facebook account gehacked

Philipp11111 · 19.04.2014, 14:27

Hallo,

Heute wurde mein Facebook Account gehacked. Habe danach einen maleware scan gemacht und der hat 15 mal den Trojaner pup.privatizerTbn.a gefunden.... Kann das der Grund dafür sein? Bzw wie kann ich sicher sein das nun keiner mehr oben ist?

Und viell kann mir noch wer einen Tipp geben, wie ich den Zugriff auf FB wieder bekomme, habe leidet auch keinen Zugriff auf meine registrierungspflichtigen E-Mail von FB....

Vielen dank!
Philipp

schrauber · 19.04.2014, 15:10

Hi,

nee das sagt gar nix.

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Und warum hast Du keinen Zugriff auf die Mailadresse?

Philipp11111 · 19.04.2014, 15:28

danke für die rasche antwort!

ich werd das gleich probiere.

weißt du zufällig was das war was maleware gefunden hat?

habe keinen zugriff auf die mailadresse weil die sehr alt ist und ich das PW nicht mehr weiß...

LG

Philipp11111 · 19.04.2014, 15:49

Anhang 66325

Zitat:

Zitat von Philipp11111

Hallo,

Heute wurde mein Facebook Account gehacked. Habe danach einen maleware scan gemacht und der hat 15 mal den Trojaner pup.privatizerTbn.a gefunden.... Kann das der Grund dafür sein? Bzw wie kann ich sicher sein das nun keiner mehr oben ist?

Und viell kann mir noch wer einen Tipp geben, wie ich den Zugriff auf FB wieder bekomme, habe leidet auch keinen Zugriff auf meine registrierungspflichtigen E-Mail von FB....

Vielen dank!
Philipp

anbei das FIRST result:
FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-04-2014 01
Ran by Philipp (administrator) on PHILIPP-PC on 19-04-2014 16:37:50
Running from C:\Users\Philipp\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
() C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft Corporation) c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360 Premier Edition\Engine\21.2.0.38\N360.exe
(Microsoft Corporation) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360 Premier Edition\Engine\21.2.0.38\N360.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\Realtek\Audio\OSD\RtVOsd64.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(Saitek) C:\Program Files (x86)\Saitek\Software\ProfilerU.exe
(Saitek) C:\Program Files (x86)\Saitek\Software\SaiMfd.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2107176 2010-03-12] (Synaptics Incorporated)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-10-13] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6234144 2010-03-13] (Realtek Semiconductor)
HKLM\...\Run: [RtkOSD] => C:\Program Files (x86)\Realtek\Audio\OSD\RtVOsd64.exe [995840 2010-01-13] (Realtek Semiconductor Corp.)
HKLM\...\Run: [HPWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-04-05] (Hewlett-Packard)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-03-02] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1230704 2011-02-15] ()
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [ApnTBMon] => C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1758160 2014-02-13] (APN)
HKLM-x32\...\Run: [Profiler] => C:\Program Files (x86)\Saitek\Software\ProfilerU.exe [184320 2006-05-18] (Saitek)
HKLM-x32\...\Run: [SaiMfd] => C:\Program Files (x86)\Saitek\Software\SaiMfd.exe [180736 2006-06-05] (Saitek)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-1252622565-2587163276-2949747067-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-1252622565-2587163276-2949747067-1000\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-1252622565-2587163276-2949747067-1000\...\MountPoints2: G - G:\AutoRun.exe
HKU\S-1-5-21-1252622565-2587163276-2949747067-1000\...\MountPoints2: H - H:\Autorun.exe
HKU\S-1-5-21-1252622565-2587163276-2949747067-1000\...\MountPoints2: I - I:\Autorun.exe
HKU\S-1-5-21-1252622565-2587163276-2949747067-1000\...\MountPoints2: J - J:\Autorun.exe
HKU\S-1-5-21-1252622565-2587163276-2949747067-1000\...\MountPoints2: {3b046d47-f371-11e2-8dc7-002682b01834} - H:\AutoRun.exe
HKU\S-1-5-21-1252622565-2587163276-2949747067-1000\...\MountPoints2: {3b046d49-f371-11e2-8dc7-002682b01834} - H:\AutoRun.exe
HKU\S-1-5-21-1252622565-2587163276-2949747067-1000\...\MountPoints2: {4ab366bb-4be3-11e1-8c1c-9a93759d0506} - G:\AutoRun.exe
HKU\S-1-5-21-1252622565-2587163276-2949747067-1000\...\MountPoints2: {51ed533e-ac26-11e1-b234-002682b01834} - H:\Autorun.exe
HKU\S-1-5-21-1252622565-2587163276-2949747067-1000\...\MountPoints2: {80fccf81-84f0-11e3-a105-002682b01834} - H:\AutoRun.exe
HKU\S-1-5-21-1252622565-2587163276-2949747067-1000\...\MountPoints2: {c910a591-4be9-11e1-bcf8-002682b01834} - H:\AutoRun.exe
HKU\S-1-5-21-1252622565-2587163276-2949747067-1000\...\MountPoints2: {cb647060-6e9a-11e2-bddc-893cbdf93c12} - H:\Startme.exe
HKU\S-1-5-21-1252622565-2587163276-2949747067-1000\...\MountPoints2: {cb8f7b98-d278-11e1-99e8-bad987d704c6} - H:\Startme.exe
HKU\S-1-5-21-1252622565-2587163276-2949747067-1000\...\MountPoints2: {ce999591-4b1d-11e1-9aa7-002682b01834} - G:\AutoRun.exe
HKU\S-1-5-21-1252622565-2587163276-2949747067-1000\...\MountPoints2: {ce99959c-4b1d-11e1-9aa7-002682b01834} - H:\AutoRun.exe
HKU\S-1-5-21-1252622565-2587163276-2949747067-1000\...\MountPoints2: {d785273c-f36e-11e2-bdff-ce7aac36c501} - H:\AutoRun.exe
HKU\S-1-5-21-1252622565-2587163276-2949747067-1000\...\MountPoints2: {ec55ec98-56e3-11e1-93eb-b0e0b3edb724} - G:\Setup.exe
HKU\S-1-5-21-1252622565-2587163276-2949747067-1000\...\MountPoints2: {f80db2b5-4b22-11e1-9fbf-002682b01834} - G:\AutoRun.exe
HKU\S-1-5-21-1252622565-2587163276-2949747067-1000\...\MountPoints2: {f80db2d6-4b22-11e1-9fbf-002682b01834} - H:\AutoRun.exe
HKU\s-1-5-21-1252622565-2587163276-2949747067-1006\...\Run: [HPAdvisorDock] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe
HKU\s-1-5-21-1252622565-2587163276-2949747067-1006\...\MountPoints2: {51ed533e-ac26-11e1-b234-002682b01834} - H:\Autorun.exe
AppInit_DLLs-x32: c:\progra~2\browse~1\sprote~1.dll => "c:\progra~2\browse~1\sprote~1.dll" File Not Found

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.austrianaviation.net/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON/1
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine64\21.2.0.38\coIEPlg.dll (Symantec Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
BHO-x32: DivX HiQ - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\21.2.0.38\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\21.2.0.38\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} -  No File
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine64\21.2.0.38\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} -  No File
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\21.2.0.38\coIEPlg.dll (Symantec Corporation)
DPF: HKLM-x32 {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} -  No File
Tcpip\Parameters: [DhcpNameServer] 62.2.24.158 62.2.17.60 62.2.24.162 62.2.17.61

FireFox:
========
FF ProfilePath: C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\nvf73zxj.default
FF Homepage: www.austrianaviation.net
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @java.com/DTPlugin,version=10.7.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.7.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @wolfram.com/Mathematica - C:\Program Files (x86)\Common Files\Wolfram Research\Browser\8.0.4.2615434\npmathplugin.dll (Wolfram Research, Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Avira SearchFree Toolbar plus Web Protection - C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\nvf73zxj.default\Extensions\toolbar_AVIRA-V7@apn.ask.com.xpi [2013-07-26]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011-02-27]
FF HKLM-x32\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa
FF Extension: DivX HiQ - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011-02-27]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2013-11-18]

Chrome: 
=======
CHR HomePage: 
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR Extension: (Search-NewTab) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmbmgfdlffecjkknfcphajeljoheidim [2013-02-27]
CHR Extension: (BraoWse2saeve) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbiagpabkcclfemhfaejjphknmbbeeji [2013-02-27]
CHR HKLM-x32\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx [2014-02-21]
CHR HKLM-x32\...\Chrome\Extension: [fnjbmmemklcjgepojigaapkoodmkgbae] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx [2011-02-08]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\21.2.0.38\Exts\Chrome.crx [2014-03-28]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx [2011-02-08]

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1017424 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 HPWMISVC; C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [20480 2010-01-18] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MSSQL$SQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [43010392 2009-03-30] (Microsoft Corporation)
R2 N360; C:\Program Files (x86)\Norton 360 Premier Edition\Engine\21.2.0.38\N360.exe [265040 2014-03-12] (Symantec Corporation)
S4 SQLAgent$SQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [366936 2009-03-30] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-07] (Avira Operations GmbH & Co. KG)
R1 BHDrvx64; C:\Program Files (x86)\Norton 360 Premier Edition\NortonData\21.1.0.18\Definitions\BASHDefs\20140409.001\BHDrvx64.sys [1525976 2014-03-19] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1502000.026\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-02-14] (DT Soft Ltd)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-12-18] (Symantec Corporation)
U5 ew_hwusbdev; C:\Windows\System32\Drivers\ew_hwusbdev.sys [117248 2010-07-27] (Huawei Technologies Co., Ltd.)
R1 IDSVia64; C:\Program Files (x86)\Norton 360 Premier Edition\NortonData\21.1.0.18\Definitions\IPSDefs\20140417.001\IDSvia64.sys [525016 2014-03-26] (Symantec Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton 360 Premier Edition\NortonData\21.1.0.18\Definitions\VirusDefs\20140418.016\ENG64.SYS [126040 2014-03-28] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360 Premier Edition\NortonData\21.1.0.18\Definitions\VirusDefs\20140418.016\EX64.SYS [2099288 2014-03-28] (Symantec Corporation)
S3 RSUSBSTOR; C:\Windows\SysWOW64\Drivers\RtsUStor.sys [225280 2009-09-23] (Realtek Semiconductor Corp.)
S3 SaiH0763; C:\Windows\System32\DRIVERS\SaiH0763.sys [176640 2007-07-18] (Saitek)
S3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [53248 2006-06-08] (Saitek)
R1 SRTSP; C:\Windows\System32\Drivers\N360x64\1502000.026\SRTSP64.SYS [875736 2014-02-13] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1502000.026\SRTSPX64.SYS [36952 2013-09-10] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1502000.026\SYMDS64.SYS [493656 2013-09-10] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1502000.026\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-11-17] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1502000.026\Ironx64.SYS [264280 2013-09-27] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1502000.026\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)
U2 wuaserv; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-19 16:31 - 2014-04-19 16:38 - 00021056 _____ () C:\Users\Philipp\Desktop\FRST.txt
2014-04-19 16:30 - 2014-04-19 16:37 - 00000000 ____D () C:\FRST
2014-04-19 16:29 - 2014-04-19 16:29 - 02158592 _____ (Farbar) C:\Users\Philipp\Desktop\FRST64.exe
2014-04-19 11:22 - 2014-04-19 16:24 - 00051825 _____ () C:\Windows\WindowsUpdate.log
2014-04-18 21:27 - 2014-04-18 22:11 - 00018944 _____ () C:\Users\Philipp\Desktop\Vietnamplan.xls
2014-04-15 21:47 - 2014-04-15 21:47 - 00000824 _____ () C:\Users\Public\Desktop\Saitek SST Programming Software.lnk
2014-04-15 21:47 - 2014-04-15 21:47 - 00000000 ____D () C:\Program Files (x86)\Saitek
2014-04-15 21:47 - 2006-06-05 13:22 - 00196096 _____ () C:\Windows\SysWOW64\nY.exe
2014-04-15 21:47 - 2006-06-05 12:20 - 00057344 _____ (Saitek) C:\Windows\SysWOW64\SAIGON.dll
2014-04-15 21:47 - 2006-05-18 08:49 - 00045056 _____ (Saitek) C:\Windows\SysWOW64\SAIKICK.dll
2014-04-14 20:29 - 2014-04-14 20:29 - 00000000 ____D () C:\Users\Philipp\Desktop\SW Ha Up
2014-04-14 11:17 - 2014-04-18 11:21 - 00000000 ____D () C:\Users\Philipp\Desktop\Viet
2014-04-12 12:56 - 2014-03-31 03:16 - 23134208 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-12 12:56 - 2014-03-31 03:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-12 12:56 - 2014-03-31 02:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-12 12:56 - 2014-03-31 01:57 - 17073152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-12 12:56 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-12 12:56 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-12 12:56 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-12 12:56 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-12 12:56 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-12 12:56 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-12 12:56 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-12 12:56 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-12 12:56 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-12 12:56 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-12 12:56 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-12 12:56 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-12 12:56 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-12 12:56 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-12 12:56 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-12 12:56 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-12 12:56 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-04 23:16 - 2014-04-04 23:16 - 00000000 ____D () C:\Users\Public\Documents\sun
2014-04-02 08:44 - 2014-04-02 08:44 - 00000000 ____D () C:\Windows\System32\Tasks\Norton 360
2014-03-29 20:14 - 2014-03-29 20:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified Files and Folders =======

2014-04-19 16:38 - 2014-04-19 16:31 - 00021056 _____ () C:\Users\Philipp\Desktop\FRST.txt
2014-04-19 16:37 - 2014-04-19 16:30 - 00000000 ____D () C:\FRST
2014-04-19 16:29 - 2014-04-19 16:29 - 02158592 _____ (Farbar) C:\Users\Philipp\Desktop\FRST64.exe
2014-04-19 16:26 - 2010-05-17 03:45 - 00764980 _____ () C:\Windows\system32\perfh007.dat
2014-04-19 16:26 - 2010-05-17 03:45 - 00174178 _____ () C:\Windows\system32\perfc007.dat
2014-04-19 16:26 - 2009-07-14 07:13 - 01803894 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-19 16:24 - 2014-04-19 11:22 - 00051825 _____ () C:\Windows\WindowsUpdate.log
2014-04-19 16:24 - 2010-10-14 21:11 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\Skype
2014-04-19 16:23 - 2012-03-30 08:48 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-19 13:26 - 2010-10-14 20:27 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\HpUpdate
2014-04-19 11:27 - 2009-07-14 06:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-19 11:27 - 2009-07-14 06:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-19 11:19 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-19 10:57 - 2010-10-14 21:00 - 00003946 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{DB96048C-19D3-4BC7-BA14-08B8EDD5EE4C}
2014-04-18 22:11 - 2014-04-18 21:27 - 00018944 _____ () C:\Users\Philipp\Desktop\Vietnamplan.xls
2014-04-18 19:39 - 2013-11-16 16:10 - 00000000 ____D () C:\Users\Philipp\AppData\Local\Deployment
2014-04-18 11:21 - 2014-04-14 11:17 - 00000000 ____D () C:\Users\Philipp\Desktop\Viet
2014-04-18 00:48 - 2010-10-28 19:45 - 00000000 ____D () C:\Users\Philipp\AppData\Local\CrashDumps
2014-04-16 14:25 - 2012-10-23 18:08 - 00000000 ____D () C:\Users\Philipp\Documents\Flight Simulator X-Dateien
2014-04-15 22:23 - 2012-02-25 16:26 - 00000000 ____D () C:\Users\Philipp\Desktop\ATR
2014-04-15 21:47 - 2014-04-15 21:47 - 00000824 _____ () C:\Users\Public\Desktop\Saitek SST Programming Software.lnk
2014-04-15 21:47 - 2014-04-15 21:47 - 00000000 ____D () C:\Program Files (x86)\Saitek
2014-04-15 21:47 - 2010-05-16 18:11 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-04-15 17:47 - 2012-01-31 11:12 - 00000000 ___RD () C:\Users\Philipp\Dropbox
2014-04-15 14:35 - 2012-01-31 11:11 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\Dropbox
2014-04-15 11:06 - 2010-10-17 14:35 - 00000000 ____D () C:\Users\Philipp\Documents\Flight Simulator-Dateien
2014-04-14 20:29 - 2014-04-14 20:29 - 00000000 ____D () C:\Users\Philipp\Desktop\SW Ha Up
2014-04-13 22:07 - 2013-01-16 23:50 - 00000000 ____D () C:\Users\Philipp\Desktop\SW
2014-04-13 22:06 - 2010-10-14 21:56 - 00000000 ____D () C:\Users\Philipp\Desktop\Flie
2014-04-12 20:50 - 2013-07-19 10:37 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-12 20:43 - 2010-11-01 09:56 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-08 21:28 - 2012-12-31 18:14 - 00094008 _____ () C:\Users\Party\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-04 23:16 - 2014-04-04 23:16 - 00000000 ____D () C:\Users\Public\Documents\sun
2014-04-02 08:44 - 2014-04-02 08:44 - 00000000 ____D () C:\Windows\System32\Tasks\Norton 360
2014-04-02 08:38 - 2010-10-14 21:02 - 00000000 ____D () C:\Windows\system32\Drivers\N360x64
2014-04-02 08:37 - 2013-05-21 21:48 - 00003238 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2014-03-31 03:16 - 2014-04-12 12:56 - 23134208 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-31 03:13 - 2014-04-12 12:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-31 02:13 - 2014-04-12 12:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-31 01:57 - 2014-04-12 12:56 - 17073152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-30 10:19 - 2013-06-27 11:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-29 20:15 - 2014-03-29 20:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-28 14:50 - 2014-02-28 11:58 - 00000000 ____D () C:\Users\Philipp\Desktop\Tickets
2014-03-26 09:43 - 2012-12-27 12:24 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware

Some content of TEMP:
====================
C:\Users\Philipp\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-15 18:51

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

und das Addition result:FRST Additions Logfile:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-04-2014 01
Ran by Philipp at 2014-04-19 16:38:17
Running from C:\Users\Philipp\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Norton 360 Premier Edition (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton 360 Premier Edition (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton 360 Premier Edition (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}

==================== Installed Programs ======================

Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM-x32\...\{D8DFA46A-39F7-4368-810D-18AFCFDDAEAF}) (Version: 11.5.1.601 - Adobe Systems, Inc.)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.82 - WildTangent) Hidden
Airframes, Systems and Emergency Equipment (HKLM-x32\...\Airframes, Systems and Emergency Equipment1.0) (Version: 1.0 - OAAmedia)
ATI Catalyst Install Manager (HKLM\...\{C9083B9D-9092-FF22-DDCC-9776E69BE816}) (Version: 3.0.765.0 - ATI Technologies, Inc.)
ATPL AC Electrics (HKLM-x32\...\ATPL AC Electrics1.0) (Version: 1.0 - OAAmedia)
ATPL Air Law (HKLM-x32\...\ATPL Air Law1.0) (Version: 1.0 - CAE Oxford Interactive)
ATPL Aircraft Performance (HKLM-x32\...\ATPL Aircraft Performance1.0) (Version: 1.0 - OAAmedia)
ATPL Autoflight (HKLM-x32\...\ATPL Autoflight1.0) (Version: 1.0 - OAAmedia)
ATPL DC Electrics (HKLM-x32\...\ATPL DC Electrics1.0) (Version: 1.0 - OAAmedia)
ATPL Flight Instruments (HKLM-x32\...\ATPL Flight Instruments1.0) (Version: 1.0 - OAAmedia)
ATPL Flight Planning (HKLM-x32\...\ATPL Flight Planning1.0) (Version: 1.0 - OAAmedia)
ATPL Gas Turbine Engines (HKLM-x32\...\ATPL Gas Turbine Engines1.1) (Version: 1.1 - OAAmedia)
ATPL General Navigation (HKLM-x32\...\ATPL General Navigation1.0) (Version: 1.0 - OAAmedia)
ATPL Human Performance (Part 1) (HKLM-x32\...\ATPL Human Performance (Part 1)1.0) (Version: 1.0 - CAE Oxford Interactive)
ATPL Human Performance (Part 2) (HKLM-x32\...\ATPL Human Performance (Part 2)1.0) (Version: 1.0 - CAE Oxford Interactive)
ATPL Meteorology (HKLM-x32\...\ATPL Meteorology3.0) (Version: 3.0 - OAAmedia)
ATPL Operational Procedures (HKLM-x32\...\ATPL Operational Procedures1.0) (Version: 1.0 - OAAmedia)
ATPL Principles of Flight (HKLM-x32\...\ATPL Principles of Flight1.0) (Version: 1.0 - OAAmedia)
Aviator (HKLM-x32\...\{3F46D5F5-DEDE-4F4F-8AFE-1D458555C94A}) (Version: 1.0.226 - Xedatec)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
Avira SearchFree Toolbar (HKLM-x32\...\{41564952-412D-5637-00A7-A758B70C0A03}) (Version: 12.10.3.4487 - APN, LLC)
B200 King Air HD SERIES FSX/P3D (HKLM-x32\...\B200 King Air HD SERIES FSX/P3D) (Version: 1.00.00.00 - Carenado)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.82 - WildTangent) Hidden
bob internet (HKLM-x32\...\bob internet) (Version: 1.16.1.0 - A1 Telekom Austria AG)
bob internet (x32 Version: 1.16.1.0 - A1 Telekom Austria AG) Hidden
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.60.48.35 - Broadcom Corporation)
Bus Driver (x32 Version: 2.2.0.82 - WildTangent) Hidden
Cambridge- English Grammar in Use (HKLM-x32\...\Cambridge- English Grammar in Use) (Version: 100A - Clarity Language Consultants Ltd)
Canon MP Navigator EX 2.0 (HKLM-x32\...\MP Navigator EX 2.0) (Version:  - )
Canon MP540 series Benutzerregistrierung (HKLM-x32\...\Canon MP540 series Benutzerregistrierung) (Version:  - )
Canon MP540 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP540_series) (Version:  - )
Canon Utilities My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version:  - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2010.0302.2233.40412 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0302.2233.40412 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2010.0302.2233.40412 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2010.0302.2233.40412 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0302.2233.40412 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0302.2233.40412 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0302.2233.40412 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0302.2233.40412 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0302.2232.40412 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0302.2232.40412 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.0302.2232.40412 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0302.2232.40412 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0302.2232.40412 - ATI) Hidden
CCC Help English (x32 Version: 2010.0302.2232.40412 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0302.2232.40412 - ATI) Hidden
CCC Help French (x32 Version: 2010.0302.2232.40412 - ATI) Hidden
CCC Help German (x32 Version: 2010.0302.2232.40412 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0302.2232.40412 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0302.2232.40412 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0302.2232.40412 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0302.2232.40412 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0302.2232.40412 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0302.2232.40412 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0302.2232.40412 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0302.2232.40412 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0302.2232.40412 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0302.2232.40412 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0302.2232.40412 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0302.2232.40412 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0302.2232.40412 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0302.2233.40412 - Ihr Firmenname) Hidden
ccc-utility64 (Version: 2010.0302.2233.40412 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.25 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
Clarity recorder (HKLM-x32\...\Clarity recorder) (Version: 1.0 - Clarity Language Consultants Ltd)
Crewlink-Offline (HKCU\...\2a1a9d0eea0b256b) (Version: 1.2.3103.30 - Swiss International Airlines)
CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.1.3810 - CyberLink Corp.)
CyberLink PowerDVD 9 (x32 Version: 9.0.1.3810 - CyberLink Corp.) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.3.0297 - DT Soft Ltd)
Diamond DA40 G1000 Trainer v8.01 (HKLM-x32\...\Diamond DA40 G1000 Trainer v8.01) (Version: v8.01 - GARMIN)
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.82 - WildTangent) Hidden
DivX Setup (HKLM-x32\...\DivX Setup.divx.com) (Version: 2.4.0.6 - DivX, LLC)
Dream Chronicles (x32 Version: 2.2.0.82 - WildTangent) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 2.6.2 - Dropbox, Inc.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
EXAM (HKLM-x32\...\{35B7368A-F721-46E6-B258-EA3CC11A6924}) (Version: 10.00.0000 - Peters Software)
FATE (x32 Version: 2.2.0.82 - WildTangent) Hidden
Flight Simulator X (HKLM-x32\...\RTMshadow_{7D606567-5047-451A-B49E-29FCB6012B4E}) (Version:  - )
Flight Simulator X Service Pack 1 (HKLM-x32\...\SP1shadow_{7D606567-5047-451A-B49E-29FCB6012B4E}) (Version:  - )
GARMIN 400 Series Trainer (HKLM-x32\...\GARMIN 400 Series Trainer) (Version:  - )
GARMIN 500 Series Trainer (HKLM-x32\...\GARMIN 500 Series Trainer) (Version:  - )
Geany 1.22 (HKLM-x32\...\Geany) (Version: 1.22 - The Geany developer team)
Gem Shop (x32 Version: 2.2.0.82 - WildTangent) Hidden
GNS400W-500W Trainer (HKLM-x32\...\{C59E019B-0952-4B72-A382-68A72224F88F}) (Version:  - )
GPL Ghostscript (HKLM-x32\...\GPL Ghostscript 9.04) (Version: 9.04 - Artifex Software Inc.)
HP Customer Experience Enhancements (x32 Version: 6.0.1.4 - Hewlett-Packard) Hidden
HP Game Console (x32 Version:  - WildTangent) Hidden
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.80 - WildTangent)
HP Quick Launch (HKLM\...\{10F539B1-31AF-43BF-9F0C-0EB66E918922}) (Version: 1.0.18 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{E2831862-F131-4327-B9CC-FA30F587EB6C}) (Version: 1.2.3988.3281 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{AF6EB833-D48A-49AC-9394-4C57489FDFF2}) (Version: 4.1.13.1 - Hewlett-Packard Company)
HP Support Assistant (x32 Version: 7.0.39.15 - Hewlett-Packard Company) Hidden
HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
HP User Guides 0217 (HKLM-x32\...\{97F3767E-8A52-4AA6-9304-BEEFBAC04575}) (Version: 1.00.0000 - Hewlett-Packard)
HP Wireless Assistant (HKLM\...\{84FD80B9-AB11-406F-8719-09C51D18CC0C}) (Version: 4.0.6.0 - Hewlett-Packard)
Insaniquarium Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.01.01.1007 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
JAA ATPL Questions (HKLM-x32\...\JAA ATPL Questions1.1) (Version: 1.1 - Oxford Aviation Training)
Java 7 Update 7 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417007FF}) (Version: 7.0.70 - Oracle)
Java Auto Updater (x32 Version: 2.0.6.1 - Sun Microsystems, Inc.) Hidden
Java SE Development Kit 7 Update 7 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170070}) (Version: 1.7.0.70 - Oracle)
Java(TM) 6 Update 30 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216017FF}) (Version: 6.0.300 - Sun Microsystems, Inc.)
Java-Editor 11.21, 2012.11.06 (HKLM-x32\...\{65FBA21B-7F80-4E4E-B275-0958D2648F94}_is1) (Version:  - Gerhard Röhner)
Jewel Quest II (x32 Version: 2.2.0.82 - WildTangent) Hidden
Jewel Quest Solitaire (x32 Version: 2.2.0.82 - WildTangent) Hidden
Joe (HKLM-x32\...\{36A1E3D6-288A-4EEE-A081-30D9808B2BE3}) (Version: 3.05.0100 - Wirth New Media Sarl)
Mahjongg Artifacts (x32 Version: 2.2.0.82 - WildTangent) Hidden
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Mathematica Extras 8.0 (2615434) (HKLM\...\A-WIN-Extras 8.0.4 2615434_is1) (Version: 8.0.4 - Wolfram Research, Inc.)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Flight Simulator 2004 - Das Jahrhundert der Luftfahrt (HKLM-x32\...\Flight Simulator 9.0) (Version: 9.0 - Microsoft)
Microsoft Flight Simulator X (x32 Version: 10.0.60905 - Microsoft Game Studios) Hidden
Microsoft Flight Simulator X: Acceleration (HKLM-x32\...\FlightSim_{7D606567-5047-451A-B49E-29FCB6012B4E}) (Version: 10.0.61637.0 - Microsoft Game Studios)
Microsoft Flight Simulator X: Acceleration (x32 Version: 10.0.61637.0 - Microsoft Game Studios) Hidden
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2008 (HKLM-x32\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 (x32 Version:  - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{4AF2248C-B3DF-46FB-9596-87F5DB193689}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Common Files (x32 Version: 10.0.1600.22 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Common Files (x32 Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Services (x32 Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Shared (x32 Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Native Client (HKLM\...\{8325FD0C-2FDB-46C3-921A-3A78385EA972}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 RsFx Driver (x32 Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server VSS Writer (HKLM\...\{28D06854-572C-4A65-83E5-F8CAF26B9FDC}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mobile Connect (HKLM-x32\...\{3EAAC5FD-E209-4856-8C49-D4EA40F85032}) (Version: 1.00.0000 - Huawei technologies)
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Mystery P.I. - The Vegas Heist (x32 Version: 2.2.0.82 - WildTangent) Hidden
Norton 360 (HKLM-x32\...\N360) (Version: 21.2.0.38 - Symantec Corporation)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
PDF24 Creator 5.4.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Penguins! (x32 Version: 2.2.0.82 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.82 - WildTangent) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.2514 - CyberLink Corp.)
PowerDirector (x32 Version: 8.0.2514 - CyberLink Corp.) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
QualityWings Ultimate 146 Collection FSX (HKLM-x32\...\QualityWings Ultimate 146 Collection FSX) (Version:  - )
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.11.1127.2009 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6066 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30105 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.2512 - CyberLink Corp.) Hidden
Saitek SST Programming Software (HKLM-x32\...\{967FB80D-56BD-42EF-A942-9E8C78F984A4}) (Version: 1.00.0000 - Saitek)
Security Task Manager 1.8d (HKLM-x32\...\Security Task Manager) (Version: 1.8d - Neuber Software)
Service Pack 1 für SQL Server 2008 (KB 968369) (HKLM-x32\...\KB968369) (Version: 10.1.2531.0 - Microsoft Corporation)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
SkyTest Swiss (HKLM-x32\...\{CF340C0F-FECA-4744-B261-9BEFD396859A}) (Version: 1.0.0 - SkyTest)
SkyTest® AB-Trainingssoftware (HKLM-x32\...\SkyTest® AB-Trainingssoftware 2.4_is1) (Version:  - SkyTest)
SkyTest® AB-Trainingssoftware (HKLM-x32\...\SkyTest® AB-Trainingssoftware 2.5_is1) (Version:  - SkyTest)
SkyTest® BU-Trainingssoftware 2.3 (HKLM-x32\...\SkyTest® BU-Trainingssoftware_is1) (Version:  - SkyTest)
Slingo Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
Solid Edge ST3 (HKLM\...\{EA8B28A2-D84F-447E-B588-9C255F1EDC0A}) (Version: 103.00.00114 - Siemens)
Sony Ericsson Update Engine (HKLM-x32\...\Update Engine) (Version: 2.12.15.18 - Sony Ericsson Communications AB)
Sony PC Companion 2.10.155 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.155 - Sony)
Sql Server Customer Experience Improvement Program (x32 Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.12.0 - Synaptics Incorporated)
Unterstützungsdateien für Microsoft SQL Server 2008-Setup  (HKLM-x32\...\{877B3198-1C6B-4A9A-8D28-BE4F6040987F}) (Version: 10.1.2531.0 - Microsoft Corporation)
VC80CRTRedist - 8.0.50727.4053 (x32 Version: 1.1.0 - DivX, Inc) Hidden
Virtual Villagers - The Secret City (x32 Version: 2.2.0.82 - WildTangent) Hidden
Wedding Dash (x32 Version: 2.2.0.82 - WildTangent) Hidden
Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
WinRAR 4.20 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Wolfram Mathematica 8 for Students (M-WIN-G 8.0.4 2615565) (HKLM\...\M-WIN-G 8.0.4 2615565_is1) (Version: 8.0.4 - Wolfram Research, Inc.)
Zuma Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden

==================== Restore Points  =========================

13-03-2014 19:49:01 Windows Update
22-03-2014 10:13:51 Windows Update
12-04-2014 18:40:55 Windows Update
15-04-2014 19:46:17 Installiert Saitek SST Programming Software
15-04-2014 19:48:28 Gerätetreiber-Paketinstallation: Saitek

==================== Hosts content: ==========================

2009-07-14 04:34 - 2013-03-13 12:10 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {1AC9F9D7-269A-4007-ADFF-8E794ACFAE00} - System32\Tasks\{D6378C8A-2E8D-41B8-A3A2-F5F874648E7D} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.9.0.123.161/de/abandoninstall?page=tsMain
Task: {2EACF60B-EEEA-4EEE-A609-6439BE54CB4D} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-23] ()
Task: {39EC496B-07C5-4742-AA88-404DDDDB30FD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-13] (Adobe Systems Incorporated)
Task: {4312AD3D-51A9-4367-94BF-73CCCC7486F8} - System32\Tasks\{37422C63-01FF-4981-8670-C9D464273311} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.9.0.123/de/abandoninstall?page=tsMain
Task: {4DDB585C-5558-424F-8C83-F5DDD4C2294C} - System32\Tasks\{0C13D5FC-1637-462A-A99D-AE8C9AE7D8FD} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.0.0.126/de/abandoninstall?page=tsProgressBar
Task: {4ED33081-604F-4564-9FBE-B6BEF23DFAEC} - System32\Tasks\{BF80830C-3B2B-4F52-83D8-DD0B99E9083E} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.0.0.126/de/go/help.faq.installer?LastError=1618
Task: {7490D3A4-F9C1-4E88-8D63-D82F98959D7B} - System32\Tasks\{FED2943A-B262-4A95-A03B-6A9D1BE8A301} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.0.0.126/de/go/help.faq.installer?LastError=1618
Task: {76782409-A176-4176-B22C-C3019883685B} - System32\Tasks\{6BF621FE-6614-4DD8-A3AD-64CF7BEE6E52} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.0.0.126/de/abandoninstall?page=tsProgressBar
Task: {8BFE7381-2D4E-4428-8CB3-495087C65DFC} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360 Premier Edition\Engine\21.2.0.38\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {AE893695-C9CA-4EB6-A64F-5ABC1CB0FC2A} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360 Premier Edition\Engine\21.2.0.38\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {B91A75AA-3953-4E8F-A721-B5E3AEA8F3D8} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360 Premier Edition\Engine\21.2.0.38\WSCStub.exe [2014-03-12] (Symantec Corporation)
Task: {D364A291-E412-4912-B890-3EA8B972C115} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {E5F4B0EF-BAA3-4703-8DAA-9A57480CEDF6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-11-24] (Piriform Ltd)
Task: {FF098BFC-1640-417F-940F-F6A667EF0724} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-23] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2010-01-18 15:04 - 2010-01-18 15:04 - 00020480 _____ () C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
2011-02-15 03:32 - 2011-02-15 03:32 - 01230704 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2009-10-22 12:51 - 2009-10-22 12:51 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-07-03 03:36 - 2010-07-03 03:36 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2010-04-05 12:12 - 2010-04-05 12:12 - 00267832 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll
2013-07-21 09:20 - 2013-06-20 14:48 - 00394824 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2011-02-15 03:33 - 2011-02-15 03:33 - 00096112 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2014-04-15 21:47 - 2006-05-18 08:42 - 00147456 _____ () C:\Program Files (x86)\Saitek\Software\SAICFG.dll
2014-03-29 20:14 - 2014-03-29 20:15 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupfolder: C:^Users^Philipp^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: CanonSolutionMenu => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logon
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: FreePDF Assistant => "C:\Program Files (x86)\FreePDF_XP\fpassist.exe"
MSCONFIG\startupreg: PDFPrint => C:\Program Files (x86)\pdf24\pdf24.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/19/2014 10:06:47 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (04/18/2014 05:46:44 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (04/17/2014 10:27:22 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (04/16/2014 09:49:37 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (04/15/2014 10:07:06 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: fsx.exe, Version: 10.0.61637.0, Zeitstempel: 0x46fadb14
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000
ID des fehlerhaften Prozesses: 0x1270
Startzeit der fehlerhaften Anwendung: 0xfsx.exe0
Pfad der fehlerhaften Anwendung: fsx.exe1
Pfad des fehlerhaften Moduls: fsx.exe2
Berichtskennung: fsx.exe3

Error: (04/15/2014 09:49:29 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: ProfileU.exe, Version: 4.3.4.8, Zeitstempel: 0x446c2820
Name des fehlerhaften Moduls: ProfileU.exe, Version: 4.3.4.8, Zeitstempel: 0x446c2820
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00001fda
ID des fehlerhaften Prozesses: 0x1b00
Startzeit der fehlerhaften Anwendung: 0xProfileU.exe0
Pfad der fehlerhaften Anwendung: ProfileU.exe1
Pfad des fehlerhaften Moduls: ProfileU.exe2
Berichtskennung: ProfileU.exe3

Error: (04/15/2014 01:43:21 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (04/15/2014 10:55:30 AM) (Source: Application Hang) (User: )
Description: Programm fsx.exe, Version 10.0.61637.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1468

Startzeit: 01cf588815c3e7bc

Endzeit: 10

Anwendungspfad: C:\Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\fsx.exe

Berichts-ID: a0405254-c47b-11e3-a4db-81f83a9a023d

Error: (04/14/2014 05:36:59 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 90080108

Error: (04/14/2014 04:58:45 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005


System errors:
=============
Error: (04/19/2014 11:24:57 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows-Fehlerberichterstattungsdienst erreicht.

Error: (04/19/2014 10:55:25 AM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "PRIVAT",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{C135595A-72EE-4199-9846-54E812AFD717}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (04/18/2014 00:50:28 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "UPnP-Gerätehost" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (04/18/2014 00:50:28 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "upnphost" konnte sich nicht als "NT AUTHORITY\LocalService" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%50

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (04/18/2014 00:50:28 AM) (Source: DCOM) (User: )
Description: 1069upnphost{204810B9-73B2-11D4-BF42-00B0D0118B56}

Error: (04/17/2014 10:10:37 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "PRIVAT",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{C135595A-72EE-4199-9846-54E812AFD717}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (04/15/2014 02:08:50 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "PRIVAT",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{C135595A-72EE-4199-9846-54E812AFD717}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (04/15/2014 09:17:20 AM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "PRIVAT",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{C135595A-72EE-4199-9846-54E812AFD717}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (04/14/2014 02:27:14 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Wlansvc erreicht.

Error: (04/14/2014 08:18:39 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.


Microsoft Office Sessions:
=========================
Error: (04/19/2014 10:06:47 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005

Error: (04/18/2014 05:46:44 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005

Error: (04/17/2014 10:27:22 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005

Error: (04/16/2014 09:49:37 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005

Error: (04/15/2014 10:07:06 PM) (Source: Application Error)(User: )
Description: fsx.exe10.0.61637.046fadb14unknown0.0.0.000000000c000000500000000127001cf58e0a1524ba3C:\Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\fsx.exeunknown8450ed79-c4d9-11e3-a4db-81f83a9a023d

Error: (04/15/2014 09:49:29 PM) (Source: Application Error)(User: )
Description: ProfileU.exe4.3.4.8446c2820ProfileU.exe4.3.4.8446c2820c000000500001fda1b0001cf58e3c145f2dfC:\Program Files (x86)\Saitek\Software\ProfileU.exeC:\Program Files (x86)\Saitek\Software\ProfileU.exe0e53647d-c4d7-11e3-a4db-81f83a9a023d

Error: (04/15/2014 01:43:21 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005

Error: (04/15/2014 10:55:30 AM) (Source: Application Hang)(User: )
Description: fsx.exe10.0.61637.0146801cf588815c3e7bc10C:\Program Files (x86)\Microsoft Games\Microsoft Flight Simulator X\fsx.exea0405254-c47b-11e3-a4db-81f83a9a023d

Error: (04/14/2014 05:36:59 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 90080108

Error: (04/14/2014 04:58:45 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005


CodeIntegrity Errors:
===================================
  Date: 2014-04-19 11:18:37.124
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\SaiBus.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-04-19 11:18:36.921
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\SaiBus.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-04-19 10:50:51.217
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\SaiBus.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-04-19 10:50:50.952
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\SaiBus.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-04-19 09:37:55.058
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\SaiBus.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-04-19 09:37:54.871
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\SaiBus.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-04-18 08:06:17.651
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\SaiBus.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-04-18 08:06:17.448
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\SaiBus.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-04-17 21:55:00.331
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\SaiBus.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-04-17 21:55:00.128
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\SaiBus.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Percentage of memory in use: 59%
Total physical RAM: 3893.86 MB
Available physical RAM: 1568.15 MB
Total Pagefile: 7785.9 MB
Available Pagefile: 4941.41 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:451.42 GB) (Free:309.28 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:14.04 GB) (Free:2.01 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 5EFDADBF)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=451 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=14 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)

==================== End Of Log ============================

--- --- ---

schrauber · 20.04.2014, 17:57

Wir können die Kiste bereinigen, aber wenn Du nicht mehr auf die bei FB registrierte Mail kommst ist dein Konto futsch, ausser du kontaktierst mal den FB Support. Zaubern kann ich nicht

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

Philipp11111 · 21.04.2014, 19:44

anbei die Daten:

mbam.txt:

Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 20.04.2014
Suchlauf-Zeit: 20:24:54
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.1.1004
Malware Datenbank: v2014.04.20.06
Rootkit Datenbank: v2014.03.27.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Chameleon: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Philipp

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 323078
Verstrichene Zeit: 32 Min, 23 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Shuriken: Aktiviert
PUP: Warnen
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 1
PUP.Optional.SProtector.A, HKU\S-1-5-21-1252622565-2587163276-2949747067-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\SOFTWARE\APPDATALOW\SProtector, Löschen bei Neustart, [1ee2e21e10f00000b6aa2177986b639d],

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 0
(No malicious items detected)

Physische Sektoren: 0
(No malicious items detected)

(end)

adware cleaner:AdwCleaner Logfile:

Code:

ATTFilter

# AdwCleaner v3.100 - Bericht erstellt am 20/04/2014 um 20:36:51
# Aktualisiert 20/04/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Philipp - PHILIPP-PC
# Gestartet von : C:\Users\Philipp\Desktop\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Program Files (x86)\DVDVideoSoft
Ordner Gelöscht : C:\Program Files (x86)\Common Files\DVDVideoSoft
Ordner Gelöscht : C:\Users\Philipp\.android
Ordner Gelöscht : C:\Users\Philipp\AppData\Roaming\DownLite
Ordner Gelöscht : C:\Users\Philipp\AppData\Roaming\DVDVideoSoft

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}]
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{BBDA0591-3099-440a-AA10-41764D9DB4DB}]
Schlüssel Gelöscht : HKCU\Software\Classes\pokki
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\S
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Speedchecker Limited
Daten Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\browse~1\sprote~1.dll

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17041


-\\ Mozilla Firefox v28.0 (de)

[ Datei : C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\nvf73zxj.default\prefs.js ]


[ Datei : C:\Users\Party\AppData\Roaming\Mozilla\Firefox\Profiles\qetg7ffg.default\prefs.js ]


-\\ Google Chrome v

[ Datei : C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [13142 octets] - [05/09/2013 21:55:23]
AdwCleaner[R1].txt - [3526 octets] - [20/04/2014 20:34:44]
AdwCleaner[S0].txt - [12597 octets] - [05/09/2013 21:57:40]
AdwCleaner[S1].txt - [3397 octets] - [20/04/2014 20:36:51]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [3457 octets] ##########

--- --- ---

JRT:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Philipp on 20.04.2014 at 20:47:20,65
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{41564952-412D-5637-00A7-7A786E7484D7}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1252622565-2587163276-2949747067-1000\Software\sweetim

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\apn"
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{01E9C329-F33E-4692-89EA-FB61F90486B0}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{024D4CB6-C381-43E7-824D-18BFB4D72A70}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{04B08253-B711-4DE7-97F4-0DE6C97FA5E4}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{05B086DA-94D7-486A-AABD-F88BFFCDCAB2}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{08538652-16C1-4ABF-BD8D-7A8D85D57A91}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{0C912EE1-3C42-4A0A-8DA4-3FD29D6AE040}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{0FD2E7DC-AF40-44E5-BFE3-6B656F008785}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{10D2419A-9806-4E0C-A190-9FF2C2DFCB03}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{119C0ED3-0D32-4976-9917-0641D62F9D59}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{120CC450-E05E-489C-8D69-E029E14CE28C}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{12AC2BD2-48FA-4CCA-A33A-8AF879668A90}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{12C46F40-6ACC-4515-9B82-3229BB9690B5}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{13D5DFBE-CACE-4D46-92B6-D1A538E53B17}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{16ED830B-C096-4F5E-8EB9-25439BA5D443}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{17D430B1-8830-45F1-8CFA-4FF042AB468A}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{18967111-CE4F-443F-98B9-2789EFDB067D}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{1DA1F218-71BF-462C-9738-2AC3F0F43DED}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{1DCCEB6D-33B5-4433-8B8D-573FA76A1BC7}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{1F1AFF54-189A-4850-A262-E5FBD2A3F125}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{202E82D1-ED16-432F-BE94-C3B66772FA7D}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{22F31F8C-47B4-4ABC-ABA2-B0F13619E7AC}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{2524A2CF-1B26-48A1-89C0-119CE3A28FB7}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{2676B840-792F-4A8C-86F1-D3F36C592679}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{267C7216-F63E-4448-BE49-AA3B6E2E3283}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{26B42EEC-0057-4099-90F5-2E71542CD78D}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{2733CE90-9A1A-4188-B9D6-200FC1C891A6}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{276C0530-81AF-4A2C-A025-A46930901B07}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{280A5F44-0504-41D7-97EF-7914177344D7}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{281D0429-E61F-48F1-A252-5BD170890402}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{2896A9A8-E9C2-4DFD-AFBF-5CA9F52AB47A}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{29D97474-A768-4A75-A827-81DB05E5122A}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{2A3A04CF-BC32-435F-BD62-B40EC337A4C8}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{2AB33690-BEDE-472B-B178-D8C31C9D12B3}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{2AF3B43A-A629-4058-AEBD-3D2936ACA5EA}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{2DA744D2-1B28-496F-9B1C-AEF07EC8FA19}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{2E20F503-0A90-438A-8CAE-66359F0E76C0}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{30830035-167D-4C61-8E3A-DFA4D038CBFA}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{319E4C94-E8C0-4E52-9E63-F2A04D59DEAE}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{31AA9804-AA96-4A0D-BBC3-AC58209CE0CC}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{3298A97C-84A3-490E-B7FB-B3CE5F42CC52}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{32B041A0-469D-40C9-8AB7-017A6729FA2A}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{3351D044-4E0A-4A3C-9B44-9118B3D47009}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{33829D9E-DE7F-40C5-8C2E-E1BEA637FBAD}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{33E007FB-AFF3-4E73-8E57-7063E513511F}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{35560663-8570-47B0-8D86-AAF35305C80A}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{357B7A92-5EF5-4BB5-B7EA-34764619B5FC}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{35DF41BA-7C9F-4378-983E-59D0766ECEBE}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{371F0DD4-BC5A-4517-A584-15D39D2C85A9}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{3732B4BC-CD16-4AA7-83C4-8E58052EAFEC}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{380B57AE-D116-4C5A-8ECD-FF50430A786C}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{38663C54-B3F3-405D-AAFC-B590A5C78848}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{3A0FBF84-B062-4D00-BBA8-000EA21A8DCB}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{3A947677-0536-47E1-AC6E-708EAE5769C0}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{3B4A3F82-EAA5-458C-BCA8-C662B4B8DB7A}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{3BD6FF18-95DA-48E0-8D8A-B6234273BD5C}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{3BDB3EC7-E87E-460C-99D5-7D5D24BAD2AC}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{3CA72E6F-415F-4286-BAD7-93968482563F}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{3DDA2F3C-8899-420E-96EE-32ADB388F8C8}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{3DED84B9-5E8D-4503-9E49-EDB1D02A71C8}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{3E642A5C-275F-4E5D-925A-6E51057FBB0C}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{3EED4529-4614-4DD9-860F-32691587CCE9}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{3F0453E2-8A44-4109-85AA-7BD94EB92C33}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{419E99C0-60FC-4DFE-88D2-B04F3746132B}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{41D4D832-50E9-4175-AB70-3F18E9633B04}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{4298FFAC-9E63-463F-B7BB-E79148B6980B}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{4304E94B-614E-4DF5-8C0E-6269C9424CF0}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{43684B58-389F-4D68-9F6C-CBF202414ED7}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{43910A2A-AF5B-4445-A76F-15CF01D98433}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{46B47661-5A42-4829-A8F8-C49396605C4F}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{47D49A86-DAB6-46D2-AE8B-662F4FA67381}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{47E52F0B-8C83-4ADC-8336-698C692C2CA5}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{491A90F3-4427-4BE1-BE8F-56F44C35E72D}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{4AF7E7DA-E355-4F9A-B1E0-A8540C2F63A1}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{4BE3D028-522E-4D09-93BA-286003C2011B}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{4C3EB8D5-DAC3-4200-BC30-F5AFDB39A148}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{4D25A498-C946-4621-A1E1-765E3211EFFB}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{4DC4E0F9-0C2D-4646-8A69-F110F9CC5BBD}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{4F1BD8FE-5B1A-414A-A076-9ACE16CC3197}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{4F51C03F-DDB6-4F84-A3DA-B9BEFA77F070}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{4F9DCB31-48BA-409A-9EE7-022732E91F7E}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{50D85617-04EF-4818-8C4B-9952C01CB0A7}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{518D4A2C-C90C-4D6B-880D-A58F5F64F540}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{53122CE7-4830-4837-B6B3-9C5DED5FD83C}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{53F8371A-3311-4126-BE9E-F3E2E7F49096}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{5448C336-1B9E-434B-A690-2137DD4EF1B6}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{5486314A-6960-4E2F-9109-F53021E876B8}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{54DD73A9-6FB0-49F1-8DE0-C3152791C292}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{5509C167-F154-46D7-AF2A-8BCA2D92DFB4}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{566F424D-E858-4C73-A2C0-A73B329086A4}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{5693028C-A6A2-4AB2-9C30-C8E3380DF30D}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{5733B269-58C5-4456-A098-F5BF9707E9D5}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{57E977B1-6D4F-41EF-A798-8C75C95A2594}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{5818F835-C4B2-4F7B-BFDC-EF90BCEB3F31}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{58F45AD2-FFC8-4307-9266-1D722901E242}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{5BE0EA11-BD33-400A-A83A-34E527A25EE6}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{5F2F7FA0-0951-42B3-ABC9-B93BC1192DED}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{60AC8071-1B58-4552-8F8D-11DA6DCE79B1}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{616EC9B3-0E63-4DB9-B303-C355D9EC0411}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{62509031-057C-4947-86C5-F942EAB0DA98}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{6336D94A-FEFA-4865-A497-43113909B261}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{64FFACF5-5306-44B0-9CE3-DF8E290BAD66}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{65AC3A74-C7FC-46BC-859D-B400D2046AA1}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{689C7732-CF6B-404C-96F3-7ACF208EA83A}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{6A1FD991-744E-42C6-BD2B-81BCDD18A459}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{6A94A411-D3F2-46CC-9F1C-2E5C3F21A7A6}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{6ABA7B9E-858A-4386-A71C-D82FAC2DB1D6}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{6B3B85D6-8D22-41B2-ACE3-2884562C463B}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{6CECAC61-7509-47EA-B598-33C84128AD44}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{6D694B14-CC72-4ACD-A327-DAEF52EA360C}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{6EF5943C-2AA5-4BF2-8971-F6595A3FEDDB}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{6F8124AE-0902-4DAE-90FA-2B57C774495D}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{70456D27-19B5-4DCC-B110-EEDF3FF28A19}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{7129D173-F715-43A8-A8B2-688635667D5A}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{7217107D-FEDF-4A69-B3B9-52C83ABB314B}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{75574148-6B4E-41DE-85D7-D47CE0F63A1F}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{764E439D-CC91-44E7-81E5-0807C48FA85C}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{768521B7-A66B-4EA5-9AFF-C0FBA099D5CA}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{7742C28A-F0E3-4941-AC63-25EFF8A137BE}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{778F2B78-AD7F-4DA3-A17B-CA8ACA9E9C1B}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{78F3A8E6-A97E-411A-A58B-EDFE8B2DF502}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{7C0997BE-3E26-4439-9818-1491BC23966C}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{7C0CE548-4ED3-42C1-B6CE-82C3FEC70EBF}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{7C7F55E3-86A4-49EE-B9B5-F2FB1B9CAD0D}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{7C97E8C9-5EFC-45A6-B1DF-39942B0A8037}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{7C982AE1-3677-4966-A49E-D7618218B211}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{7CB7B86C-D759-489C-92CF-85C8121E3270}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{7DD92C70-BB19-4B7E-A112-5A1088F2FB16}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{7DF7355F-65CD-4AF0-A6D3-54E22B08C044}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{7E2A69E3-6961-49C6-BF6A-05C09F087AE8}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{7F493454-1ECC-4700-A279-1E64D95926DB}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{80306883-EE57-4F8A-BBBE-A3B2CFFFF97D}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{8173A029-CEC9-4AB2-B819-7D39C3B8F041}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{81B88B61-BBCC-4574-8986-136E18FC6C9D}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{841C025C-A8F6-4389-8DAE-4E18388A737F}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{84CA8A6D-5C01-494F-9306-DB97D0801E08}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{850FF688-BC7A-4E9D-B356-7E650763783A}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{852F33CD-E74A-4C00-B507-21A373B4E13B}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{853BB06E-26A4-4EE9-BF8F-E1237F68B1EF}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{85B4F86E-5AE2-4392-BC4E-997DBD652EAF}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{86C0082A-5834-4F90-A4D9-E8EA85BA6D92}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{87C9BDB8-3D99-48C5-979B-EB9591BF4147}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{87FC5B7A-34F6-4E61-BD7E-8939094A550A}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{885953AF-752D-4439-8AAC-9759E230C472}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{8957DEC2-8ED1-4216-BE6D-020E9B626CA7}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{89EAFD95-019D-4188-8B26-4898B626F895}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{8A219117-78D4-4536-BF31-5505E6FD1752}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{8BBA4A7A-CBD8-40F6-BE2A-62FE5589AB75}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{8CADBA96-9641-4FBD-9325-9EEAF328EFF9}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{8CE0D7A3-B324-45AD-B6D8-E1C1CD363333}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{8DD739F2-7B69-4218-BAC7-E5536A5888C2}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{8ED53A75-AA61-480A-A429-560EDCD2FE7A}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{8F2B9489-5F13-412B-BF5B-2BF7DAD35286}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{905407C3-1D46-47B7-B59A-3682EFD65590}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{90F55852-7082-4C81-A6D3-FB3AB267D6BB}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{926922EE-7291-4613-8D83-FE2EFDDA68C1}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{9329A182-2C81-4FA8-970C-BD26F05EAD5F}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{93B374E9-D98F-4543-8961-A3660735BF54}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{93E02419-D95C-4F1D-9366-11DCF0A22CEC}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{9413AA2F-0E2B-4E62-8554-C82719978B07}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{942B835A-42AA-4A88-8741-C3C74A501E4E}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{95EE01A7-F1B5-4ADF-A94B-3321354E9595}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{97251A14-CAC4-4D76-AE70-65FB8759E4A4}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{97B19C85-770E-42AB-9332-4202F1BE6EBC}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{97B300C8-26B8-4AE0-8992-0DD40C927138}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{97D864DE-9BD8-4DFB-924F-634BCCB67718}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{98C90EB5-A6E7-4373-8E04-761A5BE9D25C}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{9985B059-1F47-496D-ADBB-604DCCEFD32A}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{9A4BA475-0043-4FB4-9236-B70EE14ECD60}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{9AD2FF3A-E1BD-4B4C-8BDD-ADB3F4282ECF}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{9BD7DDEB-7BDA-4FE1-B56D-54CAEE30A7CF}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{9C01FF6B-D871-46AC-92B6-C0483F056DBC}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{9C2DFDDA-E6FB-4CF9-AFD2-273F94D7CA31}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{9CEA65BA-91D8-43F8-BF66-650050847E0B}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{A03593D2-FB13-4F88-A8BF-FC11C6371A7F}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{A2FAD367-7795-4878-AC8E-DA5CCD387F4D}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{A468855A-6CE3-46C0-944A-5CEBFF10C624}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{A48B9A10-641B-4BF0-855E-9E4083443CF1}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{A50CE266-7BEA-4E79-81D2-56757F378A3E}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{A635D238-24FF-49C7-93F8-4ABAB15E2FB1}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{A83BAEBC-94E8-40F0-9F1F-DC49EC7BB1BC}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{AC236300-6C0B-4AEC-B025-D93A3E012A3D}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{ACB35791-0F4B-4F5B-82F2-918AAA9F77E3}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{ACBEAAD6-C9E0-4058-A719-F8BB29B731BD}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{AD0527DE-4B56-40EB-8BD5-AB504CE19E90}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{ADAEAFC1-F252-4767-9316-B5D8B37F12B9}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{AEB46BDA-D075-455A-A6B9-03BA81962409}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{AECB2C76-DC5D-4F8E-92BC-2E5D5829CCA5}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{B03AF500-EC6F-4859-93AE-A379A759C630}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{B1AB4813-7446-4A2A-995F-4AB01C3639FC}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{B1C9E096-4985-4ED8-9C2A-B8C160745F10}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{B22F740F-1C0D-417F-95CB-14E195F94A34}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{B336144E-BFCC-482E-BF21-9D725A1DFA42}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{B3774CA9-390E-4031-9D91-280E2D72C1F7}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{B448B87A-FA78-4669-BD3E-D12D2BB17A7B}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{B4778993-8508-480A-A61E-7AA009BA526D}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{B48AEBE7-774D-4112-84C8-085B895289DE}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{B4D4682A-4DEA-437E-B74E-E29CD6716E90}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{B4E8F143-929D-482D-AFEA-1DCC97F1BA8F}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{B63397DA-33FA-43A8-8AFF-49DF119D4EAB}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{B701C806-A7F3-4C59-8E4C-CD01F8DFEEE0}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{B9BDD830-EFCB-4EFF-BB5C-D47A44E3D2EC}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{BAA2B1F9-E869-4AAF-95C8-818E1B33C4A9}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{BB5FA60D-6193-4DBE-9228-307F47DE5F43}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{BB7550E1-3715-461A-98B6-554BC6D81476}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{BB87C38E-3DD2-4C09-A414-5DE230170E0F}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{BBE41FD4-1C2C-4B0B-9E67-4BB47D26D7B4}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{BE09DB8E-B6F8-4719-82E3-416BCB8CBEAD}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{BE0DC0DF-423B-4B00-B226-205A03CB6086}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{BF0A9355-55E5-4942-86D6-CDA835475178}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{BFA8084D-0E2F-4FEB-A137-0141E0E49A6B}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{C1BC87C5-1B6D-4590-8B4B-44502664C9A7}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{C23C6EFD-B505-4501-9972-A0EC8EE053D3}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{C4CFC970-7682-437D-BBFE-C646F03DB69D}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{C63C7E77-70AE-4D9E-9598-4199884A06D3}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{C63D7815-40CD-4013-A492-76B18EBE6704}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{C8263C00-D59F-457F-9E71-F8C364595954}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{C8826BE5-BA6E-470D-B492-129D6A3C1E75}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{C88A6BCD-A4EF-46C8-87B8-28D84171DB73}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{C8C2E1D7-9413-4D4F-B5B7-4F887AAC5EE7}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{C9853393-3FF6-4504-B1EE-DB89FA419EB2}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{CA323DDD-6EC8-4399-B9C9-E0002159BFFF}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{CB662F76-94EF-428A-9390-E2E062EC2C30}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{CC48BBB2-BCA5-4C45-A6B4-529321052FDA}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{CDE4E11D-E9C2-4219-A5F9-764E9AB035F6}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{D1BD4652-12AA-4A64-B81A-4C1D989D28EA}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{D1FD804D-000D-4F7C-9EED-7EAB42E72B47}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{D3A95797-F38B-411C-9637-C8055324E137}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{D3BD746C-6F33-4F1E-ADE4-CB4C5D6DAAFC}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{D3CBEE04-C262-44F1-BD2C-487156E7B9D3}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{D41AE815-15E1-4F85-8206-A107A4FC6F0B}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{D5435464-15E4-4C1E-9B0A-81427DEC45E4}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{D559115F-26D8-4FB5-A3EF-EFC844100E35}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{D6AB3B3A-9553-4B26-A97F-EE88FE47F692}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{D760AE14-352A-4614-91F1-9D3E8E27366B}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{D95CD11D-61A7-4F39-8CB4-BC4CE9314465}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{D993F7D0-BC0F-419B-B6F2-9D84E6B6BAC2}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{D9F65F72-11DA-4637-AC1C-81DBACDB2548}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{DA8FCC12-507F-4EC4-9841-DBA9A27235EB}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{DBD63444-E681-4F23-83FB-B4E5A78C584C}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{DCC4153E-BCB9-470F-BC39-BC218474312E}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{DED7E105-C815-4BC3-8527-2269E7D6D948}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{DEE66938-47F4-4D49-84FE-59917960061C}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{DEF6B8FA-48F7-4758-B200-D97458E551D3}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{DEFB165A-79FA-47D0-88FF-97D53A0CCC6F}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{DF2F4F52-62AF-4B13-A444-7283E975C7E8}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{E209E8A8-2A4C-468E-AE37-F4D67BFF93CA}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{E21A212F-6BE0-4C80-95CD-CB9BC6A97D01}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{E22A23B7-62F0-4360-83E2-86D92D6BED74}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{E33C96A6-14E5-4CD5-865B-216C088FFB07}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{E3B3D4D8-73D0-498D-B806-9AC30AB0AEE8}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{E5A1E53E-8D06-4A8D-A5FB-6F044870945A}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{E5C5FDF9-33C0-4A6C-ADE4-A12881EB0A18}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{E6D03896-728B-4938-8999-421B8DB7D68E}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{E9EE5F9C-9FAD-4279-B148-A5A0FD73BB4C}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{EB1B73CC-B304-40D1-BA6A-4EB6E38BAF47}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{EC7E168F-8554-4F58-98E6-96E933670796}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{EC9770A7-F97E-4A4A-AF2A-2B394546758B}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{ED462DC5-6113-45A6-BD2B-6D07787C4287}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{EE29681C-835E-40AA-A0F8-BA36741E5BCA}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{EF920143-1A80-495A-B6B1-0AB80D7FF084}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{F0BD5977-23E1-422B-8636-7AFC6869E649}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{F176AB08-671F-41E8-A4E8-043A6F8508B6}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{F2CFB7B0-A2DC-4000-BCC7-5D4581AB7004}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{F3A54382-6D38-46D2-92B1-E6769847B3F1}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{F449975D-5CB6-482A-B22E-C64EC44BED03}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{F44AACC9-CC50-4E7F-B825-8CFC7117D283}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{F49CA3C1-17D3-4FA0-8D1E-88DFCA32A546}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{F589E341-D4DE-4911-A7C8-FEE9630EC541}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{F712FDF0-2F7E-47EB-BFDF-1C840161D4D9}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{F7FB5D50-FC06-4B2D-A34F-4194F15B869E}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{F8D08069-CB27-48AA-A68C-743555B38FA4}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{F8E47195-1887-454E-9AF1-0FD70F08B736}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{F95F9308-0F7C-47A7-A43C-635BA39D9899}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{F9623AA6-B19E-4F36-917C-CCFA8D16852F}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{F987BB66-E2EB-47A4-9B24-0B167951994A}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{FA24699D-6E07-4485-94E7-13AAADF3CD51}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{FA345767-7008-416A-9F9A-56BD5EEE4831}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{FBD50ECB-FB2D-4531-86E9-E83F0827BA54}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{FC543B46-36BA-4612-BA28-7A838454908A}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{FC71F104-B68E-45FC-88D3-D2B2FA4D956E}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{FDA7F3DE-BD9F-4537-BECB-465FF5E77E0B}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{FE86238C-677E-44EA-AF44-1FA2B0F961AA}
Successfully deleted: [Empty Folder] C:\Users\Philipp\appdata\local\{FEE808EB-8F22-460D-8B98-ECEFDF79664F}

~~~ FireFox

Successfully deleted: [File] C:\Users\Philipp\AppData\Roaming\mozilla\firefox\profiles\nvf73zxj.default\extensions\toolbar_avira-v7@apn.ask.com.xpi
Emptied folder: C:\Users\Philipp\AppData\Roaming\mozilla\firefox\profiles\nvf73zxj.default\minidumps [568 files]

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 20.04.2014 at 20:54:43,91
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

First:
FRST Logfile:

FRST Logfile:

FRST Logfile:
[CODE]Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-04-2014 01
Ran by Philipp (administrator) on PHILIPP-PC on 20-04-2014 20:59:18
Running from C:\Users\Philipp\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
() C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360 Premier Edition\Engine\21.2.0.38\N360.exe
(Microsoft Corporation) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\Realtek\Audio\OSD\RtVOsd64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(Saitek) C:\Program Files (x86)\Saitek\Software\ProfilerU.exe
(Saitek) C:\Program Files (x86)\Saitek\Software\SaiMfd.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360 Premier Edition\Engine\21.2.0.38\N360.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2107176 2010-03-12] (Synaptics Incorporated)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-10-13] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6234144 2010-03-13] (Realtek Semiconductor)
HKLM\...\Run: [RtkOSD] => C:\Program Files (x86)\Realtek\Audio\OSD\RtVOsd64.exe [995840 2010-01-13] (Realtek Semiconductor Corp.)
HKLM\...\Run: [HPWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-04-05] (Hewlett-Packard)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-03-02] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1230704 2011-02-15] ()
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Profiler] => C:\Program Files (x86)\Saitek\Software\ProfilerU.exe [184320 2006-05-18] (Saitek)
HKLM-x32\...\Run: [SaiMfd] => C:\Program Files (x86)\Saitek\Software\SaiMfd.exe [180736 2006-06-05] (Saitek)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-1252622565-2587163276-2949747067-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-1252622565-2587163276-2949747067-1000\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-1252622565-2587163276-2949747067-1000\...\MountPoints2: G - G:\AutoRun.exe
HKU\S-1-5-21-1252622565-2587163276-2949747067-1000\...\MountPoints2: H - H:\Autorun.exe
HKU\S-1-5-21-1252622565-2587163276-2949747067-1000\...\MountPoints2: I - I:\Autorun.exe
HKU\S-1-5-21-1252622565-2587163276-2949747067-1000\...\MountPoints2: J - J:\Autorun.exe
HKU\S-1-5-21-1252622565-2587163276-2949747067-1000\...\MountPoints2: {3b046d47-f371-11e2-8dc7-002682b01834} - H:\AutoRun.exe
HKU\S-1-5-21-1252622565-2587163276-2949747067-1000\...\MountPoints2: {3b046d49-f371-11e2-8dc7-002682b01834} - H:\AutoRun.exe
HKU\S-1-5-21-1252622565-2587163276-2949747067-1000\...\MountPoints2: {4ab366bb-4be3-11e1-8c1c-9a93759d0506} - G:\AutoRun.exe
HKU\S-1-5-21-1252622565-2587163276-2949747067-1000\...\MountPoints2: {51ed533e-ac26-11e1-b234-002682b01834} - H:\Autorun.exe
HKU\S-1-5-21-1252622565-2587163276-2949747067-1000\...\MountPoints2: {80fccf81-84f0-11e3-a105-002682b01834} - H:\AutoRun.exe
HKU\S-1-5-21-1252622565-2587163276-2949747067-1000\...\MountPoints2: {c910a591-4be9-11e1-bcf8-002682b01834} - H:\AutoRun.exe
HKU\S-1-5-21-1252622565-2587163276-2949747067-1000\...\MountPoints2: {cb647060-6e9a-11e2-bddc-893cbdf93c12} - H:\Startme.exe
HKU\S-1-5-21-1252622565-2587163276-2949747067-1000\...\MountPoints2: {cb8f7b98-d278-11e1-99e8-bad987d704c6} - H:\Startme.exe
HKU\S-1-5-21-1252622565-2587163276-2949747067-1000\...\MountPoints2: {ce999591-4b1d-11e1-9aa7-002682b01834} - G:\AutoRun.exe
HKU\S-1-5-21-1252622565-2587163276-2949747067-1000\...\MountPoints2: {ce99959c-4b1d-11e1-9aa7-002682b01834} - H:\AutoRun.exe
HKU\S-1-5-21-1252622565-2587163276-2949747067-1000\...\MountPoints2: {d785273c-f36e-11e2-bdff-ce7aac36c501} - H:\AutoRun.exe
HKU\S-1-5-21-1252622565-2587163276-2949747067-1000\...\MountPoints2: {ec55ec98-56e3-11e1-93eb-b0e0b3edb724} - G:\Setup.exe
HKU\S-1-5-21-1252622565-2587163276-2949747067-1000\...\MountPoints2: {f80db2b5-4b22-11e1-9fbf-002682b01834} - G:\AutoRun.exe
HKU\S-1-5-21-1252622565-2587163276-2949747067-1000\...\MountPoints2: {f80db2d6-4b22-11e1-9fbf-002682b01834} - H:\AutoRun.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.a1.net/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON/1
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine64\21.2.0.38\coIEPlg.dll (Symantec Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
BHO-x32: DivX HiQ - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\21.2.0.38\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\21.2.0.38\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} - No File
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine64\21.2.0.38\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - No Name - {41564952-412D-5637-00A7-7A786E7484D7} - No File
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\21.2.0.38\coIEPlg.dll (Symantec Corporation)
DPF: HKLM-x32 {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} - No File
Tcpip\Parameters: [DhcpNameServer] 62.2.24.158 62.2.17.60 62.2.24.162 62.2.17.61

FireFox:
========
FF ProfilePath: C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\nvf73zxj.default
FF Homepage: www.austrianaviation.net
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @java.com/DTPlugin,version=10.7.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.7.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @wolfram.com/Mathematica - C:\Program Files (x86)\Common Files\Wolfram Research\Browser\8.0.4.2615434\npmathplugin.dll (Wolfram Research, Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011-02-27]
FF HKLM-x32\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa
FF Extension: DivX HiQ - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011-02-27]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2013-11-18]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\ []

Chrome:
=======
CHR HomePage:
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR Extension: (Search-NewTab) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmbmgfdlffecjkknfcphajeljoheidim [2013-02-27]
CHR Extension: (BraoWse2saeve) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbiagpabkcclfemhfaejjphknmbbeeji [2013-02-27]
CHR HKLM-x32\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx [2014-02-21]
CHR HKLM-x32\...\Chrome\Extension: [fnjbmmemklcjgepojigaapkoodmkgbae] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx [2011-02-08]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\21.2.0.38\Exts\Chrome.crx [2014-03-28]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx [2011-02-08]

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1017424 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 HPWMISVC; C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [20480 2010-01-18] ()
R2 MSSQL$SQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [43010392 2009-03-30] (Microsoft Corporation)
R2 N360; C:\Program Files (x86)\Norton 360 Premier Edition\Engine\21.2.0.38\N360.exe [265040 2014-03-12] (Symantec Corporation)
S4 SQLAgent$SQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [366936 2009-03-30] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-07] (Avira Operations GmbH & Co. KG)
R1 BHDrvx64; C:\Program Files (x86)\Norton 360 Premier Edition\NortonData\21.1.0.18\Definitions\BASHDefs\20140409.001\BHDrvx64.sys [1525976 2014-03-19] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1502000.026\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-02-14] (DT Soft Ltd)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-12-18] (Symantec Corporation)
U5 ew_hwusbdev; C:\Windows\System32\Drivers\ew_hwusbdev.sys [117248 2010-07-27] (Huawei Technologies Co., Ltd.)
R1 IDSVia64; C:\Program Files (x86)\Norton 360 Premier Edition\NortonData\21.1.0.18\Definitions\IPSDefs\20140417.001\IDSvia64.sys [525016 2014-03-26] (Symantec Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton 360 Premier Edition\NortonData\21.1.0.18\Definitions\VirusDefs\20140419.009\ENG64.SYS [126040 2014-03-28] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360 Premier Edition\NortonData\21.1.0.18\Definitions\VirusDefs\20140419.009\EX64.SYS [2099288 2014-03-28] (Symantec Corporation)
S3 RSUSBSTOR; C:\Windows\SysWOW64\Drivers\RtsUStor.sys [225280 2009-09-23] (Realtek Semiconductor Corp.)
S3 SaiH0763; C:\Windows\System32\DRIVERS\SaiH0763.sys [176640 2007-07-18] (Saitek)
S3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [53248 2006-06-08] (Saitek)
R1 SRTSP; C:\Windows\System32\Drivers\N360x64\1502000.026\SRTSP64.SYS [875736 2014-02-13] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1502000.026\SRTSPX64.SYS [36952 2013-09-10] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1502000.026\SYMDS64.SYS [493656 2013-09-10] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1502000.026\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-11-17] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1502000.026\Ironx64.SYS [264280 2013-09-27] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1502000.026\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)
U2 wuaserv;

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-04-20 20:56 - 2014-04-20 20:56 - 00000000 ____D () C:\Users\Philipp\Desktop\FRST-OlderVersion
2014-04-20 20:54 - 2014-04-20 20:54 - 00031821 _____ () C:\Users\Philipp\Desktop\JRT.txt
2014-04-20 20:44 - 2014-04-20 20:44 - 00000000 ____D () C:\Windows\ERUNT
2014-04-20 20:41 - 2014-04-20 20:41 - 00003597 _____ () C:\Users\Philipp\Desktop\AdwCleaner[S1].txt
2014-04-20 20:32 - 2014-04-20 20:33 - 00001328 _____ () C:\Users\Philipp\Desktop\mbam.txt
2014-04-20 20:28 - 2014-04-20 20:39 - 00000112 _____ () C:\Windows\setupact.log
2014-04-20 20:28 - 2014-04-20 20:28 - 00373560 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-20 20:28 - 2014-04-20 20:28 - 00000366 _____ () C:\Windows\PFRO.log
2014-04-20 20:28 - 2014-04-20 20:28 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-20 19:53 - 2014-04-20 19:53 - 01016261 _____ (Thisisu) C:\Users\Philipp\Desktop\JRT.exe
2014-04-20 19:52 - 2014-04-20 19:52 - 01308369 _____ () C:\Users\Philipp\Desktop\adwcleaner.exe
2014-04-20 19:49 - 2014-04-20 20:32 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-20 19:49 - 2014-04-20 19:49 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-20 19:49 - 2014-04-20 19:49 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-04-20 19:49 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-20 19:49 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-20 19:45 - 2014-04-20 19:45 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Philipp\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-20 16:06 - 2014-04-20 16:06 - 00094008 _____ () C:\Users\Philipp\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-20 08:41 - 2014-03-06 12:21 - 23549440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-20 08:41 - 2014-03-06 11:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-20 08:41 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-20 08:41 - 2014-03-06 11:19 - 17387008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-20 08:41 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-20 08:41 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-20 08:41 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-20 08:41 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-20 08:41 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-20 08:41 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-20 08:41 - 2014-03-06 10:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-20 08:41 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-20 08:41 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-20 08:41 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-20 08:41 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-20 08:41 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-20 08:41 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-20 08:41 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-20 08:41 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-20 08:41 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-20 08:41 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-20 08:41 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-20 08:41 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-20 08:41 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-20 08:41 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-20 08:41 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-20 08:41 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-20 08:41 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-20 08:41 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-20 08:41 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-20 08:41 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-20 08:41 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-20 08:41 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-20 08:41 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-20 08:41 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-20 08:41 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-20 08:41 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-20 08:41 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-20 08:41 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-20 08:41 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-20 08:41 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-20 08:41 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-20 08:41 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-20 08:41 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-20 08:41 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-20 08:41 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-20 08:41 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-20 08:41 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-19 16:38 - 2014-04-19 16:39 - 00038704 _____ () C:\Users\Philipp\Desktop\Addition-alt.txt
2014-04-19 16:31 - 2014-04-20 20:59 - 00019609 _____ () C:\Users\Philipp\Desktop\FRST.txt
2014-04-19 16:31 - 2014-04-19 16:39 - 00030277 _____ () C:\Users\Philipp\Desktop\FRST-alt.txt
2014-04-19 16:30 - 2014-04-20 20:59 - 00000000 ____D () C:\FRST
2014-04-19 16:29 - 2014-04-20 20:56 - 02056192 _____ (Farbar) C:\Users\Philipp\Desktop\FRST64.exe
2014-04-19 11:22 - 2014-04-20 20:45 - 00161564 _____ () C:\Windows\WindowsUpdate.log
2014-04-15 21:47 - 2014-04-15 21:47 - 00000824 _____ () C:\Users\Public\Desktop\Saitek SST Programming Software.lnk
2014-04-15 21:47 - 2014-04-15 21:47 - 00000000 ____D () C:\Program Files (x86)\Saitek
2014-04-15 21:47 - 2006-06-05 13:22 - 00196096 _____ () C:\Windows\SysWOW64\nY.exe
2014-04-15 21:47 - 2006-06-05 12:20 - 00057344 _____ (Saitek) C:\Windows\SysWOW64\SAIGON.dll
2014-04-15 21:47 - 2006-05-18 08:49 - 00045056 _____ (Saitek) C:\Windows\SysWOW64\SAIKICK.dll
2014-04-14 20:29 - 2014-04-14 20:29 - 00000000 ____D () C:\Users\Philipp\Desktop\SW Ha Up
2014-04-14 11:17 - 2014-04-19 22:08 - 00000000 ____D () C:\Users\Philipp\Desktop\Viet
2014-04-12 12:56 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-12 12:56 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-12 12:56 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-12 12:56 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-12 12:56 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-12 12:56 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-12 12:56 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-12 12:56 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-12 12:56 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-12 12:56 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-12 12:56 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-12 12:56 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-12 12:56 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-12 12:56 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-12 12:56 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-12 12:56 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-12 12:56 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-04 23:16 - 2014-04-04 23:16 - 00000000 ____D () C:\Users\Public\Documents\sun
2014-04-02 08:44 - 2014-04-02 08:44 - 00000000 ____D () C:\Windows\System32\Tasks\Norton 360
2014-03-29 20:14 - 2014-03-29 20:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified Files and Folders =======

2014-04-20 20:59 - 2014-04-19 16:31 - 00019609 _____ () C:\Users\Philipp\Desktop\FRST.txt
2014-04-20 20:59 - 2014-04-19 16:30 - 00000000 ____D () C:\FRST
2014-04-20 20:56 - 2014-04-20 20:56 - 00000000 ____D () C:\Users\Philipp\Desktop\FRST-OlderVersion
2014-04-20 20:56 - 2014-04-19 16:29 - 02056192 _____ (Farbar) C:\Users\Philipp\Desktop\FRST64.exe
2014-04-20 20:55 - 2010-05-17 03:45 - 00764980 _____ () C:\Windows\system32\perfh007.dat
2014-04-20 20:55 - 2010-05-17 03:45 - 00174178 _____ () C:\Windows\system32\perfc007.dat
2014-04-20 20:55 - 2009-07-14 07:13 - 01803894 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-20 20:54 - 2014-04-20 20:54 - 00031821 _____ () C:\Users\Philipp\Desktop\JRT.txt
2014-04-20 20:48 - 2009-07-14 06:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-20 20:48 - 2009-07-14 06:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-20 20:45 - 2014-04-19 11:22 - 00161564 _____ () C:\Windows\WindowsUpdate.log
2014-04-20 20:44 - 2014-04-20 20:44 - 00000000 ____D () C:\Windows\ERUNT
2014-04-20 20:41 - 2014-04-20 20:41 - 00003597 _____ () C:\Users\Philipp\Desktop\AdwCleaner[S1].txt
2014-04-20 20:39 - 2014-04-20 20:28 - 00000112 _____ () C:\Windows\setupact.log
2014-04-20 20:39 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-20 20:36 - 2013-09-05 21:47 - 00000000 ____D () C:\AdwCleaner
2014-04-20 20:36 - 2010-10-14 19:30 - 00000000 ____D () C:\Users\Philipp
2014-04-20 20:33 - 2014-04-20 20:32 - 00001328 _____ () C:\Users\Philipp\Desktop\mbam.txt
2014-04-20 20:32 - 2014-04-20 19:49 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-20 20:28 - 2014-04-20 20:28 - 00373560 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-20 20:28 - 2014-04-20 20:28 - 00000366 _____ () C:\Windows\PFRO.log
2014-04-20 20:28 - 2014-04-20 20:28 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-20 20:11 - 2012-03-30 08:48 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-20 19:54 - 2010-10-14 21:11 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\Skype
2014-04-20 19:53 - 2014-04-20 19:53 - 01016261 _____ (Thisisu) C:\Users\Philipp\Desktop\JRT.exe
2014-04-20 19:52 - 2014-04-20 19:52 - 01308369 _____ () C:\Users\Philipp\Desktop\adwcleaner.exe
2014-04-20 19:49 - 2014-04-20 19:49 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-20 19:49 - 2014-04-20 19:49 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-04-20 19:49 - 2012-10-22 08:11 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\Malwarebytes
2014-04-20 19:49 - 2012-10-22 08:10 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-20 19:45 - 2014-04-20 19:45 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Philipp\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-20 16:06 - 2014-04-20 16:06 - 00094008 _____ () C:\Users\Philipp\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-20 16:04 - 2012-01-31 11:11 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\Dropbox
2014-04-20 15:04 - 2010-10-14 21:00 - 00003946 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{DB96048C-19D3-4BC7-BA14-08B8EDD5EE4C}
2014-04-20 11:26 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-19 22:08 - 2014-04-14 11:17 - 00000000 ____D () C:\Users\Philipp\Desktop\Viet
2014-04-19 21:21 - 2013-01-16 23:50 - 00000000 ____D () C:\Users\Philipp\Desktop\SW
2014-04-19 16:39 - 2014-04-19 16:38 - 00038704 _____ () C:\Users\Philipp\Desktop\Addition-alt.txt
2014-04-19 16:39 - 2014-04-19 16:31 - 00030277 _____ () C:\Users\Philipp\Desktop\FRST-alt.txt
2014-04-19 13:26 - 2010-10-14 20:27 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\HpUpdate
2014-04-18 19:39 - 2013-11-16 16:10 - 00000000 ____D () C:\Users\Philipp\AppData\Local\Deployment
2014-04-18 00:48 - 2010-10-28 19:45 - 00000000 ____D () C:\Users\Philipp\AppData\Local\CrashDumps
2014-04-16 14:25 - 2012-10-23 18:08 - 00000000 ____D () C:\Users\Philipp\Documents\Flight Simulator X-Dateien
2014-04-15 22:23 - 2012-02-25 16:26 - 00000000 ____D () C:\Users\Philipp\Desktop\ATR
2014-04-15 21:47 - 2014-04-15 21:47 - 00000824 _____ () C:\Users\Public\Desktop\Saitek SST Programming Software.lnk
2014-04-15 21:47 - 2014-04-15 21:47 - 00000000 ____D () C:\Program Files (x86)\Saitek
2014-04-15 21:47 - 2010-05-16 18:11 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-04-15 17:47 - 2012-01-31 11:12 - 00000000 ___RD () C:\Users\Philipp\Dropbox
2014-04-15 11:06 - 2010-10-17 14:35 - 00000000 ____D () C:\Users\Philipp\Documents\Flight Simulator-Dateien
2014-04-14 20:29 - 2014-04-14 20:29 - 00000000 ____D () C:\Users\Philipp\Desktop\SW Ha Up
2014-04-13 22:06 - 2010-10-14 21:56 - 00000000 ____D () C:\Users\Philipp\Desktop\Fli
2014-04-12 20:50 - 2013-07-19 10:37 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-12 20:43 - 2010-11-01 09:56 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-08 21:28 - 2012-12-31 18:14 - 00094008 _____ () C:\Users\Party\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-04 23:16 - 2014-04-04 23:16 - 00000000 ____D () C:\Users\Public\Documents\sun
2014-04-03 09:51 - 2014-04-20 19:49 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-20 19:49 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2012-12-27 12:24 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-02 08:44 - 2014-04-02 08:44 - 00000000 ____D () C:\Windows\System32\Tasks\Norton 360
2014-04-02 08:38 - 2010-10-14 21:02 - 00000000 ____D () C:\Windows\system32\Drivers\N360x64
2014-04-02 08:37 - 2013-05-21 21:48 - 00003238 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2014-03-30 10:19 - 2013-06-27 11:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-29 20:15 - 2014-03-29 20:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-28 14:50 - 2014-02-28 11:58 - 00000000 ____D () C:\Users\Philipp\Desktop\Tickets

Some content of TEMP:
====================
C:\Users\Philipp\AppData\Local\Temp\avgnt.exe
C:\Users\Philipp\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpwdksq7.dll
C:\Users\Philipp\AppData\Local\Temp\Quarantine.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

Addition:FRST Additions Logfile:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-04-2014 01
Ran by Philipp at 2014-04-20 20:59:47
Running from C:\Users\Philipp\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Norton 360 Premier Edition (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton 360 Premier Edition (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton 360 Premier Edition (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}

==================== Installed Programs ======================

Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 1.5.0.7220 - Adobe Systems Inc.) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM-x32\...\{D8DFA46A-39F7-4368-810D-18AFCFDDAEAF}) (Version: 11.5.1.601 - Adobe Systems, Inc.)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.82 - WildTangent) Hidden
Airframes, Systems and Emergency Equipment (HKLM-x32\...\Airframes, Systems and Emergency Equipment1.0) (Version: 1.0 - OAAmedia)
ATI Catalyst Install Manager (HKLM\...\{C9083B9D-9092-FF22-DDCC-9776E69BE816}) (Version: 3.0.765.0 - ATI Technologies, Inc.)
ATPL AC Electrics (HKLM-x32\...\ATPL AC Electrics1.0) (Version: 1.0 - OAAmedia)
ATPL Air Law (HKLM-x32\...\ATPL Air Law1.0) (Version: 1.0 - CAE Oxford Interactive)
ATPL Aircraft Performance (HKLM-x32\...\ATPL Aircraft Performance1.0) (Version: 1.0 - OAAmedia)
ATPL Autoflight (HKLM-x32\...\ATPL Autoflight1.0) (Version: 1.0 - OAAmedia)
ATPL DC Electrics (HKLM-x32\...\ATPL DC Electrics1.0) (Version: 1.0 - OAAmedia)
ATPL Flight Instruments (HKLM-x32\...\ATPL Flight Instruments1.0) (Version: 1.0 - OAAmedia)
ATPL Flight Planning (HKLM-x32\...\ATPL Flight Planning1.0) (Version: 1.0 - OAAmedia)
ATPL Gas Turbine Engines (HKLM-x32\...\ATPL Gas Turbine Engines1.1) (Version: 1.1 - OAAmedia)
ATPL General Navigation (HKLM-x32\...\ATPL General Navigation1.0) (Version: 1.0 - OAAmedia)
ATPL Human Performance (Part 1) (HKLM-x32\...\ATPL Human Performance (Part 1)1.0) (Version: 1.0 - CAE Oxford Interactive)
ATPL Human Performance (Part 2) (HKLM-x32\...\ATPL Human Performance (Part 2)1.0) (Version: 1.0 - CAE Oxford Interactive)
ATPL Meteorology (HKLM-x32\...\ATPL Meteorology3.0) (Version: 3.0 - OAAmedia)
ATPL Operational Procedures (HKLM-x32\...\ATPL Operational Procedures1.0) (Version: 1.0 - OAAmedia)
ATPL Principles of Flight (HKLM-x32\...\ATPL Principles of Flight1.0) (Version: 1.0 - OAAmedia)
Aviator (HKLM-x32\...\{3F46D5F5-DEDE-4F4F-8AFE-1D458555C94A}) (Version: 1.0.226 - Xedatec)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
Avira SearchFree Toolbar (HKLM-x32\...\{41564952-412D-5637-00A7-A758B70C0A03}) (Version: 12.10.3.4487 - APN, LLC)
B200 King Air HD SERIES FSX/P3D (HKLM-x32\...\B200 King Air HD SERIES FSX/P3D) (Version: 1.00.00.00 - Carenado)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
Blasterball 3 (x32 Version: 2.2.0.82 - WildTangent) Hidden
bob internet (HKLM-x32\...\bob internet) (Version: 1.16.1.0 - A1 Telekom AG)
bob internet (x32 Version: 1.16.1.0 - A1 Telekom AG) Hidden
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.60.48.35 - Broadcom Corporation)
Bus Driver (x32 Version: 2.2.0.82 - WildTangent) Hidden
Cambridge- English Grammar in Use (HKLM-x32\...\Cambridge- English Grammar in Use) (Version: 100A - Clarity Language Consultants Ltd)
Canon MP Navigator EX 2.0 (HKLM-x32\...\MP Navigator EX 2.0) (Version:  - )
Canon MP540 series Benutzerregistrierung (HKLM-x32\...\Canon MP540 series Benutzerregistrierung) (Version:  - )
Canon MP540 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP540_series) (Version:  - )
Canon Utilities My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version:  - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2010.0302.2233.40412 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0302.2233.40412 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2010.0302.2233.40412 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2010.0302.2233.40412 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0302.2233.40412 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0302.2233.40412 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0302.2233.40412 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0302.2233.40412 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0302.2232.40412 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0302.2232.40412 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.0302.2232.40412 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0302.2232.40412 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0302.2232.40412 - ATI) Hidden
CCC Help English (x32 Version: 2010.0302.2232.40412 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0302.2232.40412 - ATI) Hidden
CCC Help French (x32 Version: 2010.0302.2232.40412 - ATI) Hidden
CCC Help German (x32 Version: 2010.0302.2232.40412 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0302.2232.40412 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0302.2232.40412 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0302.2232.40412 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0302.2232.40412 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0302.2232.40412 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0302.2232.40412 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0302.2232.40412 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0302.2232.40412 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0302.2232.40412 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0302.2232.40412 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0302.2232.40412 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0302.2232.40412 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0302.2232.40412 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0302.2233.40412 - Ihr Firmenname) Hidden
ccc-utility64 (Version: 2010.0302.2233.40412 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.25 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
Clarity recorder (HKLM-x32\...\Clarity recorder) (Version: 1.0 - Clarity Language Consultants Ltd)
Crewlink-Offline (HKCU\...\2a1a9d0eea0b256b) (Version: 1.2.3103.30 - SIA)
CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.1.3810 - CyberLink Corp.)
CyberLink PowerDVD 9 (x32 Version: 9.0.1.3810 - CyberLink Corp.) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.3.0297 - DT Soft Ltd)
Diamond DA40 G1000 Trainer v8.01 (HKLM-x32\...\Diamond DA40 G1000 Trainer v8.01) (Version: v8.01 - GARMIN)
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.82 - WildTangent) Hidden
DivX Setup (HKLM-x32\...\DivX Setup.divx.com) (Version: 2.4.0.6 - DivX, LLC)
Dream Chronicles (x32 Version: 2.2.0.82 - WildTangent) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 2.6.2 - Dropbox, Inc.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
EXAM (HKLM-x32\...\{35B7368A-F721-46E6-B258-EA3CC11A6924}) (Version: 10.00.0000 - Peters Software)
FATE (x32 Version: 2.2.0.82 - WildTangent) Hidden
Flight Simulator X (HKLM-x32\...\RTMshadow_{7D606567-5047-451A-B49E-29FCB6012B4E}) (Version:  - )
Flight Simulator X Service Pack 1 (HKLM-x32\...\SP1shadow_{7D606567-5047-451A-B49E-29FCB6012B4E}) (Version:  - )
GARMIN 400 Series Trainer (HKLM-x32\...\GARMIN 400 Series Trainer) (Version:  - )
GARMIN 500 Series Trainer (HKLM-x32\...\GARMIN 500 Series Trainer) (Version:  - )
Geany 1.22 (HKLM-x32\...\Geany) (Version: 1.22 - The Geany developer team)
Gem Shop (x32 Version: 2.2.0.82 - WildTangent) Hidden
GNS400W-500W Trainer (HKLM-x32\...\{C59E019B-0952-4B72-A382-68A72224F88F}) (Version:  - )
GPL Ghostscript (HKLM-x32\...\GPL Ghostscript 9.04) (Version: 9.04 - Artifex Software Inc.)
HP Customer Experience Enhancements (x32 Version: 6.0.1.4 - Hewlett-Packard) Hidden
HP Game Console (x32 Version:  - WildTangent) Hidden
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.0.80 - WildTangent)
HP Quick Launch (HKLM\...\{10F539B1-31AF-43BF-9F0C-0EB66E918922}) (Version: 1.0.18 - Hewlett-Packard)
HP Setup (HKLM-x32\...\{E2831862-F131-4327-B9CC-FA30F587EB6C}) (Version: 1.2.3988.3281 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{AF6EB833-D48A-49AC-9394-4C57489FDFF2}) (Version: 4.1.13.1 - Hewlett-Packard Company)
HP Support Assistant (x32 Version: 7.0.39.15 - Hewlett-Packard Company) Hidden
HP Update (HKLM-x32\...\{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}) (Version: 5.003.001.001 - Hewlett-Packard)
HP User Guides 0217 (HKLM-x32\...\{97F3767E-8A52-4AA6-9304-BEEFBAC04575}) (Version: 1.00.0000 - Hewlett-Packard)
HP Wireless Assistant (HKLM\...\{84FD80B9-AB11-406F-8719-09C51D18CC0C}) (Version: 4.0.6.0 - Hewlett-Packard)
Insaniquarium Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Turbo Boost Technology Driver (HKLM-x32\...\{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}) (Version: 01.01.01.1007 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
JAA ATPL Questions (HKLM-x32\...\JAA ATPL Questions1.1) (Version: 1.1 - Oxford Aviation Training)
Java 7 Update 7 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417007FF}) (Version: 7.0.70 - Oracle)
Java Auto Updater (x32 Version: 2.0.6.1 - Sun Microsystems, Inc.) Hidden
Java SE Development Kit 7 Update 7 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170070}) (Version: 1.7.0.70 - Oracle)
Java(TM) 6 Update 30 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216017FF}) (Version: 6.0.300 - Sun Microsystems, Inc.)
Java-Editor 11.21, 2012.11.06 (HKLM-x32\...\{65FBA21B-7F80-4E4E-B275-0958D2648F94}_is1) (Version:  - Gerhard Röhner)
Jewel Quest II (x32 Version: 2.2.0.82 - WildTangent) Hidden
Jewel Quest Solitaire (x32 Version: 2.2.0.82 - WildTangent) Hidden
Joe (HKLM-x32\...\{36A1E3D6-288A-4EEE-A081-30D9808B2BE3}) (Version: 3.05.0100 - Wirth New Media Sarl)
Mahjongg Artifacts (x32 Version: 2.2.0.82 - WildTangent) Hidden
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Mathematica Extras 8.0 (2615434) (HKLM\...\A-WIN-Extras 8.0.4 2615434_is1) (Version: 8.0.4 - Wolfram Research, Inc.)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Flight Simulator 2004 - Das Jahrhundert der Luftfahrt (HKLM-x32\...\Flight Simulator 9.0) (Version: 9.0 - Microsoft)
Microsoft Flight Simulator X (x32 Version: 10.0.60905 - Microsoft Game Studios) Hidden
Microsoft Flight Simulator X: Acceleration (HKLM-x32\...\FlightSim_{7D606567-5047-451A-B49E-29FCB6012B4E}) (Version: 10.0.61637.0 - Microsoft Game Studios)
Microsoft Flight Simulator X: Acceleration (x32 Version: 10.0.61637.0 - Microsoft Game Studios) Hidden
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2008 (HKLM-x32\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 (x32 Version:  - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{4AF2248C-B3DF-46FB-9596-87F5DB193689}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Common Files (x32 Version: 10.0.1600.22 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Common Files (x32 Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Services (x32 Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Shared (x32 Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Native Client (HKLM\...\{8325FD0C-2FDB-46C3-921A-3A78385EA972}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 RsFx Driver (x32 Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Microsoft SQL Server VSS Writer (HKLM\...\{28D06854-572C-4A65-83E5-F8CAF26B9FDC}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mobile Connect (HKLM-x32\...\{3EAAC5FD-E209-4856-8C49-D4EA40F85032}) (Version: 1.00.0000 - Huawei technologies)
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Mystery P.I. - The Vegas Heist (x32 Version: 2.2.0.82 - WildTangent) Hidden
Norton 360 (HKLM-x32\...\N360) (Version: 21.2.0.38 - Symantec Corporation)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
PDF24 Creator 5.4.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Penguins! (x32 Version: 2.2.0.82 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.82 - WildTangent) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.2514 - CyberLink Corp.)
PowerDirector (x32 Version: 8.0.2514 - CyberLink Corp.) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
QualityWings Ultimate 146 Collection FSX (HKLM-x32\...\QualityWings Ultimate 146 Collection FSX) (Version:  - )
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.11.1127.2009 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6066 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30105 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.2512 - CyberLink Corp.) Hidden
Saitek SST Programming Software (HKLM-x32\...\{967FB80D-56BD-42EF-A942-9E8C78F984A4}) (Version: 1.00.0000 - Saitek)
Security Task Manager 1.8d (HKLM-x32\...\Security Task Manager) (Version: 1.8d - Neuber Software)
Service Pack 1 für SQL Server 2008 (KB 968369) (HKLM-x32\...\KB968369) (Version: 10.1.2531.0 - Microsoft Corporation)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
SkyTest Swiss (HKLM-x32\...\{CF340C0F-FECA-4744-B261-9BEFD396859A}) (Version: 1.0.0 - SkyTest)
SkyTest® AB-Trainingssoftware (HKLM-x32\...\SkyTest® AB-Trainingssoftware 2.4_is1) (Version:  - SkyTest)
SkyTest® AB-Trainingssoftware (HKLM-x32\...\SkyTest® AB-Trainingssoftware 2.5_is1) (Version:  - SkyTest)
SkyTest® BU-Trainingssoftware 2.3 (HKLM-x32\...\SkyTest® BU-Trainingssoftware_is1) (Version:  - SkyTest)
Slingo Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden
Solid Edge ST3 (HKLM\...\{EA8B28A2-D84F-447E-B588-9C255F1EDC0A}) (Version: 103.00.00114 - Siemens)
Sony Ericsson Update Engine (HKLM-x32\...\Update Engine) (Version: 2.12.15.18 - Sony Ericsson Communications AB)
Sony PC Companion 2.10.155 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.155 - Sony)
Sql Server Customer Experience Improvement Program (x32 Version: 10.1.2531.0 - Microsoft Corporation) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.12.0 - Synaptics Incorporated)
Unterstützungsdateien für Microsoft SQL Server 2008-Setup  (HKLM-x32\...\{877B3198-1C6B-4A9A-8D28-BE4F6040987F}) (Version: 10.1.2531.0 - Microsoft Corporation)
VC80CRTRedist - 8.0.50727.4053 (x32 Version: 1.1.0 - DivX, Inc) Hidden
Virtual Villagers - The Secret City (x32 Version: 2.2.0.82 - WildTangent) Hidden
Wedding Dash (x32 Version: 2.2.0.82 - WildTangent) Hidden
Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
WinRAR 4.20 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Zuma Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden

==================== Restore Points  =========================

13-03-2014 19:49:01 Windows Update
22-03-2014 10:13:51 Windows Update
12-04-2014 18:40:55 Windows Update
15-04-2014 19:46:17 Installiert Saitek SST Programming Software
15-04-2014 19:48:28 Gerätetreiber-Paketinstallation: Saitek
20-04-2014 06:40:02 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2013-03-13 12:10 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {1AC9F9D7-269A-4007-ADFF-8E794ACFAE00} - System32\Tasks\{D6378C8A-2E8D-41B8-A3A2-F5F874648E7D} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.9.0.123.161/de/abandoninstall?page=tsMain
Task: {2EACF60B-EEEA-4EEE-A609-6439BE54CB4D} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-23] ()
Task: {39EC496B-07C5-4742-AA88-404DDDDB30FD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-13] (Adobe Systems Incorporated)
Task: {4312AD3D-51A9-4367-94BF-73CCCC7486F8} - System32\Tasks\{37422C63-01FF-4981-8670-C9D464273311} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.9.0.123/de/abandoninstall?page=tsMain
Task: {4DDB585C-5558-424F-8C83-F5DDD4C2294C} - System32\Tasks\{0C13D5FC-1637-462A-A99D-AE8C9AE7D8FD} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.0.0.126/de/abandoninstall?page=tsProgressBar
Task: {4ED33081-604F-4564-9FBE-B6BEF23DFAEC} - System32\Tasks\{BF80830C-3B2B-4F52-83D8-DD0B99E9083E} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.0.0.126/de/go/help.faq.installer?LastError=1618
Task: {7490D3A4-F9C1-4E88-8D63-D82F98959D7B} - System32\Tasks\{FED2943A-B262-4A95-A03B-6A9D1BE8A301} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.0.0.126/de/go/help.faq.installer?LastError=1618
Task: {76782409-A176-4176-B22C-C3019883685B} - System32\Tasks\{6BF621FE-6614-4DD8-A3AD-64CF7BEE6E52} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.0.0.126/de/abandoninstall?page=tsProgressBar
Task: {8BFE7381-2D4E-4428-8CB3-495087C65DFC} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360 Premier Edition\Engine\21.2.0.38\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {AE893695-C9CA-4EB6-A64F-5ABC1CB0FC2A} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360 Premier Edition\Engine\21.2.0.38\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {B91A75AA-3953-4E8F-A721-B5E3AEA8F3D8} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360 Premier Edition\Engine\21.2.0.38\WSCStub.exe [2014-03-12] (Symantec Corporation)
Task: {D364A291-E412-4912-B890-3EA8B972C115} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {E5F4B0EF-BAA3-4703-8DAA-9A57480CEDF6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-11-24] (Piriform Ltd)
Task: {FF098BFC-1640-417F-940F-F6A667EF0724} - System32\Tasks\Registration => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-23] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2010-01-18 15:04 - 2010-01-18 15:04 - 00020480 _____ () C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
2011-02-15 03:32 - 2011-02-15 03:32 - 01230704 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2009-10-22 12:51 - 2009-10-22 12:51 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-07-03 03:36 - 2010-07-03 03:36 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2010-04-05 12:12 - 2010-04-05 12:12 - 00267832 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll
2013-07-21 09:20 - 2013-06-20 14:48 - 00394824 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2011-02-15 03:33 - 2011-02-15 03:33 - 00096112 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2014-04-15 21:47 - 2006-05-18 08:42 - 00147456 _____ () C:\Program Files (x86)\Saitek\Software\SAICFG.dll
2014-03-29 20:14 - 2014-03-29 20:15 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupfolder: C:^Users^Philipp^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: CanonSolutionMenu => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logon
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: FreePDF Assistant => "C:\Program Files (x86)\FreePDF_XP\fpassist.exe"
MSCONFIG\startupreg: PDFPrint => C:\Program Files (x86)\pdf24\pdf24.exe

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-04-20 20:39:02.592
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\SaiBus.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-04-20 20:39:02.326
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\SaiBus.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-04-20 20:28:08.916
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\SaiBus.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-04-20 20:28:08.682
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\SaiBus.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-04-20 11:29:09.356
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\SaiBus.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-04-20 11:29:09.169
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\SaiBus.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-04-20 08:33:53.640
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\SaiBus.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-04-20 08:33:53.375
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\SaiBus.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-04-19 22:25:56.715
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\SaiBus.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-04-19 22:25:56.512
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\SaiBus.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Percentage of memory in use: 40%
Total physical RAM: 3893.86 MB
Available physical RAM: 2311.11 MB
Total Pagefile: 7785.9 MB
Available Pagefile: 5763.5 MB
Total Virtual: 8192 MB
Available Virtual: 8191.87 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:451.42 GB) (Free:292.57 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:14.04 GB) (Free:2.01 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 466 GB) (Disk ID: 5EFDADBF)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=451 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=14 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

--- --- ---

habe gerade das Programm: searchprotocolhost.exe im TaskManager kurz arbeiten sehen.... was macht das genau und ist es eventuell schädlich?

schrauber · 22.04.2014, 13:41

SearchProtocolHost.exe Windows Prozess - Was ist das?

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

Philipp11111 · 23.04.2014, 18:38

also es scheint als ob searchprotocolhost.exe ein Virus ist?

anbei die Daten von den Tests.

ESET:

ESETSmartInstaller@High as CAB hook log:
OnlineScanner64.ocx - registred OK
OnlineScanner.ocx - registred OK
# version=8
# IEXPLORE.EXE=11.00.9600.16428 (winblue_gdr.131013-1700)
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=db1fbeb55f1e54418fb4b2a5c3776633
# engine=17874
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-04-14 09:31:01
# local_time=2014-04-14 11:31:01 (+0100, Mitteleuropäische Sommerzeit)
# country="Austria"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1799 16775165 100 94 32604 262934351 25363 0
# compatibility_mode=3592 16777213 100 88 1090308 148173557 0 0
# compatibility_mode=5893 16776574 100 94 23988778 149140911 0 0
# scanned=247706
# found=2
# cleaned=0
# scan_time=26778
sh=01E3C61C29AC666D7597B577C2A8D7503AF72779 ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbiagpabkcclfemhfaejjphknmbbeeji\1\512dbc077f21e1.47744284.js.vir"
sh=495D11D74CE6E3B0DBE8F0D1DCD25E3D96F0097D ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H application" ac=I fn="C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmbmgfdlffecjkknfcphajeljoheidim\1\512dbc4ee41990.38025413.js"
# version=8
# IEXPLORE.EXE=11.00.9600.16428 (winblue_gdr.131013-1700)
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=db1fbeb55f1e54418fb4b2a5c3776633
# engine=17889
# end=stopped
# remove_checked=true
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-04-15 08:26:27
# local_time=2014-04-15 10:26:27 (+0100, Mitteleuropäische Sommerzeit)
# country="Austria"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1799 16775165 100 94 47546 263016877 40304 0
# compatibility_mode=3592 16777213 100 88 1172834 148256083 0 0
# compatibility_mode=5893 16776574 100 94 24071304 149223437 0 0
# scanned=373153
# found=38
# cleaned=34
# scan_time=47173
sh=1F69FB9BC4F314CBEC9BECEBA3F5C393006A7C57 ft=0 fh=0000000000000000 vn="a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AskToolbarInstaller-AVIRA-V7[3].7z"
sh=439A1926304C7AA1A220097112654AA0BA429C0B ft=0 fh=0000000000000000 vn="a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AskToolbarInstaller-AVIRA-V7[1].7z"
sh=A9B44B47329DFDC56F86EDA59429593DF39B5A54 ft=0 fh=0000000000000000 vn="a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AskToolbarInstaller-AVIRA-V7[2].7z"
sh=1F69FB9BC4F314CBEC9BECEBA3F5C393006A7C57 ft=0 fh=0000000000000000 vn="a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AskToolbarInstaller-AVIRA-V7[3].7z"
sh=97BCCD25561F44E9B13F05F6EEF083C9CE9BA529 ft=1 fh=641f1fb3d2e699c4 vn="Win32/Toolbar.Conduit.Y potentially unwanted application (deleted - quarantined)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\Community Alerts\Alert.dll.vir"
sh=0AB7E14045C76206A8733C6E4D36220A58C85A77 ft=1 fh=9f671b8e7a289dd3 vn="a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe"
sh=2A88FC6509FDC3B22587F6E97AC12F70E4F75DC8 ft=1 fh=86e0df17c19558fd vn="a variant of Win32/Bundled.Toolbar.Ask.E potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\APNSetup.exe"
sh=408E55A7D2D56C02EF844CA63C1EA8D440D1F8B2 ft=1 fh=cf5f3ba9cab9d1c3 vn="a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\searchhook.dll"
sh=EC5913DE16698FF281FE1F1108602BD300AFDA91 ft=1 fh=400322602d09beb6 vn="a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ServiceLocator.exe"
sh=4E3A9EF57C71B5829AC8CD185CBED27AF6610C13 ft=1 fh=83a0e01ca2b69786 vn="a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\SO.dll"
sh=698FB11D2C5D96C744D8602AD22309F10509063A ft=1 fh=c3312308a781a9fa vn="a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\toolbar.dll"
sh=0111559B94F5572B6777EBE3E85CB9F9C94BC85B ft=1 fh=76e883fd9357c7a4 vn="a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Toolbar.exe"
sh=BB237CE0031AFF6ABD4E3626D7C6AE3D6ABEDB5A ft=1 fh=2522929e49563be6 vn="a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ToolbarPS.dll"
sh=9C835C702D070F54C59E36FED31696261FEBFDA3 ft=1 fh=29643e02259e76bc vn="a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\toolbar_x64.dll"
sh=B27AA1F8303815E20CE148744957CB3726BCDE96 ft=1 fh=e7bb97c341e31fcc vn="a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\UpdateManager.exe"
sh=6CDE6B1DD298CA47510EB79334AE149F60FEFFCE ft=1 fh=0241d1e8e3e9ed03 vn="a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport.dll"
sh=84987AF48F5107F84A12BB7418C0A7A2106906B0 ft=1 fh=6e62188c597b6ea7 vn="a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Passport_x64.dll"
sh=F2CFD9E6717ED73F51E976B3957C81DD518C5603 ft=0 fh=0000000000000000 vn="a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\AskToolbarInstaller-12.10.0_AVIRA-V7.msi"
sh=01A2A84231C9B2A23F715369CEC5DA5C30F22E37 ft=0 fh=0000000000000000 vn="a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\AskToolbarInstaller-12.2.1_AVIRA-V7.msi"
sh=01EF1A2420765129D2F26E0530725B5F71D8BB96 ft=0 fh=0000000000000000 vn="a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\AskToolbarInstaller-12.2.2_AVIRA-V7.msi"
sh=F4B0FF4B42F223CF8338684906BCFFAD9AA2710E ft=0 fh=0000000000000000 vn="a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\AskToolbarInstaller-12.6.0_AVIRA-V7.msi"
sh=0AB7E14045C76206A8733C6E4D36220A58C85A77 ft=1 fh=9f671b8e7a289dd3 vn="a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\program files\AskPartnerNetwork\Toolbar\apnmcp.exe"
sh=408E55A7D2D56C02EF844CA63C1EA8D440D1F8B2 ft=1 fh=cf5f3ba9cab9d1c3 vn="a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\program files\AskPartnerNetwork\Toolbar\searchhook.dll"
sh=EC5913DE16698FF281FE1F1108602BD300AFDA91 ft=1 fh=400322602d09beb6 vn="a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\program files\AskPartnerNetwork\Toolbar\ServiceLocator.exe"
sh=4E3A9EF57C71B5829AC8CD185CBED27AF6610C13 ft=1 fh=83a0e01ca2b69786 vn="a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\program files\AskPartnerNetwork\Toolbar\SO.dll"
sh=698FB11D2C5D96C744D8602AD22309F10509063A ft=1 fh=c3312308a781a9fa vn="a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\program files\AskPartnerNetwork\Toolbar\toolbar.dll"
sh=0111559B94F5572B6777EBE3E85CB9F9C94BC85B ft=1 fh=76e883fd9357c7a4 vn="a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\program files\AskPartnerNetwork\Toolbar\Toolbar.exe"
sh=BB237CE0031AFF6ABD4E3626D7C6AE3D6ABEDB5A ft=1 fh=2522929e49563be6 vn="a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\program files\AskPartnerNetwork\Toolbar\ToolbarPS.dll"
sh=9C835C702D070F54C59E36FED31696261FEBFDA3 ft=1 fh=29643e02259e76bc vn="a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\program files\AskPartnerNetwork\Toolbar\toolbar_x64.dll"
sh=B27AA1F8303815E20CE148744957CB3726BCDE96 ft=1 fh=e7bb97c341e31fcc vn="a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\program files\AskPartnerNetwork\Toolbar\UpdateManager.exe"
sh=6CDE6B1DD298CA47510EB79334AE149F60FEFFCE ft=1 fh=0241d1e8e3e9ed03 vn="a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\program files\AskPartnerNetwork\Toolbar\{PartnerID}\Passport.dll"
sh=84987AF48F5107F84A12BB7418C0A7A2106906B0 ft=1 fh=6e62188c597b6ea7 vn="a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\program files\AskPartnerNetwork\Toolbar\{PartnerID}\Passport_x64.dll"
sh=75A9BFE798ADFBFDFA8E0155A242E69ACD396E53 ft=1 fh=7e8b040c1a60dd55 vn="a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7\Source\program files\VNT\vntldr.exe"
sh=4B553651EF610C0614F8393D6C25ABA0A8F09ECA ft=1 fh=92ef1bb072edf568 vn="a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application (deleted (after the next restart) - quarantined)" ac=C fn="C:\Program Files (x86)\Avira\AntiVir Desktop\offercast_avirav7_.exe"
sh=3B5FA247BC20BCE3FDF362C7D4E78A49C1CD56EB ft=1 fh=e0b4bd5a140dc59d vn="Win32/OpenCandy potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\Philipp\Desktop\ATR\DTLite4453-0297.exe"
sh=B0CF1C0E8610F7286F8D8ADEA3728628241630B8 ft=1 fh=cdebc04b45596b87 vn="a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Users\Philipp\Downloads\avira3737_free_antivirus_de.exe"
sh=439A1926304C7AA1A220097112654AA0BA429C0B ft=0 fh=0000000000000000 vn="a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AskToolbarInstaller-AVIRA-V7[1].7z"
sh=A9B44B47329DFDC56F86EDA59429593DF39B5A54 ft=0 fh=0000000000000000 vn="a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application (deleted - quarantined)" ac=C fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AskToolbarInstaller-AVIRA-V7[2].7z"
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=db1fbeb55f1e54418fb4b2a5c3776633
# engine=17979
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-04-23 05:10:12
# local_time=2014-04-23 07:10:12 (+0100, Mitteleuropäische Sommerzeit)
# country="Austria"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1799 16775165 100 94 96771 263696302 89533 0
# compatibility_mode=3592 16777213 100 88 254457 148935508 0 0
# compatibility_mode=5893 16776574 100 94 24750729 149902862 0 0
# scanned=386456
# found=1
# cleaned=0
# scan_time=4691
sh=CABD6AC494A80D09C261ADCC01624F7CA2C26F5E ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H application" ac=I fn="H:\01 Windows Sicherung 16.05.2013\PHILIPP-PC\Backup Set 2013-05-16 120146\Backup Files 2013-05-16 120146\Backup files 3.zip"

ein Virus wurde auf der Externen Festplatte gefunden (H) aber nicht gelöscht....

Security Check:

Results of screen317's Security Check version 0.99.82
Windows 7 Service Pack 1 x64 (UAC is disabled!)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Avira Desktop
Norton 360 Premier Edition
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Java(TM) 6 Update 30
Java-Editor 11.21, 2012.11.06
Java version out of Date!
Adobe Flash Player 12.0.0.77 Flash Player out of Date!
Adobe Reader 9 Adobe Reader out of Date!
Mozilla Firefox (28.0)
````````Process Check: objlist.exe by Laurent````````
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````

schrauber · 24.04.2014, 11:40

Zitat:

also es scheint als ob searchprotocolhost.exe ein Virus ist?

nein eben nicht, der Link zeigt dass es eine Datei von Windows ist.

Java und Adobe updaten.

Backup auf H löschen.

Frisches FRST log fehlt, und die Logs bitte in Codetags.

Philipp11111 · 24.04.2014, 16:07

anbei der Log

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-04-2014
Ran by Philipp (administrator) on PHILIPP-PC on 24-04-2014 16:59:12
Running from C:\Users\Philipp\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(Microsoft Corporation) C:\Windows\system32\WLANExt.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
() C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360 Premier Edition\Engine\21.2.0.38\N360.exe
(Microsoft Corporation) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\Realtek\Audio\OSD\RtVOsd64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Saitek) C:\Program Files (x86)\Saitek\Software\ProfilerU.exe
(Saitek) C:\Program Files (x86)\Saitek\Software\SaiMfd.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360 Premier Edition\Engine\21.2.0.38\N360.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Hewlett-Packard) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Dropbox, Inc.) C:\Users\Philipp\AppData\Roaming\Dropbox\bin\Dropbox.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2107176 2010-03-12] (Synaptics Incorporated)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-10-13] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6234144 2010-03-13] (Realtek Semiconductor)
HKLM\...\Run: [RtkOSD] => C:\Program Files (x86)\Realtek\Audio\OSD\RtVOsd64.exe [995840 2010-01-13] (Realtek Semiconductor Corp.)
HKLM\...\Run: [HPWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-04-05] (Hewlett-Packard)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-03-02] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1230704 2011-02-15] ()
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-05-10] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Profiler] => C:\Program Files (x86)\Saitek\Software\ProfilerU.exe [184320 2006-05-18] (Saitek)
HKLM-x32\...\Run: [SaiMfd] => C:\Program Files (x86)\Saitek\Software\SaiMfd.exe [180736 2006-06-05] (Saitek)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-1252622565-2587163276-2949747067-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-1252622565-2587163276-2949747067-1000\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-1252622565-2587163276-2949747067-1000\...\MountPoints2: G - G:\AutoRun.exe
HKU\S-1-5-21-1252622565-2587163276-2949747067-1000\...\MountPoints2: H - H:\Autorun.exe
HKU\S-1-5-21-1252622565-2587163276-2949747067-1000\...\MountPoints2: I - I:\Autorun.exe
HKU\S-1-5-21-1252622565-2587163276-2949747067-1000\...\MountPoints2: J - J:\Autorun.exe
HKU\S-1-5-21-1252622565-2587163276-2949747067-1000\...\MountPoints2: {3b046d47-f371-11e2-8dc7-002682b01834} - H:\AutoRun.exe
HKU\S-1-5-21-1252622565-2587163276-2949747067-1000\...\MountPoints2: {3b046d49-f371-11e2-8dc7-002682b01834} - H:\AutoRun.exe
HKU\S-1-5-21-1252622565-2587163276-2949747067-1000\...\MountPoints2: {4ab366bb-4be3-11e1-8c1c-9a93759d0506} - G:\AutoRun.exe
HKU\S-1-5-21-1252622565-2587163276-2949747067-1000\...\MountPoints2: {51ed533e-ac26-11e1-b234-002682b01834} - H:\Autorun.exe
HKU\S-1-5-21-1252622565-2587163276-2949747067-1000\...\MountPoints2: {80fccf81-84f0-11e3-a105-002682b01834} - H:\AutoRun.exe
HKU\S-1-5-21-1252622565-2587163276-2949747067-1000\...\MountPoints2: {c910a591-4be9-11e1-bcf8-002682b01834} - H:\AutoRun.exe
HKU\S-1-5-21-1252622565-2587163276-2949747067-1000\...\MountPoints2: {cb647060-6e9a-11e2-bddc-893cbdf93c12} - H:\Startme.exe
HKU\S-1-5-21-1252622565-2587163276-2949747067-1000\...\MountPoints2: {cb8f7b98-d278-11e1-99e8-bad987d704c6} - H:\Startme.exe
HKU\S-1-5-21-1252622565-2587163276-2949747067-1000\...\MountPoints2: {ce999591-4b1d-11e1-9aa7-002682b01834} - G:\AutoRun.exe
HKU\S-1-5-21-1252622565-2587163276-2949747067-1000\...\MountPoints2: {ce99959c-4b1d-11e1-9aa7-002682b01834} - H:\AutoRun.exe
HKU\S-1-5-21-1252622565-2587163276-2949747067-1000\...\MountPoints2: {d785273c-f36e-11e2-bdff-ce7aac36c501} - H:\AutoRun.exe
HKU\S-1-5-21-1252622565-2587163276-2949747067-1000\...\MountPoints2: {ec55ec98-56e3-11e1-93eb-b0e0b3edb724} - G:\Setup.exe
HKU\S-1-5-21-1252622565-2587163276-2949747067-1000\...\MountPoints2: {f80db2b5-4b22-11e1-9fbf-002682b01834} - G:\AutoRun.exe
HKU\S-1-5-21-1252622565-2587163276-2949747067-1000\...\MountPoints2: {f80db2d6-4b22-11e1-9fbf-002682b01834} - H:\AutoRun.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.a1.net/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCON/1
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine64\21.2.0.38\coIEPlg.dll (Symantec Corporation)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
BHO-x32: DivX HiQ - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\21.2.0.38\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\21.2.0.38\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-00A7-7A786E7484D7} -  No File
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine64\21.2.0.38\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - No Name - {41564952-412D-5637-00A7-7A786E7484D7} -  No File
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\21.2.0.38\coIEPlg.dll (Symantec Corporation)
DPF: HKLM-x32 {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} -  No File
Tcpip\Parameters: [DhcpNameServer] 62.2.24.158 62.2.17.60 62.2.24.162 62.2.17.61

FireFox:
========
FF ProfilePath: C:\Users\Philipp\AppData\Roaming\Mozilla\Firefox\Profiles\nvf73zxj.default
FF Homepage: www.austrianaviation.net
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @java.com/DTPlugin,version=10.7.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.7.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @wolfram.com/Mathematica - C:\Program Files (x86)\Common Files\Wolfram Research\Browser\8.0.4.2615434\npmathplugin.dll (Wolfram Research, Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video
FF Extension: DivX Plus Web Player HTML5 &lt;video&gt; - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011-02-27]
FF HKLM-x32\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa
FF Extension: DivX HiQ - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011-02-27]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2013-11-18]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\ []

Chrome: 
=======
CHR HomePage: 
CHR RestoreOnStartup: "hxxp://www.google.com"
CHR Extension: (Search-NewTab) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmbmgfdlffecjkknfcphajeljoheidim [2013-02-27]
CHR Extension: (BraoWse2saeve) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbiagpabkcclfemhfaejjphknmbbeeji [2013-02-27]
CHR HKLM-x32\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx [2014-02-21]
CHR HKLM-x32\...\Chrome\Extension: [fnjbmmemklcjgepojigaapkoodmkgbae] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx [2011-02-08]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\21.2.0.38\Exts\Chrome.crx [2014-03-28]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx [2011-02-08]

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [1017424 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 HPWMISVC; C:\Program Files\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [20480 2010-01-18] ()
R2 MSSQL$SQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [43010392 2009-03-30] (Microsoft Corporation)
R2 N360; C:\Program Files (x86)\Norton 360 Premier Edition\Engine\21.2.0.38\N360.exe [265040 2014-03-12] (Symantec Corporation)
S4 SQLAgent$SQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [366936 2009-03-30] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-17] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-07] (Avira Operations GmbH & Co. KG)
R1 BHDrvx64; C:\Program Files (x86)\Norton 360 Premier Edition\NortonData\21.1.0.18\Definitions\BASHDefs\20140409.001\BHDrvx64.sys [1525976 2014-03-19] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1502000.026\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-02-14] (DT Soft Ltd)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2013-12-18] (Symantec Corporation)
U5 ew_hwusbdev; C:\Windows\System32\Drivers\ew_hwusbdev.sys [117248 2010-07-27] (Huawei Technologies Co., Ltd.)
R1 IDSVia64; C:\Program Files (x86)\Norton 360 Premier Edition\NortonData\21.1.0.18\Definitions\IPSDefs\20140422.001\IDSvia64.sys [525016 2014-03-26] (Symantec Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton 360 Premier Edition\NortonData\21.1.0.18\Definitions\VirusDefs\20140422.033\ENG64.SYS [126040 2014-04-22] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360 Premier Edition\NortonData\21.1.0.18\Definitions\VirusDefs\20140422.033\EX64.SYS [2099288 2014-04-22] (Symantec Corporation)
S3 RSUSBSTOR; C:\Windows\SysWOW64\Drivers\RtsUStor.sys [225280 2009-09-23] (Realtek Semiconductor Corp.)
S3 SaiH0763; C:\Windows\System32\DRIVERS\SaiH0763.sys [176640 2007-07-18] (Saitek)
S3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [53248 2006-06-08] (Saitek)
R1 SRTSP; C:\Windows\System32\Drivers\N360x64\1502000.026\SRTSP64.SYS [875736 2014-02-13] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1502000.026\SRTSPX64.SYS [36952 2013-09-10] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1502000.026\SYMDS64.SYS [493656 2013-09-10] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1502000.026\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-11-17] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1502000.026\Ironx64.SYS [264280 2013-09-27] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1502000.026\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)
U2 wuaserv; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-24 16:58 - 2014-04-24 16:59 - 00019652 _____ () C:\Users\Philipp\Desktop\FRST.txt
2014-04-24 16:57 - 2014-04-24 16:58 - 00038615 _____ () C:\Users\Philipp\Desktop\Addition.txt
2014-04-24 16:48 - 2014-04-24 16:48 - 00094008 _____ () C:\Users\Philipp\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-24 16:46 - 2014-04-24 16:47 - 00000168 _____ () C:\Windows\setupact.log
2014-04-24 16:46 - 2014-04-24 16:46 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-24 16:45 - 2014-04-24 16:46 - 00373560 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-24 16:45 - 2014-04-24 16:45 - 00000834 _____ () C:\Windows\PFRO.log
2014-04-23 19:29 - 2014-04-23 19:29 - 00855379 _____ () C:\Users\Philipp\Desktop\SecurityCheck.exe
2014-04-23 05:04 - 2014-04-23 05:04 - 00000000 ____D () C:\Users\dub_cm_auto
2014-04-22 17:49 - 2014-04-22 17:49 - 02347384 _____ (ESET) C:\Users\Philipp\Downloads\esetsmartinstaller_enu.exe
2014-04-21 20:32 - 2014-04-21 20:32 - 00000000 __SHD () C:\Users\Philipp\AppData\Local\EmieUserList
2014-04-21 20:32 - 2014-04-21 20:32 - 00000000 __SHD () C:\Users\Philipp\AppData\Local\EmieSiteList
2014-04-21 16:38 - 2014-04-21 16:38 - 01146880 _____ (Farbar) C:\Users\Philipp\Downloads\frst.exe
2014-04-20 20:56 - 2014-04-24 16:56 - 00000000 ____D () C:\Users\Philipp\Desktop\FRST-OlderVersion
2014-04-20 20:44 - 2014-04-20 20:44 - 00000000 ____D () C:\Windows\ERUNT
2014-04-20 19:53 - 2014-04-20 19:53 - 01016261 _____ (Thisisu) C:\Users\Philipp\Desktop\JRT.exe
2014-04-20 19:52 - 2014-04-20 19:52 - 01308369 _____ () C:\Users\Philipp\Desktop\adwcleaner.exe
2014-04-20 19:49 - 2014-04-21 13:58 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-20 19:49 - 2014-04-20 19:49 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-20 19:49 - 2014-04-20 19:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-04-20 19:49 - 2014-04-20 19:49 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-20 19:49 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-20 19:49 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-20 19:45 - 2014-04-20 19:45 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Philipp\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-20 08:41 - 2014-03-06 12:21 - 23549440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-20 08:41 - 2014-03-06 11:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-20 08:41 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-20 08:41 - 2014-03-06 11:19 - 17387008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-20 08:41 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-20 08:41 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-20 08:41 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-20 08:41 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-20 08:41 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-20 08:41 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-20 08:41 - 2014-03-06 10:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-20 08:41 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-20 08:41 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-20 08:41 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-20 08:41 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-20 08:41 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-20 08:41 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-20 08:41 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-20 08:41 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-20 08:41 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-20 08:41 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-20 08:41 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-20 08:41 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-20 08:41 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-20 08:41 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-20 08:41 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-20 08:41 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-20 08:41 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-20 08:41 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-20 08:41 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-20 08:41 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-20 08:41 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-20 08:41 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-20 08:41 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-20 08:41 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-20 08:41 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-20 08:41 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-20 08:41 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-20 08:41 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-20 08:41 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-20 08:41 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-20 08:41 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-20 08:41 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-20 08:41 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-20 08:41 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-20 08:41 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-20 08:41 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-20 08:41 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-19 16:30 - 2014-04-24 16:59 - 00000000 ____D () C:\FRST
2014-04-19 16:29 - 2014-04-24 16:56 - 02061824 _____ (Farbar) C:\Users\Philipp\Desktop\FRST64.exe
2014-04-19 11:22 - 2014-04-24 16:52 - 00281335 _____ () C:\Windows\WindowsUpdate.log
2014-04-15 21:47 - 2014-04-15 21:47 - 00000824 _____ () C:\Users\Public\Desktop\Saitek SST Programming Software.lnk
2014-04-15 21:47 - 2014-04-15 21:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Saitek Programming Software
2014-04-15 21:47 - 2014-04-15 21:47 - 00000000 ____D () C:\Program Files (x86)\Saitek
2014-04-15 21:47 - 2006-06-05 13:22 - 00196096 _____ () C:\Windows\SysWOW64\nY.exe
2014-04-15 21:47 - 2006-06-05 12:20 - 00057344 _____ (Saitek) C:\Windows\SysWOW64\SAIGON.dll
2014-04-15 21:47 - 2006-05-18 08:49 - 00045056 _____ (Saitek) C:\Windows\SysWOW64\SAIKICK.dll
2014-04-14 20:29 - 2014-04-14 20:29 - 00000000 ____D () C:\Users\Philipp\Desktop\SW Ha Up
2014-04-14 11:17 - 2014-04-19 22:08 - 00000000 ____D () C:\Users\Philipp\Desktop\Viet
2014-04-12 12:56 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-12 12:56 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-12 12:56 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-12 12:56 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-12 12:56 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-12 12:56 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-12 12:56 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-12 12:56 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-12 12:56 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-12 12:56 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-12 12:56 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-12 12:56 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-12 12:56 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-12 12:56 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-12 12:56 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-12 12:56 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-12 12:56 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-04 23:16 - 2014-04-04 23:16 - 00000000 ____D () C:\Users\Public\Documents\sun
2014-04-02 08:44 - 2014-04-02 08:44 - 00000000 ____D () C:\Windows\System32\Tasks\Norton 360
2014-03-29 20:14 - 2014-03-29 20:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified Files and Folders =======

2014-04-24 16:59 - 2014-04-24 16:58 - 00019652 _____ () C:\Users\Philipp\Desktop\FRST.txt
2014-04-24 16:59 - 2014-04-19 16:30 - 00000000 ____D () C:\FRST
2014-04-24 16:58 - 2014-04-24 16:57 - 00038615 _____ () C:\Users\Philipp\Desktop\Addition.txt
2014-04-24 16:56 - 2014-04-20 20:56 - 00000000 ____D () C:\Users\Philipp\Desktop\FRST-OlderVersion
2014-04-24 16:56 - 2014-04-19 16:29 - 02061824 _____ (Farbar) C:\Users\Philipp\Desktop\FRST64.exe
2014-04-24 16:54 - 2010-05-17 03:45 - 00764980 _____ () C:\Windows\system32\perfh007.dat
2014-04-24 16:54 - 2010-05-17 03:45 - 00174178 _____ () C:\Windows\system32\perfc007.dat
2014-04-24 16:54 - 2009-07-14 07:13 - 01803894 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-24 16:54 - 2009-07-14 06:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-24 16:54 - 2009-07-14 06:45 - 00023248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-24 16:53 - 2012-01-31 11:12 - 00000000 ___RD () C:\Users\Philipp\Dropbox
2014-04-24 16:53 - 2012-01-31 11:11 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\Dropbox
2014-04-24 16:52 - 2014-04-19 11:22 - 00281335 _____ () C:\Windows\WindowsUpdate.log
2014-04-24 16:50 - 2010-10-14 21:00 - 00003946 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{DB96048C-19D3-4BC7-BA14-08B8EDD5EE4C}
2014-04-24 16:48 - 2014-04-24 16:48 - 00094008 _____ () C:\Users\Philipp\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-24 16:47 - 2014-04-24 16:46 - 00000168 _____ () C:\Windows\setupact.log
2014-04-24 16:46 - 2014-04-24 16:46 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-24 16:46 - 2014-04-24 16:45 - 00373560 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-24 16:46 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-24 16:45 - 2014-04-24 16:45 - 00000834 _____ () C:\Windows\PFRO.log
2014-04-23 20:29 - 2010-10-14 21:11 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\Skype
2014-04-23 20:11 - 2012-03-30 08:48 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-23 19:29 - 2014-04-23 19:29 - 00855379 _____ () C:\Users\Philipp\Desktop\SecurityCheck.exe
2014-04-23 05:04 - 2014-04-23 05:04 - 00000000 ____D () C:\Users\dub_cm_auto
2014-04-22 17:49 - 2014-04-22 17:49 - 02347384 _____ (ESET) C:\Users\Philipp\Downloads\esetsmartinstaller_enu.exe
2014-04-21 20:32 - 2014-04-21 20:32 - 00000000 __SHD () C:\Users\Philipp\AppData\Local\EmieUserList
2014-04-21 20:32 - 2014-04-21 20:32 - 00000000 __SHD () C:\Users\Philipp\AppData\Local\EmieSiteList
2014-04-21 17:43 - 2012-10-23 18:08 - 00000000 ____D () C:\Users\Philipp\Documents\Flight Simulator X-Dateien
2014-04-21 16:38 - 2014-04-21 16:38 - 01146880 _____ (Farbar) C:\Users\Philipp\Downloads\frst.exe
2014-04-21 13:58 - 2014-04-20 19:49 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-20 20:44 - 2014-04-20 20:44 - 00000000 ____D () C:\Windows\ERUNT
2014-04-20 20:36 - 2013-09-05 21:47 - 00000000 ____D () C:\AdwCleaner
2014-04-20 20:36 - 2010-10-14 19:30 - 00000000 ____D () C:\Users\Philipp
2014-04-20 19:53 - 2014-04-20 19:53 - 01016261 _____ (Thisisu) C:\Users\Philipp\Desktop\JRT.exe
2014-04-20 19:52 - 2014-04-20 19:52 - 01308369 _____ () C:\Users\Philipp\Desktop\adwcleaner.exe
2014-04-20 19:49 - 2014-04-20 19:49 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-20 19:49 - 2014-04-20 19:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-04-20 19:49 - 2014-04-20 19:49 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-20 19:49 - 2012-10-22 08:11 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\Malwarebytes
2014-04-20 19:49 - 2012-10-22 08:10 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-20 19:45 - 2014-04-20 19:45 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Philipp\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-20 11:26 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-19 22:08 - 2014-04-14 11:17 - 00000000 ____D () C:\Users\Philipp\Desktop\Viet
2014-04-19 21:21 - 2013-01-16 23:50 - 00000000 ____D () C:\Users\Philipp\Desktop\SW
2014-04-19 13:26 - 2010-10-14 20:27 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\HpUpdate
2014-04-18 19:39 - 2013-11-16 16:10 - 00000000 ____D () C:\Users\Philipp\AppData\Local\Deployment
2014-04-18 00:48 - 2010-10-28 19:45 - 00000000 ____D () C:\Users\Philipp\AppData\Local\CrashDumps
2014-04-15 22:23 - 2012-02-25 16:26 - 00000000 ____D () C:\Users\Philipp\Desktop\ATR
2014-04-15 21:47 - 2014-04-15 21:47 - 00000824 _____ () C:\Users\Public\Desktop\Saitek SST Programming Software.lnk
2014-04-15 21:47 - 2014-04-15 21:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Saitek Programming Software
2014-04-15 21:47 - 2014-04-15 21:47 - 00000000 ____D () C:\Program Files (x86)\Saitek
2014-04-15 21:47 - 2010-05-16 18:11 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-04-15 11:06 - 2010-10-17 14:35 - 00000000 ____D () C:\Users\Philipp\Documents\Flight Simulator-Dateien
2014-04-14 20:29 - 2014-04-14 20:29 - 00000000 ____D () C:\Users\Philipp\Desktop\SW Ha Up
2014-04-13 22:06 - 2010-10-14 21:56 - 00000000 ____D () C:\Users\Philipp\Desktop\Fli
2014-04-12 20:50 - 2013-07-19 10:37 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-12 20:43 - 2010-11-01 09:56 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-08 21:28 - 2012-12-31 18:14 - 00094008 _____ () C:\Users\Party\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-04 23:16 - 2014-04-04 23:16 - 00000000 ____D () C:\Users\Public\Documents\sun
2014-04-03 09:51 - 2014-04-20 19:49 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-20 19:49 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2012-12-27 12:24 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-02 08:44 - 2014-04-02 08:44 - 00000000 ____D () C:\Windows\System32\Tasks\Norton 360
2014-04-02 08:38 - 2010-10-14 21:02 - 00000000 ____D () C:\Windows\system32\Drivers\N360x64
2014-04-02 08:37 - 2013-11-18 09:40 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360 Premier Edition
2014-04-02 08:37 - 2013-05-21 21:48 - 00003238 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2014-03-30 10:19 - 2013-06-27 11:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-29 20:15 - 2014-03-29 20:14 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-28 14:50 - 2014-02-28 11:58 - 00000000 ____D () C:\Users\Philipp\Desktop\Tickets

Some content of TEMP:
====================
C:\Users\Philipp\AppData\Local\Temp\avgnt.exe
C:\Users\Philipp\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpcvct1d.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-07-15 18:51

==================== End Of Log ============================

--- --- ---

schrauber · 25.04.2014, 09:27

Rechner ist sauber, noch Probleme?

Philipp11111 · 25.04.2014, 16:03

schaut gut aus, vielen Dank!

LG

schrauber · 26.04.2014, 08:24

Gern Geschehen

25.04.2014, 09:27	#11
schrauber /// the machine /// TB-Ausbilder	facebook account gehacked Rechner ist sauber, noch Probleme? __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

26.04.2014, 08:24	#13
schrauber /// the machine /// TB-Ausbilder	facebook account gehacked Gern Geschehen __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

facebook account gehacked

Plagegeister aller Art und deren Bekämpfung: facebook account gehacked