256 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareEmailProtection.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00650608 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareNetworkProtection.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00358744 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwarePromo.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00298336 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareFeedback.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00371576 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareThreatWorkAlliance.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00154464 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\SecurityCenter.dll
2014-08-04 18:36 - 2014-07-30 13:17 - 02845792 ___SH () C:\Program Files (x86)\OgenistSwomating\OgenistSwomating.exe
2014-08-04 18:36 - 2014-07-30 13:17 - 00204384 ___SH () C:\Program Files (x86)\OgenistSwomating\HttpsProxy.exe
2014-07-29 11:09 - 2014-07-28 20:24 - 04795904 _____ () C:\WINDOWS\score.exe
2014-08-04 18:36 - 2014-08-04 18:36 - 00108128 ____R () C:\Program Files (x86)\OgenistSwomating\OgenistSwomatingHelper.exe
2013-12-19 04:42 - 2013-12-19 04:42 - 00350840 ____N () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 02082160 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareShellExtension.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 07715160 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareTray.exe
2014-06-03 16:18 - 2014-06-03 16:18 - 00500088 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\boost_locale-vc100-mt-1_55.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00364896 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\HtmlFramework.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00066904 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\DllStorage.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00803696 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\AdAwareTrayDefaultSkin.dll
2014-06-03 16:18 - 2014-06-03 16:18 - 00139608 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.2.5952.0\Localization.dll
2012-11-29 19:07 - 2014-08-07 22:51 - 00024576 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2012-11-29 19:07 - 2010-06-29 04:58 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2014-08-07 19:16 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-08-07 19:16 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-08-07 19:16 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-08-07 19:16 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-08-07 19:16 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2012-11-29 19:22 - 2012-05-24 20:27 - 00050688 _____ () C:\Program Files (x86)\ASUS\ASUS Easy Update\AsMultiLang.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\heidehenning\Documents\GCO.eml:OECustomProperty

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============

Name: AMD Radeon HD 7600 Series
Description: AMD Radeon HD 7600 Series
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: Advanced Micro Devices, Inc.
Service: amdkmdap
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: =========================

Application errors:
==================
Error: (08/07/2014 06:53:56 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: CoID={84D394EB-431D-41A6-A360-6AE4EFF85790}: Der Benutzer "Sunny\heidehenning" hat eine Verbindung mit dem Namen "Breitbandverbindung" gewählt, die Verbindung konnte jedoch nicht hergestellt werden. Der durch den Fehler zurückgegebene Ursachencode lautet: 651.

Error: (08/05/2014 09:17:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AVKProxy.exe, Version: 1.5.14043.574, Zeitstempel: 0x52fb3224
Name des fehlerhaften Moduls: combase.dll, Version: 6.3.9600.17031, Zeitstempel: 0x53086d7c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00016d64
ID des fehlerhaften Prozesses: 0x674
Startzeit der fehlerhaften Anwendung: 0xAVKProxy.exe0
Pfad der fehlerhaften Anwendung: AVKProxy.exe1
Pfad des fehlerhaften Moduls: AVKProxy.exe2
Berichtskennung: AVKProxy.exe3
Vollständiger Name des fehlerhaften Pakets: AVKProxy.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AVKProxy.exe5

Error: (08/04/2014 06:36:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: FlashPlayerPlugin_14_0_0_145.exe, Version: 14.0.0.145, Zeitstempel: 0x53aa1aea
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x709b90df
ID des fehlerhaften Prozesses: 0x770
Startzeit der fehlerhaften Anwendung: 0xFlashPlayerPlugin_14_0_0_145.exe0
Pfad der fehlerhaften Anwendung: FlashPlayerPlugin_14_0_0_145.exe1
Pfad des fehlerhaften Moduls: FlashPlayerPlugin_14_0_0_145.exe2
Berichtskennung: FlashPlayerPlugin_14_0_0_145.exe3
Vollständiger Name des fehlerhaften Pakets: FlashPlayerPlugin_14_0_0_145.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: FlashPlayerPlugin_14_0_0_145.exe5

Error: (08/04/2014 06:36:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: FlashPlayerPlugin_14_0_0_145.exe, Version: 14.0.0.145, Zeitstempel: 0x53aa1aea
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc00001a5
Fehleroffset: 0x00614fa0
ID des fehlerhaften Prozesses: 0x770
Startzeit der fehlerhaften Anwendung: 0xFlashPlayerPlugin_14_0_0_145.exe0
Pfad der fehlerhaften Anwendung: FlashPlayerPlugin_14_0_0_145.exe1
Pfad des fehlerhaften Moduls: FlashPlayerPlugin_14_0_0_145.exe2
Berichtskennung: FlashPlayerPlugin_14_0_0_145.exe3
Vollständiger Name des fehlerhaften Pakets: FlashPlayerPlugin_14_0_0_145.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: FlashPlayerPlugin_14_0_0_145.exe5

Error: (08/04/2014 06:21:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 31.0.0.5310, Zeitstempel: 0x53c75e91
Name des fehlerhaften Moduls: mozalloc.dll, Version: 31.0.0.5310, Zeitstempel: 0x53c72e91
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000141b
ID des fehlerhaften Prozesses: 0x294c
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Vollständiger Name des fehlerhaften Pakets: plugin-container.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: plugin-container.exe5

Error: (08/02/2014 07:10:59 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm firefox.exe, Version 31.0.0.5310 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1f34

Startzeit: 01cfae74a8739805

Endzeit: 0

Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Berichts-ID: f3e9d399-1a67-11e4-bef1-60a44c22f9df

Vollständiger Name des fehlerhaften Pakets:

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (08/02/2014 07:09:48 PM) (Source: AllDaySavingsService64) (EventID: 1) (User: )
Description: AllDaySavingsService64In SvcInstall, CreateService failed (1073)
failed with 1073

Error: (08/02/2014 07:05:12 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm iexplore.exe, Version 11.0.9600.17126 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: cc8

Startzeit: 01cfae5172d679f9

Endzeit: 0

Anwendungspfad: C:\Program Files\Internet Explorer\iexplore.exe

Berichts-ID: 10bcb8c0-1a67-11e4-bef1-60a44c22f9df

Vollständiger Name des fehlerhaften Pakets:

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (08/02/2014 05:17:38 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Sunny)
Description: Bei der Aktivierung der App „Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (08/02/2014 02:58:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm iexplore.exe, Version 11.0.9600.17126 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 19cc

Startzeit: 01cfae50e22004c0

Endzeit: 52

Anwendungspfad: C:\Program Files\Internet Explorer\iexplore.exe

Berichts-ID: 9ba658fe-1a44-11e4-bef1-60a44c22f9df

Vollständiger Name des fehlerhaften Pakets:

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:


System errors:
=============
Error: (08/07/2014 08:25:34 PM) (Source: DCOM) (EventID: 10010) (User: Sunny)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (08/07/2014 07:20:03 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.

Error: (08/07/2014 06:37:30 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT-AUTORITÄT)
Description: 32212256841141792

Error: (08/07/2014 06:37:48 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎07.‎08.‎2014 um 18:32:48 unerwartet heruntergefahren.

Error: (08/07/2014 06:32:28 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT-AUTORITÄT)
Description: 32212256841135392

Error: (08/07/2014 06:32:48 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎07.‎08.‎2014 um 08:33:50 unerwartet heruntergefahren.

Error: (08/07/2014 06:47:25 AM) (Source: DCOM) (EventID: 10010) (User: Sunny)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (08/07/2014 06:46:55 AM) (Source: DCOM) (EventID: 10010) (User: Sunny)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (08/05/2014 10:58:05 AM) (Source: DCOM) (EventID: 10010) (User: Sunny)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (08/05/2014 10:57:55 AM) (Source: DCOM) (EventID: 10010) (User: Sunny)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}


Microsoft Office Sessions:
=========================
Error: (08/07/2014 06:53:56 PM) (Source: RasClient) (EventID: 20227) (User: )
Description: {84D394EB-431D-41A6-A360-6AE4EFF85790}Sunny\heidehenningBreitbandverbindung651

Error: (08/05/2014 09:17:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: AVKProxy.exe1.5.14043.57452fb3224combase.dll6.3.9600.1703153086d7cc000000500016d6467401cfb006126a1884C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exeC:\WINDOWS\SYSTEM32\combase.dll9755fdfb-1c70-11e4-bef5-60a44c22f9df

Error: (08/04/2014 06:36:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: FlashPlayerPlugin_14_0_0_145.exe14.0.0.14553aa1aeaunknown0.0.0.000000000c0000005709b90df77001cfb002480ec654C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPla yerPlugin_14_0_0_145.exeunknown86990c09-1bf5-11e4-bef3-60a44c22f9df

Error: (08/04/2014 06:36:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: FlashPlayerPlugin_14_0_0_145.exe14.0.0.14553aa1aeaunknown0.0.0.000000000c00001a500614fa077001cfb002480ec654C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPla yerPlugin_14_0_0_145.exeunknown85ce63fa-1bf5-11e4-bef3-60a44c22f9df

Error: (08/04/2014 06:21:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe31.0.0.531053c75e91mozalloc.dll31.0.0.531053c72e91800000030000141b294c01cfafc0ccd042c7C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll68740c7e-1bf3-11e4-bef3-60a44c22f9df

Error: (08/02/2014 07:10:59 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: firefox.exe31.0.0.53101f3401cfae74a87398050C:\Program Files (x86)\Mozilla Firefox\firefox.exef3e9d399-1a67-11e4-bef1-60a44c22f9df

Error: (08/02/2014 07:09:48 PM) (Source: AllDaySavingsService64) (EventID: 1) (User: )
Description: AllDaySavingsService64In SvcInstall, CreateService failed (1073)
failed with 1073

Error: (08/02/2014 07:05:12 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: iexplore.exe11.0.9600.17126cc801cfae5172d679f90C:\Program Files\Internet Explorer\iexplore.exe10bcb8c0-1a67-11e4-bef1-60a44c22f9df

Error: (08/02/2014 05:17:38 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Sunny)
Description: Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe!App-2144927142

Error: (08/02/2014 02:58:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: iexplore.exe11.0.9600.1712619cc01cfae50e22004c052C:\Program Files\Internet Explorer\iexplore.exe9ba658fe-1a44-11e4-bef1-60a44c22f9df


==================== Memory info ===========================

Percentage of memory in use: 18%
Total physical RAM: 8143.33 MB
Available physical RAM: 6640.88 MB
Total Pagefile: 9423.33 MB
Available Pagefile: 6931.01 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:149.56 GB) (Free:109.06 GB) NTFS
Drive d: (Data) (Fixed) (Total:765.35 GB) (Free:752.34 GB) NTFS
Drive e: (USB 16GB) (Removable) (Total:14.89 GB) (Free:13.39 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 932 GB) (Disk ID: A96A2DAE)

Partition: GPT Partition Type.

========================================================
Disk: 1 (Size: 15 GB) (Disk ID: 43C20C32)
Partition 1: (Not Active) - (Size=15 GB) - (Type=0C)

==================== End Of Log ============================




Oder war es als Datei gewünscht?, dann ebenfalls beigefügt.

Gruß
Wiedehopf

schrauber 09.08.2014 09:42
Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307





Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

wiedehopf 09.08.2014 13:25
Hallo,

klappt noch nicht weil ich gleich beim Start von ComboFix die Fehelrmeldung erhalte:
ComboFix is not meant to run in compatibility mode....shall exit!"

Habe versucht den K.Modus abzuschalten (Rechtsklick auf Programmicon, EIGENSCHAFTEN und Haken raus genommen), aber da bringt keine Änderung?
Falsches Vorgehen, ist etwas anderes gemeint?
Gruß
wiedehopf

schrauber 10.08.2014 05:48
Mein Fehler.

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

wiedehopf 10.08.2014 11:28
Hallo,
hat leider einwenig länger gedauert....

Anbei die 3 *.txt

Bei der adw ist das Prg mehrfach gehangen beim Schritt
"Warte ab. Bitte wählen Sie alle Elemente ab, ..."
Habe dann BERICHT gewählt und die Datei abgespeichert. Ist KEINE S*, sondern eine R*. Bin gespannt, ob das so OK war. Habe aber insgesamt mehr als eine halbe Stunde gewartet gehabt. ....


___________________________________________________________________________

Malwarebytes Anti-Malware
www.malwarebytes.org


Protection, 10.08.2014 08:42:13, SYSTEM, SUNNY, Protection, Malicious Website Protection, Stopping,
Protection, 10.08.2014 08:42:13, SYSTEM, SUNNY, Protection, Malicious Website Protection, Stopped,
Protection, 10.08.2014 08:42:13, SYSTEM, SUNNY, Protection, Malware Protection, Stopping,
Protection, 10.08.2014 08:42:13, SYSTEM, SUNNY, Protection, Malware Protection, Stopped,
Protection, 10.08.2014 08:42:25, SYSTEM, SUNNY, Protection, Malware Protection, Starting,
Protection, 10.08.2014 08:42:25, SYSTEM, SUNNY, Protection, Malware Protection, Started,
Protection, 10.08.2014 08:42:25, SYSTEM, SUNNY, Protection, Malicious Website Protection, Starting,
Protection, 10.08.2014 08:42:26, SYSTEM, SUNNY, Protection, Malicious Website Protection, Started,
Update, 10.08.2014 08:45:09, SYSTEM, SUNNY, Manual, Rootkit Database, 2014.2.20.1, 2014.8.4.1,
Update, 10.08.2014 08:45:11, SYSTEM, SUNNY, Manual, Malware Database, 2014.3.4.9, 2014.8.10.1,
Protection, 10.08.2014 08:45:12, SYSTEM, SUNNY, Protection, Refresh, Starting,
Protection, 10.08.2014 08:45:12, SYSTEM, SUNNY, Protection, Malicious Website Protection, Stopping,
Protection, 10.08.2014 08:45:12, SYSTEM, SUNNY, Protection, Malicious Website Protection, Stopped,
Protection, 10.08.2014 08:45:16, SYSTEM, SUNNY, Protection, Refresh, Success,
Protection, 10.08.2014 08:45:16, SYSTEM, SUNNY, Protection, Malicious Website Protection, Starting,
Protection, 10.08.2014 08:45:16, SYSTEM, SUNNY, Protection, Malicious Website Protection, Started,
Protection, 10.08.2014 08:45:59, SYSTEM, SUNNY, Protection, Refresh, Starting,
Protection, 10.08.2014 08:45:59, SYSTEM, SUNNY, Protection, Malicious Website Protection, Stopping,
Protection, 10.08.2014 08:45:59, SYSTEM, SUNNY, Protection, Malicious Website Protection, Stopped,
Protection, 10.08.2014 08:46:03, SYSTEM, SUNNY, Protection, Refresh, Success,
Protection, 10.08.2014 08:46:03, SYSTEM, SUNNY, Protection, Malicious Website Protection, Starting,
Protection, 10.08.2014 08:46:04, SYSTEM, SUNNY, Protection, Malicious Website Protection, Started,
Protection, 10.08.2014 09:47:03, SYSTEM, SUNNY, Protection, Malware Protection, Starting,
Protection, 10.08.2014 09:47:03, SYSTEM, SUNNY, Protection, Malware Protection, Started,
Protection, 10.08.2014 09:47:03, SYSTEM, SUNNY, Protection, Malicious Website Protection, Starting,
Protection, 10.08.2014 09:47:06, SYSTEM, SUNNY, Protection, Malicious Website Protection, Started,

(end)
__________________________________________________________________

AdwCleaner Logfile:
Code:
# AdwCleaner v3.304 - Bericht erstellt am 10/08/2014 um 09:59:17
# Aktualisiert 08/08/2014 von Xplode
# Betriebssystem : Windows 8.1  (64 bits)
# Benutzername : heidehenning - SUNNY
# Gestartet von : C:\Users\heidehenning\Desktop\VIREN PRGs\adwcleaner_3.304.exe
# Option : Suchen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Datei Gefunden : C:\WINDOWS\System32\roboot64.exe
Ordner Gefunden : C:\Program Files (x86)\Common Files\ParetoLogic
Ordner Gefunden : C:\Program Files (x86)\Common Files\Software Update Utility
Ordner Gefunden : C:\Program Files (x86)\FLVM Player
Ordner Gefunden : C:\Program Files (x86)\globalUpdate
Ordner Gefunden : C:\Program Files (x86)\predm
Ordner Gefunden : C:\Program Files (x86)\Toolbar Cleaner
Ordner Gefunden : C:\Program Files\003
Ordner Gefunden : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PepperZip
Ordner Gefunden : C:\ProgramData\ParetoLogic
Ordner Gefunden : C:\ProgramData\Search Protection
Ordner Gefunden : C:\ProgramData\Systweak
Ordner Gefunden : C:\Users\HEIDEH~1\AppData\Local\Temp\Smartbar
Ordner Gefunden : C:\Users\heidehenning\AppData\Local\globalUpdate
Ordner Gefunden : C:\Users\heidehenning\AppData\LocalLow\adawaretb
Ordner Gefunden : C:\Users\heidehenning\AppData\Roaming\Advanced System Protector
Ordner Gefunden : C:\Users\heidehenning\AppData\Roaming\DriverCure
Ordner Gefunden : C:\Users\heidehenning\AppData\Roaming\Mozilla\Firefox\Profiles\x3dklnv8.default\adawaretb
Ordner Gefunden : C:\Users\heidehenning\AppData\Roaming\ParetoLogic
Ordner Gefunden : C:\Users\heidehenning\AppData\Roaming\SecureSearch
Ordner Gefunden : C:\Users\heidehenning\AppData\Roaming\Systweak
Ordner Gefunden : C:\Users\heidehenning\Documents\Optimizer Pro

***** [ Tasks ] *****

Task Gefunden : paretologic registration3
Task Gefunden : paretologic update version3

***** [ Verknüpfungen ] *****

Verknüpfung Gefunden : C:\Users\heidehenning\Desktop\Launch Internet Explorer Browser.lnk ( hxxp://istart.webssearches.com/?type=sc&ts=1406628104&from=tugs&uid=ST1000DM003-9YN162_S1D5TKBVXXXXS1D5TKBV )
Verknüpfung Gefunden : C:\Users\heidehenning\Desktop\ALTE Icons\Google Chrome.lnk ( hxxp://istart.webssearches.com/?type=sc&ts=1406628104&from=tugs&uid=ST1000DM003-9YN162_S1D5TKBVXXXXS1D5TKBV )
Verknüpfung Gefunden : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk ( hxxp://istart.webssearches.com/?type=sc&ts=1406628104&from=tugs&uid=ST1000DM003-9YN162_S1D5TKBVXXXXS1D5TKBV )
Verknüpfung Gefunden : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk ( hxxp://istart.webssearches.com/?type=sc&ts=1406628104&from=tugs&uid=ST1000DM003-9YN162_S1D5TKBVXXXXS1D5TKBV )
Verknüpfung Gefunden : C:\Users\heidehenning\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk ( hxxp://istart.webssearches.com/?type=sc&ts=1406628104&from=tugs&uid=ST1000DM003-9YN162_S1D5TKBVXXXXS1D5TKBV )
Verknüpfung Gefunden : C:\Users\heidehenning\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser (2).lnk ( hxxp://istart.webssearches.com/?type=sc&ts=1406628104&from=tugs&uid=ST1000DM003-9YN162_S1D5TKBVXXXXS1D5TKBV )
Verknüpfung Gefunden : C:\Users\heidehenning\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk ( hxxp://istart.webssearches.com/?type=sc&ts=1406628104&from=tugs&uid=ST1000DM003-9YN162_S1D5TKBVXXXXS1D5TKBV )
Verknüpfung Gefunden : C:\Users\heidehenning\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk ( hxxp://istart.webssearches.com/?type=sc&ts=1406628104&from=tugs&uid=ST1000DM003-9YN162_S1D5TKBVXXXXS1D5TKBV )
Verknüpfung Gefunden : C:\Users\heidehenning\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk ( hxxp://istart.webssearches.com/?type=sc&ts=1406628104&from=tugs&uid=ST1000DM003-9YN162_S1D5TKBVXXXXS1D5TKBV )

***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\adawarebp
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\adawaretb
Schlüssel Gefunden : HKCU\Software\Fabulous
Schlüssel Gefunden : HKCU\Software\GlobalUpdate
Schlüssel Gefunden : HKCU\Software\IM
Schlüssel Gefunden : HKCU\Software\ImInstaller
Schlüssel Gefunden : HKCU\Software\IScreeny
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Schlüssel Gefunden : HKCU\Software\Optimizer Pro
Schlüssel Gefunden : HKCU\Software\ParetoLogic
Schlüssel Gefunden : HKCU\Software\systweak
Schlüssel Gefunden : [x64] HKCU\Software\Fabulous
Schlüssel Gefunden : [x64] HKCU\Software\GlobalUpdate
Schlüssel Gefunden : [x64] HKCU\Software\IM
Schlüssel Gefunden : [x64] HKCU\Software\ImInstaller
Schlüssel Gefunden : [x64] HKCU\Software\IScreeny
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Schlüssel Gefunden : [x64] HKCU\Software\Optimizer Pro
Schlüssel Gefunden : [x64] HKCU\Software\ParetoLogic
Schlüssel Gefunden : [x64] HKCU\Software\systweak
Schlüssel Gefunden : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gefunden : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gefunden : HKLM\Software\adawaretb
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\dnUpdate
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\speedupmypc
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Schlüssel Gefunden : HKLM\Software\firstsearch
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Schlüssel Gefunden : HKLM\Software\IScreeny
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\NewPlayer_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\NewPlayer_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\speedupmypc_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\speedupmypc_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\adawaretb
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner
Schlüssel Gefunden : HKLM\Software\ParetoLogic
Schlüssel Gefunden : HKLM\Software\SupDp
Schlüssel Gefunden : HKLM\Software\SupTab
Schlüssel Gefunden : HKLM\Software\systweak
Schlüssel Gefunden : HKLM\Software\Toolbar Cleaner
Schlüssel Gefunden : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Schlüssel Gefunden : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\firstsearch
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62155D33-3CE2-401E-8967-5A270628A3D5}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{6C97A91E-4524-4019-86AF-2AA2D567BF5C}]
Wert Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{6C97A91E-4524-4019-86AF-2AA2D567BF5C}]

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17126

Einstellung Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://istart.webssearches.com/web/?type=ds&ts=1406628104&from=tugs&uid=ST1000DM003-9YN162_S1D5TKBVXXXXS1D5TKBV&q={searchTerms}

-\\ Mozilla Firefox v31.0 (x86 de)

[ Datei : C:\Users\heidehenning\AppData\Roaming\Mozilla\Firefox\Profiles\x3dklnv8.default\prefs.js ]

Zeile gefunden : user_pref("browser.search.defaultenginename", "Web Search");
Zeile gefunden : user_pref("browser.search.defaulturl", "hxxp://web.search.aol.com/redirector/sredir?sredir=3379&q={searchTerms}&s_it=aolde-ff&tb_uuid=6B4B217C573F47BBBD4E745FBAA0EF9E&tb_oid=03-02-2014&tb_mrud=03-02-2[...]
Zeile gefunden : user_pref("browser.search.selectedEngine", "Web Search");
Zeile gefunden : user_pref("iminent.BirthDate", "1406569117");
Zeile gefunden : user_pref("iminent.adapters", "{\"start.iminent.com\":{\"CountryCode\":\"DE\",\"NoAds\":false,\"Status\":1,\"AdapterKey\":\"iminent\",\"v\":true,\"p\":0,\"t\":1,\"th\":1.1,\"expireTime\":\"14065695595[...]
Zeile gefunden : user_pref("iminent.trackingInfo", "{\"state\":0,\"samplingRate\":0}");

-\\ Google Chrome v36.0.1985.125

[ Datei : C:\Users\heidehenning\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gefunden [Extension] : bopakagnckmlgajfccecajhnimjiiedh
Gefunden [Extension] : pelmeidfhdlhlbjimpabfcbnnojbboma

*************************

AdwCleaner[R0].txt - [10744 octets] - [08/08/2014 00:05:30]
AdwCleaner[R1].txt - [11399 octets] - [10/08/2014 09:54:23]
AdwCleaner[R2].txt - [11250 octets] - [10/08/2014 09:59:17]

########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [11311 octets] ##########
--- --- ---

__________________________________________________________________________


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8.1 x64
Ran by heidehenning on 10.08.2014 at 12:05:02,01
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\heidehenning\appdata\locallow\adawaretb"



~~~ FireFox

Successfully deleted: [Folder] C:\Users\heidehenning\AppData\Roaming\mozilla\firefox\profiles\x3dklnv8.default\extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}
Successfully deleted the following from C:\Users\heidehenning\AppData\Roaming\mozilla\firefox\profiles\x3dklnv8.default\prefs.js

user_pref("browser.search.defaultenginename", "Web Search");
user_pref("browser.search.defaulturl", "hxxp://web.search.aol.com/redirector/sredir?sredir=3379&q={searchTerms}&s_it=aolde-ff&tb_uuid=6B4B217C573F47BBBD4E745FBAA0EF9E&tb_oid=0
user_pref("browser.search.selectedEngine", "Web Search");
user_pref("iminent.BirthDate", "1406569117");
user_pref("iminent.adapters", "{\"start.iminent.com\":{\"CountryCode\":\"DE\",\"NoAds\":false,\"Status\":1,\"AdapterKey\":\"iminent\",\"v\":true,\"p\":0,\"t\":1,\"th\":1.1,\"e
user_pref("iminent.trackingInfo", "{\"state\":0,\"samplingRate\":0}");
Emptied folder: C:\Users\heidehenning\AppData\Roaming\mozilla\firefox\profiles\x3dklnv8.default\minidumps [9 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 10.08.2014 at 12:12:20,06
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


_________________________________________________________________________________________


und das FRST log:
FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-08-2014
Ran by heidehenning (administrator) on SUNNY on 10-08-2014 12:22:08
Running from C:\Users\heidehenning\Downloads
Platform: Windows 8.1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe
(devolo AG) C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
() C:\Program Files (x86)\OgenistSwomating\OgenistSwomating.exe
() C:\Program Files (x86)\OgenistSwomating\HttpsProxy.exe
() C:\Windows\score.exe
() C:\Program Files (x86)\OgenistSwomating\OgenistSwomatingHelper.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
(G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GdBgInx64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Easy Update\ALU.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE
() C:\Program Files (x86)\Everything\Everything.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7575768 2014-05-14] (Realtek Semiconductor)
HKLM-x32\...\Run: [ASUS Easy Update] => C:\Program Files (x86)\ASUS\ASUS Easy Update\ALU.exe [195200 2012-05-24] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2012-11-29] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-29] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [GDFirewallTray] => C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [1724728 2013-12-19] (G Data Software AG)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe,c:\program files (x86)\g data\internetsecurity\avkkid\avkcks.exe,
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 0
HKLM\...\Policies\Explorer: [HideSCAHealth] 0
HKU\S-1-5-21-2132803774-3776117452-2317121195-1003\...\Policies\Explorer: [TaskbarNoNotification] 0
HKU\S-1-5-21-2132803774-3776117452-2317121195-1003\...\Policies\Explorer: [HideSCAHealth] 0
ShellIconOverlayIdentifiers:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\heidehenning\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\heidehenning\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\heidehenning\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64\SkyDriveShell64.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\heidehenning\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\SkyDriveShell.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\heidehenning\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\SkyDriveShell.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\heidehenning\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\SkyDriveShell.dll (Microsoft Corporation)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:9880;https=127.0.0.1:9880
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1406628104&from=tugs&uid=ST1000DM003-9YN162_S1D5TKBVXXXXS1D5TKBV&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKLM-x32 - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ASU2JS
BHO: AOL Deutschland Toolbar Loader -> {2d3b1910-86c2-4d4b-b1db-124b3ea35bef} -> C:\Program Files\AOL Deutschland Toolbar\aoldetb.dll (AOL Inc.)
BHO: Ad-Aware Security Toolbar -> {6c97a91e-4524-4019-86af-2aa2d567bf5c} -> C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx64.dll ()
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: AOL Deutschland Toolbar Loader -> {2d3b1910-86c2-4d4b-b1db-124b3ea35bef} -> C:\Program Files (x86)\AOL Deutschland Toolbar\aoldetb.dll (AOL Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - AOL Deutschland Toolbar - {567d4d94-8077-4682-b887-945f3d644116} - C:\Program Files\AOL Deutschland Toolbar\aoldetb.dll (AOL Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - Ad-Aware Security Toolbar - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx64.dll ()
Toolbar: HKLM-x32 - AOL Deutschland Toolbar - {567d4d94-8077-4682-b887-945f3d644116} - C:\Program Files (x86)\AOL Deutschland Toolbar\aoldetb.dll (AOL Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - No Name - {6c97a91e-4524-4019-86af-2aa2d567bf5c} -  No File
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - AOL Deutschland Toolbar - {567D4D94-8077-4682-B887-945F3D644116} - C:\Program Files\AOL Deutschland Toolbar\aoldetb.dll (AOL Inc.)
Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} -  No File
Handler-x32: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\heidehenning\AppData\Roaming\Mozilla\Firefox\Profiles\x3dklnv8.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @TrendMicro.com/FFExtension -> C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\heidehenning\AppData\Roaming\Mozilla\Firefox\Profiles\x3dklnv8.default\searchplugins\AOL Suche.xml
FF SearchPlugin: C:\Users\heidehenning\AppData\Roaming\Mozilla\Firefox\Profiles\x3dklnv8.default\searchplugins\securesearch.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: AOL Deutschland Toolbar - C:\Users\heidehenning\AppData\Roaming\Mozilla\Firefox\Profiles\x3dklnv8.default\Extensions\{43196362-5378-448b-8944-f097fa65e932} [2014-02-03]
FF HKLM\...\Firefox\Extensions: [tmbepff-7.5@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1107\7.5.1107\firefoxextension
FF HKLM-x32\...\Firefox\Extensions: [tmbepff-7.5@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1107\7.5.1107\firefoxextension
FF HKLM-x32\...\Firefox\Extensions: [{22181a4d-af90-4ca3-a569-faed9118d6bc}] - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension
FF HKCU\...\Firefox\Extensions: [{e4f94d1e-2f53-401e-8885-681602c0ddd8}] - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi
FF Extension: McAfee Security Scan Plus - C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi [2014-04-04]

Chrome:
=======
CHR HomePage: hxxp://securedsearch2.lavasoft.com/index.php?pr=vmn&id=adawaretb&v=3_9&idate=2014-08-07&gen=cnet&ent=hp&u=3692972D43268A515ECA9653E3C744A6
CHR StartupUrls: "hxxp://securedsearch2.lavasoft.com/index.php?pr=vmn&id=adawaretb&v=3_9&idate=2014-08-07&gen=cnet&ent=hp&u=3692972D43268A515ECA9653E3C744A6"
CHR NewTab: "chrome-extension://pelmeidfhdlhlbjimpabfcbnnojbboma/index.html"
CHR DefaultSearchKeyword: SecureSearch
CHR Extension: (Google Wallet) - C:\Users\heidehenning\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR HKLM\...\Chrome\Extension: [bmiabdepfhhiieiipmeecdmeljggmfee] - C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1107\7.5.1107\chrome_tmbep.crx [2013-08-22]
CHR HKLM-x32\...\Chrome\Extension: [bmiabdepfhhiieiipmeecdmeljggmfee] - C:\Program Files\Trend Micro\AMSP\Module\20002\7.5.1107\7.5.1107\chrome_tmbep.crx [2013-08-22]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-06-01] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-06-01] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2012-02-17] (ASUSTeK Computer Inc.)
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2244728 2014-02-12] (G Data Software AG)
R2 AVKService; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [914552 2013-12-19] (G Data Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe [2723400 2014-03-25] (G Data Software AG)
R2 DevoloNetworkService; C:\Program Files (x86)\devolo\dlan\devolonetsvc.exe [3128856 2012-02-28] (devolo AG)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1840128 2011-05-24] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
R3 GDFwSvc; C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [2992760 2014-01-30] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [700024 2014-02-03] (G Data Software AG)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [289256 2014-04-09] (McAfee, Inc.)
R2 OgenistSwomating; C:\Program Files (x86)\OgenistSwomating\OgenistSwomating.exe [2845792 2014-07-30] ()
R2 scores; C:\WINDOWS\score.exe [4795904 2014-07-28] () [File not signed]
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-07-08] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-07-08] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [222720 2014-03-11] (Advanced Micro Devices)
R3 AU8168; C:\Windows\system32\DRIVERS\au630x64.sys [792648 2013-09-23] (Realtek                                            )
S3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [57344 2014-08-04] (G Data Software AG)
R1 GDMnIcpt; C:\WINDOWS\system32\drivers\MiniIcpt.sys [135168 2014-08-04] (G Data Software AG)
R3 GDPkIcpt; C:\WINDOWS\system32\drivers\PktIcpt.sys [71168 2014-08-04] (G Data Software AG)
R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [67584 2014-08-04] (G Data Software AG)
R1 GRD; C:\WINDOWS\system32\drivers\GRD.sys [106272 2014-08-07] (G Data Software)
R1 HookCentre; C:\WINDOWS\system32\drivers\HookCentre.sys [65024 2014-08-04] (G Data Software AG)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [122584 2014-08-10] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
R2 NPF_devolo; C:\Windows\sysWOW64\drivers\npf_devolo.sys [34048 2012-01-31] (CACE Technologies)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [71680 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-07-08] (Microsoft Corporation)
S3 amdkmdag; \SystemRoot\system32\DRIVERS\atikmdag.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-10 12:22 - 2014-08-10 12:22 - 00020572 _____ () C:\Users\heidehenning\Downloads\FRST.txt
2014-08-10 12:12 - 2014-08-10 12:12 - 00002015 _____ () C:\Users\heidehenning\Desktop\JRT.txt
2014-08-10 11:53 - 2014-08-10 11:53 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-08-10 09:53 - 2014-08-10 09:53 - 00002546 _____ () C:\Users\heidehenning\Desktop\mbam.txt
2014-08-10 08:42 - 2014-08-10 08:42 - 00001125 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-10 08:40 - 2014-08-10 08:40 - 01016261 _____ (Thisisu) C:\Users\heidehenning\Downloads\JRT.exe
2014-08-10 08:39 - 2014-08-10 08:39 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\heidehenning\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-10 08:38 - 2014-08-10 08:38 - 01366203 _____ () C:\Users\heidehenning\Downloads\adwcleaner_3.304.exe
2014-08-09 18:11 - 2014-08-10 09:59 - 00037900 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-09 18:07 - 2014-08-10 09:46 - 00004242 _____ () C:\WINDOWS\PFRO.log
2014-08-09 14:34 - 2014-08-09 14:34 - 01232000 _____ () C:\Users\heidehenning\Downloads\Setup(4).exe
2014-08-09 14:30 - 2014-08-09 17:03 - 00000000 ____D () C:\Program Files (x86)\Easy Speed Check
2014-08-09 14:30 - 2014-08-09 14:30 - 00004034 _____ () C:\WINDOWS\System32\Tasks\LaunchSignup
2014-08-09 14:27 - 2014-08-09 14:27 - 01232000 _____ () C:\Users\heidehenning\Downloads\Setup(3).exe
2014-08-09 14:10 - 2014-08-09 14:10 - 05568206 _____ (Swearware) C:\Users\heidehenning\Downloads\ComboFix.exe
2014-08-09 14:10 - 2014-08-09 14:10 - 05568206 _____ (Swearware) C:\Users\heidehenning\Desktop\ComboFix.exe
2014-08-08 10:22 - 2014-08-08 10:22 - 00001671 _____ () C:\Users\heidehenning\Desktop\Launch Internet Explorer Browser.lnk
2014-08-08 10:17 - 2014-08-08 10:18 - 63320784 _____ (Microsoft Corporation) C:\Users\heidehenning\Downloads\IE11-Windows6.1-x64-de-de.exe
2014-08-08 09:11 - 2014-08-08 09:12 - 00000000 ____D () C:\Users\heidehenning\Desktop\ALTE Icons
2014-08-08 09:10 - 2014-08-10 08:41 - 00000000 ____D () C:\Users\heidehenning\Desktop\VIREN PRGs
2014-08-08 09:05 - 2014-08-08 09:05 - 01237632 _____ () C:\Users\heidehenning\Downloads\Setup(2).exe
2014-08-08 08:51 - 2014-08-08 08:51 - 00000000 ____D () C:\ProgramData\Sun
2014-08-08 08:51 - 2014-08-08 08:51 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-08 08:50 - 2014-08-08 08:50 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-08-08 08:50 - 2014-08-08 08:50 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-08-08 08:50 - 2014-08-08 08:50 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-08-08 08:50 - 2014-08-08 08:50 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-08-08 08:50 - 2014-08-08 08:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-08 08:50 - 2014-08-08 08:50 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-08 08:49 - 2014-08-08 08:51 - 00000000 ____D () C:\Program Files\003
2014-08-08 08:49 - 2014-08-08 08:49 - 00629400 _____ () C:\Users\heidehenning\Downloads\setup.exe
2014-08-08 08:49 - 2014-08-08 08:49 - 00000000 ____D () C:\Users\heidehenning\Documents\Java
2014-08-08 08:44 - 2014-08-10 12:22 - 00000000 ____D () C:\FRST
2014-08-08 08:43 - 2014-08-08 08:43 - 02094080 _____ (Farbar) C:\Users\heidehenning\Downloads\FRST64.exe
2014-08-08 00:03 - 2014-08-10 09:59 - 00000000 ____D () C:\AdwCleaner
2014-08-07 20:38 - 2014-08-07 20:38 - 00000000 ____D () C:\Users\heidehenning\AppData\Roaming\LavasoftStatistics
2014-08-07 20:38 - 2014-08-07 20:38 - 00000000 ____D () C:\Program Files\Lavasoft
2014-08-07 20:37 - 2014-08-07 20:37 - 00000000 ____D () C:\Users\heidehenning\AppData\Roaming\SecureSearch
2014-08-07 20:37 - 2014-08-07 20:37 - 00000000 ____D () C:\Program Files (x86)\Toolbar Cleaner
2014-08-07 20:36 - 2014-08-09 14:13 - 00000000 ____D () C:\Users\heidehenning\AppData\Roaming\Lavasoft
2014-08-07 20:36 - 2014-08-07 20:36 - 00000000 ____D () C:\Program Files (x86)\Lavasoft
2014-08-07 20:35 - 2014-08-07 20:35 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-08-07 20:28 - 2014-08-07 20:28 - 00002786 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2014-08-07 20:28 - 2014-08-07 20:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-08-07 20:28 - 2014-08-07 20:28 - 00000000 ____D () C:\Program Files\CCleaner
2014-08-07 20:15 - 2014-08-10 09:47 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-08-07 20:14 - 2014-08-10 08:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-07 20:14 - 2014-08-10 08:42 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-07 20:14 - 2014-08-07 20:14 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-07 20:14 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-08-07 20:14 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-08-07 20:14 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-08-07 19:16 - 2014-08-07 20:14 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-08-07 19:16 - 2014-08-07 19:29 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-08-07 19:16 - 2014-08-07 19:16 - 00001414 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-08-07 19:16 - 2014-08-07 19:16 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Safer-Networking
2014-08-07 19:16 - 2014-08-07 19:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-08-07 19:16 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2014-08-07 19:14 - 2014-08-07 19:14 - 00106272 _____ (G Data Software) C:\WINDOWS\system32\Drivers\GRD.sys
2014-08-07 19:14 - 2014-08-07 19:14 - 00018160 _____ (G Data Software) C:\WINDOWS\system32\Drivers\GdPhyMem.sys
2014-08-07 19:13 - 2014-08-08 08:45 - 00000000 ____D () C:\Viren+Spyware_PRGS 2014
2014-08-07 18:57 - 2014-08-07 18:57 - 03712212 _____ (Piriform Ltd) C:\Users\heidehenning\Downloads\ccsetup416.exe
2014-08-07 18:47 - 2014-08-07 18:47 - 01237656 _____ () C:\Users\heidehenning\Downloads\Player_Setup.exe
2014-08-04 18:53 - 2014-08-04 18:53 - 00071168 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\PktIcpt.sys
2014-08-04 18:52 - 2014-08-04 18:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G Data InternetSecurity CBE
2014-08-04 18:52 - 2014-08-04 18:52 - 00135168 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\MiniIcpt.sys
2014-08-04 18:52 - 2014-08-04 18:52 - 00067584 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\gdwfpcd64.sys
2014-08-04 18:52 - 2014-08-04 18:52 - 00065024 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\HookCentre.sys
2014-08-04 18:52 - 2014-08-04 18:52 - 00057344 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\GDBehave.sys
2014-08-04 18:52 - 2014-08-04 18:52 - 00000779 _____ () C:\Users\heidehenning\AppData\Roaming\gdscan.log
2014-08-04 18:52 - 2014-08-04 18:52 - 00000000 _____ () C:\Users\heidehenning\AppData\Roaming\gdfw.log
2014-08-04 18:49 - 2014-08-04 19:08 - 00000000 ____D () C:\ProgramData\G Data
2014-08-04 18:49 - 2014-08-04 18:49 - 00000000 ____D () C:\Program Files (x86)\G Data
2014-08-04 18:36 - 2014-08-04 18:36 - 00000000 __SHD () C:\Program Files (x86)\OgenistSwomating
2014-07-31 08:15 - 2014-07-31 08:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-31 06:54 - 2014-07-31 06:54 - 01237064 _____ () C:\Users\heidehenning\Downloads\Player.exe
2014-07-29 18:46 - 2014-08-09 17:02 - 00000000 ____D () C:\Users\heidehenning\AppData\Roaming\Probit Software
2014-07-29 12:01 - 2014-08-09 17:03 - 00000000 ____D () C:\Program Files (x86)\Probit Software
2014-07-29 11:11 - 2014-07-29 11:11 - 00000000 ____D () C:\Users\heidehenning\AppData\Local\com
2014-07-29 11:09 - 2014-08-07 20:24 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-07-29 11:09 - 2014-07-29 11:09 - 00000000 ____D () C:\Users\heidehenning\AppData\Local\globalUpdate
2014-07-29 11:09 - 2014-07-29 11:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PepperZip
2014-07-29 11:09 - 2014-07-28 20:24 - 04795904 _____ () C:\WINDOWS\score.exe
2014-07-29 10:59 - 2014-07-29 10:59 - 00748848 _____ () C:\Users\heidehenning\Downloads\setup(1).exe
2014-07-29 10:23 - 2014-07-29 10:23 - 00002121 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2014-07-29 10:23 - 2014-07-29 10:23 - 00002109 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2014-07-29 10:22 - 2014-07-29 10:22 - 00000000 ____D () C:\Prg Thunderbird email
2014-07-29 10:21 - 2014-07-29 10:22 - 26310952 _____ (Mozilla) C:\Users\heidehenning\Downloads\Thunderbird Setup 31.0.exe
2014-07-29 10:18 - 2014-07-29 10:18 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2014-07-29 10:18 - 2014-07-29 10:18 - 00000000 ____D () C:\Program Files\Realtek
2014-07-29 10:18 - 2014-05-14 18:37 - 03962840 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2014-07-29 10:18 - 2014-05-14 16:00 - 01099203 _____ () C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2014-07-29 10:18 - 2014-05-12 20:11 - 60636160 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2014-07-29 10:18 - 2014-05-09 11:17 - 00628952 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2014-07-29 10:18 - 2014-05-02 11:19 - 00033592 _____ () C:\WINDOWS\system32\audioLibVc.dll
2014-07-29 10:18 - 2014-04-30 11:34 - 00948952 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2014-07-29 10:18 - 2014-04-28 15:48 - 02800344 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2014-07-29 10:18 - 2014-04-25 13:51 - 02834648 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2014-07-29 10:18 - 2014-04-25 13:23 - 01022168 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2014-07-29 10:18 - 2014-04-23 17:51 - 02117424 _____ () C:\WINDOWS\system32\SStudio.dll
2014-07-29 10:18 - 2014-04-17 17:42 - 01317976 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO6064.dll
2014-07-29 10:18 - 2014-04-17 17:42 - 01168472 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO5064.dll
2014-07-29 10:18 - 2014-04-17 17:42 - 01136728 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO4064.dll
2014-07-29 10:18 - 2014-04-10 12:20 - 12894808 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO3064.dll
2014-07-29 10:18 - 2014-04-10 12:20 - 01934424 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRealtek264.dll
2014-07-29 10:18 - 2014-04-10 12:19 - 28343384 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioVnA64.dll
2014-07-29 10:18 - 2014-04-10 12:19 - 14863448 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRealtek64.dll
2014-07-29 10:18 - 2014-04-10 12:19 - 03959384 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioVnN64.dll
2014-07-29 10:18 - 2014-04-10 12:19 - 02101848 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\WavesGUILib64.dll
2014-07-29 10:18 - 2014-04-10 12:19 - 02041432 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioEQ64.dll
2014-07-29 10:18 - 2014-04-10 12:19 - 01063512 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPOShell64.dll
2014-07-29 10:18 - 2014-04-10 12:19 - 00900696 _____ (Waves Audio Ltd.) C:\WINDOWS\SysWOW64\MaxxAudioAPOShell.dll
2014-07-29 10:18 - 2014-04-09 16:39 - 00942384 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICAPOSettingsIPC.dll
2014-07-29 10:18 - 2014-04-09 16:38 - 05751048 _____ (Nahimic Inc) C:\WINDOWS\system32\NAHIMICAPOlfx.dll
2014-07-29 10:18 - 2014-04-07 16:03 - 06218072 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2014-07-29 10:18 - 2014-04-07 16:03 - 01939800 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2014-07-29 10:18 - 2014-04-07 16:03 - 00315736 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2014-07-29 10:18 - 2014-04-07 16:03 - 00261464 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2014-07-29 10:18 - 2014-03-21 14:17 - 00291488 _____ (ICEpower a/s) C:\WINDOWS\system32\ICEsoundAPO64.dll
2014-07-29 10:18 - 2014-03-19 19:19 - 00956504 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO2064.dll
2014-07-29 10:18 - 2014-03-06 16:35 - 01959128 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2014-07-29 10:18 - 2014-03-05 05:11 - 01048824 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\slcnt64.dll
2014-07-29 10:18 - 2014-03-05 05:11 - 00889592 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2014-07-29 10:18 - 2014-03-05 05:11 - 00724728 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
2014-07-29 10:18 - 2014-03-05 05:11 - 00246008 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
2014-07-29 10:18 - 2014-02-27 20:02 - 02162992 _____ (Yamaha Corporation) C:\WINDOWS\system32\YamahaAE.dll
2014-07-29 10:18 - 2014-02-18 17:04 - 02770976 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll
2014-07-29 10:18 - 2014-02-06 11:28 - 05804772 _____ () C:\WINDOWS\system32\Drivers\rtvienna.dat
2014-07-29 10:18 - 2014-01-31 17:27 - 01313904 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxSpeechAPO64.dll
2014-07-29 10:18 - 2014-01-28 11:48 - 01286872 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2014-07-29 10:18 - 2013-10-16 03:43 - 00209096 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll
2014-07-29 10:18 - 2013-10-11 12:47 - 00113576 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2014-07-29 10:18 - 2013-10-11 11:31 - 00947760 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
2014-07-29 10:18 - 2013-10-07 00:26 - 00501184 _____ (DTS) C:\WINDOWS\system32\DTSU2PLFX64.dll
2014-07-29 10:18 - 2013-10-07 00:26 - 00487360 _____ (DTS) C:\WINDOWS\system32\DTSU2PGFX64.dll
2014-07-29 10:18 - 2013-10-07 00:26 - 00415680 _____ (DTS) C:\WINDOWS\system32\DTSU2PREC64.dll
2014-07-29 10:18 - 2013-08-14 15:36 - 00662784 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVolumeSDAPO.dll
2014-07-29 10:18 - 2013-08-14 15:35 - 00663296 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO30.dll
2014-07-29 10:18 - 2013-06-25 12:47 - 00871856 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tossaeapo64.dll
2014-07-29 10:18 - 2013-06-25 12:47 - 00162224 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\toseaeapo64.dll
2014-07-29 10:18 - 2013-06-25 12:46 - 00582056 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosasfapo64.dll
2014-07-29 10:18 - 2013-06-21 11:01 - 00109848 _____ () C:\WINDOWS\system32\AcpiServiceVnA64.dll
2014-07-29 10:18 - 2013-04-03 14:13 - 00906800 _____ (Sony Corporation) C:\WINDOWS\system32\MISS_APO.dll
2014-07-29 10:18 - 2012-08-31 19:18 - 07164176 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2014-07-29 10:18 - 2012-08-31 19:17 - 00434960 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2014-07-29 10:18 - 2012-08-31 19:17 - 00141584 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2014-07-29 10:18 - 2012-08-31 19:17 - 00124176 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2014-07-29 10:18 - 2012-08-31 19:17 - 00075024 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2014-07-29 10:18 - 2012-03-08 11:47 - 00108640 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll
2014-07-29 10:18 - 2012-01-30 11:43 - 00836544 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo264.dll
2014-07-29 10:18 - 2012-01-10 10:20 - 00065944 _____ (TOSHIBA CORPORATION.) C:\WINDOWS\system32\tepeqapo64.dll
2014-07-29 10:18 - 2011-12-20 15:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2014-07-29 10:18 - 2011-11-22 16:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2014-07-29 10:18 - 2011-09-02 14:21 - 00221024 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll
2014-07-29 10:18 - 2011-09-02 14:21 - 00081248 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll
2014-07-29 10:18 - 2011-09-02 14:21 - 00078688 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll
2014-07-29 10:18 - 2011-08-23 17:00 - 00603984 _____ (Knowles Acoustics ) C:\WINDOWS\system32\KAAPORT64.dll
2014-07-29 10:18 - 2011-05-31 09:42 - 01756264 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2014-07-29 10:18 - 2011-05-31 09:42 - 01568360 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2014-07-29 10:18 - 2011-05-31 09:42 - 01486952 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
2014-07-29 10:18 - 2011-05-31 09:42 - 00728680 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2014-07-29 10:18 - 2011-05-31 09:42 - 00712296 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2014-07-29 10:18 - 2011-05-31 09:42 - 00693352 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2014-07-29 10:18 - 2011-05-31 09:42 - 00491112 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2014-07-29 10:18 - 2011-05-31 09:42 - 00432744 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
2014-07-29 10:18 - 2011-05-31 09:42 - 00428648 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2014-07-29 10:18 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
2014-07-29 10:18 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
2014-07-29 10:18 - 2011-05-31 09:42 - 00241768 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
2014-07-29 10:18 - 2011-03-17 12:17 - 01361336 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosade.dll
2014-07-29 10:18 - 2011-03-07 17:11 - 00148416 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo.dll
2014-07-29 10:18 - 2010-11-08 07:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2014-07-29 10:18 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2014-07-29 10:18 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2014-07-29 10:18 - 2010-11-08 07:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2014-07-29 10:18 - 2010-11-08 07:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2014-07-29 10:18 - 2010-11-08 07:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2014-07-29 10:18 - 2010-11-03 18:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2014-07-29 10:18 - 2010-09-27 09:34 - 00318808 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO20.dll
2014-07-29 10:18 - 2010-07-22 16:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll
2014-07-29 10:18 - 2009-11-24 09:55 - 00518896 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2014-07-29 10:18 - 2009-11-24 09:55 - 00211184 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2014-07-29 10:18 - 2009-11-24 09:55 - 00198896 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2014-07-29 10:18 - 2009-11-24 09:55 - 00155888 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2014-07-29 10:17 - 2014-02-26 15:16 - 02080472 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtlExUpd.dll
2014-07-29 10:15 - 2014-02-16 21:53 - 00060640 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\usbfilter.sys
2014-07-29 09:59 - 2014-07-29 09:59 - 00000000 ____D () C:\WINDOWS\SysWOW64\sda
2014-07-29 09:59 - 2014-02-27 09:32 - 00272088 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RtsUStor.sys
2014-07-29 09:59 - 2014-01-27 13:39 - 09890008 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RsCRIcon.dll
2014-07-29 09:58 - 2014-07-29 10:03 - 00000000 ____D () C:\temp
2014-07-28 20:37 - 2014-07-28 20:37 - 00787392 _____ ( ) C:\Users\heidehenning\Downloads\MailStoreHomeSetup-8.2.0.9316_CB-DL-Manager.exe
2014-07-28 20:31 - 2014-07-28 20:31 - 00501970 _____ () C:\Users\heidehenning\Downloads\everything12(1).zip
2014-07-28 20:29 - 2014-08-10 12:21 - 00000000 ____D () C:\Program Files (x86)\Everything
2014-07-28 20:29 - 2014-07-28 20:29 - 00000000 ____D () C:\Users\heidehenning\Downloads\everything12
2014-07-28 20:28 - 2014-07-28 20:29 - 00501970 _____ () C:\Users\heidehenning\Downloads\everything12.zip
2014-07-28 20:28 - 2014-07-28 20:28 - 00000000 ____D () C:\Users\heidehenning\AppData\Local\Macromedia
2014-07-28 20:27 - 2014-08-10 12:15 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-07-28 20:27 - 2014-07-28 20:27 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-07-28 20:18 - 2014-07-28 20:18 - 00000141 _____ () C:\Users\heidehenning\Desktop\AOL email.url
2014-07-28 20:11 - 2014-07-28 20:11 - 01057176 _____ (Adobe) C:\Users\heidehenning\Downloads\install_flashplayer14x32_mssa_aaa_aih.exe
2014-07-28 20:02 - 2014-07-28 20:02 - 00000000 ____D () C:\Program Files (x86)\predm
2014-07-28 19:52 - 2014-07-28 20:40 - 00000246 _____ () C:\Users\heidehenning\Desktop\E-MAIL GMX.url
2014-07-28 19:42 - 2014-07-28 19:42 - 00000000 ____D () C:\Users\heidehenning\AppData\Roaming\rightbackup
2014-07-28 19:40 - 2014-08-07 20:26 - 00000000 ____D () C:\Program Files (x86)\C13DB9D9-D8B8-4E8F-B4ED-BCFCC8C284E7
2014-07-28 19:40 - 2014-07-29 12:01 - 00001398 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-07-28 19:38 - 2014-06-30 17:55 - 00020328 _____ (Systweak Inc., (www.systweak.com)) C:\WINDOWS\system32\roboot64.exe
2014-07-28 19:37 - 2014-08-07 20:26 - 00000000 ____D () C:\Program Files\005
2014-07-28 19:37 - 2014-07-28 20:00 - 00000000 ____D () C:\Program Files (x86)\FLVM Player
2014-07-28 19:32 - 2014-07-28 19:33 - 39243908 _____ () C:\Users\heidehenning\Downloads\firefox-34.0a1.en-US.win64-x86_64.installer (1).exe
2014-07-28 19:32 - 2014-07-28 19:33 - 33789593 _____ (Mozilla) C:\Users\heidehenning\Downloads\firefox-31.0a1.en-US.win64-x86_64.installer.exe
2014-07-28 19:31 - 2014-07-28 19:32 - 39243908 _____ () C:\Users\heidehenning\Downloads\firefox-34.0a1.en-US.win64-x86_64.installer.exe
2014-07-25 12:36 - 2014-08-09 18:00 - 00000494 _____ () C:\WINDOWS\Tasks\ParetoLogic Registration3.job
2014-07-25 12:36 - 2014-07-25 12:40 - 00000468 _____ () C:\WINDOWS\Tasks\ParetoLogic Update Version3.job
2014-07-25 12:36 - 2014-07-25 12:36 - 00003276 _____ () C:\WINDOWS\System32\Tasks\ParetoLogic Update Version3
2014-07-25 12:36 - 2014-07-25 12:36 - 00003152 _____ () C:\WINDOWS\System32\Tasks\ParetoLogic Registration3
2014-07-25 12:36 - 2014-07-25 12:36 - 00000000 ____D () C:\Users\heidehenning\AppData\Roaming\ParetoLogic
2014-07-25 12:36 - 2014-07-25 12:36 - 00000000 ____D () C:\ProgramData\ParetoLogic
2014-07-25 12:35 - 2014-07-25 12:35 - 05249448 _____ (ParetoLogic Inc.) C:\Users\heidehenning\Downloads\ParetoLogic PC Health Advisor_de.exe
2014-07-13 18:32 - 2013-08-22 08:57 - 00002143 ___RS () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Browser Choice.lnk
2014-07-13 09:21 - 2014-07-13 09:21 - 00000000 ___RD () C:\WINDOWS\BrowserChoice
2014-07-13 09:20 - 2014-04-14 05:29 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2014-07-11 17:28 - 2014-06-17 00:26 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-07-11 17:28 - 2014-06-17 00:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-07-11 17:28 - 2014-06-06 16:20 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-07-11 17:28 - 2014-05-30 05:03 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2014-07-11 17:28 - 2014-05-29 14:02 - 00565576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-07-11 17:28 - 2014-05-29 09:55 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-07-11 17:28 - 2014-05-29 08:40 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2014-07-11 17:28 - 2014-05-29 08:37 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-07-11 17:28 - 2014-05-29 07:34 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-07-11 17:28 - 2014-05-29 07:27 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-07-11 17:28 - 2014-05-19 08:31 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe
2014-07-11 17:28 - 2014-05-19 08:21 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2014-07-11 17:28 - 2014-05-19 07:23 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvinst.exe
2014-07-11 17:27 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-07-11 17:27 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-07-11 17:27 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-07-11 17:27 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-07-11 17:27 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-07-11 17:27 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-07-11 17:27 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-07-11 17:27 - 2014-06-19 01:46 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-07-11 17:27 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-07-11 17:27 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-07-11 17:27 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-07-11 17:27 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-07-11 17:27 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-07-11 17:27 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-07-11 17:27 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-07-11 17:27 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-07-11 17:27 - 2014-06-19 00:57 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-07-11 17:27 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-07-11 17:27 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-07-11 17:27 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-07-11 17:27 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-07-11 17:27 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-07-11 17:27 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-07-11 17:27 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-07-11 17:27 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-07-11 17:27 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-07-11 17:27 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-07-11 17:27 - 2014-06-06 15:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-07-11 17:27 - 2014-06-06 14:18 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-07-11 17:27 - 2014-05-31 12:07 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-07-11 17:27 - 2014-05-31 12:06 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2014-07-11 17:27 - 2014-05-31 05:40 - 13287936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-07-11 17:27 - 2014-05-31 05:30 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-07-11 17:27 - 2014-05-31 04:48 - 03463680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-07-11 17:27 - 2014-05-31 04:37 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2014-07-11 17:27 - 2014-05-31 04:36 - 00923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-07-11 17:27 - 2014-05-31 04:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2014-07-11 17:27 - 2014-05-31 04:32 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-07-11 17:26 - 2014-05-31 05:12 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-11 17:26 - 2014-05-31 05:06 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-07-11 17:26 - 2014-05-31 05:03 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-07-11 17:26 - 2014-05-31 05:01 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-11 17:26 - 2014-05-31 04:56 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-07-11 17:26 - 2014-05-31 04:54 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-07-11 12:35 - 2014-01-19 09:38 - 00270496 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-10 12:22 - 2014-08-10 12:22 - 00020572 _____ () C:\Users\heidehenning\Downloads\FRST.txt
2014-08-10 12:22 - 2014-08-08 08:44 - 00000000 ____D () C:\FRST
2014-08-10 12:21 - 2014-07-28 20:29 - 00000000 ____D () C:\Program Files (x86)\Everything
2014-08-10 12:15 - 2014-07-28 20:27 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-08-10 12:12 - 2014-08-10 12:12 - 00002015 _____ () C:\Users\heidehenning\Desktop\JRT.txt
2014-08-10 12:12 - 2013-03-21 00:05 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2132803774-3776117452-2317121195-1003
2014-08-10 12:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-08-10 12:00 - 2013-08-21 10:22 - 00001134 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-10 11:53 - 2014-08-10 11:53 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-08-10 09:59 - 2014-08-09 18:11 - 00037900 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-10 09:59 - 2014-08-08 00:03 - 00000000 ____D () C:\AdwCleaner
2014-08-10 09:53 - 2014-08-10 09:53 - 00002546 _____ () C:\Users\heidehenning\Desktop\mbam.txt
2014-08-10 09:47 - 2014-08-07 20:15 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-08-10 09:47 - 2013-08-21 10:22 - 00001130 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-10 09:46 - 2014-08-09 18:07 - 00004242 _____ () C:\WINDOWS\PFRO.log
2014-08-10 09:46 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-08-10 09:23 - 2014-07-08 13:21 - 00003946 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{051A535B-AB5E-490B-865C-0761531671A9}
2014-08-10 08:42 - 2014-08-10 08:42 - 00001125 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-10 08:42 - 2014-08-07 20:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-10 08:42 - 2014-08-07 20:14 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-10 08:41 - 2014-08-08 09:10 - 00000000 ____D () C:\Users\heidehenning\Desktop\VIREN PRGs
2014-08-10 08:40 - 2014-08-10 08:40 - 01016261 _____ (Thisisu) C:\Users\heidehenning\Downloads\JRT.exe
2014-08-10 08:39 - 2014-08-10 08:39 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\heidehenning\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-10 08:38 - 2014-08-10 08:38 - 01366203 _____ () C:\Users\heidehenning\Downloads\adwcleaner_3.304.exe
2014-08-09 18:00 - 2014-07-25 12:36 - 00000494 _____ () C:\WINDOWS\Tasks\ParetoLogic Registration3.job
2014-08-09 17:03 - 2014-08-09 14:30 - 00000000 ____D () C:\Program Files (x86)\Easy Speed Check
2014-08-09 17:03 - 2014-07-29 18:46 - 00000000 ____D () C:\Users\heidehenning\AppData\Roaming\Probit Software
2014-08-09 17:03 - 2014-07-29 12:01 - 00000000 ____D () C:\Program Files (x86)\Probit Software
2014-08-09 14:34 - 2014-08-09 14:34 - 01232000 _____ () C:\Users\heidehenning\Downloads\Setup(4).exe
2014-08-09 14:30 - 2014-08-09 14:30 - 00004034 _____ () C:\WINDOWS\System32\Tasks\LaunchSignup
2014-08-09 14:27 - 2014-08-09 14:27 - 01232000 _____ () C:\Users\heidehenning\Downloads\Setup(3).exe
2014-08-09 14:13 - 2014-08-07 20:36 - 00000000 ____D () C:\Users\heidehenning\AppData\Roaming\Lavasoft
2014-08-09 14:10 - 2014-08-09 14:10 - 05568206 _____ (Swearware) C:\Users\heidehenning\Downloads\ComboFix.exe
2014-08-09 14:10 - 2014-08-09 14:10 - 05568206 _____ (Swearware) C:\Users\heidehenning\Desktop\ComboFix.exe
2014-08-08 10:22 - 2014-08-08 10:22 - 00001671 _____ () C:\Users\heidehenning\Desktop\Launch Internet Explorer Browser.lnk
2014-08-08 10:18 - 2014-08-08 10:17 - 63320784 _____ (Microsoft Corporation) C:\Users\heidehenning\Downloads\IE11-Windows6.1-x64-de-de.exe
2014-08-08 09:12 - 2014-08-08 09:11 - 00000000 ____D () C:\Users\heidehenning\Desktop\ALTE Icons
2014-08-08 09:11 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-08-08 09:05 - 2014-08-08 09:05 - 01237632 _____ () C:\Users\heidehenning\Downloads\Setup(2).exe
2014-08-08 08:51 - 2014-08-08 08:51 - 00000000 ____D () C:\ProgramData\Sun
2014-08-08 08:51 - 2014-08-08 08:51 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-08 08:51 - 2014-08-08 08:49 - 00000000 ____D () C:\Program Files\003
2014-08-08 08:50 - 2014-08-08 08:50 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-08-08 08:50 - 2014-08-08 08:50 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-08-08 08:50 - 2014-08-08 08:50 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-08-08 08:50 - 2014-08-08 08:50 - 00096168 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-08-08 08:50 - 2014-08-08 08:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-08 08:50 - 2014-08-08 08:50 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-08 08:49 - 2014-08-08 08:49 - 00629400 _____ () C:\Users\heidehenning\Downloads\setup.exe
2014-08-08 08:49 - 2014-08-08 08:49 - 00000000 ____D () C:\Users\heidehenning\Documents\Java
2014-08-08 08:45 - 2014-08-07 19:13 - 00000000 ____D () C:\Viren+Spyware_PRGS 2014
2014-08-08 08:43 - 2014-08-08 08:43 - 02094080 _____ (Farbar) C:\Users\heidehenning\Downloads\FRST64.exe
2014-08-07 20:38 - 2014-08-07 20:38 - 00000000 ____D () C:\Users\heidehenning\AppData\Roaming\LavasoftStatistics
2014-08-07 20:38 - 2014-08-07 20:38 - 00000000 ____D () C:\Program Files\Lavasoft
2014-08-07 20:37 - 2014-08-07 20:37 - 00000000 ____D () C:\Users\heidehenning\AppData\Roaming\SecureSearch
2014-08-07 20:37 - 2014-08-07 20:37 - 00000000 ____D () C:\Program Files (x86)\Toolbar Cleaner
2014-08-07 20:36 - 2014-08-07 20:36 - 00000000 ____D () C:\Program Files (x86)\Lavasoft
2014-08-07 20:35 - 2014-08-07 20:35 - 00000000 ____D () C:\ProgramData\Lavasoft
2014-08-07 20:31 - 2014-07-08 12:34 - 00000000 ___DC () C:\WINDOWS\Panther
2014-08-07 20:28 - 2014-08-07 20:28 - 00002786 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2014-08-07 20:28 - 2014-08-07 20:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-08-07 20:28 - 2014-08-07 20:28 - 00000000 ____D () C:\Program Files\CCleaner
2014-08-07 20:26 - 2014-07-28 19:40 - 00000000 ____D () C:\Program Files (x86)\C13DB9D9-D8B8-4E8F-B4ED-BCFCC8C284E7
2014-08-07 20:26 - 2014-07-28 19:37 - 00000000 ____D () C:\Program Files\005
2014-08-07 20:24 - 2014-07-29 11:09 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-08-07 20:14 - 2014-08-07 20:14 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-07 20:14 - 2014-08-07 19:16 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-08-07 19:29 - 2014-08-07 19:16 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-08-07 19:16 - 2014-08-07 19:16 - 00001414 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-08-07 19:16 - 2014-08-07 19:16 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Safer-Networking
2014-08-07 19:16 - 2014-08-07 19:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-08-07 19:16 - 2014-03-18 12:03 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-08-07 19:16 - 2014-03-18 11:25 - 00764340 _____ () C:\WINDOWS\system32\perfh007.dat
2014-08-07 19:16 - 2014-03-18 11:25 - 00159160 _____ () C:\WINDOWS\system32\perfc007.dat
2014-08-07 19:14 - 2014-08-07 19:14 - 00106272 _____ (G Data Software) C:\WINDOWS\system32\Drivers\GRD.sys
2014-08-07 19:14 - 2014-08-07 19:14 - 00018160 _____ (G Data Software) C:\WINDOWS\system32\Drivers\GdPhyMem.sys
2014-08-07 18:57 - 2014-08-07 18:57 - 03712212 _____ (Piriform Ltd) C:\Users\heidehenning\Downloads\ccsetup416.exe
2014-08-07 18:55 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-08-07 18:50 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-08-07 18:47 - 2014-08-07 18:47 - 01237656 _____ () C:\Users\heidehenning\Downloads\Player_Setup.exe
2014-08-04 19:52 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-08-04 19:08 - 2014-08-04 18:49 - 00000000 ____D () C:\ProgramData\G Data
2014-08-04 18:53 - 2014-08-04 18:53 - 00071168 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\PktIcpt.sys
2014-08-04 18:53 - 2014-08-04 18:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G Data InternetSecurity CBE
2014-08-04 18:52 - 2014-08-04 18:52 - 00135168 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\MiniIcpt.sys
2014-08-04 18:52 - 2014-08-04 18:52 - 00067584 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\gdwfpcd64.sys
2014-08-04 18:52 - 2014-08-04 18:52 - 00065024 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\HookCentre.sys
2014-08-04 18:52 - 2014-08-04 18:52 - 00057344 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\GDBehave.sys
2014-08-04 18:52 - 2014-08-04 18:52 - 00000779 _____ () C:\Users\heidehenning\AppData\Roaming\gdscan.log
2014-08-04 18:52 - 2014-08-04 18:52 - 00000000 _____ () C:\Users\heidehenning\AppData\Roaming\gdfw.log
2014-08-04 18:49 - 2014-08-04 18:49 - 00000000 ____D () C:\Program Files (x86)\G Data
2014-08-04 18:47 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-08-04 18:46 - 2013-08-22 13:22 - 00461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2014-08-04 18:46 - 2013-08-22 13:22 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2014-08-04 18:46 - 2013-08-22 13:17 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2014-08-04 18:46 - 2013-08-22 13:17 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2014-08-04 18:46 - 2013-08-22 13:17 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2014-08-04 18:46 - 2013-08-22 06:05 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2014-08-04 18:46 - 2013-08-22 06:03 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2014-08-04 18:46 - 2013-08-22 05:59 - 00214016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2014-08-04 18:46 - 2013-08-22 05:56 - 00377856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2014-08-04 18:46 - 2013-08-22 05:56 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2014-08-04 18:46 - 2013-08-22 05:51 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2014-08-04 18:46 - 2013-08-22 05:51 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2014-08-04 18:46 - 2013-08-22 05:51 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2014-08-04 18:46 - 2013-08-22 05:51 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2014-08-04 18:37 - 2012-11-29 19:26 - 00000000 ____D () C:\ProgramData\Trend Micro
2014-08-04 18:36 - 2014-08-04 18:36 - 00000000 __SHD () C:\Program Files (x86)\OgenistSwomating
2014-08-04 18:20 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\tracing
2014-08-03 09:42 - 2013-08-22 15:25 - 00000194 _____ () C:\WINDOWS\win.ini
2014-07-31 19:08 - 2013-03-27 03:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-31 08:15 - 2014-07-31 08:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-31 06:54 - 2014-07-31 06:54 - 01237064 _____ () C:\Users\heidehenning\Downloads\Player.exe
2014-07-31 06:49 - 2013-03-27 03:41 - 00000000 ____D () C:\Users\heidehenning\AppData\Local\Thunderbird
2014-07-29 12:01 - 2014-07-28 19:40 - 00001398 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-07-29 11:11 - 2014-07-29 11:11 - 00000000 ____D () C:\Users\heidehenning\AppData\Local\com
2014-07-29 11:09 - 2014-07-29 11:09 - 00000000 ____D () C:\Users\heidehenning\AppData\Local\globalUpdate
2014-07-29 11:09 - 2014-07-29 11:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PepperZip
2014-07-29 10:59 - 2014-07-29 10:59 - 00748848 _____ () C:\Users\heidehenning\Downloads\setup(1).exe
2014-07-29 10:23 - 2014-07-29 10:23 - 00002121 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Thunderbird.lnk
2014-07-29 10:23 - 2014-07-29 10:23 - 00002109 _____ () C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
2014-07-29 10:23 - 2014-06-11 10:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-07-29 10:22 - 2014-07-29 10:22 - 00000000 ____D () C:\Prg Thunderbird email
2014-07-29 10:22 - 2014-07-29 10:21 - 26310952 _____ (Mozilla) C:\Users\heidehenning\Downloads\Thunderbird Setup 31.0.exe
2014-07-29 10:19 - 2012-11-29 18:58 - 00000000 ___HD () C:\Program Files (x86)\Temp
2014-07-29 10:18 - 2014-07-29 10:18 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2014-07-29 10:18 - 2014-07-29 10:18 - 00000000 ____D () C:\Program Files\Realtek
2014-07-29 10:18 - 2014-07-08 11:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM
2014-07-29 10:03 - 2014-07-29 09:58 - 00000000 ____D () C:\temp
2014-07-29 09:59 - 2014-07-29 09:59 - 00000000 ____D () C:\WINDOWS\SysWOW64\sda
2014-07-29 09:59 - 2012-11-29 18:58 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-07-29 09:59 - 2012-11-29 18:58 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-07-28 20:40 - 2014-07-28 19:52 - 00000246 _____ () C:\Users\heidehenning\Desktop\E-MAIL GMX.url
2014-07-28 20:37 - 2014-07-28 20:37 - 00787392 _____ ( ) C:\Users\heidehenning\Downloads\MailStoreHomeSetup-8.2.0.9316_CB-DL-Manager.exe
2014-07-28 20:31 - 2014-07-28 20:31 - 00501970 _____ () C:\Users\heidehenning\Downloads\everything12(1).zip
2014-07-28 20:29 - 2014-07-28 20:29 - 00000000 ____D () C:\Users\heidehenning\Downloads\everything12
2014-07-28 20:29 - 2014-07-28 20:28 - 00501970 _____ () C:\Users\heidehenning\Downloads\everything12.zip
2014-07-28 20:28 - 2014-07-28 20:28 - 00000000 ____D () C:\Users\heidehenning\AppData\Local\Macromedia
2014-07-28 20:27 - 2014-07-28 20:27 - 00003772 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-07-28 20:24 - 2014-07-29 11:09 - 04795904 _____ () C:\WINDOWS\score.exe
2014-07-28 20:18 - 2014-07-28 20:18 - 00000141 _____ () C:\Users\heidehenning\Desktop\AOL email.url
2014-07-28 20:11 - 2014-07-28 20:11 - 01057176 _____ (Adobe) C:\Users\heidehenning\Downloads\install_flashplayer14x32_mssa_aaa_aih.exe
2014-07-28 20:02 - 2014-07-28 20:02 - 00000000 ____D () C:\Program Files (x86)\predm
2014-07-28 20:00 - 2014-07-28 19:37 - 00000000 ____D () C:\Program Files (x86)\FLVM Player
2014-07-28 19:42 - 2014-07-28 19:42 - 00000000 ____D () C:\Users\heidehenning\AppData\Roaming\rightbackup
2014-07-28 19:33 - 2014-07-28 19:32 - 39243908 _____ () C:\Users\heidehenning\Downloads\firefox-34.0a1.en-US.win64-x86_64.installer (1).exe
2014-07-28 19:33 - 2014-07-28 19:32 - 33789593 _____ (Mozilla) C:\Users\heidehenning\Downloads\firefox-31.0a1.en-US.win64-x86_64.installer.exe
2014-07-28 19:32 - 2014-07-28 19:31 - 39243908 _____ () C:\Users\heidehenning\Downloads\firefox-34.0a1.en-US.win64-x86_64.installer.exe
2014-07-28 19:16 - 2014-06-25 10:51 - 00000000 ____D () C:\ProgramData\OwulIyoz
2014-07-28 13:14 - 2013-11-14 18:19 - 00011605 _____ () C:\Users\heidehenning\Documents\metro.odt
2014-07-25 12:40 - 2014-07-25 12:36 - 00000468 _____ () C:\WINDOWS\Tasks\ParetoLogic Update Version3.job
2014-07-25 12:36 - 2014-07-25 12:36 - 00003276 _____ () C:\WINDOWS\System32\Tasks\ParetoLogic Update Version3
2014-07-25 12:36 - 2014-07-25 12:36 - 00003152 _____ () C:\WINDOWS\System32\Tasks\ParetoLogic Registration3
2014-07-25 12:36 - 2014-07-25 12:36 - 00000000 ____D () C:\Users\heidehenning\AppData\Roaming\ParetoLogic
2014-07-25 12:36 - 2014-07-25 12:36 - 00000000 ____D () C:\ProgramData\ParetoLogic
2014-07-25 12:35 - 2014-07-25 12:35 - 05249448 _____ (ParetoLogic Inc.) C:\Users\heidehenning\Downloads\ParetoLogic PC Health Advisor_de.exe
2014-07-25 09:45 - 2014-07-08 11:42 - 00000000 ____D () C:\Users\heidehenning
2014-07-13 18:32 - 2013-08-22 16:44 - 00431592 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-07-13 18:32 - 2013-03-22 17:56 - 00003558 _____ () C:\WINDOWS\System32\Tasks\CreateChoiceProcessTask
2014-07-13 11:06 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-07-13 11:06 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-13 11:06 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-13 11:06 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-07-13 09:21 - 2014-07-13 09:21 - 00000000 ___RD () C:\WINDOWS\BrowserChoice
2014-07-13 09:21 - 2013-07-16 09:43 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-07-13 09:21 - 2013-03-22 03:40 - 96441528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-07-13 09:21 - 2013-03-20 23:58 - 00000000 ____D () C:\Users\heidehenning\AppData\Local\Packages
2014-07-13 09:19 - 2014-03-18 11:40 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-11 12:35 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM

Some content of TEMP:
====================
C:\Users\heidehenning\AppData\Local\Temp\BackupSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-10 10:20

==================== End Of Log ============================
--- --- ---

schrauber 10.08.2014 13:17

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

wiedehopf 10.08.2014 15:29
Hallo,
geht nicht, erhalte beim Start des Prg die Meldung
"Kann auf dem PC nciht ausgefhrt werden..."
Virenscanner ist ausgeschaltet.

Tut mir Leid, hört irgendwie nicht auf.....

Gruß
Wiedehopf

schrauber 10.08.2014 18:57
Lass ESET weg und mach dafür nen Vollscan mit deinem AV Programm.

wiedehopf 10.08.2014 22:28
Vollscan mit GDATA gemacht ----> immer noch, keine Änderung!
MIt CCleaner nochmals drüber _ immer noch!

So langsam wird mir bange, hoffe ich muß nicht alles plattmachen und formatieren und neu aufspielen. Zumal es ein PC ist, der vorkonfiguriert ist, und bei dem es keine Software auf CD gibt, außer dem ursprüngliche Recoverypunkt (angeblich!) auf den Zeitpunkt des Kaufs.

P.S.: Fragt derzeit permanent nach Update JAVA: Soll ich den jetzt machen oder stört das jetzt im Moment?

Gruß
wiedehopf

schrauber 11.08.2014 20:16
Revo Uninstaller - Download - Filepony
damit Firefox deinstallieren, keine Daten behalten, Reste entfernen lassen, neu installieren.

Dann:
https://support.mozilla.org/de/kb/fi...einfach-loesen

Frisches FRST log bitte. Java Deinstallieren und aktuelle Version neu installieren.

wiedehopf 11.08.2014 20:25
Danke, bin jetzt leider bis vorauss. Donnerstag früh unterweges- melde mich dann erst !
Gruß und viel Erfolg!
wiedehopf

schrauber 12.08.2014 12:32
ok :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 06:32 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131