Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Windows Sicherheitscenter kann wieder nicht mehr aktiviert werden

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

Antwort
Alt 28.11.2013, 16:54   #1
jola58
 
Windows Sicherheitscenter kann wieder nicht mehr aktiviert werden - Standard

Windows Sicherheitscenter kann wieder nicht mehr aktiviert werden



Seit gestern kann ich das Windows-Sicherheitscenter wieder nicht mehr aktivieren. Vor zwei Monaten hatte ich schon mal das Problem mit dem Virus ihavnet.

Hier meine Log-Files:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-11-2013 01
Ran by Savitri (administrator) on SAVITRI-PC on 28-11-2013 15:28:01
Running from C:\Users\Savitri\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files (x86)\MAGIX\PC_Check_Tuning_Free_2011\MxTray.exe
(CyberLink Corp.) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Brio) C:\Program Files\FolderSize\FolderSizeSvc.exe
(hMailServer) C:\Program Files (x86)\hMailServer\Bin\hMailServer.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
() C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\PAC7311\Monitor.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(brother) C:\Program Files (x86)\Brownie\BrStsW64.exe
(brother) C:\Program Files (x86)\Brownie\brpjp04a.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(D-Link Corp.) C:\Program Files (x86)\D-Link\DWA-140 revB\AirNCFG.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Lavasoft) C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
(Lavasoft) C:\ProgramData\Search Protection\SearchProtection.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.0.4555.0\AdAwareService.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.0.4555.0\AdAwareTray.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SmartMenu] - C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [610360 2009-07-08] ()
HKLM\...\Run: [Monitor] - C:\Windows\PixArt\PAC7311\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM\...\Run: [] - [x]
HKLM\...\Run: [AdAwareTray] - C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.0.4555.0\AdAwareTray.exe [2493272 2013-10-18] ()
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2013-11-19] (Hewlett-Packard)
HKCU\...\Run: [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2009-05-18] (Hewlett-Packard Company)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20549280 2013-10-21] (Skype Technologies S.A.)
HKCU\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-09-15] (Apple Inc.)
MountPoints2: {386d42ea-0f67-11df-8452-90e6ba1d5ef9} - K:\LaunchU3.exe -a
HKLM-x32\...\Run: [hpsysdrv] - C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-05-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Easybits Recovery] - C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [60464 2009-06-22] (EasyBits Software AS)
HKLM-x32\...\Run: [UpdatePRCShortCut] - C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [BrStsWnd] - C:\Program Files (x86)\Brownie\BrStsW64.exe [963072 2008-01-08] (brother)
HKLM-x32\...\Run: [avast5] - "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
HKLM-x32\...\Run: [UpdatePDRShortCut] - C:\Program Files (x86)\Cyberlink\PowerDirector\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [TkBellExe] - C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [273528 2011-10-27] (RealNetworks, Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [D-Link D-Link DWA-140] - C:\Program Files (x86)\D-Link\DWA-140 revB\AirNCFG.exe [1074496 2011-06-29] (D-Link Corp.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3568312 2013-11-27] (AVAST Software)
HKLM-x32\...\Run: [Ad-Aware Browsing Protection] - C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [559696 2013-09-27] (Lavasoft)
HKLM-x32\...\Run: [Search Protection] - C:\ProgramData\Search Protection\SearchProtection.exe [943016 2013-06-13] (Lavasoft)
HKU\Default\...\Run: [HPADVISOR] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1668664 2009-07-15] (Hewlett-Packard)
HKU\Default User\...\Run: [HPADVISOR] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1668664 2009-07-15] (Hewlett-Packard)
Startup: C:\Users\Savitri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office Outlook 2007.lnk
ShortcutTarget: Microsoft Office Outlook 2007.lnk -> C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://securedsearch2.lavasoft.com/index.php?pr=vmn&id=adawaretb&v=3_7&idate=2013-11-27&ent=hp&u=A0D6B18556A0B3306C9C4852961988ED
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=de_CH&c=94&bd=Pavilion&pf=cndt
SearchScopes: HKLM - DefaultScope {71398C2C-687B-4CD9-8A25-501D138F73E6} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1452&query={searchTerms}&invocationType=tb50hpcndtie7-de-ch
SearchScopes: HKLM - {71398C2C-687B-4CD9-8A25-501D138F73E6} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1452&query={searchTerms}&invocationType=tb50hpcndtie7-de-ch
SearchScopes: HKLM-x32 - {71398C2C-687B-4CD9-8A25-501D138F73E6} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1452&query={searchTerms}&invocationType=tb50hpcndtie7-de-ch
SearchScopes: HKCU - DefaultScope {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://securedsearch2.lavasoft.com/results.php?pr=vmn&id=adawaretb&v=3_7&idate=2013-11-27&hsimp=yhs-lavasoft&ent=ch&q={searchTerms}
SearchScopes: HKCU - {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://securedsearch2.lavasoft.com/results.php?pr=vmn&id=adawaretb&v=3_7&idate=2013-11-27&hsimp=yhs-lavasoft&ent=ch&q={searchTerms}
SearchScopes: HKCU - {71398C2C-687B-4CD9-8A25-501D138F73E6} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1452&query={searchTerms}&invocationType=tb50hpcndtie7-de-ch
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Ad-Aware Security Add-on - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx64.dll ()
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Ad-Aware Security Add-on - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx.dll ()
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - Ad-Aware Security Add-on - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx64.dll ()
Toolbar: HKLM-x32 - No Name - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} -  No File
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM-x32 - Ad-Aware Security Add-on - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx.dll ()
Toolbar: HKCU - No Name - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} -  No File
DPF: HKLM-x32 {4FF78044-96B4-4312-A5B7-FDA3CB328095} 
DPF: HKLM-x32 {5C051655-FCD5-4969-9182-770EA5AA5565} hxxp://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455} 
DPF: HKLM-x32 {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} -  No File
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52272 2009-09-11] (EasyBits Software Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Savitri\AppData\Roaming\Mozilla\Firefox\Profiles\psydjhqg.Savitri
FF DefaultSearchEngine: SecureSearch
FF SelectedSearchEngine: SecureSearch
FF Homepage: hxxp://securedsearch2.lavasoft.com/index.php?pr=vmn&id=adawaretb&v=3_7&idate=2013-11-27&ent=hp&u=A0D6B18556A0B3306C9C4852961988ED
FF Keyword.URL: hxxp://securedsearch2.lavasoft.com/results.php?pr=vmn&id=adawaretb&v=3_7&idate=__installtime__&hsimp=yhs-lavasoft&ent=bs&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @java.com/DTPlugin,version=10.17.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=12.0.1.669 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=12.0.1.669 - c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=12.0.1.669 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=12.0.1.669 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=12.0.1.669 - c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @movenetworks.com/Quantum Media Player - C:\Users\Savitri\AppData\Roaming\Move Networks\plugins\071802000001\npqmp071802000001.dll (Move Networks)
FF SearchPlugin: C:\Users\Savitri\AppData\Roaming\Mozilla\Firefox\Profiles\psydjhqg.Savitri\searchplugins\safeguard-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\foxsearch.src
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\adawaretb.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\Savitri\AppData\Roaming\Mozilla\Firefox\Profiles\psydjhqg.Savitri\Extensions\staged
FF Extension: Ad-Aware Security Add-on - C:\Users\Savitri\AppData\Roaming\Mozilla\Firefox\Profiles\psydjhqg.Savitri\Extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c}
FF Extension: WOT - C:\Users\Savitri\AppData\Roaming\Mozilla\Firefox\Profiles\psydjhqg.Savitri\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF Extension: noscript - C:\Users\Savitri\AppData\Roaming\Mozilla\Firefox\Profiles\psydjhqg.Savitri\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: defaults - C:\Users\Savitri\AppData\Roaming\Mozilla\Firefox\Profiles\psydjhqg.Savitri\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi
FF Extension: Adblock Plus - C:\Users\Savitri\AppData\Roaming\Mozilla\Firefox\Profiles\psydjhqg.Savitri\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF

Chrome: 
=======
CHR HomePage: 	"homepage":	"hxxp://securedsearch2.lavasoft.com/index.php?pr=vmn&id=adawaretb&v=3_7&idate=2013-11-27&ent=hp&u=A0D6B18556A0B3306C9C4852961988ED",
CHR RestoreOnStartup: "hxxp://securedsearch2.lavasoft.com/index.php?pr=vmn&id=adawaretb&v=3_7&idate=2013-11-27&ent=hp&u=A0D6B18556A0B3306C9C4852961988ED"
CHR DefaultSearchURL: (		"name":	"AVG Secure Search",) - 		"search_url":	"hxxp://mysearch.avg.com/search?cid={63266DDC-7A42-4316-ACBE-38235F8DEE96}&mid=1c8891b81c7f47d38c5741affcf9b70a-a0c0374748ecb84be9e135bcee296be67896a3dd&lang=de&ds=ub011&coid=avgtbdisub&pr=sa&d=2013-10-01 08:47:00&v=17.0.0.10&pid=safeguard&sg=0&sap=dsp&q={searchTerms}",
CHR DefaultSuggestURL: (		"name":	"AVG Secure Search",) - 		"suggest_url":	"hxxp://toolbar.avg.com/acp?q={searchTerms}&o=1"
CHR HKLM-x32\...\Chrome\Extension: [oejkcgajlodefenbbjdnaiahmbnnoole] - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\chrome-newtab-search.crx

==================== Services (Whitelisted) =================

S2 Apache2.4; C:\xampp\apache\bin\httpd.exe [22016 2012-08-18] (Apache Software Foundation)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-11-27] (AVAST Software)
S2 D_Link_DWA-140_WPS; C:\Program Files (x86)\D-Link\DWA-140 revB\ANIWConnService.exe [53248 2010-07-12] ()
R2 FolderSize; C:\Program Files\FolderSize\FolderSizeSvc.exe [167936 2010-04-05] (Brio)
R2 hMailServer; C:\Program Files (x86)\hMailServer\Bin\hMailServer.exe [5395968 2010-06-07] (hMailServer)
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.0.4555.0\AdAwareService.exe [517344 2013-10-18] ()
S2 MAGIX StartUp Analyze Service; C:\Program Files (x86)\MAGIX\PC_Check_Tuning_Free_2011\MXSAS.exe [186368 2010-11-04] (MAGIX AG)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 RichVideo; C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe [247152 2009-04-17] ()
S3 Boonty Games; "C:\Program Files (x86)\Common Files\BOONTY Shared\Service\Boonty.exe" [x]
R2 ezSharedSvc; C:\Windows\System32\ezsvc7.dll [x]

==================== Drivers (Whitelisted) ====================

R1 anodlwf; C:\Windows\System32\DRIVERS\anodlwfx.sys [15872 2011-02-21] ()
R2 aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [38984 2013-11-27] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [84328 2013-11-27] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-11-27] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-11-27] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1032416 2013-11-27] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [409832 2013-11-27] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2013-11-27] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [205320 2013-11-27] ()
R3 gzflt; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\2.6.0.0\gzflt.sys [138232 2013-07-17] (BitDefender LLC)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [104912 2007-11-07] (EZB Systems, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 netr28ux; C:\Windows\System32\DRIVERS\Dnetr28ux.sys [1617472 2011-04-28] (Ralink Technology Corp.)
S3 PAC7311; C:\Windows\System32\DRIVERS\PA707UCM.SYS [602112 2006-11-08] (PixArt Imaging Inc.)
R3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [329800 2013-07-17] (BitDefender S.R.L.)
S3 ATIXPGAA; \??\C:\Program Files\PC-Doctor for Windows\ATIXPGAA.SYS [x]
R3 cpuz132; \??\C:\Users\Savitri\AppData\Local\Temp\cpuz132\cpuz132_x64.sys [x]
U3 DfSdkS; 
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-11-28 15:28 - 2013-11-28 15:29 - 00022408 _____ C:\Users\Savitri\Desktop\FRST.txt
2013-11-28 15:27 - 2013-11-28 15:27 - 00000000 ____D C:\FRST
2013-11-28 15:26 - 2013-11-28 15:26 - 01958850 _____ (Farbar) C:\Users\Savitri\Desktop\FRST64.exe
2013-11-28 15:26 - 2013-11-28 15:26 - 00000476 _____ C:\Users\Savitri\Desktop\defogger_disable.log
2013-11-28 15:26 - 2013-11-28 15:26 - 00000000 _____ C:\Users\Savitri\defogger_reenable
2013-11-28 15:24 - 2013-11-28 15:24 - 00050477 _____ C:\Users\Savitri\Desktop\Defogger.exe
2013-11-28 07:32 - 2013-11-28 07:32 - 04101441 _____ C:\Users\Savitri\Downloads\tdsskiller(1).zip
2013-11-28 07:28 - 2013-11-28 07:28 - 04101441 _____ C:\Users\Savitri\Downloads\tdsskiller.zip
2013-11-28 07:24 - 2013-11-28 07:23 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Savitri\Desktop\tdsskiller.exe
2013-11-28 07:23 - 2013-11-28 07:23 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Savitri\Downloads\tdsskiller.exe
2013-11-27 22:05 - 2013-11-27 22:05 - 00150950 _____ C:\Users\Savitri\Desktop\Extras.Txt
2013-11-27 22:03 - 2013-11-28 07:18 - 00167264 _____ C:\Users\Savitri\Desktop\OTL.Txt
2013-11-27 21:47 - 2013-11-27 21:47 - 00602112 _____ (OldTimer Tools) C:\Users\Savitri\Desktop\OTL.exe
2013-11-27 21:38 - 2013-11-27 21:38 - 02347384 _____ (ESET) C:\Users\Savitri\Downloads\esetsmartinstaller_enu.exe
2013-11-27 21:33 - 2013-11-27 21:33 - 00000017 _____ C:\ProgramData\adaware-installer-reboot-required.tmp
2013-11-27 18:59 - 2013-11-27 18:59 - 00001071 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-11-27 18:59 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-11-27 18:55 - 2013-11-27 18:55 - 00000000 ____D C:\Users\Savitri\AppData\Roaming\LavasoftStatistics
2013-11-27 17:19 - 2013-11-27 17:19 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Savitri\Downloads\mbam-setup-1.75.0.1300.exe
2013-11-27 17:12 - 2013-11-27 17:12 - 00001289 _____ C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2013-11-27 17:11 - 2013-11-27 17:11 - 00000000 ____D C:\Users\Savitri\AppData\Roaming\SecureSearch
2013-11-27 17:11 - 2013-11-27 17:11 - 00000000 ____D C:\Users\Savitri\AppData\Local\adawarebp
2013-11-27 17:11 - 2013-11-27 17:11 - 00000000 ____D C:\ProgramData\Search Protection
2013-11-27 17:11 - 2013-11-27 17:11 - 00000000 ____D C:\ProgramData\blekko toolbars
2013-11-27 17:11 - 2013-11-27 17:11 - 00000000 ____D C:\ProgramData\Ad-Aware Browsing Protection
2013-11-27 17:11 - 2013-11-27 17:11 - 00000000 ____D C:\Program Files\Lavasoft
2013-11-27 17:11 - 2013-11-27 17:11 - 00000000 ____D C:\Program Files (x86)\Toolbar Cleaner
2013-11-27 17:10 - 2013-11-27 17:10 - 00000000 ____D C:\Program Files (x86)\Lavasoft
2013-11-27 17:09 - 2013-11-27 17:09 - 00000000 ____D C:\Users\Savitri\AppData\Roaming\Lavasoft
2013-11-27 17:09 - 2013-11-27 17:09 - 00000000 ____D C:\Program Files\Common Files\Lavasoft
2013-11-27 17:08 - 2013-11-27 17:08 - 01724552 _____ C:\Users\Savitri\Downloads\Adaware_Installer_11.exe
2013-11-27 17:08 - 2013-11-27 17:08 - 00000000 ____D C:\ProgramData\Lavasoft
2013-11-27 16:45 - 2013-11-27 16:45 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-11-27 16:45 - 2013-11-27 16:45 - 00001928 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-11-27 16:45 - 2013-11-27 16:45 - 00000000 ____D C:\Users\Savitri\AppData\Roaming\AVAST Software
2013-11-27 16:45 - 2013-11-27 16:44 - 01032416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-11-27 16:45 - 2013-11-27 16:44 - 00409832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-11-27 16:45 - 2013-11-27 16:44 - 00205320 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-11-27 16:45 - 2013-11-27 16:44 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-11-27 16:45 - 2013-11-27 16:44 - 00084328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-11-27 16:45 - 2013-11-27 16:44 - 00065776 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-11-27 16:45 - 2013-11-27 16:44 - 00065264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-11-27 16:45 - 2013-11-27 16:44 - 00038984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-11-27 16:44 - 2013-11-27 16:44 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-11-27 16:44 - 2013-11-27 16:44 - 00000000 ____D C:\Program Files\AVAST Software
2013-11-27 16:42 - 2013-11-27 16:42 - 00000000 ____D C:\ProgramData\AVAST Software
2013-11-27 16:40 - 2013-11-27 16:42 - 87529432 _____ (AVAST Software) C:\Users\Savitri\Downloads\avast_free_antivirus_setup2008.exe
2013-11-27 13:06 - 2013-11-27 13:06 - 01059840 _____ C:\Users\Savitri\Downloads\MicrosoftFixit50981.msi
2013-11-26 17:38 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-11-26 17:34 - 2013-11-26 17:34 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-26 17:34 - 2013-11-26 17:34 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-26 17:33 - 2013-11-26 17:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-26 17:33 - 2013-11-26 17:33 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-26 17:33 - 2013-11-26 17:33 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-26 17:33 - 2013-11-26 17:33 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-26 17:33 - 2013-11-26 17:33 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-26 17:33 - 2013-11-26 17:33 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-26 17:33 - 2013-11-26 17:33 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-26 17:33 - 2013-11-26 17:33 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-26 17:33 - 2013-11-26 17:33 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-26 17:33 - 2013-11-26 17:33 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-26 17:33 - 2013-11-26 17:33 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-26 17:33 - 2013-11-26 17:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-26 17:33 - 2013-11-26 17:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-26 17:33 - 2013-11-26 17:33 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-26 17:33 - 2013-11-26 17:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-26 17:33 - 2013-11-26 17:33 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-26 17:33 - 2013-11-26 17:33 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-26 17:33 - 2013-11-26 17:33 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-26 17:33 - 2013-11-26 17:33 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-26 17:33 - 2013-11-26 17:33 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-26 17:33 - 2013-11-26 17:33 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-26 17:33 - 2013-11-26 17:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-26 17:33 - 2013-11-26 17:33 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-26 17:33 - 2013-11-26 17:33 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-26 17:33 - 2013-11-26 17:33 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-26 17:33 - 2013-11-26 17:33 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-26 17:31 - 2013-11-26 17:38 - 00010074 _____ C:\Windows\IE11_main.log
2013-11-22 15:48 - 2013-11-22 15:48 - 01071224 _____ (Solid State Networks) C:\Users\Savitri\Downloads\install_flashplayer11x32au_mssd_aaa_aih.exe
2013-11-17 15:35 - 2013-11-17 15:35 - 00001019 _____ C:\Users\Savitri\Desktop\Notepad++.lnk
2013-11-16 08:35 - 2013-11-16 08:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-14 07:42 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-14 07:42 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-14 07:42 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-14 07:42 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-14 07:42 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-14 07:42 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-14 07:42 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-14 07:42 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-14 07:42 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-11-14 07:42 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-14 07:42 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-11-14 07:42 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-11-14 07:42 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-14 07:42 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-11-14 07:41 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-14 07:41 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-14 07:41 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-14 07:41 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-14 07:41 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-14 07:41 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-14 07:41 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-11-14 07:41 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-11-14 07:41 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-14 07:41 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-14 07:41 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-14 07:40 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-14 07:40 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-14 07:40 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-14 07:40 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-14 07:40 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-10 09:18 - 2013-11-10 09:18 - 00001745 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-11-10 09:17 - 2013-11-10 09:18 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-10 09:17 - 2013-11-10 09:18 - 00000000 ____D C:\Program Files\iTunes
2013-11-10 09:17 - 2013-11-10 09:18 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-11-10 09:17 - 2013-11-10 09:17 - 00000000 ____D C:\Program Files\iPod
2013-11-08 15:46 - 2013-11-08 15:46 - 00000000 ____D C:\Program Files (x86)\Mathe5

==================== One Month Modified Files and Folders =======

2013-11-28 15:29 - 2013-11-28 15:28 - 00022408 _____ C:\Users\Savitri\Desktop\FRST.txt
2013-11-28 15:27 - 2013-11-28 15:27 - 00000000 ____D C:\FRST
2013-11-28 15:26 - 2013-11-28 15:26 - 01958850 _____ (Farbar) C:\Users\Savitri\Desktop\FRST64.exe
2013-11-28 15:26 - 2013-11-28 15:26 - 00000476 _____ C:\Users\Savitri\Desktop\defogger_disable.log
2013-11-28 15:26 - 2013-11-28 15:26 - 00000000 _____ C:\Users\Savitri\defogger_reenable
2013-11-28 15:26 - 2009-10-31 13:36 - 00000000 ____D C:\Users\Savitri
2013-11-28 15:24 - 2013-11-28 15:24 - 00050477 _____ C:\Users\Savitri\Desktop\Defogger.exe
2013-11-28 15:23 - 2013-04-25 14:35 - 00000000 ____D C:\Users\Savitri\AppData\Roaming\Skype
2013-11-28 15:23 - 2009-12-13 15:50 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-28 15:16 - 2009-10-07 19:23 - 01183003 _____ C:\Windows\WindowsUpdate.log
2013-11-28 15:01 - 2013-03-25 22:05 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-11-28 13:37 - 2010-07-03 09:14 - 00165115 _____ C:\Windows\setupact.log
2013-11-28 10:08 - 2009-07-14 05:45 - 00015792 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-11-28 10:08 - 2009-07-14 05:45 - 00015792 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-11-28 07:32 - 2013-11-28 07:32 - 04101441 _____ C:\Users\Savitri\Downloads\tdsskiller(1).zip
2013-11-28 07:31 - 2012-09-09 18:56 - 00003946 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{10F27B3E-2E9E-47DB-ADB4-4D06C7998B75}
2013-11-28 07:31 - 2009-12-13 15:50 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-28 07:31 - 2009-11-10 08:17 - 00000000 ____D C:\ProgramData\WinZip
2013-11-28 07:28 - 2013-11-28 07:28 - 04101441 _____ C:\Users\Savitri\Downloads\tdsskiller.zip
2013-11-28 07:26 - 2013-10-07 15:35 - 00000000 ____D C:\Users\Savitri\AppData\Local\WinZip
2013-11-28 07:23 - 2013-11-28 07:24 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Savitri\Desktop\tdsskiller.exe
2013-11-28 07:23 - 2013-11-28 07:23 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Savitri\Downloads\tdsskiller.exe
2013-11-28 07:18 - 2013-11-27 22:03 - 00167264 _____ C:\Users\Savitri\Desktop\OTL.Txt
2013-11-27 22:05 - 2013-11-27 22:05 - 00150950 _____ C:\Users\Savitri\Desktop\Extras.Txt
2013-11-27 21:47 - 2013-11-27 21:47 - 00602112 _____ (OldTimer Tools) C:\Users\Savitri\Desktop\OTL.exe
2013-11-27 21:38 - 2013-11-27 21:38 - 02347384 _____ (ESET) C:\Users\Savitri\Downloads\esetsmartinstaller_enu.exe
2013-11-27 21:33 - 2013-11-27 21:33 - 00000017 _____ C:\ProgramData\adaware-installer-reboot-required.tmp
2013-11-27 21:28 - 2009-12-18 14:19 - 00000324 _____ C:\Windows\Brownie.ini
2013-11-27 21:25 - 2013-05-03 13:49 - 00000440 _____ C:\Windows\Tasks\PCCT - MAGIX AG.job
2013-11-27 21:25 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-11-27 21:24 - 2010-07-04 07:26 - 00651670 _____ C:\Windows\PFRO.log
2013-11-27 18:59 - 2013-11-27 18:59 - 00001071 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-11-27 18:59 - 2010-06-27 14:49 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-27 18:55 - 2013-11-27 18:55 - 00000000 ____D C:\Users\Savitri\AppData\Roaming\LavasoftStatistics
2013-11-27 17:19 - 2013-11-27 17:19 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Savitri\Downloads\mbam-setup-1.75.0.1300.exe
2013-11-27 17:12 - 2013-11-27 17:12 - 00001289 _____ C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2013-11-27 17:11 - 2013-11-27 17:11 - 00000000 ____D C:\Users\Savitri\AppData\Roaming\SecureSearch
2013-11-27 17:11 - 2013-11-27 17:11 - 00000000 ____D C:\Users\Savitri\AppData\Local\adawarebp
2013-11-27 17:11 - 2013-11-27 17:11 - 00000000 ____D C:\ProgramData\Search Protection
2013-11-27 17:11 - 2013-11-27 17:11 - 00000000 ____D C:\ProgramData\blekko toolbars
2013-11-27 17:11 - 2013-11-27 17:11 - 00000000 ____D C:\ProgramData\Ad-Aware Browsing Protection
2013-11-27 17:11 - 2013-11-27 17:11 - 00000000 ____D C:\Program Files\Lavasoft
2013-11-27 17:11 - 2013-11-27 17:11 - 00000000 ____D C:\Program Files (x86)\Toolbar Cleaner
2013-11-27 17:10 - 2013-11-27 17:10 - 00000000 ____D C:\Program Files (x86)\Lavasoft
2013-11-27 17:09 - 2013-11-27 17:09 - 00000000 ____D C:\Users\Savitri\AppData\Roaming\Lavasoft
2013-11-27 17:09 - 2013-11-27 17:09 - 00000000 ____D C:\Program Files\Common Files\Lavasoft
2013-11-27 17:08 - 2013-11-27 17:08 - 01724552 _____ C:\Users\Savitri\Downloads\Adaware_Installer_11.exe
2013-11-27 17:08 - 2013-11-27 17:08 - 00000000 ____D C:\ProgramData\Lavasoft
2013-11-27 16:59 - 2009-09-12 04:13 - 00718394 _____ C:\Windows\system32\perfh007.dat
2013-11-27 16:59 - 2009-09-12 04:13 - 00158028 _____ C:\Windows\system32\perfc007.dat
2013-11-27 16:59 - 2009-07-14 06:13 - 01693306 _____ C:\Windows\system32\PerfStringBackup.INI
2013-11-27 16:58 - 2009-11-12 13:50 - 01638416 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-11-27 16:45 - 2013-11-27 16:45 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-11-27 16:45 - 2013-11-27 16:45 - 00001928 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-11-27 16:45 - 2013-11-27 16:45 - 00000000 ____D C:\Users\Savitri\AppData\Roaming\AVAST Software
2013-11-27 16:44 - 2013-11-27 16:45 - 01032416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-11-27 16:44 - 2013-11-27 16:45 - 00409832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-11-27 16:44 - 2013-11-27 16:45 - 00205320 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-11-27 16:44 - 2013-11-27 16:45 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-11-27 16:44 - 2013-11-27 16:45 - 00084328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-11-27 16:44 - 2013-11-27 16:45 - 00065776 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-11-27 16:44 - 2013-11-27 16:45 - 00065264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-11-27 16:44 - 2013-11-27 16:45 - 00038984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-11-27 16:44 - 2013-11-27 16:44 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-11-27 16:44 - 2013-11-27 16:44 - 00000000 ____D C:\Program Files\AVAST Software
2013-11-27 16:44 - 2011-06-09 08:28 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-11-27 16:42 - 2013-11-27 16:42 - 00000000 ____D C:\ProgramData\AVAST Software
2013-11-27 16:42 - 2013-11-27 16:40 - 87529432 _____ (AVAST Software) C:\Users\Savitri\Downloads\avast_free_antivirus_setup2008.exe
2013-11-27 13:06 - 2013-11-27 13:06 - 01059840 _____ C:\Users\Savitri\Downloads\MicrosoftFixit50981.msi
2013-11-27 07:20 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-11-27 06:44 - 2009-10-31 13:47 - 00001383 _____ C:\Users\Savitri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-27 06:41 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-11-26 17:38 - 2013-11-26 17:31 - 00010074 _____ C:\Windows\IE11_main.log
2013-11-26 17:34 - 2013-11-26 17:34 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-26 17:34 - 2013-11-26 17:34 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-26 17:33 - 2013-11-26 17:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-26 17:33 - 2013-11-26 17:33 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-26 17:33 - 2013-11-26 17:33 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-26 17:33 - 2013-11-26 17:33 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-26 17:33 - 2013-11-26 17:33 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-26 17:33 - 2013-11-26 17:33 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-26 17:33 - 2013-11-26 17:33 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-26 17:33 - 2013-11-26 17:33 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-26 17:33 - 2013-11-26 17:33 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-26 17:33 - 2013-11-26 17:33 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-26 17:33 - 2013-11-26 17:33 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-26 17:33 - 2013-11-26 17:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-26 17:33 - 2013-11-26 17:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-26 17:33 - 2013-11-26 17:33 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-26 17:33 - 2013-11-26 17:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-26 17:33 - 2013-11-26 17:33 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-26 17:33 - 2013-11-26 17:33 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-26 17:33 - 2013-11-26 17:33 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-26 17:33 - 2013-11-26 17:33 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-26 17:33 - 2013-11-26 17:33 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-26 17:33 - 2013-11-26 17:33 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-26 17:33 - 2013-11-26 17:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-26 17:33 - 2013-11-26 17:33 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-26 17:33 - 2013-11-26 17:33 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-26 17:33 - 2013-11-26 17:33 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-26 17:33 - 2013-11-26 17:33 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-25 21:58 - 2012-10-01 16:39 - 00000000 ____D C:\Users\Savitri\Documents\My Podcasts
2013-11-24 19:37 - 2009-10-31 22:28 - 00000000 ____D C:\Users\Savitri\AppData\Roaming\FileZilla
2013-11-24 19:23 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2013-11-24 15:28 - 2009-11-09 10:41 - 00000000 ____D C:\Users\Savitri\AppData\Roaming\Audacity
2013-11-24 10:35 - 2013-05-28 17:46 - 00000000 ____D C:\CD_OD
2013-11-24 10:35 - 2013-05-26 13:50 - 00000000 ____D C:\mp-aufmerksamkeit
2013-11-24 09:00 - 2013-05-28 12:51 - 00000000 ____D C:\mp-od
2013-11-22 17:33 - 2013-05-29 15:44 - 00000000 ____D C:\CD_OG
2013-11-22 17:17 - 2013-05-29 15:44 - 00000000 ____D C:\mp-OG
2013-11-22 16:59 - 2013-06-04 06:15 - 00000000 ____D C:\CD_Lega
2013-11-22 16:43 - 2013-06-04 06:15 - 00000000 ____D C:\mp-lega
2013-11-22 16:43 - 2011-11-11 14:02 - 00000000 ____D C:\mp-lesen1
2013-11-22 15:48 - 2013-11-22 15:48 - 01071224 _____ (Solid State Networks) C:\Users\Savitri\Downloads\install_flashplayer11x32au_mssd_aaa_aih.exe
2013-11-22 10:37 - 2012-05-12 10:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-21 20:24 - 2011-11-10 17:10 - 00000000 _____ C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-11-21 20:24 - 2009-11-01 20:27 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2013-11-21 10:37 - 2013-03-15 16:16 - 00000000 ____D C:\Users\Savitri\Desktop\Lernprogramme
2013-11-20 17:14 - 2013-05-26 14:52 - 00000000 ____D C:\CD_aufmerksamkeit
2013-11-18 10:50 - 2009-10-31 20:11 - 00000000 ____D C:\Users\Savitri\Documents\Schule
2013-11-17 15:35 - 2013-11-17 15:35 - 00001019 _____ C:\Users\Savitri\Desktop\Notepad++.lnk
2013-11-17 15:35 - 2012-06-25 11:51 - 00000000 ____D C:\Users\Savitri\AppData\Roaming\Notepad++
2013-11-16 08:35 - 2013-11-16 08:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-15 17:49 - 2012-10-07 06:52 - 00000000 ____D C:\CD7
2013-11-15 03:12 - 2009-10-31 16:29 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-15 03:10 - 2013-08-10 18:09 - 00000000 ____D C:\Windows\system32\MRT
2013-11-15 03:04 - 2009-11-01 08:44 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-14 07:34 - 2009-10-31 13:47 - 00000000 ___RD C:\Users\Savitri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-11-13 19:17 - 2012-08-16 13:06 - 00000000 ____D C:\mp-rechtschreibung2
2013-11-13 16:47 - 2012-10-08 15:35 - 00000000 ____D C:\mp-lesen7
2013-11-12 16:12 - 2012-09-22 14:27 - 00000000 ____D C:\vorlagen 22.9.12
2013-11-11 14:20 - 2012-10-12 12:31 - 00000000 ____D C:\mp-mathe5
2013-11-10 14:28 - 2013-09-24 07:29 - 00000000 ____D C:\Users\Savitri\Documents\Lernprogramme-Rechnungen
2013-11-10 09:18 - 2013-11-10 09:18 - 00001745 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-11-10 09:18 - 2013-11-10 09:17 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-10 09:18 - 2013-11-10 09:17 - 00000000 ____D C:\Program Files\iTunes
2013-11-10 09:18 - 2013-11-10 09:17 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-11-10 09:17 - 2013-11-10 09:17 - 00000000 ____D C:\Program Files\iPod
2013-11-08 15:46 - 2013-11-08 15:46 - 00000000 ____D C:\Program Files (x86)\Mathe5
2013-11-06 14:45 - 2010-03-30 07:58 - 00000000 ____D C:\ProgramData\Skype
2013-11-06 14:44 - 2013-02-23 20:02 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-11-05 13:57 - 2012-04-30 12:10 - 00000000 ____D C:\CD4
2013-11-03 10:10 - 2010-08-09 06:58 - 00000000 ____D C:\Users\Savitri\Documents\Kueche
2013-10-31 14:25 - 2009-10-31 14:14 - 00000552 _____ C:\Windows\Tasks\PCDRScheduledMaintenance.job

Some content of TEMP:
====================
C:\Users\Savitri\AppData\Local\Temp\7b19e194-036d-4e2a-a890-2f0efd27cb1e.exe
C:\Users\Savitri\AppData\Local\Temp\avgnt.exe
C:\Users\Savitri\AppData\Local\Temp\c97ee9c3-88bf-4545-9c23-ace1546a216b.exe
C:\Users\Savitri\AppData\Local\Temp\npp.6.5.1.Installer.exe
C:\Users\Savitri\AppData\Local\Temp\oi_{16B6885B-5C55-4FF8-8156-C9EDAA94EE1B}.exe
C:\Users\Savitri\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Savitri\AppData\Local\Temp\UNINSTALL.EXE
C:\Users\Savitri\AppData\Local\Temp\xmlUpdater.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-11-20 14:48

==================== End Of Log ============================
         


Da die zwei andern Dateien zu gross sind, habe ich sie angehängt.


Vielen Dank für Eure Hilfe.
Jola

Alt 28.11.2013, 18:50   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Windows Sicherheitscenter kann wieder nicht mehr aktiviert werden - Standard

Windows Sicherheitscenter kann wieder nicht mehr aktiviert werden



hi,
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!
Downloade dir bitte Combofix vom folgenden Downloadspiegel

Link 1


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.
__________________

__________________

Alt 29.11.2013, 15:55   #3
jola58
 
Windows Sicherheitscenter kann wieder nicht mehr aktiviert werden - Standard

Windows Sicherheitscenter kann wieder nicht mehr aktiviert werden



Hallo Schrauber,

Vielen Dank dass du dich um mein Problem kümmerst.

Ich habe Awast und Ad-Aware deaktiviert, trotzdem kam noch eine Meldung, ich hätte Avira Desktop aktiv. Doch dieses Programm habe ich nicht mehr und es war auch nicht zu finden per suche oder in der Systemsteuerung (Programme deinstallieren).
Also habe ich Combofix laufen lassen.

Hier das Logfile:
Code:
ATTFilter
ComboFix 13-11-27.01 - Savitri 28.11.2013  22:31:33.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.41.1031.18.4095.1957 [GMT 1:00]
ausgeführt von:: c:\users\Savitri\Desktop\ComboFix.exe
AV: Avira Desktop *Enabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Enabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
c:\windows\IsUn0407.exe
C:\WindowsLiveMessenger-uccapi-0.uccapilog
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_Boonty Games
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-10-28 bis 2013-11-28  ))))))))))))))))))))))))))))))
.
.
2013-11-28 21:41 . 2013-11-28 21:41	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-11-28 15:32 . 2013-11-28 15:32	--------	d-----w-	c:\program files (x86)\7-Zip
2013-11-28 14:27 . 2013-11-28 14:27	--------	d-----w-	C:\FRST
2013-11-27 17:59 . 2013-04-04 13:50	25928	----a-w-	c:\windows\system32\drivers\mbam.sys
2013-11-27 16:11 . 2013-11-27 16:11	--------	d-----w-	c:\program files\Lavasoft
2013-11-27 16:11 . 2013-11-27 16:11	--------	d-----w-	c:\programdata\Search Protection
2013-11-27 16:11 . 2013-11-27 16:11	--------	d-----w-	c:\programdata\blekko toolbars
2013-11-27 16:11 . 2013-11-27 16:11	--------	d-----w-	c:\users\Savitri\AppData\Local\adawarebp
2013-11-27 16:11 . 2013-11-27 16:11	--------	d-----w-	c:\programdata\Ad-Aware Browsing Protection
2013-11-27 16:11 . 2013-11-27 16:11	--------	d-----w-	c:\program files (x86)\Toolbar Cleaner
2013-11-27 16:11 . 2013-11-27 16:11	--------	d-----w-	c:\users\Savitri\AppData\Roaming\SecureSearch
2013-11-27 16:10 . 2013-11-27 16:10	--------	d-----w-	c:\program files (x86)\Lavasoft
2013-11-27 16:09 . 2013-11-27 16:09	--------	d-----w-	c:\users\Savitri\AppData\Roaming\Lavasoft
2013-11-27 16:09 . 2013-11-27 16:09	--------	d-----w-	c:\program files\Common Files\Lavasoft
2013-11-27 16:08 . 2013-11-27 16:08	--------	d-----w-	c:\programdata\Lavasoft
2013-11-27 15:55 . 2013-11-27 15:55	--------	d-----w-	c:\windows\Migration
2013-11-27 15:45 . 2013-11-27 15:45	--------	d-----w-	c:\users\Savitri\AppData\Roaming\AVAST Software
2013-11-27 15:45 . 2013-11-27 15:44	65264	----a-w-	c:\windows\system32\drivers\aswTdi.sys
2013-11-27 15:45 . 2013-11-27 15:44	65776	----a-w-	c:\windows\system32\drivers\aswRvrt.sys
2013-11-27 15:45 . 2013-11-27 15:44	205320	----a-w-	c:\windows\system32\drivers\aswVmm.sys
2013-11-27 15:45 . 2013-11-27 15:44	1032416	----a-w-	c:\windows\system32\drivers\aswSnx.sys
2013-11-27 15:45 . 2013-11-27 15:44	409832	----a-w-	c:\windows\system32\drivers\aswSP.sys
2013-11-27 15:45 . 2013-11-27 15:44	84328	----a-w-	c:\windows\system32\drivers\aswMonFlt.sys
2013-11-27 15:45 . 2013-11-27 15:44	38984	----a-w-	c:\windows\system32\drivers\aswFsBlk.sys
2013-11-27 15:45 . 2013-11-27 15:44	92544	----a-w-	c:\windows\system32\drivers\aswRdr2.sys
2013-11-27 15:44 . 2013-11-27 15:44	43152	----a-w-	c:\windows\avastSS.scr
2013-11-27 15:44 . 2013-11-27 15:44	--------	d-----w-	c:\program files\AVAST Software
2013-11-27 15:42 . 2013-11-27 15:42	--------	d-----w-	c:\programdata\AVAST Software
2013-11-26 16:38 . 2013-10-14 17:00	28368	----a-w-	c:\windows\system32\IEUDINIT.EXE
2013-11-26 16:34 . 2013-11-26 16:34	940032	----a-w-	c:\windows\system32\MsSpellCheckingFacility.exe
2013-11-26 16:34 . 2013-11-26 16:34	194048	----a-w-	c:\windows\SysWow64\elshyph.dll
2013-11-14 06:41 . 2013-10-05 20:25	1474048	----a-w-	c:\windows\system32\crypt32.dll
2013-11-14 06:41 . 2013-10-05 19:57	1168384	----a-w-	c:\windows\SysWow64\crypt32.dll
2013-11-14 06:41 . 2013-09-28 01:09	497152	----a-w-	c:\windows\system32\drivers\afd.sys
2013-11-14 06:41 . 2013-10-04 02:28	190464	----a-w-	c:\windows\system32\SmartcardCredentialProvider.dll
2013-11-14 06:41 . 2013-10-04 02:25	197120	----a-w-	c:\windows\system32\credui.dll
2013-11-14 06:41 . 2013-10-04 02:24	1930752	----a-w-	c:\windows\system32\authui.dll
2013-11-14 06:41 . 2013-10-04 01:58	152576	----a-w-	c:\windows\SysWow64\SmartcardCredentialProvider.dll
2013-11-14 06:41 . 2013-10-04 01:56	168960	----a-w-	c:\windows\SysWow64\credui.dll
2013-11-14 06:41 . 2013-10-04 01:56	1796096	----a-w-	c:\windows\SysWow64\authui.dll
2013-11-14 06:41 . 2013-10-03 02:23	404480	----a-w-	c:\windows\system32\gdi32.dll
2013-11-14 06:41 . 2013-10-03 02:00	311808	----a-w-	c:\windows\SysWow64\gdi32.dll
2013-11-14 06:40 . 2013-10-12 02:30	830464	----a-w-	c:\windows\system32\nshwfp.dll
2013-11-14 06:40 . 2013-10-12 02:29	859648	----a-w-	c:\windows\system32\IKEEXT.DLL
2013-11-14 06:40 . 2013-10-12 02:29	324096	----a-w-	c:\windows\system32\FWPUCLNT.DLL
2013-11-14 06:40 . 2013-10-12 02:03	656896	----a-w-	c:\windows\SysWow64\nshwfp.dll
2013-11-14 06:40 . 2013-10-12 02:01	216576	----a-w-	c:\windows\SysWow64\FWPUCLNT.DLL
2013-11-10 08:17 . 2013-11-10 08:17	--------	d-----w-	c:\program files\iPod
2013-11-10 08:17 . 2013-11-10 08:18	--------	d-----w-	c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-10 08:17 . 2013-11-10 08:18	--------	d-----w-	c:\program files\iTunes
2013-11-10 08:17 . 2013-11-10 08:18	--------	d-----w-	c:\program files (x86)\iTunes
2013-11-08 14:46 . 2013-11-08 14:46	--------	d-----w-	c:\program files (x86)\Mathe5
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-27 15:44 . 2011-06-09 07:28	334648	----a-w-	c:\windows\system32\aswBoot.exe
2013-11-15 02:04 . 2009-11-01 07:44	82896128	----a-w-	c:\windows\system32\MRT.exe
2013-10-09 15:01 . 2013-03-25 21:05	692616	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-10-09 15:01 . 2013-01-31 18:32	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-11 20:21 . 2013-09-11 20:21	863344	----a-w-	c:\windows\SysWow64\msvcr110_clr0400.dll
2013-09-11 20:21 . 2013-09-11 20:21	501872	----a-w-	c:\windows\SysWow64\msvcp110_clr0400.dll
2013-09-11 20:21 . 2013-09-11 20:21	28776	----a-w-	c:\windows\SysWow64\aspnet_counters.dll
2013-09-11 20:21 . 2013-09-11 20:21	18000	----a-w-	c:\windows\SysWow64\msvcr100_clr0400.dll
2013-09-11 18:39 . 2013-09-11 18:39	855664	----a-w-	c:\windows\system32\msvcr110_clr0400.dll
2013-09-11 18:39 . 2013-09-11 18:39	614000	----a-w-	c:\windows\system32\msvcp110_clr0400.dll
2013-09-11 18:39 . 2013-09-11 18:39	30312	----a-w-	c:\windows\system32\aspnet_counters.dll
2013-09-11 18:39 . 2013-09-11 18:39	18000	----a-w-	c:\windows\system32\msvcr100_clr0400.dll
2013-09-08 02:30 . 2013-10-09 09:13	1903552	----a-w-	c:\windows\system32\drivers\tcpip.sys
2013-09-08 02:27 . 2013-10-09 09:13	327168	----a-w-	c:\windows\system32\mswsock.dll
2013-09-08 02:03 . 2013-10-09 09:13	231424	----a-w-	c:\windows\SysWow64\mswsock.dll
2013-09-05 05:32 . 2013-09-27 07:39	9694160	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{3B071516-12E5-4DA7-AF25-238C0C4344F7}\mpengine.dll
2013-09-04 12:12 . 2013-10-09 09:13	343040	----a-w-	c:\windows\system32\drivers\usbhub.sys
2013-09-04 12:11 . 2013-10-09 09:13	325120	----a-w-	c:\windows\system32\drivers\usbport.sys
2013-09-04 12:11 . 2013-10-09 09:13	99840	----a-w-	c:\windows\system32\drivers\usbccgp.sys
2013-09-04 12:11 . 2013-10-09 09:13	52736	----a-w-	c:\windows\system32\drivers\usbehci.sys
2013-09-04 12:11 . 2013-10-09 09:13	30720	----a-w-	c:\windows\system32\drivers\usbuhci.sys
2013-09-04 12:11 . 2013-10-09 09:13	25600	----a-w-	c:\windows\system32\drivers\usbohci.sys
2013-09-04 12:11 . 2013-10-09 09:13	7808	----a-w-	c:\windows\system32\drivers\usbd.sys
2006-05-03 10:06	163328	--sha-r-	c:\windows\SysWOW64\flvDX.dll
2007-02-21 11:47	31232	--sha-r-	c:\windows\SysWOW64\msfDX.dll
2008-03-16 13:30	216064	--sha-r-	c:\windows\SysWOW64\nbDX.dll
2010-01-06 22:00	107520	--sha-r-	c:\windows\SysWOW64\TAKDSDecoder.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{6c97a91e-4524-4019-86af-2aa2d567bf5c}]
2013-10-31 18:22	116248	----a-w-	c:\program files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{6c97a91e-4524-4019-86af-2aa2d567bf5c}"= "c:\program files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx.dll" [2013-10-31 116248]
.
[HKEY_CLASSES_ROOT\clsid\{6c97a91e-4524-4019-86af-2aa2d567bf5c}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"="c:\program files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" [2009-05-18 2363392]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-10-21 20549280]
"ApplePhotoStreams"="c:\program files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe" [2013-09-15 59720]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-05-20 98304]
"Easybits Recovery"="c:\program files (x86)\EasyBits For Kids\ezRecover.exe" [2009-06-22 60464]
"UpdatePRCShortCut"="c:\program files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"BrStsWnd"="c:\program files (x86)\Brownie\BrstsW64.exe" [2008-01-08 963072]
"UpdatePDRShortCut"="c:\program files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"TkBellExe"="c:\program files (x86)\real\realplayer\Update\realsched.exe" [2011-10-27 273528]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]
"D-Link D-Link DWA-140"="c:\program files (x86)\D-Link\DWA-140 revB\AirNCFG.exe" [2011-06-29 1074496]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-11-01 152392]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2013-11-27 3568312]
"Ad-Aware Browsing Protection"="c:\programdata\Ad-Aware Browsing Protection\adawarebp.exe" [2013-09-27 559696]
"Search Protection"="c:\programdata\Search Protection\SearchProtection.exe" [2013-06-13 943016]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - c:\program files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2012-11-5 113664]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableSecureUIAPath"= 1 (0x1)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 Apache2.4;Apache2.4;c:\xampp\apache\bin\httpd.exe;c:\xampp\apache\bin\httpd.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
R2 MAGIX StartUp Analyze Service;MAGIX StartUp Analyze Service;c:\program files (x86)\MAGIX\PC_Check_Tuning_Free_2011\MXSAS.exe;c:\program files (x86)\MAGIX\PC_Check_Tuning_Free_2011\MXSAS.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 ATIXPGAA;ATIXPGAA;c:\program files\PC-Doctor for Windows\ATIXPGAA.SYS;c:\program files\PC-Doctor for Windows\ATIXPGAA.SYS [x]
R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 PAC7311;VGA SoC PC-Camera;c:\windows\system32\DRIVERS\PA707UCM.SYS;c:\windows\SYSNATIVE\DRIVERS\PA707UCM.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 anodlwf;ANOD Network Security Filter driver;c:\windows\system32\DRIVERS\anodlwfx.sys;c:\windows\SYSNATIVE\DRIVERS\anodlwfx.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys;c:\windows\SYSNATIVE\drivers\aswFsBlk.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 D_Link_DWA-140_WPS;D_Link_DWA-140_WPS Service;c:\program files (x86)\D-Link\DWA-140 revB\ANIWConnService.exe;c:\program files (x86)\D-Link\DWA-140 revB\ANIWConnService.exe [x]
S2 ezSharedSvc;Easybits Shared Services for Windows;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 hMailServer;hMailServer;c:\program files (x86)\hMailServer\Bin\hMailServer.exe RunAsService;c:\program files (x86)\hMailServer\Bin\hMailServer.exe RunAsService [x]
S2 LavasoftAdAwareService11;Ad-Aware Service 11;c:\program files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.0.4555.0\AdAwareService.exe;c:\program files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.0.4555.0\AdAwareService.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 TeamViewer5;TeamViewer 5;c:\program files (x86)\TeamViewer\Version5\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version5\TeamViewer_Service.exe [x]
S3 gzflt;gzflt;c:\program files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\2.6.0.0\gzflt.sys;c:\program files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\2.6.0.0\gzflt.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
S3 netr7364;RT73 USB Extensible Wireless LAN Card Driver;c:\windows\system32\DRIVERS\netr7364.sys;c:\windows\SYSNATIVE\DRIVERS\netr7364.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
ezSharedSvc
.
Inhalt des "geplante Tasks" Ordners
.
2013-11-28 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-25 15:01]
.
2013-11-28 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-12-13 14:50]
.
2013-11-28 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2009-12-13 14:50]
.
2013-11-28 c:\windows\Tasks\PCCT - MAGIX AG.job
- c:\program files (x86)\MAGIX\PC_Check_Tuning_Free_2011\MxTray.exe [2010-11-08 16:08]
.
2013-10-31 c:\windows\Tasks\PCDRScheduledMaintenance.job
- c:\program files\PC-Doctor for Windows\pcdr5cuiw32.exe [2009-06-10 11:04]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6c97a91e-4524-4019-86af-2aa2d567bf5c}]
2013-10-31 18:22	131728	----a-w-	c:\program files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{6c97a91e-4524-4019-86af-2aa2d567bf5c}"= "c:\program files (x86)\Lavasoft\AdAware SecureSearch Toolbar\adawareDx64.dll" [2013-10-31 131728]
.
[HKEY_CLASSES_ROOT\CLSID\{6c97a91e-4524-4019-86af-2aa2d567bf5c}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-11-27 15:44	326944	----a-w-	c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2009-07-08 610360]
"Monitor"="c:\windows\PixArt\PAC7311\Monitor.exe" [2006-11-03 319488]
"AdAwareTray"="c:\program files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.0.4555.0\AdAwareTray.exe" [2013-10-18 2493272]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://securedsearch2.lavasoft.com/index.php?pr=vmn&id=adawaretb&v=3_7&idate=2013-11-27&ent=hp&u=A0D6B18556A0B3306C9C4852961988ED
uLocal Page = c:\windows\system32\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Free YouTube Download - c:\users\Savitri\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm
IE: Free YouTube to Mp3 Converter - c:\users\Savitri\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
DPF: Microsoft XML Parser for Java - file:///C:/Windows/Java/classes/xmldso.cab
DPF: {4FF78044-96B4-4312-A5B7-FDA3CB328095} - 
FF - ProfilePath - c:\users\Savitri\AppData\Roaming\Mozilla\Firefox\Profiles\psydjhqg.Savitri\
FF - prefs.js: browser.search.selectedEngine - SecureSearch
FF - prefs.js: browser.startup.homepage - hxxp://securedsearch2.lavasoft.com/index.php?pr=vmn&id=adawaretb&v=3_7&idate=2013-11-27&ent=hp&u=A0D6B18556A0B3306C9C4852961988ED
FF - prefs.js: keyword.URL - hxxp://securedsearch2.lavasoft.com/results.php?pr=vmn&id=adawaretb&v=3_7&idate=__installtime__&hsimp=yhs-lavasoft&ent=bs&q=
FF - ExtSQL: 2013-10-01 08:35; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\Savitri\AppData\Roaming\Mozilla\Firefox\Profiles\psydjhqg.Savitri\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: 2013-10-01 08:36; {a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}; c:\users\Savitri\AppData\Roaming\Mozilla\Firefox\Profiles\psydjhqg.Savitri\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF - ExtSQL: 2013-10-01 08:36; {73a6fe31-595d-460b-a920-fcc0f8843232}; c:\users\Savitri\AppData\Roaming\Mozilla\Firefox\Profiles\psydjhqg.Savitri\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF - ExtSQL: 2013-11-27 16:44; wrc@avast.com; c:\program files\AVAST Software\Avast\WebRep\FF
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-avast5 - c:\program files\Alwil Software\Avast5\avastUI.exe
Wow6432Node-HKU-Default-Run-msnmsgr - c:\program files (x86)\Windows Live\Messenger\msnmsgr.exe
c:\users\Savitri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office Outlook 2007.lnk - c:\windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-abs_solstudio_is1 - c:\program files (x86)\Absolutist.com\Solitaire Studio\unins000.exe
AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe
AddRemove-hp print screen utility - c:\program files\Hewlett-Packard\hp print screen utility\UnInstall\prnunins.exe
AddRemove-InterCasinoV9GermanEUR - c:\windows\system32\UnCasinoV5DUE.exe
AddRemove-Mammoth Solitaire_is1 - c:\program files (x86)\Mammoth Solitaire\unins000.exe
AddRemove-{01E16766-FA52-4973-A818-D1574493CF68}_is1 - c:\program files (x86)\MyPlayBus.com\Mahjongg Dimensions Deluxe\unins000.exe
AddRemove-{02E2FFFB-88FF-4E0A-8D1A-ACCF4B655DDF}_is1 - c:\program files (x86)\MyPlayBus.com\I SPY Fun House\unins000.exe
AddRemove-{031E9A4D-FCCD-4572-9852-F4B50DE422BE}_is1 - c:\program files (x86)\MyPlayBus.com\Temple of Bricks\unins000.exe
AddRemove-{0580600E-8402-4E89-86CF-ED2D8A4A33D5}_is1 - c:\program files (x86)\MyPlayBus.com\Rescue Team 2\unins000.exe
AddRemove-{07BE5886-C564-48F2-B8CD-29BF039BB9A8}_is1 - c:\program files (x86)\MyPlayBus.com\Jack of All Worlds\unins000.exe
AddRemove-{08783A3B-7D76-4064-942B-1779E8DFC41C}_is1 - c:\program files (x86)\MyPlayBus.com\iCarly iDream in Toons\unins000.exe
AddRemove-{09B450CD-480E-4064-9EE6-51E04C41C22D}_is1 - c:\program files (x86)\MyPlayBus.com\Luxor Quest for the Afterlife\unins000.exe
AddRemove-{0AD0FBD1-428C-4CB0-A3DB-6C5DDBCB9DB7}_is1 - c:\program files (x86)\MyPlayBus.com\Snowy Treasure Hunter 2\unins000.exe
AddRemove-{0B5CE394-402E-4FDE-8FC9-06DBE1A05184}_is1 - c:\program files (x86)\MyPlayBus.com\Wonderland Adventures Mysteries of Fire Island\unins000.exe
AddRemove-{0C491C97-766F-4B04-855F-FE92F86165F6}_is1 - c:\program files (x86)\MyPlayBus.com\Island Tribe 2\unins000.exe
AddRemove-{0D34D914-7897-4EFB-8B36-682F892E0F49}_is1 - c:\program files (x86)\MyPlayBus.com\Roads of Rome\unins000.exe
AddRemove-{0E48F0D3-B332-4E65-80C5-2DA7DA97FB62}_is1 - c:\program files (x86)\MyPlayBus.com\Mountain Crime Requital\unins000.exe
AddRemove-{0ED5AFC4-3F1E-490F-B3CF-81B6A6602C75}_is1 - c:\program files (x86)\MyPlayBus.com\Jade's Journey\unins000.exe
AddRemove-{100D5E5E-8DBC-4E41-9F19-FE1F4CB8441E}_is1 - c:\program files (x86)\MyPlayBus.com\Pendulum Quest\unins000.exe
AddRemove-{11CDC40D-377A-41D2-98C2-B558F4FA6C57}_is1 - c:\program files (x86)\MyPlayBus.com\Venice Deluxe\unins000.exe
AddRemove-{12762ACC-CBFC-4316-BC29-76B3FC6CBCC4}_is1 - c:\program files (x86)\MyPlayBus.com\Wobbly Bobbly\unins000.exe
AddRemove-{1438495A-6306-4E26-AA43-AB5838E57428}_is1 - c:\program files (x86)\MyPlayBus.com\Snowy Treasure Hunter 3\unins000.exe
AddRemove-{144A92FF-BDC2-43D4-8B32-C83F1812839F}_is1 - c:\program files (x86)\MyPlayBus.com\Ski Resort Mogul\unins000.exe
AddRemove-{16273B21-8164-4FB9-86E9-F030A1F7D1A8}_is1 - c:\program files (x86)\MyPlayBus.com\Island Realms\unins000.exe
AddRemove-{173EB207-5C38-4AB3-A5B6-DE26727770E5}_is1 - c:\program files (x86)\MyPlayBus.com\Slingo Mystery 2 The Golden Escape\unins000.exe
AddRemove-{17BA980C-5026-4456-96E7-E91C37DF5615}_is1 - c:\program files (x86)\MyPlayBus.com\Shapo Gold\unins000.exe
AddRemove-{18BAC738-978B-4741-B0DF-687B5924AA76}_is1 - c:\program files (x86)\MyPlayBus.com\Safari Sketch\unins000.exe
AddRemove-{18BBD0C4-AC8A-45AC-8C8C-728232175B8E}_is1 - c:\program files (x86)\MyPlayBus.com\Tricks and Treats\unins000.exe
AddRemove-{19CE71AF-7591-41FD-AC71-3107C5A80BE6}_is1 - c:\program files (x86)\MyPlayBus.com\Virtual Villagers A New Home\unins000.exe
AddRemove-{1A7561F1-7882-4F87-910E-10DD27947963}_is1 - c:\program files (x86)\MyPlayBus.com\The Curse of the Thirty Denarii\unins000.exe
AddRemove-{1B1F335F-2FBA-4614-97F8-A8B67D8E114C}_is1 - c:\program files (x86)\MyPlayBus.com\The Lost City Chapter One\unins000.exe
AddRemove-{1C0DBB1B-A43D-4F1D-89B9-A8518E4EE055}_is1 - c:\program files (x86)\MyPlayBus.com\Wild West Billy\unins000.exe
AddRemove-{1C3A4456-2DFB-4C79-A0B8-BF7F581BDA25}_is1 - c:\program files (x86)\MyPlayBus.com\Pyramid Pays 2 Slots\unins000.exe
AddRemove-{1F4F5F14-4EBA-45BF-867C-1C9056E5B399}_is1 - c:\program files (x86)\MyPlayBus.com\Magical Mysteries Path of the Sorceress\unins000.exe
AddRemove-{1FD06F81-AA2C-4048-B0A7-A4EFAC4A177F}_is1 - c:\program files (x86)\MyPlayBus.com\The Fall Trilogy Chapter 2 Reconstruction\unins000.exe
AddRemove-{21A3DD4E-9749-4F45-86CD-C7846894CDFD}_is1 - c:\program files (x86)\MyPlayBus.com\Three Musketeers Secrets Constance Mission\unins000.exe
AddRemove-{230D9982-7323-47C9-A28F-A8DC19397A71}_is1 - c:\program files (x86)\MyPlayBus.com\Royal Challenge Solitaire\unins000.exe
AddRemove-{24FF85B3-1A7D-4208-AD10-446536AC3D0B}_is1 - c:\program files (x86)\MyPlayBus.com\Summer Resort Mogul\unins000.exe
AddRemove-{262C2DE3-344F-46E5-A1E1-E043E97C56EA}_is1 - c:\program files (x86)\MyPlayBus.com\Westward\unins000.exe
AddRemove-{26B0F24B-73BA-4F04-933B-3136BFAB0D4D}_is1 - c:\program files (x86)\MyPlayBus.com\Machi Paco\unins000.exe
AddRemove-{279F0DA0-082D-4CE2-8587-D12AD513699F}_is1 - c:\program files (x86)\MyPlayBus.com\Pestering Birds\unins000.exe
AddRemove-{290006B7-2493-4A31-B66E-4FA516B9093E}_is1 - c:\program files (x86)\MyPlayBus.com\Slingo Quest Egypt\unins000.exe
AddRemove-{2946E26B-90A3-4292-B3AB-323376DEC75F}_is1 - c:\program files (x86)\MyPlayBus.com\Tangle Bee\unins000.exe
AddRemove-{2963FC77-0F39-4FDC-8541-B0548DE64319}_is1 - c:\program files (x86)\MyPlayBus.com\Triple Rotate\unins000.exe
AddRemove-{2BE66607-F243-4A54-AD19-C08BF59F4D6D}_is1 - c:\program files (x86)\MyPlayBus.com\Westward Kingdoms\unins000.exe
AddRemove-{2DFFDDBB-2203-4EAC-A661-9367EF9F09FC}_is1 - c:\program files (x86)\MyPlayBus.com\Pop-A-Tronic\unins000.exe
AddRemove-{2FB27852-EC1A-4404-9E9A-E681080781F5}_is1 - c:\program files (x86)\MyPlayBus.com\Weather Master\unins000.exe
AddRemove-{3031EFA1-ECC0-4EB7-A012-1136172AF8EE}_is1 - c:\program files (x86)\MyPlayBus.com\Murfy Maths\unins000.exe
AddRemove-{3036EC08-4C4A-44BF-BF0D-95F8EAFE4B74}_is1 - c:\program files (x86)\MyPlayBus.com\Varmintz Deluxe\unins000.exe
AddRemove-{30A8EE16-E030-45C5-802C-EF640836BE34}_is1 - c:\program files (x86)\MyPlayBus.com\Legend of Fae\unins000.exe
AddRemove-{31F19568-A68B-48A0-810D-970E1252F06B}_is1 - c:\program files (x86)\MyPlayBus.com\Youda Survivor 2\unins000.exe
AddRemove-{34315ED0-B08F-43E5-9517-9569D86789C7}_is1 - c:\program files (x86)\MyPlayBus.com\World Voyage\unins000.exe
AddRemove-{352F63B2-999B-42EA-B9AD-9BFDC84C8768}_is1 - c:\program files (x86)\MyPlayBus.com\Portable Neighbours From Hell\unins000.exe
AddRemove-{383873FB-712A-441D-BF46-B75BAB6C2F00}_is1 - c:\program files (x86)\MyPlayBus.com\Vesuvia\unins000.exe
AddRemove-{38A1E071-C1D9-4189-838A-563C599080D7}_is1 - c:\program files (x86)\MyPlayBus.com\Monopoly Build-a-lot\unins000.exe
AddRemove-{3B42F2BC-0253-40ED-8480-18F4AF298B6D}_is1 - c:\program files (x86)\MyPlayBus.com\Trains\unins000.exe
AddRemove-{3D5D86C4-7B4C-4370-9C9D-C729E3F6F888}_is1 - c:\program files (x86)\MyPlayBus.com\Pioneer Lands\unins000.exe
AddRemove-{3E88293F-9D42-4F93-BA08-1D6FA8D9D5B1}_is1 - c:\program files (x86)\MyPlayBus.com\The Golden Years Way Out West\unins000.exe
AddRemove-{3E9FE22F-5FBB-4C89-B357-2D2A8F443DBB}_is1 - c:\program files (x86)\MyPlayBus.com\Puzzle Mania - Chronicles of Unicorn\unins000.exe
AddRemove-{3F7D6FE5-10AC-46CE-ABA6-FA1C8469092A}_is1 - c:\program files (x86)\MyPlayBus.com\Making Mr. Right\unins000.exe
AddRemove-{40B6149B-D1F4-4D61-9456-72C5D553110E}_is1 - c:\program files (x86)\MyPlayBus.com\Keys to Manhattan\unins000.exe
AddRemove-{41006439-5E64-482C-A225-DADF24878DBC}_is1 - c:\program files (x86)\MyPlayBus.com\Royal Envoy 2 Collector's Edition\unins000.exe
AddRemove-{41C23E9A-9E57-4A06-92F4-B557B2E52816}_is1 - c:\program files (x86)\MyPlayBus.com\Peggle Extreme\unins000.exe
AddRemove-{42A24244-C6EF-454C-BB85-BD9358DA2145}_is1 - c:\program files (x86)\MyPlayBus.com\The Timebuilders Caveman's Prophecy\unins000.exe
AddRemove-{43AB5701-E1B2-4F22-BC8D-58399ABC507E}_is1 - c:\program files (x86)\Lesen2\unins000.exe
AddRemove-{45114570-170B-48BF-9B0E-63DBDECAB41F}_is1 - c:\program files (x86)\MyPlayBus.com\Yahtzee\unins000.exe
AddRemove-{474F0FE2-707A-46F9-997C-017C87A7B938}_is1 - c:\program files (x86)\MyPlayBus.com\Magic Shop\unins000.exe
AddRemove-{49AFB6DA-7B14-4E2F-A2F6-3909AED469AF}_is1 - c:\program files (x86)\MyPlayBus.com\The Timebuilders Pyramid Rising\unins000.exe
AddRemove-{4A915D98-B466-4A9C-97AE-FEBFED3E9C11}_is1 - c:\program files (x86)\MyPlayBus.com\Trio The Great Settlement\unins000.exe
AddRemove-{4ADB535C-6230-4613-9D76-A3F079B0F50A}_is1 - c:\program files (x86)\MyPlayBus.com\Simplz Zoo\unins000.exe
AddRemove-{4AEC4376-ADB7-4C69-B275-BAAE842EB0B7}_is1 - c:\program files (x86)\MyPlayBus.com\Rock Frenzy\unins000.exe
AddRemove-{4CB9DF10-845F-478F-85EF-E835E11DA2B1}_is1 - c:\program files (x86)\MyPlayBus.com\Mad Plumber Inc\unins000.exe
AddRemove-{4D0D1E34-C2F1-45D1-A802-35D35ED199D1}_is1 - c:\program files (x86)\MyPlayBus.com\Luxor Mahjong\unins000.exe
AddRemove-{4E050D9F-AC0F-4FC1-8213-68161FE2438F}_is1 - c:\program files (x86)\MyPlayBus.com\Plan It Green\unins000.exe
AddRemove-{4E1B7847-ACA5-42FE-BB00-172D205CBD56}_is1 - c:\program files (x86)\MyPlayBus.com\Roads of Rome 2\unins000.exe
AddRemove-{4E200FE6-C88F-4A01-AE35-8E1ED82C8604}_is1 - c:\program files (x86)\MyPlayBus.com\Insider Tales The Stolen Venus 2\unins000.exe
AddRemove-{4E32564A-F164-4F37-BCCA-A1099966991B}_is1 - c:\program files (x86)\MyPlayBus.com\Paradise Beach 2 Around the World\unins000.exe
AddRemove-{4EB96E3E-0624-4F65-8EF7-12A2EF231806}_is1 - c:\program files (x86)\MyPlayBus.com\Jolly Rover\unins000.exe
AddRemove-{4FB3D88D-8E5A-4D9D-BEA5-0D43E2F9D541}_is1 - c:\program files (x86)\MyPlayBus.com\World of Goo\unins000.exe
AddRemove-{51DB28D7-936B-4977-B0D9-E51710F3701D}_is1 - c:\program files (x86)\MyPlayBus.com\Land Grabbers\unins000.exe
AddRemove-{5250BFDB-F6E5-430D-B922-94A76FAF0E7C}_is1 - c:\program files (x86)\MyPlayBus.com\The Amazon Adventure\unins000.exe
AddRemove-{52F121B0-D321-4AB5-B1AB-C7F92B85548D}_is1 - c:\program files (x86)\MyPlayBus.com\The Odyssey\unins000.exe
AddRemove-{52F15951-D420-4297-9712-5935EFB9A540}_is1 - c:\program files (x86)\MyPlayBus.com\Soccer Cup Solitaire\unins000.exe
AddRemove-{53481393-BF45-4795-8A5C-6273BF57CEA9}_is1 - c:\program files (x86)\MyPlayBus.com\Sprill and Ritchie\unins000.exe
AddRemove-{54D658E6-7D2C-4353-AB65-AC70BEDF2055}_is1 - c:\program files (x86)\MyPlayBus.com\Matchblox 2 Abram's Quest\unins000.exe
AddRemove-{551E6922-E412-4C92-98E0-B5CE333A32B4}_is1 - c:\program files (x86)\MyPlayBus.com\The Sultan's Labyrinth A Royal Sacrifice\unins000.exe
AddRemove-{5521BB01-4EAE-4780-B561-84FFC7F8A73E}_is1 - c:\program files (x86)\MyPlayBus.com\Puzzle Park\unins000.exe
AddRemove-{55B9AAD3-224A-46C8-986F-37470D118074}_is1 - c:\program files (x86)\MyPlayBus.com\Wild West Ransom\unins000.exe
AddRemove-{55F1D4D7-4C35-450C-BC2F-D9881AF456BE}_is1 - c:\program files (x86)\MyPlayBus.com\Monument Builder Eiffel Tower\unins000.exe
AddRemove-{58165164-56B6-474C-9130-D6894B254036}_is1 - c:\program files (x86)\MyPlayBus.com\Solitaire Cruise\unins000.exe
AddRemove-{5A8E536F-866A-4E8A-92E7-454058DAA4B4}_is1 - c:\program files (x86)\MyPlayBus.com\Know How\unins000.exe
AddRemove-{5ACB5D4A-75C3-4FE3-B343-A539854A7105}_is1 - c:\program files (x86)\MyPlayBus.com\Leeloo's Talent Agency\unins000.exe
AddRemove-{5BB87731-C5BC-44E5-BD87-1848D0A1E05A}_is1 - c:\program files (x86)\MyPlayBus.com\Nostradamus The Last Prophecy Episode 2\unins000.exe
AddRemove-{5CF278C9-224C-4369-AD95-2E207B54780C}_is1 - c:\program files (x86)\MyPlayBus.com\Virtual City\unins000.exe
AddRemove-{5DFCE699-7F54-4B8B-A6E5-F2F641D77071}_is1 - c:\program files (x86)\MyPlayBus.com\Puzzle Expedition The Quest For The Tear Of God\unins000.exe
AddRemove-{5E59C901-2484-4EB8-AC9B-FFF8C1DC4E1A}_is1 - c:\program files (x86)\MyPlayBus.com\The Missing A Search and Rescue Mystery\unins000.exe
AddRemove-{5F2D8BDC-5D5C-4E06-B11D-896147E290C4}_is1 - c:\program files (x86)\MyPlayBus.com\Mystery Agency Secrets of the Orient\unins000.exe
AddRemove-{60D7AF14-0A47-450E-9547-B96238B22B63}_is1 - c:\program files (x86)\MyPlayBus.com\Treasures of Montezuma 3\unins000.exe
AddRemove-{632DDBCA-0D28-4D25-A105-D937244080D2}_is1 - c:\program files (x86)\MyPlayBus.com\Shop-N-Spree Family Fortune\unins000.exe
AddRemove-{6405C6D3-EC06-409B-85F5-2464E9F4C257}_is1 - c:\program files (x86)\MyPlayBus.com\Jane's Realty 2\unins000.exe
AddRemove-{658F97EB-18A8-4852-B772-576C9D56C65D}_is1 - c:\program files (x86)\MyPlayBus.com\Slingo Quest\unins000.exe
AddRemove-{67513EE7-7590-47B4-A229-A1D39379695B}_is1 - c:\program files (x86)\MyPlayBus.com\miXem Deluxe\unins000.exe
AddRemove-{679ED546-B482-44EE-940F-46AE037DCF73}_is1 - c:\program files (x86)\MyPlayBus.com\PictoWords\unins000.exe
AddRemove-{67CDCD5A-9501-45CD-9DAC-3B59C0E68A67}_is1 - c:\program files (x86)\MyPlayBus.com\Twisted Lands Insomniac\unins000.exe
AddRemove-{67D845A3-DCA5-4C71-8790-D39116EA4BA3}_is1 - c:\program files (x86)\MyPlayBus.com\White Haven Mysteries\unins000.exe
AddRemove-{68678C37-7A74-4685-B8CA-EB253B75873C}_is1 - c:\program files (x86)\MyPlayBus.com\Kotori Chicks'n Cats\unins000.exe
AddRemove-{6C1A6D3D-3019-47E3-9E7C-0592D01F2941}_is1 - c:\program files (x86)\MyPlayBus.com\Island Tribe\unins000.exe
AddRemove-{6D5629CB-D70E-4FAF-8C19-C888D514A4EA}_is1 - c:\program files (x86)\MyPlayBus.com\Temple of Tangram\unins000.exe
AddRemove-{6F30A26D-1A7D-415A-888B-FBAFFD1C76DA}_is1 - c:\program files (x86)\MyPlayBus.com\World of Zellians\unins000.exe
AddRemove-{6F3E1C9F-FE4F-4086-A6EC-B33E5D107E1B}_is1 - c:\program files (x86)\MyPlayBus.com\Shaman Odyssey Tropic Adventure\unins000.exe
AddRemove-{70EBE79F-D1AD-4750-84AA-CD0019D07324}_is1 - c:\program files (x86)\MyPlayBus.com\She is a Shadow\unins000.exe
AddRemove-{727C4A10-E403-45BB-85C8-2FA607B71AC0}_is1 - c:\program files (x86)\MyPlayBus.com\Trapped The Abduction\unins000.exe
AddRemove-{72896DC4-B6DE-4A89-8FF3-1EB1C1308828}_is1 - c:\program files (x86)\MyPlayBus.com\Roads of Rome 3\unins000.exe
AddRemove-{72A4D9B6-5903-40F8-8C11-D6CD67F3470B}_is1 - c:\program files (x86)\MyPlayBus.com\Penny's Vegas Adventure\unins000.exe
AddRemove-{72E0A613-287C-4CB9-A4B9-450F7E52CC34}_is1 - c:\program files (x86)\MyPlayBus.com\Spirit Soup The Queensbury Curse\unins000.exe
AddRemove-{73D570FC-8710-46E8-90E0-DD9B28FEFD69}_is1 - c:\program files (x86)\MyPlayBus.com\Natalie Brooks Mystery at Hillcrest High\unins000.exe
AddRemove-{74E27D40-A548-43E2-86B9-B24E4074AF6C}_is1 - c:\program files (x86)\MyPlayBus.com\Xplorer\unins000.exe
AddRemove-{77F2B00B-534B-47FB-9189-6D4539559B52}_is1 - c:\program files (x86)\MyPlayBus.com\Mayan Puzzle\unins000.exe
AddRemove-{78AA5055-ED09-4984-B5EB-DB0388F43A86}_is1 - c:\program files (x86)\MyPlayBus.com\Zoom Book The Temple of the Sun\unins000.exe
AddRemove-{7B1368CB-1944-4409-8816-B83C4B093275}_is1 - c:\program files (x86)\MyPlayBus.com\Pusher\unins000.exe
AddRemove-{7BCBF91E-E254-4892-89EA-B1D737D51041}_is1 - c:\program files (x86)\MyPlayBus.com\Plan N Plant\unins000.exe
AddRemove-{7C52EA05-6A89-466C-B6A3-C35139FB3E10}_is1 - c:\program files (x86)\MyPlayBus.com\Redemption Cemetery Children's Plight\unins000.exe
AddRemove-{7EC1C816-69A4-428D-8D15-B8B6C7979A40}_is1 - c:\program files (x86)\MyPlayBus.com\Interpol The Trail of Dr. Chaos\unins000.exe
AddRemove-{7F73734E-C708-410F-BF03-57EAD5990C06}_is1 - c:\program files (x86)\MyPlayBus.com\Unlikely Suspects\unins000.exe
AddRemove-{80B81D0A-E636-4A4A-A878-A0E257A4EE33}_is1 - c:\program files (x86)\MyPlayBus.com\Zodiac Tower\unins000.exe
AddRemove-{80EB19A1-D255-44B8-B0B6-EF1CB961712B}_is1 - c:\program files (x86)\MyPlayBus.com\Path to Success\unins000.exe
AddRemove-{810A7BA5-7A15-4BD2-9CB0-09C56EE5E94C}_is1 - c:\program files (x86)\MyPlayBus.com\Temple of Jewels\unins000.exe
AddRemove-{81BF93DA-759B-41B8-86FD-058EBA15EF05}_is1 - c:\program files (x86)\MyPlayBus.com\King's Legacy\unins000.exe
AddRemove-{81F2D015-4C15-44D6-B46D-CAE17356D162}_is1 - c:\program files (x86)\MyPlayBus.com\Tales of Lagoona Orphans of the Ocean\unins000.exe
AddRemove-{83D4C7BF-8BF2-4D9F-861F-ACEDE9FEB358}_is1 - c:\program files (x86)\MyPlayBus.com\Oriental Dreams\unins000.exe
AddRemove-{83E35136-787B-4748-BF26-F4A5C9295473}_is1 - c:\program files (x86)\MyPlayBus.com\Sea Bounty\unins000.exe
AddRemove-{8417AC9F-699E-49DD-AA4F-64E886E0FF8F}_is1 - c:\program files (x86)\MyPlayBus.com\Lotus Deluxe\unins000.exe
AddRemove-{84362A11-AC17-44FB-9288-BD8510079043}_is1 - c:\program files (x86)\MyPlayBus.com\Real Estate Empire\unins000.exe
AddRemove-{84D1DE37-8C4B-4773-9BA1-A8CB29A59EFE}_is1 - c:\program files (x86)\MyPlayBus.com\I-Mones Dragon\unins000.exe
AddRemove-{84FD16D2-673A-4173-A35A-A1D8EF9612EB}_is1 - c:\program files (x86)\MyPlayBus.com\Kingdom of Seven Seals\unins000.exe
AddRemove-{85468E2D-989F-4A79-9434-0CCA958F0DE9}_is1 - c:\program files (x86)\MyPlayBus.com\Magic Farm the Ultimate Flower\unins000.exe
AddRemove-{866A674C-596C-4AA1-BF38-2DC1F1966054}_is1 - c:\program files (x86)\MyPlayBus.com\Mystery of Shark Island\unins000.exe
AddRemove-{86FB691E-F076-4C4C-B9D2-8CB8848322B8}_is1 - c:\program files (x86)\MyPlayBus.com\Princess Isabella A Witch's Curse\unins000.exe
AddRemove-{87A74C7A-3D13-4128-9146-868EB09EB86A}_is1 - c:\program files (x86)\MyPlayBus.com\Royal Envoy Collector's Edition\unins000.exe
AddRemove-{88085C69-7858-47A2-BCEC-2EFBB478CF55}_is1 - c:\program files (x86)\MyPlayBus.com\Super Granny 6\unins000.exe
AddRemove-{889CFCD7-DE65-4A85-B375-1B12E731387C}_is1 - c:\program files (x86)\MyPlayBus.com\World's Greatest Places Mahjong\unins000.exe
AddRemove-{88A07B6D-5BDD-4A82-A883-AEB2DEBACA8A}_is1 - c:\program files (x86)\MyPlayBus.com\Strange Cases The Tarot Card Mystery\unins000.exe
AddRemove-{8913AB76-6D5B-4DFA-AEDC-C22F0557FF36}_is1 - c:\program files (x86)\MyPlayBus.com\Youda Fisherman\unins000.exe
AddRemove-{893F5CDC-7C54-49E0-A4C6-FC199CBDA84C}_is1 - c:\program files (x86)\MyPlayBus.com\Orbyx Deluxe\unins000.exe
AddRemove-{89B27C85-4BF9-4074-9491-7A51511ADCA4}_is1 - c:\program files (x86)\MyPlayBus.com\Megapolis\unins000.exe
AddRemove-{89C4D817-A5E6-459E-943F-DD887EB5F388}_is1 - c:\program files (x86)\MyPlayBus.com\Nostradamus The Last Prophecy Episode 1\unins000.exe
AddRemove-{8A3BCBC4-301A-401A-9C6F-971A040CCCF8}_is1 - c:\program files (x86)\MyPlayBus.com\The Pirate Tales\unins000.exe
AddRemove-{8ADEFD3C-216C-46E4-9FB4-A97A2E0CDF26}_is1 - c:\program files (x86)\MyPlayBus.com\Mystery Case Files Escape From Ravenhearst\unins000.exe
AddRemove-{8AEF45B0-17CC-4856-B5CE-C7104B92312A}_is1 - c:\program files (x86)\MyPlayBus.com\Summer Tri-Peaks Solitaire\unins000.exe
AddRemove-{8B086DDC-368E-4F98-9BFC-50D3FEEEE6FA}_is1 - c:\program files (x86)\MyPlayBus.com\Temple of Life The Legend of Four Elements\unins000.exe
AddRemove-{8BE788BC-BDB4-40A8-9AED-CDE423870114}_is1 - c:\program files (x86)\MyPlayBus.com\SquareOff Gold\unins000.exe
AddRemove-{8CA5174B-298D-425B-9875-3BA4929B221B}_is1 - c:\program files (x86)\MyPlayBus.com\Stranded 2\unins000.exe
AddRemove-{8CD7ECB1-CA4B-491F-8A90-7BDC00591471}_is1 - c:\program files (x86)\MyPlayBus.com\KeyWords\unins000.exe
AddRemove-{8CF71BB1-D68F-4EDE-909C-389FB0126217}_is1 - c:\program files (x86)\MyPlayBus.com\Ice Land 2\unins000.exe
AddRemove-{8FC18E0F-543A-494B-AED2-11E324924A0B}_is1 - c:\program files (x86)\MyPlayBus.com\Twistingo\unins000.exe
AddRemove-{9044BD26-3E9E-4A2A-ADB9-575C8E3997EE}_is1 - c:\program files (x86)\MyPlayBus.com\Shangri La Deluxe\unins000.exe
AddRemove-{90DC45A0-4E1A-4017-9CFA-A0123D31BE72}_is1 - c:\program files (x86)\MyPlayBus.com\The Tale of the Lost Bride and a Hidden Treasure\unins000.exe
AddRemove-{91F5C8A6-D58E-4D47-B459-F999674B38AD}_is1 - c:\program files (x86)\MyPlayBus.com\Pizza Chef\unins000.exe
AddRemove-{93E9053B-24B4-4B86-9F3E-4BF360522902}_is1 - c:\program files (x86)\MyPlayBus.com\The Lost Inca Prophecy\unins000.exe
AddRemove-{94A8844C-0EE8-4863-BB46-5AFB8B2DE681}_is1 - c:\program files (x86)\MyPlayBus.com\Princess Isabella Return of the Curse\unins000.exe
AddRemove-{9896DC14-ACDC-44EC-8FCF-3B599951B096}_is1 - c:\program files (x86)\MyPlayBus.com\Tube Twist\unins000.exe
AddRemove-{99082F38-3333-4C88-9C3B-C15E85A34D1D}_is1 - c:\program files (x86)\MyPlayBus.com\Paradise Quest\unins000.exe
AddRemove-{9D06FDE7-CDF7-449B-8A08-E7932C006366}_is1 - c:\program files (x86)\MyPlayBus.com\Paranormal Crime Investigations\unins000.exe
AddRemove-{9E70FCE4-9D6C-4872-8C81-4DBB7A7858D2}_is1 - c:\program files (x86)\MyPlayBus.com\Urban Legends The Maze\unins000.exe
AddRemove-{9ED523E6-D7FA-44E8-B58D-AD7778074C32}_is1 - c:\program files (x86)\MyPlayBus.com\Master Wu and the Glory of the Ten Powers\unins000.exe
AddRemove-{A0DECCE8-6211-4D96-9D90-E825C8FCCE06}_is1 - c:\program files (x86)\MyPlayBus.com\Robbie Unforgettable Adventures\unins000.exe
AddRemove-{A101BB9D-125A-4785-937E-EEFC13B33A6C}_is1 - c:\program files (x86)\MyPlayBus.com\The Island Castaway\unins000.exe
AddRemove-{A24C390C-BB65-458A-AD40-286D468FA875}_is1 - c:\program files (x86)\MyPlayBus.com\The Poppit! Show\unins000.exe
AddRemove-{A3A2C969-8655-47AB-BBB1-BB35C1628738}_is1 - c:\program files (x86)\MyPlayBus.com\Jack of All Tribes\unins000.exe
AddRemove-{A47A14D6-779E-476A-B1CE-F377B4AD4B77}_is1 - c:\program files (x86)\MyPlayBus.com\Lucky's Rainbow\unins000.exe
AddRemove-{A4D61AC6-D96B-402E-9FBC-4F504C529CD5}_is1 - c:\program files (x86)\MyPlayBus.com\Treasure Seekers The Enchanted Canvases\unins000.exe
AddRemove-{A5B60205-2EE1-4F34-B5F0-63B9E4F00CDF}_is1 - c:\program files (x86)\MyPlayBus.com\Saving Private Sheep\unins000.exe
AddRemove-{A69ADC95-FE58-4B42-93BE-1F442E6CE9DE}_is1 - c:\program files (x86)\MyPlayBus.com\Rescue Team\unins000.exe
AddRemove-{A819A543-8185-4ACC-8063-DF4D0B23E57F}_is1 - c:\program files (x86)\MyPlayBus.com\Rainbow Mystery\unins000.exe
AddRemove-{A89E7D4E-DF57-4F92-A4CE-21F22EDA4C65}_is1 - c:\program files (x86)\MyPlayBus.com\Reincarnations Awakening\unins000.exe
AddRemove-{A9A08A24-B437-4815-AF6D-324C907FFB23}_is1 - c:\program files (x86)\MyPlayBus.com\Mystery Stories Mountains of Madness\unins000.exe
AddRemove-{AC32C295-F9A9-4B7E-867C-B52F4569E24F}_is1 - c:\program files (x86)\MyPlayBus.com\Romance of Rome\unins000.exe
AddRemove-{ADB06683-55D9-4AAC-81DB-073E7A21C989}_is1 - c:\program files (x86)\MyPlayBus.com\Numericon\unins000.exe
AddRemove-{AEA1F46C-B18D-48EB-AE27-13EE77D54B4C}_is1 - c:\program files (x86)\MyPlayBus.com\Youda Safari\unins000.exe
AddRemove-{B0185368-FE18-425C-8064-DDDEC5916AF2}_is1 - c:\program files (x86)\MyPlayBus.com\Mystery Age The Imperial Staff\unins000.exe
AddRemove-{B05B6BD5-C112-4103-B674-24F120A7D105}_is1 - c:\program files (x86)\MyPlayBus.com\Mahjongg Artifacts Chapter 2\unins000.exe
AddRemove-{B1BD62E5-DF33-4B2C-BC3C-54F021D99FF0}_is1 - c:\program files (x86)\MyPlayBus.com\Wonderlines\unins000.exe
AddRemove-{B373586A-ABF0-4712-AE52-745EE6D412DC}_is1 - c:\program files (x86)\MyPlayBus.com\Shamanville Earth Heart\unins000.exe
AddRemove-{B4BDFB9F-6974-4C8F-9BE7-7D9E4774EC4D}_is1 - c:\program files (x86)\MyPlayBus.com\The Microbie Story\unins000.exe
AddRemove-{B5347276-58AC-4502-BF2C-81F766D2809D}_is1 - c:\program files (x86)\MyPlayBus.com\Jabber\unins000.exe
AddRemove-{B5FAB2ED-D20C-4199-9AF6-8C4F51F3D893}_is1 - c:\program files (x86)\MyPlayBus.com\Virtual Villagers 5 New Believers\unins000.exe
AddRemove-{B715EA59-7AB1-47A2-9423-3FBA81143630}_is1 - c:\program files (x86)\MyPlayBus.com\Magic Stones\unins000.exe
AddRemove-{B7D3AA57-4E06-4418-9C35-CBA8590BD3FA}_is1 - c:\program files (x86)\MyPlayBus.com\Sunshine Acres\unins000.exe
AddRemove-{B8AD00BF-50EC-4029-84DF-D325B41C2466}_is1 - c:\program files (x86)\MyPlayBus.com\Jewel Keepers Easter Island\unins000.exe
AddRemove-{BA4DC763-3C89-4071-8FC8-DEB2935107B7}_is1 - c:\program files (x86)\MyPlayBus.com\Spring Bonus\unins000.exe
AddRemove-{BBAC2128-23B4-4E0E-9FB0-B0B81FC63918}_is1 - c:\program files (x86)\MyPlayBus.com\Trial of the Gods Ariadne's Fate\unins000.exe
AddRemove-{BD24A6C2-A060-4A2F-A622-AF3E02EEE6E2}_is1 - c:\program files (x86)\MyPlayBus.com\Moxxie's Tabloid Adventures\unins000.exe
AddRemove-{BDE6EADE-8B30-4BF4-9078-A092527013F9}_is1 - c:\program files (x86)\MyPlayBus.com\Pet Set\unins000.exe
AddRemove-{BEFB361B-A163-43F4-92E1-DE9C5408BF5C}_is1 - c:\program files (x86)\MyPlayBus.com\Rescue Frenzy\unins000.exe
AddRemove-{C0768884-70B1-4146-9640-105AB0ACA572}_is1 - c:\program files (x86)\Silberne Tinte - Ein spätromantisches Abenteuer\unins000.exe
AddRemove-{C0CFFD9E-E525-433F-AA3D-D2CBD64008C3}_is1 - c:\program files (x86)\MyPlayBus.com\Macabre Mysteries Curse of the Nightingale\unins000.exe
AddRemove-{C1B0F131-A33B-4435-BC97-45F63C13128B}_is1 - c:\program files (x86)\MyPlayBus.com\Virtual Villagers The Secret City\unins000.exe
AddRemove-{C24D83BC-46C2-4C68-96C4-4034A887C668}_is1 - c:\program files (x86)\MyPlayBus.com\Sally's Quick Clips\unins000.exe
AddRemove-{C2823D03-AA91-492F-9EB1-0442845DF509}_is1 - c:\program files (x86)\MyPlayBus.com\Mahjongg Dimensions Deluxe Tiles in Time\unins000.exe
AddRemove-{C2B5DFA9-A3F8-47D4-878E-A1EC84448ED2}_is1 - c:\program files (x86)\MyPlayBus.com\The Adventures of Mary Ann Lucky Pirates\unins000.exe
AddRemove-{C48AFCF3-93BE-4D96-B3F2-AE8D309B5821}_is1 - c:\program files (x86)\MyPlayBus.com\Mystery Legends Beauty and the Beast\unins000.exe
AddRemove-{C747EAED-F6A4-4CFF-A261-E05077ACB63F}_is1 - c:\program files (x86)\MyPlayBus.com\King's Smith\unins000.exe
AddRemove-{C86CD72C-46A8-4B76-ADBE-AA0A00CD14BC}_is1 - c:\program files (x86)\MyPlayBus.com\Vacation Mogul\unins000.exe
AddRemove-{C930115B-A449-4A56-B38C-7CB8779AAE3F}_is1 - c:\program files (x86)\MyPlayBus.com\Mystery Case Files Dire Grove\unins000.exe
AddRemove-{CA0F4F1D-5F94-4255-B587-AE62119EFA10}_is1 - c:\program files (x86)\MyPlayBus.com\Tropic Ball\unins000.exe
AddRemove-{CA9A3B87-D03F-4A30-8942-1548409DED31}_is1 - c:\program files (x86)\MyPlayBus.com\Mystery of the Missing Brigantine\unins000.exe
AddRemove-{CAD28B53-533A-4DBA-A229-3E3D24ED42A3}_is1 - c:\program files (x86)\MyPlayBus.com\The Da Vinci Code\unins000.exe
AddRemove-{CB1EEBA3-A80E-446F-9541-201B163FC10B}_is1 - c:\program files (x86)\MyPlayBus.com\Land of Runes\unins000.exe
AddRemove-{CD551AA6-E30C-43D8-9709-361D0FB5A5BA}_is1 - c:\program files (x86)\MyPlayBus.com\RoboRoll\unins000.exe
AddRemove-{CD95AC93-FFF4-49EF-87E3-15ADD9AA196B}_is1 - c:\program files (x86)\MyPlayBus.com\Legacy of the Incas\unins000.exe
AddRemove-{CDE7339B-FAEF-49E0-9986-A3520F446E0D}_is1 - c:\program files (x86)\MyPlayBus.com\Ingenious\unins000.exe
AddRemove-{CE04BF76-2D77-4B79-AE3E-521261F611D4}_is1 - c:\program files (x86)\MyPlayBus.com\Love Story The Beach Cottage\unins000.exe
AddRemove-{CFF53624-865C-417A-A9E1-145D74093BD8}_is1 - c:\program files (x86)\MyPlayBus.com\Our Worst Fears Stained Skin\unins000.exe
AddRemove-{D3D88360-B5CF-4642-9D31-B581680889A7}_is1 - c:\program files (x86)\MyPlayBus.com\OceaniX\unins000.exe
AddRemove-{D4F421F9-1429-4B02-94CD-8741E03E03DB}_is1 - c:\program files (x86)\MyPlayBus.com\Vampire Saga Welcome to Hell Lock\unins000.exe
AddRemove-{D4FA2B2F-6FBD-4522-B2E9-EB3B0B8BFD55}_is1 - c:\program files (x86)\MyPlayBus.com\Nightfall Mysteries Asylum Conspiracy\unins000.exe
AddRemove-{D5650D10-B16F-465B-A7C0-C0F3AA27A58A}_is1 - c:\program files (x86)\MyPlayBus.com\Magic Academy 2\unins000.exe
AddRemove-{D8385CAE-83F1-45A6-A9AE-0E43906F9264}_is1 - c:\program files (x86)\MyPlayBus.com\Zenerchi\unins000.exe
AddRemove-{D86CC3E1-49A6-4A23-9FC0-9F4D08305EA5}_is1 - c:\program files (x86)\MyPlayBus.com\Mortimer Beckett and the Crimson Thief\unins000.exe
AddRemove-{DA6B746F-6A84-4323-B001-57B6DEE50F65}_is1 - c:\program files (x86)\MyPlayBus.com\Vampire Saga\unins000.exe
AddRemove-{DB0C79BC-56B5-49D5-B571-F387F6F9D541}_is1 - c:\program files (x86)\MyPlayBus.com\Machinarium\unins000.exe
AddRemove-{DB175067-1104-4640-8966-D1B2BF3A07EE}_is1 - c:\program files (x86)\MyPlayBus.com\Legend of Sanna\unins000.exe
AddRemove-{DCB00A5A-2221-45F9-B0DB-DA19BFE184A6}_is1 - c:\program files (x86)\MyPlayBus.com\Jewel Craft\unins000.exe
AddRemove-{DD540ACA-DF2D-45B8-AFFB-C3058E9ADB4F}_is1 - c:\program files (x86)\MyPlayBus.com\Mechanic Infantry\unins000.exe
AddRemove-{DE81FF18-C142-4F36-84C7-6BCDB21E8931}_is1 - c:\program files (x86)\MyPlayBus.com\Zamby and the Mystical Crystals\unins000.exe
AddRemove-{DE9459CF-0B4B-4894-A92E-371D8EB1D247}_is1 - c:\program files (x86)\MyPlayBus.com\Monster Mash\unins000.exe
AddRemove-{DED38109-70A9-4C62-8F24-794E7A803D16}_is1 - c:\program files (x86)\MyPlayBus.com\Incredible Express\unins000.exe
AddRemove-{DF2F1053-EAEE-4531-A904-E1424CAD6B93}_is1 - c:\program files (x86)\MyPlayBus.com\Tropix 2 Quest for the Golden Banana\unins000.exe
AddRemove-{DFA05D64-2E99-4169-BD6D-5E439786407A}_is1 - c:\program files (x86)\MyPlayBus.com\Shopping Marathon\unins000.exe
AddRemove-{DFC1B68E-23D6-4B18-90AF-96A5C295BDF2}_is1 - c:\program files (x86)\MyPlayBus.com\WordJong\unins000.exe
AddRemove-{DFC64F36-CE69-4DFF-BEC7-E538BE2C61A1}_is1 - c:\program files (x86)\MyPlayBus.com\Runespell Overture\unins000.exe
AddRemove-{E05571C7-321E-43FF-8AF4-6AE31E86BE1C}_is1 - c:\program files (x86)\MyPlayBus.com\Virtual Villagers The Tree of Life\unins000.exe
AddRemove-{E09C76D5-0487-489B-84A7-D468AC2CF61C}_is1 - c:\program files (x86)\MyPlayBus.com\Mahjongg Artifacts\unins000.exe
AddRemove-{E0B8F3F0-8234-467E-A457-0256E08527A6}_is1 - c:\program files (x86)\MyPlayBus.com\The Sultan's Labyrinth\unins000.exe
AddRemove-{E0C4F565-B9AC-4F9D-9383-BBCE017F8BD6}_is1 - c:\program files (x86)\MyPlayBus.com\Pipe World\unins000.exe
AddRemove-{E0C5DB70-51F0-4B2F-8E82-A32810EC1F7D}_is1 - c:\program files (x86)\MyPlayBus.com\Villa Banana\unins000.exe
AddRemove-{E210B138-87D3-426F-A9D9-8701D77BFEB4}_is1 - c:\program files (x86)\MyPlayBus.com\Legend of Ali Baba\unins000.exe
AddRemove-{E257665A-69DA-4315-BEED-E33369E697D5}_is1 - c:\program files (x86)\MyPlayBus.com\Samorost 2\unins000.exe
AddRemove-{E5188BA1-F509-48BF-8B1B-E203B5C65806}_is1 - c:\program files (x86)\MyPlayBus.com\Monopoly Here and Now Edition\unins000.exe
AddRemove-{E6BE3EFF-6BC8-4BAA-8F44-262DB18F531E}_is1 - c:\program files (x86)\MyPlayBus.com\Sacra Terra Angelic Night\unins000.exe
AddRemove-{E7D69494-27A9-4E6C-90C1-28258646F8BE}_is1 - c:\program files (x86)\MyPlayBus.com\Jewel Match 2\unins000.exe
AddRemove-{EA181C5D-3E36-4CCB-BBC8-0689F11828BB}_is1 - c:\program files (x86)\MyPlayBus.com\Secrets of Great Art\unins000.exe
AddRemove-{EB685BBF-0739-4DF4-8726-1433A8F622B3}_is1 - c:\program files (x86)\MyPlayBus.com\Secret of the Magic Crystals\unins000.exe
AddRemove-{EE202411-2C26-49E8-9784-1BC1DBF7DE96} - c:\program files (x86)\InstallShield Installation Information\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}\setup.exe
AddRemove-{EE233EF0-CB52-449A-AD22-BEDF6C602F6A}_is1 - c:\program files (x86)\MyPlayBus.com\Jewel of Atlantis\unins000.exe
AddRemove-{EE2CCD4E-930B-4378-82E2-91F5E793C4FF}_is1 - c:\program files (x86)\MyPlayBus.com\Mini Robot Wars\unins000.exe
AddRemove-{EE35D29C-E330-4482-AB51-D55DBCB701CE}_is1 - c:\program files (x86)\MyPlayBus.com\The Palace Builder\unins000.exe
AddRemove-{EFD49E51-0049-44D6-9108-D94870C82DCD}_is1 - c:\program files (x86)\MyPlayBus.com\The Island Castaway 2\unins000.exe
AddRemove-{F013BB3F-CB15-48E9-9386-5E91EC891D09}_is1 - c:\program files (x86)\MyPlayBus.com\Westward IV All Aboard\unins000.exe
AddRemove-{F02350E6-ACFD-4F28-947C-0AD67D128165}_is1 - c:\program files (x86)\MyPlayBus.com\Triazzle Island\unins000.exe
AddRemove-{F0F7843C-EDAA-40E9-BB79-9AC5FB934252}_is1 - c:\program files (x86)\MyPlayBus.com\The Blackwell Deception\unins000.exe
AddRemove-{F0FFA4E3-909A-485C-9B2C-A23574FEC33F}_is1 - c:\program files (x86)\MyPlayBus.com\Jewel Island\unins000.exe
AddRemove-{F4673F03-D87D-4F21-A4C1-33137C08EF0C}_is1 - c:\program files (x86)\MyPlayBus.com\Ice Puzzle Deluxe\unins000.exe
AddRemove-{F6491F1F-B3AF-4639-8283-32E893EFF2A9}_is1 - c:\program files (x86)\MyPlayBus.com\Tetromino Challenge\unins000.exe
AddRemove-{F6948A63-7310-448A-9138-18274B598D05}_is1 - c:\program files (x86)\MyPlayBus.com\The Count of Monte Cristo\unins000.exe
AddRemove-{F73A4279-B61A-4FFE-B580-0DA493D31CB4}_is1 - c:\program files (x86)\MyPlayBus.com\Pearlz\unins000.exe
AddRemove-{F7D15083-DA22-4194-A9D0-A7DF662D18E9}_is1 - c:\program files (x86)\MyPlayBus.com\Profitville\unins000.exe
AddRemove-{F947683F-C37E-4F28-9CD3-85D0D5302B16}_is1 - c:\program files (x86)\MyPlayBus.com\World Mosaics 3 Fairy Tales\unins000.exe
AddRemove-{FA80B6C9-BFAA-4473-964C-5AEFAA53D4B4}_is1 - c:\program files (x86)\MyPlayBus.com\Wu Hing The Five Elements\unins000.exe
AddRemove-{FB3BFDEC-F408-4534-AB92-E0E8D841202D}_is1 - c:\program files (x86)\MyPlayBus.com\World Class Solitaire\unins000.exe
AddRemove-{FC024188-C2B8-4B4F-9B72-DF4885304BA7}_is1 - c:\program files (x86)\MyPlayBus.com\My Life Story Adventures\unins000.exe
AddRemove-{FC4C29A6-810A-4800-9991-47C31FDA70C8}_is1 - c:\program files (x86)\MyPlayBus.com\Lost Treasures of El Dorado\unins000.exe
AddRemove-{FEF87069-C60E-4838-A845-A8555779C0A8}_is1 - c:\program files (x86)\MyPlayBus.com\Totem Tribe\unins000.exe
AddRemove-{FF1679B6-3E65-4D37-8081-86CC98A49E3D}_is1 - c:\program files (x86)\MyPlayBus.com\Time to Hurry Nicole's Story\unins000.exe
AddRemove-{FF1FDF4C-A9C4-4BA5-ACDD-267D8024A7A3}_is1 - c:\program files (x86)\MyPlayBus.com\OIO The Game\unins000.exe
AddRemove-{FF504688-0329-4329-99FF-D4D2B303E1F4}_is1 - c:\program files (x86)\MyPlayBus.com\Travel League The Missing Jewels\unins000.exe
AddRemove-{FF56A1BD-51A0-4699-A407-355529AC964B}_is1 - c:\program files (x86)\MyPlayBus.com\Secrets of the Dark Temple of Night\unins000.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-842135949-2711248906-428214252-1000\Software\CyberLink\Common\claud\yberlink\PowerDirector\P* *s**¼**\PDR8]
"AuDsInterface"=dword:00000008
"AuHDMIMode"=dword:00000000
"AuDsDnmx"=dword:00000008
"AuDsDualMono"=dword:00000000
"AuDsDHMode"=dword:00000002
"AuDsDVSMode"=dword:00000005
"AuDsCLHMode"=dword:00000002
"AuDsCLVSMode"=dword:00000002
"AuDsTSOn"=dword:00000001
"AuDsFocusOn"=dword:00000001
"AuDsTBOn"=dword:00000001
"AuDsFocusLevel"=dword:00000005
"AuDsTBLevel"=dword:00000008
"AuDsSpkSize"=dword:00000001
"AuDsDTSS2SpeakWidth"=dword:0000000a
"AuDsDTSS2DialGain"=dword:00000000
"AuDsDTSS2BassRGain"=dword:00000000
"AuDsChanExpand"=dword:00000004
"AuDsPL2Mode"=dword:00000003
"AuDsPL2XPanorama"=dword:00000000
"AuDsPL2XCntrWidth"=dword:00000003
"AuDsMEIMode"=dword:00000014
"AuDsMEIVolFront"=dword:0000001e
"AuDsMEIVolRear"=dword:0000001e
"AuDsMEIVolCenter"=dword:0000001e
"AuDsMEIVolLFE"=dword:0000001e
"AuDsNeo6Mode"=dword:00000000
"AU_DRC_MODE"=dword:00000002
"LFEON"=dword:00000001
"AuDsCntrMix"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\hMailServer\Bin\hMailServer.exe
c:\program files (x86)\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files (x86)\Cyberlink\Shared files\RichVideo.exe
c:\program files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
c:\program files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-11-28  22:53:41 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2013-11-28 21:53
.
Vor Suchlauf: 90 Verzeichnis(se), 698'782'093'312 Bytes frei
Nach Suchlauf: 95 Verzeichnis(se), 698'504'683'520 Bytes frei
.
- - End Of File - - 0E1EAC87EE5AF5703918C12356B23088
20086F331704E9E173DA70957919E57D
         
Hi
Habe nun gesehen, dass das Sicherheitscenter wieder aktiviert ist. War' s das schon?
Muss ich nichts mehr machen?

Gruss Jola
__________________

Alt 30.11.2013, 16:47   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Windows Sicherheitscenter kann wieder nicht mehr aktiviert werden - Standard

Windows Sicherheitscenter kann wieder nicht mehr aktiviert werden



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 01.12.2013, 10:50   #5
jola58
 
Windows Sicherheitscenter kann wieder nicht mehr aktiviert werden - Standard

Windows Sicherheitscenter kann wieder nicht mehr aktiviert werden



Hallo Schrauber

Hier die Logfiles:

Code:
ATTFilter
Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.12.01.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16428
Savitri :: SAVITRI-PC [Administrator]

01.12.2013 07:03:15
mbam-log-2013-12-01 (07-03-15).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 243523
Laufzeit: 9 Minute(n), 6 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
         
Code:
ATTFilter
# AdwCleaner v3.013 - Bericht erstellt am 01/12/2013 um 08:55:57
# Updated 24/11/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Savitri - SAVITRI-PC
# Gestartet von : C:\Users\Savitri\Desktop\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\blekko toolbars
Ordner Gelöscht : C:\ProgramData\Search Protection
Ordner Gelöscht : C:\Program Files (x86)\Toolbar Cleaner
Ordner Gelöscht : C:\Users\Savitri\AppData\LocalLow\adawaretb
Ordner Gelöscht : C:\Users\Savitri\AppData\Roaming\Mozilla\Firefox\Profiles\psydjhqg.Savitri\adawaretb
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\adawaretb.xml
Datei Gelöscht : C:\Windows\System32\Tasks\SpyHunter4Startup

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\speedupmypc
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\HPSF_Tasks_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetimsetup_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetimsetup_rasmancs
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Search Protection]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{6C97A91E-4524-4019-86AF-2AA2D567BF5C}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E3ED53C5-7AD5-4DF5-9734-AFB6E7E5D9DB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{6C97A91E-4524-4019-86AF-2AA2D567BF5C}]
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKLM\Software\adawaretb
Schlüssel Gelöscht : HKLM\Software\Toolbar Cleaner
Schlüssel Gelöscht : HKLM\Software\Uniblue
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\adawaretb
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v25.0.1 (de)

[ Datei : C:\Users\Savitri\AppData\Roaming\Mozilla\Firefox\Profiles\psydjhqg.Savitri\prefs.js ]

Zeile gelöscht : user_pref("extensions.wrc.SearchRules.ask.com.style", ".WRCN {display:none} #yui-main .tsrc_vnru .title + .WRCN, #yui-main #teoma-results .title + .WRCN {display:inline !important; background: url(\"I[...]
Zeile gelöscht : user_pref("extensions.wrc.SearchRules.ask.com.url", "^hxxp(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*");

-\\ Google Chrome v

[ Datei : C:\Users\Savitri\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [24185 octets] - [30/09/2013 15:40:32]
AdwCleaner[S0].txt - [23758 octets] - [30/09/2013 15:43:16]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [23819 octets] ##########
         



Die anderen zu grossen Files habe ich angehängt.




Gruss Jola


Alt 02.12.2013, 10:13   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Windows Sicherheitscenter kann wieder nicht mehr aktiviert werden - Standard

Windows Sicherheitscenter kann wieder nicht mehr aktiviert werden




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
--> Windows Sicherheitscenter kann wieder nicht mehr aktiviert werden

Alt 02.12.2013, 19:24   #7
jola58
 
Windows Sicherheitscenter kann wieder nicht mehr aktiviert werden - Standard

Windows Sicherheitscenter kann wieder nicht mehr aktiviert werden



Hallo Schrauber,

Eset hat stundelang gescannt und nichts gefunden.

Beim Security-Check funktionierte es nicht. In der Dos-Box kam die Meldung:
UNSUPPORTED OPERATING SYSTEM! ABORTED!

Hier noch das Logfile von Eset:

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=24953f8c458b3b4db36f7fd60b9f26ee
# engine=16102
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-12-02 06:13:10
# local_time=2013-12-02 07:13:10 (+0100, Mitteleuropäische Zeit)
# country="Switzerland"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=774 16777213 71 77 444477 444516 0 0
# compatibility_mode=5893 16776573 100 94 125840 137637840 0 0
# scanned=474465
# found=0
# cleaned=0
# scan_time=21511
         

Alt 03.12.2013, 11:41   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Windows Sicherheitscenter kann wieder nicht mehr aktiviert werden - Standard

Windows Sicherheitscenter kann wieder nicht mehr aktiviert werden



Zitat:
und ein frisches FRST log bitte. Noch Probleme?
.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 03.12.2013, 13:45   #9
jola58
 
Windows Sicherheitscenter kann wieder nicht mehr aktiviert werden - Standard

Windows Sicherheitscenter kann wieder nicht mehr aktiviert werden



Hallo Schrauber

Hier das Frst log:


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-12-2013
Ran by Savitri (administrator) on SAVITRI-PC on 03-12-2013 13:39:17
Running from C:\Users\Savitri\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

==================== Processes (Whitelisted) =================

() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.0.4555.0\AdAwareService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(PixArt Imaging Incorporation) C:\Windows\PixArt\PAC7311\Monitor.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.0.4555.0\AdAwareTray.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\Windows\System32\lpksetup.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(brother) C:\Program Files (x86)\Brownie\BrStsW64.exe
() C:\Program Files (x86)\MAGIX\PC_Check_Tuning_Free_2011\MxTray.exe
(D-Link Corp.) C:\Program Files (x86)\D-Link\DWA-140 revB\AirNCFG.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Program Files (x86)\D-Link\DWA-140 revB\ANIWConnService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Brio) C:\Program Files\FolderSize\FolderSizeSvc.exe
(hMailServer) C:\Program Files (x86)\hMailServer\Bin\hMailServer.exe
(brother) C:\Program Files (x86)\Brownie\brpjp04a.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
() C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(CyberLink Corp.) C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\ielowutil.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SmartMenu] - C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [610360 2009-07-08] ()
HKLM\...\Run: [Monitor] - C:\Windows\PixArt\PAC7311\Monitor.exe [319488 2006-11-03] (PixArt Imaging Incorporation)
HKLM\...\Run: [AdAwareTray] - C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.0.4555.0\AdAwareTray.exe [2493272 2013-10-18] ()
HKLM-x32\...\Winlogon: [Userinit] C:\Windows\sysWOW64\userinit.exe [26624 2010-11-20] (Microsoft Corporation)
HKCU\...\Run: [LightScribe Control Panel] - C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2363392 2009-05-18] (Hewlett-Packard Company)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20549280 2013-10-21] (Skype Technologies S.A.)
HKCU\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-09-15] (Apple Inc.)
HKLM-x32\...\Run: [hpsysdrv] - C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-05-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Easybits Recovery] - C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [60464 2009-06-22] (EasyBits Software AS)
HKLM-x32\...\Run: [UpdatePRCShortCut] - C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [BrStsWnd] - C:\Program Files (x86)\Brownie\BrStsW64.exe [963072 2008-01-08] (brother)
HKLM-x32\...\Run: [avast5] - "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
HKLM-x32\...\Run: [UpdatePDRShortCut] - C:\Program Files (x86)\Cyberlink\PowerDirector\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
HKLM-x32\...\Run: [TkBellExe] - C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [273528 2011-10-27] (RealNetworks, Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [D-Link D-Link DWA-140] - C:\Program Files (x86)\D-Link\DWA-140 revB\AirNCFG.exe [1074496 2011-06-29] (D-Link Corp.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3568312 2013-11-27] (AVAST Software)
HKLM-x32\...\Run: [Ad-Aware Browsing Protection] - C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [559696 2013-09-27] (Lavasoft)
HKU\Default\...\Run: [HPADVISOR] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1668664 2009-07-15] (Hewlett-Packard)
HKU\Default User\...\Run: [HPADVISOR] - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe [1668664 2009-07-15] (Hewlett-Packard)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {71398C2C-687B-4CD9-8A25-501D138F73E6} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1452&query={searchTerms}&invocationType=tb50hpcndtie7-de-ch
SearchScopes: HKLM - {71398C2C-687B-4CD9-8A25-501D138F73E6} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1452&query={searchTerms}&invocationType=tb50hpcndtie7-de-ch
SearchScopes: HKCU - DefaultScope {71398C2C-687B-4CD9-8A25-501D138F73E6} URL = 
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - No Name - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} -  No File
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKCU - No Name - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} -  No File
DPF: HKLM-x32 {4FF78044-96B4-4312-A5B7-FDA3CB328095} 
DPF: HKLM-x32 {5C051655-FCD5-4969-9182-770EA5AA5565} hxxp://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455} 
DPF: HKLM-x32 {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: text/xml - {807553E5-5146-11D5-A672-00B0D022E945} -  No File
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52272 2009-09-11] (EasyBits Software Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Savitri\AppData\Roaming\Mozilla\Firefox\Profiles\psydjhqg.Savitri
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @java.com/DTPlugin,version=10.17.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=12.0.1.669 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=12.0.1.669 - c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=12.0.1.669 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=12.0.1.669 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=12.0.1.669 - c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @movenetworks.com/Quantum Media Player - C:\Users\Savitri\AppData\Roaming\Move Networks\plugins\071802000001\npqmp071802000001.dll (Move Networks)
FF SearchPlugin: C:\Users\Savitri\AppData\Roaming\Mozilla\Firefox\Profiles\psydjhqg.Savitri\searchplugins\safeguard-secure-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\foxsearch.src
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\Savitri\AppData\Roaming\Mozilla\Firefox\Profiles\psydjhqg.Savitri\Extensions\staged
FF Extension: WOT - C:\Users\Savitri\AppData\Roaming\Mozilla\Firefox\Profiles\psydjhqg.Savitri\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
FF Extension: noscript - C:\Users\Savitri\AppData\Roaming\Mozilla\Firefox\Profiles\psydjhqg.Savitri\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: defaults - C:\Users\Savitri\AppData\Roaming\Mozilla\Firefox\Profiles\psydjhqg.Savitri\Extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi
FF Extension: Adblock Plus - C:\Users\Savitri\AppData\Roaming\Mozilla\Firefox\Profiles\psydjhqg.Savitri\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF

Chrome: 
=======
CHR HomePage: 	"homepage":	"hxxp://securedsearch2.lavasoft.com/index.php?pr=vmn&id=adawaretb&v=3_7&idate=2013-11-27&ent=hp&u=A0D6B18556A0B3306C9C4852961988ED",
CHR RestoreOnStartup: "hxxp://securedsearch2.lavasoft.com/index.php?pr=vmn&id=adawaretb&v=3_7&idate=2013-11-27&ent=hp&u=A0D6B18556A0B3306C9C4852961988ED"
CHR DefaultSearchURL: (		"name":	"AVG Secure Search",) - 		"search_url":	"hxxp://mysearch.avg.com/search?cid={63266DDC-7A42-4316-ACBE-38235F8DEE96}&mid=1c8891b81c7f47d38c5741affcf9b70a-a0c0374748ecb84be9e135bcee296be67896a3dd&lang=de&ds=ub011&coid=avgtbdisub&pr=sa&d=2013-10-01 08:47:00&v=17.0.0.10&pid=safeguard&sg=0&sap=dsp&q={searchTerms}",
CHR DefaultSuggestURL: (		"name":	"AVG Secure Search",) - 		"suggest_url":	"hxxp://toolbar.avg.com/acp?q={searchTerms}&o=1"
CHR HKLM-x32\...\Chrome\Extension: [oejkcgajlodefenbbjdnaiahmbnnoole] - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\chrome-newtab-search.crx

==================== Services (Whitelisted) =================

S2 Apache2.4; C:\xampp\apache\bin\httpd.exe [22016 2012-08-18] (Apache Software Foundation)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2013-11-27] (AVAST Software)
R2 D_Link_DWA-140_WPS; C:\Program Files (x86)\D-Link\DWA-140 revB\ANIWConnService.exe [53248 2010-07-12] ()
R2 FolderSize; C:\Program Files\FolderSize\FolderSizeSvc.exe [167936 2010-04-05] (Brio)
R2 hMailServer; C:\Program Files (x86)\hMailServer\Bin\hMailServer.exe [5395968 2010-06-07] (hMailServer)
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.0.4555.0\AdAwareService.exe [517344 2013-10-18] ()
S2 MAGIX StartUp Analyze Service; C:\Program Files (x86)\MAGIX\PC_Check_Tuning_Free_2011\MXSAS.exe [186368 2010-11-04] (MAGIX AG)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 RichVideo; C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe [247152 2009-04-17] ()
R2 ezSharedSvc; C:\Windows\System32\ezsvc7.dll [x]

==================== Drivers (Whitelisted) ====================

R1 anodlwf; C:\Windows\System32\DRIVERS\anodlwfx.sys [15872 2011-02-21] ()
R2 aswFsBlk; C:\Windows\system32\drivers\aswFsBlk.sys [38984 2013-11-27] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [84328 2013-11-27] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2013-11-27] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2013-11-27] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1032416 2013-11-27] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [409832 2013-11-27] (AVAST Software)
R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65264 2013-11-27] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [205320 2013-11-27] ()
R3 gzflt; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\2.6.0.0\gzflt.sys [138232 2013-07-17] (BitDefender LLC)
R1 ISODrive; C:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [104912 2007-11-07] (EZB Systems, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 netr28ux; C:\Windows\System32\DRIVERS\Dnetr28ux.sys [1617472 2011-04-28] (Ralink Technology Corp.)
S3 PAC7311; C:\Windows\System32\DRIVERS\PA707UCM.SYS [602112 2006-11-08] (PixArt Imaging Inc.)
R3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [329800 2013-07-17] (BitDefender S.R.L.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S3 ATIXPGAA; \??\C:\Program Files\PC-Doctor for Windows\ATIXPGAA.SYS [x]
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
R3 cpuz132; \??\C:\Users\Savitri\AppData\Local\Temp\cpuz132\cpuz132_x64.sys [x]
U3 DfSdkS; 
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-12-03 13:37 - 2013-12-03 13:39 - 00019880 _____ C:\Users\Savitri\Desktop\FRST.txt
2013-12-03 13:34 - 2013-12-01 10:28 - 01959184 _____ (Farbar) C:\Users\Savitri\Desktop\FRST64.exe
2013-12-02 19:19 - 2013-12-02 19:18 - 00891184 _____ C:\Users\Savitri\Desktop\SecurityCheck.exe
2013-12-02 19:18 - 2013-12-02 19:18 - 00891184 _____ C:\Users\Savitri\Downloads\SecurityCheck.exe
2013-12-02 11:01 - 2013-12-02 11:01 - 02347384 _____ (ESET) C:\Users\Savitri\Downloads\esetsmartinstaller_enu(1).exe
2013-12-02 11:01 - 2013-12-02 11:01 - 02347384 _____ (ESET) C:\Users\Savitri\Desktop\esetsmartinstaller_enu(1).exe
2013-12-01 10:28 - 2013-12-01 10:28 - 01959184 _____ (Farbar) C:\Users\Savitri\Downloads\FRST64.exe
2013-12-01 09:08 - 2013-12-01 09:08 - 01034531 _____ (Thisisu) C:\Users\Savitri\Desktop\JRT.exe
2013-12-01 09:07 - 2013-12-01 09:08 - 01034531 _____ (Thisisu) C:\Users\Savitri\Downloads\JRT.exe
2013-12-01 07:17 - 2013-12-01 07:17 - 01091882 _____ C:\Users\Savitri\Desktop\adwcleaner.exe
2013-11-29 06:49 - 2013-11-29 06:49 - 00347304 _____ (Microsoft Corporation) C:\Users\Savitri\Downloads\MicrosoftFixit.wu.LB.37309131362400810.1.1.Run.exe
2013-11-28 22:53 - 2013-11-28 22:53 - 00056750 _____ C:\ComboFix.txt
2013-11-28 22:29 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2013-11-28 22:29 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2013-11-28 22:29 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2013-11-28 22:29 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2013-11-28 22:29 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2013-11-28 22:29 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2013-11-28 22:29 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2013-11-28 22:29 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2013-11-28 22:24 - 2013-11-28 22:53 - 00000000 ____D C:\Qoobox
2013-11-28 22:24 - 2013-11-28 22:51 - 00000000 ____D C:\Windows\erdnt
2013-11-28 22:23 - 2013-11-28 22:23 - 05150163 ____R (Swearware) C:\Users\Savitri\Desktop\ComboFix.exe
2013-11-28 21:58 - 2013-11-28 21:58 - 00486096 _____ C:\Windows\Minidump\112813-29796-01.dmp
2013-11-28 16:35 - 2013-11-28 16:35 - 00000938 _____ C:\Users\Savitri\Desktop\7-Zip File Manager.lnk
2013-11-28 16:32 - 2013-11-28 16:32 - 01110476 _____ C:\Users\Savitri\Downloads\7z920.exe
2013-11-28 16:32 - 2013-11-28 16:32 - 00000000 ____D C:\Program Files (x86)\7-Zip
2013-11-28 15:32 - 2013-11-28 15:32 - 00377856 _____ C:\Users\Savitri\Desktop\gmer_2.1.19163.exe
2013-11-28 15:27 - 2013-11-28 15:27 - 00000000 ____D C:\FRST
2013-11-28 15:26 - 2013-11-28 15:26 - 00000000 _____ C:\Users\Savitri\defogger_reenable
2013-11-28 15:24 - 2013-11-28 15:24 - 00050477 _____ C:\Users\Savitri\Desktop\Defogger.exe
2013-11-28 07:32 - 2013-11-28 07:32 - 04101441 _____ C:\Users\Savitri\Downloads\tdsskiller(1).zip
2013-11-28 07:28 - 2013-11-28 07:28 - 04101441 _____ C:\Users\Savitri\Downloads\tdsskiller.zip
2013-11-28 07:24 - 2013-11-28 07:23 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Savitri\Desktop\tdsskiller.exe
2013-11-28 07:23 - 2013-11-28 07:23 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Savitri\Downloads\tdsskiller.exe
2013-11-27 21:47 - 2013-11-27 21:47 - 00602112 _____ (OldTimer Tools) C:\Users\Savitri\Desktop\OTL.exe
2013-11-27 21:38 - 2013-11-27 21:38 - 02347384 _____ (ESET) C:\Users\Savitri\Downloads\esetsmartinstaller_enu.exe
2013-11-27 18:59 - 2013-11-27 18:59 - 00001071 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-11-27 18:59 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-11-27 18:55 - 2013-11-27 18:55 - 00000000 ____D C:\Users\Savitri\AppData\Roaming\LavasoftStatistics
2013-11-27 17:19 - 2013-11-27 17:19 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Savitri\Downloads\mbam-setup-1.75.0.1300.exe
2013-11-27 17:12 - 2013-11-27 17:12 - 00001289 _____ C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2013-11-27 17:11 - 2013-11-27 17:11 - 00000000 ____D C:\Users\Savitri\AppData\Roaming\SecureSearch
2013-11-27 17:11 - 2013-11-27 17:11 - 00000000 ____D C:\ProgramData\Ad-Aware Browsing Protection
2013-11-27 17:11 - 2013-11-27 17:11 - 00000000 ____D C:\Program Files\Lavasoft
2013-11-27 17:10 - 2013-11-27 17:10 - 00000000 ____D C:\Program Files (x86)\Lavasoft
2013-11-27 17:09 - 2013-11-27 17:09 - 00000000 ____D C:\Users\Savitri\AppData\Roaming\Lavasoft
2013-11-27 17:09 - 2013-11-27 17:09 - 00000000 ____D C:\Program Files\Common Files\Lavasoft
2013-11-27 17:08 - 2013-11-27 17:08 - 01724552 _____ C:\Users\Savitri\Downloads\Adaware_Installer_11.exe
2013-11-27 17:08 - 2013-11-27 17:08 - 00000000 ____D C:\ProgramData\Lavasoft
2013-11-27 16:45 - 2013-12-02 06:49 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-11-27 16:45 - 2013-11-27 16:45 - 00001928 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-11-27 16:45 - 2013-11-27 16:45 - 00000000 ____D C:\Users\Savitri\AppData\Roaming\AVAST Software
2013-11-27 16:45 - 2013-11-27 16:44 - 01032416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-11-27 16:45 - 2013-11-27 16:44 - 00409832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-11-27 16:45 - 2013-11-27 16:44 - 00205320 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-11-27 16:45 - 2013-11-27 16:44 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-11-27 16:45 - 2013-11-27 16:44 - 00084328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-11-27 16:45 - 2013-11-27 16:44 - 00065776 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-11-27 16:45 - 2013-11-27 16:44 - 00065264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-11-27 16:45 - 2013-11-27 16:44 - 00038984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-11-27 16:44 - 2013-11-27 16:44 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-11-27 16:44 - 2013-11-27 16:44 - 00000000 ____D C:\Program Files\AVAST Software
2013-11-27 16:42 - 2013-11-27 16:42 - 00000000 ____D C:\ProgramData\AVAST Software
2013-11-27 16:40 - 2013-11-27 16:42 - 87529432 _____ (AVAST Software) C:\Users\Savitri\Downloads\avast_free_antivirus_setup2008.exe
2013-11-27 13:06 - 2013-11-27 13:06 - 01059840 _____ C:\Users\Savitri\Downloads\MicrosoftFixit50981.msi
2013-11-26 17:38 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2013-11-26 17:34 - 2013-11-26 17:34 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-26 17:34 - 2013-11-26 17:34 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-26 17:33 - 2013-11-26 17:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-26 17:33 - 2013-11-26 17:33 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-26 17:33 - 2013-11-26 17:33 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-26 17:33 - 2013-11-26 17:33 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-26 17:33 - 2013-11-26 17:33 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-26 17:33 - 2013-11-26 17:33 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-26 17:33 - 2013-11-26 17:33 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-26 17:33 - 2013-11-26 17:33 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-26 17:33 - 2013-11-26 17:33 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-26 17:33 - 2013-11-26 17:33 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-26 17:33 - 2013-11-26 17:33 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-26 17:33 - 2013-11-26 17:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-26 17:33 - 2013-11-26 17:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-26 17:33 - 2013-11-26 17:33 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-26 17:33 - 2013-11-26 17:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-26 17:33 - 2013-11-26 17:33 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-26 17:33 - 2013-11-26 17:33 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-26 17:33 - 2013-11-26 17:33 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-26 17:33 - 2013-11-26 17:33 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-26 17:33 - 2013-11-26 17:33 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-26 17:33 - 2013-11-26 17:33 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-26 17:33 - 2013-11-26 17:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-26 17:33 - 2013-11-26 17:33 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-26 17:33 - 2013-11-26 17:33 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-26 17:33 - 2013-11-26 17:33 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-26 17:33 - 2013-11-26 17:33 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-26 17:31 - 2013-11-26 17:38 - 00010074 _____ C:\Windows\IE11_main.log
2013-11-22 15:48 - 2013-11-22 15:48 - 01071224 _____ (Solid State Networks) C:\Users\Savitri\Downloads\install_flashplayer11x32au_mssd_aaa_aih.exe
2013-11-17 15:35 - 2013-11-17 15:35 - 00001019 _____ C:\Users\Savitri\Desktop\Notepad++.lnk
2013-11-16 08:35 - 2013-11-16 08:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-14 07:42 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-14 07:42 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-14 07:42 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-14 07:42 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-14 07:42 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-14 07:42 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-14 07:42 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-14 07:42 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-14 07:42 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-11-14 07:42 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-14 07:42 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-11-14 07:42 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-11-14 07:42 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-14 07:42 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-11-14 07:41 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-14 07:41 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-14 07:41 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-14 07:41 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-14 07:41 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-14 07:41 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-14 07:41 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-11-14 07:41 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-11-14 07:41 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-14 07:41 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-14 07:41 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-14 07:40 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-14 07:40 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-14 07:40 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-14 07:40 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-14 07:40 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-10 09:18 - 2013-11-10 09:18 - 00001745 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-11-10 09:17 - 2013-11-10 09:18 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-10 09:17 - 2013-11-10 09:18 - 00000000 ____D C:\Program Files\iTunes
2013-11-10 09:17 - 2013-11-10 09:18 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-11-10 09:17 - 2013-11-10 09:17 - 00000000 ____D C:\Program Files\iPod
2013-11-08 15:46 - 2013-11-08 15:46 - 00000000 ____D C:\Program Files (x86)\Mathe5

==================== One Month Modified Files and Folders =======

2013-12-03 13:41 - 2013-12-03 13:37 - 00019880 _____ C:\Users\Savitri\Desktop\FRST.txt
2013-12-03 13:23 - 2009-12-13 15:50 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-03 13:19 - 2013-04-25 14:35 - 00000000 ____D C:\Users\Savitri\AppData\Roaming\Skype
2013-12-03 13:02 - 2009-10-07 19:23 - 01375125 _____ C:\Windows\WindowsUpdate.log
2013-12-03 13:01 - 2013-03-25 22:05 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-12-03 10:57 - 2012-09-09 18:56 - 00003946 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{10F27B3E-2E9E-47DB-ADB4-4D06C7998B75}
2013-12-03 10:56 - 2010-07-03 09:14 - 00167971 _____ C:\Windows\setupact.log
2013-12-03 07:19 - 2009-12-13 15:50 - 00001108 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-02 19:18 - 2013-12-02 19:19 - 00891184 _____ C:\Users\Savitri\Desktop\SecurityCheck.exe
2013-12-02 19:18 - 2013-12-02 19:18 - 00891184 _____ C:\Users\Savitri\Downloads\SecurityCheck.exe
2013-12-02 11:02 - 2009-09-12 04:13 - 00718394 _____ C:\Windows\system32\perfh007.dat
2013-12-02 11:02 - 2009-09-12 04:13 - 00158028 _____ C:\Windows\system32\perfc007.dat
2013-12-02 11:02 - 2009-07-14 06:13 - 01672424 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-02 11:01 - 2013-12-02 11:01 - 02347384 _____ (ESET) C:\Users\Savitri\Downloads\esetsmartinstaller_enu(1).exe
2013-12-02 11:01 - 2013-12-02 11:01 - 02347384 _____ (ESET) C:\Users\Savitri\Desktop\esetsmartinstaller_enu(1).exe
2013-12-02 06:49 - 2013-11-27 16:45 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2013-12-01 10:28 - 2013-12-03 13:34 - 01959184 _____ (Farbar) C:\Users\Savitri\Desktop\FRST64.exe
2013-12-01 10:28 - 2013-12-01 10:28 - 01959184 _____ (Farbar) C:\Users\Savitri\Downloads\FRST64.exe
2013-12-01 09:13 - 2009-07-14 05:45 - 00015792 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-01 09:13 - 2009-07-14 05:45 - 00015792 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-01 09:09 - 2013-10-01 07:07 - 00000000 ____D C:\Windows\ERUNT
2013-12-01 09:08 - 2013-12-01 09:08 - 01034531 _____ (Thisisu) C:\Users\Savitri\Desktop\JRT.exe
2013-12-01 09:08 - 2013-12-01 09:07 - 01034531 _____ (Thisisu) C:\Users\Savitri\Downloads\JRT.exe
2013-12-01 09:04 - 2013-05-03 13:49 - 00000440 _____ C:\Windows\Tasks\PCCT - MAGIX AG.job
2013-12-01 09:04 - 2009-12-18 14:19 - 00000324 _____ C:\Windows\Brownie.ini
2013-12-01 09:04 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-01 08:56 - 2013-09-30 15:40 - 00000000 ____D C:\AdwCleaner
2013-12-01 07:17 - 2013-12-01 07:17 - 01091882 _____ C:\Users\Savitri\Desktop\adwcleaner.exe
2013-11-30 23:06 - 2012-10-01 16:39 - 00000000 ____D C:\Users\Savitri\Documents\My Podcasts
2013-11-30 11:01 - 2009-10-31 14:14 - 00000552 _____ C:\Windows\Tasks\PCDRScheduledMaintenance.job
2013-11-30 08:53 - 2013-03-15 16:16 - 00000000 ____D C:\Users\Savitri\Desktop\Lernprogramme
2013-11-30 08:39 - 2009-10-31 22:28 - 00000000 ____D C:\Users\Savitri\AppData\Roaming\FileZilla
2013-11-29 06:49 - 2013-11-29 06:49 - 00347304 _____ (Microsoft Corporation) C:\Users\Savitri\Downloads\MicrosoftFixit.wu.LB.37309131362400810.1.1.Run.exe
2013-11-28 22:53 - 2013-11-28 22:53 - 00056750 _____ C:\ComboFix.txt
2013-11-28 22:53 - 2013-11-28 22:24 - 00000000 ____D C:\Qoobox
2013-11-28 22:53 - 2009-11-19 14:25 - 00000000 ____D C:\Users\Jolanda
2013-11-28 22:53 - 2009-07-14 04:20 - 00000000 __RHD C:\Users\Default
2013-11-28 22:51 - 2013-11-28 22:24 - 00000000 ____D C:\Windows\erdnt
2013-11-28 22:51 - 2009-10-31 13:47 - 00000000 ___RD C:\Users\Savitri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-11-28 22:46 - 2009-07-14 03:34 - 00000215 _____ C:\Windows\system.ini
2013-11-28 22:42 - 2010-07-04 07:26 - 00652228 _____ C:\Windows\PFRO.log
2013-11-28 22:42 - 2009-07-14 03:34 - 91226112 _____ C:\Windows\system32\config\SOFTWARE.bak
2013-11-28 22:42 - 2009-07-14 03:34 - 17301504 _____ C:\Windows\system32\config\SYSTEM.bak
2013-11-28 22:42 - 2009-07-14 03:34 - 00786432 _____ C:\Windows\system32\config\DEFAULT.bak
2013-11-28 22:42 - 2009-07-14 03:34 - 00262144 _____ C:\Windows\system32\config\SECURITY.bak
2013-11-28 22:42 - 2009-07-14 03:34 - 00262144 _____ C:\Windows\system32\config\SAM.bak
2013-11-28 22:23 - 2013-11-28 22:23 - 05150163 ____R (Swearware) C:\Users\Savitri\Desktop\ComboFix.exe
2013-11-28 21:58 - 2013-11-28 21:58 - 00486096 _____ C:\Windows\Minidump\112813-29796-01.dmp
2013-11-28 21:58 - 2010-11-21 16:43 - 00000000 ____D C:\Windows\Minidump
2013-11-28 21:57 - 2010-11-21 16:43 - 691860622 _____ C:\Windows\MEMORY.DMP
2013-11-28 20:24 - 2011-11-10 17:10 - 00000000 _____ C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2013-11-28 20:24 - 2009-11-01 20:27 - 00000052 _____ C:\Windows\SysWOW64\DOErrors.log
2013-11-28 16:35 - 2013-11-28 16:35 - 00000938 _____ C:\Users\Savitri\Desktop\7-Zip File Manager.lnk
2013-11-28 16:32 - 2013-11-28 16:32 - 01110476 _____ C:\Users\Savitri\Downloads\7z920.exe
2013-11-28 16:32 - 2013-11-28 16:32 - 00000000 ____D C:\Program Files (x86)\7-Zip
2013-11-28 15:32 - 2013-11-28 15:32 - 00377856 _____ C:\Users\Savitri\Desktop\gmer_2.1.19163.exe
2013-11-28 15:27 - 2013-11-28 15:27 - 00000000 ____D C:\FRST
2013-11-28 15:26 - 2013-11-28 15:26 - 00000000 _____ C:\Users\Savitri\defogger_reenable
2013-11-28 15:26 - 2009-10-31 13:36 - 00000000 ____D C:\Users\Savitri
2013-11-28 15:24 - 2013-11-28 15:24 - 00050477 _____ C:\Users\Savitri\Desktop\Defogger.exe
2013-11-28 07:32 - 2013-11-28 07:32 - 04101441 _____ C:\Users\Savitri\Downloads\tdsskiller(1).zip
2013-11-28 07:31 - 2009-11-10 08:17 - 00000000 ____D C:\ProgramData\WinZip
2013-11-28 07:28 - 2013-11-28 07:28 - 04101441 _____ C:\Users\Savitri\Downloads\tdsskiller.zip
2013-11-28 07:26 - 2013-10-07 15:35 - 00000000 ____D C:\Users\Savitri\AppData\Local\WinZip
2013-11-28 07:23 - 2013-11-28 07:24 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Savitri\Desktop\tdsskiller.exe
2013-11-28 07:23 - 2013-11-28 07:23 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Savitri\Downloads\tdsskiller.exe
2013-11-27 21:47 - 2013-11-27 21:47 - 00602112 _____ (OldTimer Tools) C:\Users\Savitri\Desktop\OTL.exe
2013-11-27 21:38 - 2013-11-27 21:38 - 02347384 _____ (ESET) C:\Users\Savitri\Downloads\esetsmartinstaller_enu.exe
2013-11-27 18:59 - 2013-11-27 18:59 - 00001071 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-11-27 18:59 - 2010-06-27 14:49 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-11-27 18:55 - 2013-11-27 18:55 - 00000000 ____D C:\Users\Savitri\AppData\Roaming\LavasoftStatistics
2013-11-27 17:19 - 2013-11-27 17:19 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Savitri\Downloads\mbam-setup-1.75.0.1300.exe
2013-11-27 17:12 - 2013-11-27 17:12 - 00001289 _____ C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2013-11-27 17:11 - 2013-11-27 17:11 - 00000000 ____D C:\Users\Savitri\AppData\Roaming\SecureSearch
2013-11-27 17:11 - 2013-11-27 17:11 - 00000000 ____D C:\ProgramData\Ad-Aware Browsing Protection
2013-11-27 17:11 - 2013-11-27 17:11 - 00000000 ____D C:\Program Files\Lavasoft
2013-11-27 17:10 - 2013-11-27 17:10 - 00000000 ____D C:\Program Files (x86)\Lavasoft
2013-11-27 17:09 - 2013-11-27 17:09 - 00000000 ____D C:\Users\Savitri\AppData\Roaming\Lavasoft
2013-11-27 17:09 - 2013-11-27 17:09 - 00000000 ____D C:\Program Files\Common Files\Lavasoft
2013-11-27 17:08 - 2013-11-27 17:08 - 01724552 _____ C:\Users\Savitri\Downloads\Adaware_Installer_11.exe
2013-11-27 17:08 - 2013-11-27 17:08 - 00000000 ____D C:\ProgramData\Lavasoft
2013-11-27 16:58 - 2009-11-12 13:50 - 01638416 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2013-11-27 16:45 - 2013-11-27 16:45 - 00001928 _____ C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2013-11-27 16:45 - 2013-11-27 16:45 - 00000000 ____D C:\Users\Savitri\AppData\Roaming\AVAST Software
2013-11-27 16:44 - 2013-11-27 16:45 - 01032416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2013-11-27 16:44 - 2013-11-27 16:45 - 00409832 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2013-11-27 16:44 - 2013-11-27 16:45 - 00205320 _____ C:\Windows\system32\Drivers\aswVmm.sys
2013-11-27 16:44 - 2013-11-27 16:45 - 00092544 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2013-11-27 16:44 - 2013-11-27 16:45 - 00084328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2013-11-27 16:44 - 2013-11-27 16:45 - 00065776 _____ C:\Windows\system32\Drivers\aswRvrt.sys
2013-11-27 16:44 - 2013-11-27 16:45 - 00065264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2013-11-27 16:44 - 2013-11-27 16:45 - 00038984 _____ (AVAST Software) C:\Windows\system32\Drivers\aswFsBlk.sys
2013-11-27 16:44 - 2013-11-27 16:44 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2013-11-27 16:44 - 2013-11-27 16:44 - 00000000 ____D C:\Program Files\AVAST Software
2013-11-27 16:44 - 2011-06-09 08:28 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2013-11-27 16:42 - 2013-11-27 16:42 - 00000000 ____D C:\ProgramData\AVAST Software
2013-11-27 16:42 - 2013-11-27 16:40 - 87529432 _____ (AVAST Software) C:\Users\Savitri\Downloads\avast_free_antivirus_setup2008.exe
2013-11-27 13:06 - 2013-11-27 13:06 - 01059840 _____ C:\Users\Savitri\Downloads\MicrosoftFixit50981.msi
2013-11-27 07:20 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2013-11-27 06:44 - 2009-10-31 13:47 - 00001383 _____ C:\Users\Savitri\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-11-27 06:41 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-11-26 17:38 - 2013-11-26 17:31 - 00010074 _____ C:\Windows\IE11_main.log
2013-11-26 17:34 - 2013-11-26 17:34 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2013-11-26 17:34 - 2013-11-26 17:34 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-26 17:33 - 2013-11-26 17:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-26 17:33 - 2013-11-26 17:33 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-11-26 17:33 - 2013-11-26 17:33 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-11-26 17:33 - 2013-11-26 17:33 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-11-26 17:33 - 2013-11-26 17:33 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-11-26 17:33 - 2013-11-26 17:33 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-11-26 17:33 - 2013-11-26 17:33 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-11-26 17:33 - 2013-11-26 17:33 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-26 17:33 - 2013-11-26 17:33 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-11-26 17:33 - 2013-11-26 17:33 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-11-26 17:33 - 2013-11-26 17:33 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-11-26 17:33 - 2013-11-26 17:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-11-26 17:33 - 2013-11-26 17:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-11-26 17:33 - 2013-11-26 17:33 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-11-26 17:33 - 2013-11-26 17:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2013-11-26 17:33 - 2013-11-26 17:33 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-11-26 17:33 - 2013-11-26 17:33 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-26 17:33 - 2013-11-26 17:33 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-11-26 17:33 - 2013-11-26 17:33 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-11-26 17:33 - 2013-11-26 17:33 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-26 17:33 - 2013-11-26 17:33 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-11-26 17:33 - 2013-11-26 17:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-11-26 17:33 - 2013-11-26 17:33 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-11-26 17:33 - 2013-11-26 17:33 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-11-26 17:33 - 2013-11-26 17:33 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-11-26 17:33 - 2013-11-26 17:33 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-11-26 17:33 - 2013-11-26 17:33 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2013-11-24 19:23 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2013-11-24 15:28 - 2009-11-09 10:41 - 00000000 ____D C:\Users\Savitri\AppData\Roaming\Audacity
2013-11-24 10:35 - 2013-05-28 17:46 - 00000000 ____D C:\CD_OD
2013-11-24 10:35 - 2013-05-26 13:50 - 00000000 ____D C:\mp-aufmerksamkeit
2013-11-24 09:00 - 2013-05-28 12:51 - 00000000 ____D C:\mp-od
2013-11-22 17:33 - 2013-05-29 15:44 - 00000000 ____D C:\CD_OG
2013-11-22 17:17 - 2013-05-29 15:44 - 00000000 ____D C:\mp-OG
2013-11-22 16:59 - 2013-06-04 06:15 - 00000000 ____D C:\CD_Lega
2013-11-22 16:43 - 2013-06-04 06:15 - 00000000 ____D C:\mp-lega
2013-11-22 16:43 - 2011-11-11 14:02 - 00000000 ____D C:\mp-lesen1
2013-11-22 15:48 - 2013-11-22 15:48 - 01071224 _____ (Solid State Networks) C:\Users\Savitri\Downloads\install_flashplayer11x32au_mssd_aaa_aih.exe
2013-11-22 10:37 - 2012-05-12 10:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-20 17:14 - 2013-05-26 14:52 - 00000000 ____D C:\CD_aufmerksamkeit
2013-11-19 03:33 - 2009-10-31 14:08 - 00267936 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-11-18 10:50 - 2009-10-31 20:11 - 00000000 ____D C:\Users\Savitri\Documents\Schule
2013-11-17 15:35 - 2013-11-17 15:35 - 00001019 _____ C:\Users\Savitri\Desktop\Notepad++.lnk
2013-11-17 15:35 - 2012-06-25 11:51 - 00000000 ____D C:\Users\Savitri\AppData\Roaming\Notepad++
2013-11-16 08:35 - 2013-11-16 08:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-15 17:49 - 2012-10-07 06:52 - 00000000 ____D C:\CD7
2013-11-15 03:12 - 2009-10-31 16:29 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-15 03:10 - 2013-08-10 18:09 - 00000000 ____D C:\Windows\system32\MRT
2013-11-15 03:04 - 2009-11-01 08:44 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-13 19:17 - 2012-08-16 13:06 - 00000000 ____D C:\mp-rechtschreibung2
2013-11-13 16:47 - 2012-10-08 15:35 - 00000000 ____D C:\mp-lesen7
2013-11-12 16:12 - 2012-09-22 14:27 - 00000000 ____D C:\vorlagen 22.9.12
2013-11-11 14:20 - 2012-10-12 12:31 - 00000000 ____D C:\mp-mathe5
2013-11-10 14:28 - 2013-09-24 07:29 - 00000000 ____D C:\Users\Savitri\Documents\Lernprogramme-Rechnungen
2013-11-10 09:18 - 2013-11-10 09:18 - 00001745 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-11-10 09:18 - 2013-11-10 09:17 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-11-10 09:18 - 2013-11-10 09:17 - 00000000 ____D C:\Program Files\iTunes
2013-11-10 09:18 - 2013-11-10 09:17 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-11-10 09:17 - 2013-11-10 09:17 - 00000000 ____D C:\Program Files\iPod
2013-11-08 15:46 - 2013-11-08 15:46 - 00000000 ____D C:\Program Files (x86)\Mathe5
2013-11-06 14:45 - 2010-03-30 07:58 - 00000000 ____D C:\ProgramData\Skype
2013-11-06 14:44 - 2013-02-23 20:02 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-11-05 13:57 - 2012-04-30 12:10 - 00000000 ____D C:\CD4
2013-11-03 10:10 - 2010-08-09 06:58 - 00000000 ____D C:\Users\Savitri\Documents\Kueche

Some content of TEMP:
====================
C:\Users\Savitri\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-11-30 09:23

==================== End Of Log ============================
         
--- --- ---


Gruss Jola

Alt 04.12.2013, 10:27   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Windows Sicherheitscenter kann wieder nicht mehr aktiviert werden - Standard

Windows Sicherheitscenter kann wieder nicht mehr aktiviert werden



Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
C:\Program Files\Enigma Software Group
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.




Fertig

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 04.12.2013, 13:43   #11
jola58
 
Windows Sicherheitscenter kann wieder nicht mehr aktiviert werden - Standard

Windows Sicherheitscenter kann wieder nicht mehr aktiviert werden



Hallo Schrauber,

Hier das fixlog.txt - file:

Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 01-12-2013
Ran by Savitri at 2013-12-04 13:23:56 Run:1
Running from C:\Users\Savitri\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [x]
C:\Program Files\Enigma Software Group
         
*****************

esgiguard => Service deleted successfully.
C:\Program Files\Enigma Software Group => Moved successfully.

==== End of Fixlog ====
         
Du schreibst, man soll nur ein Antiviren-Programm installieren. Ich habe Awast und Ad-Aware. Welches soll ich behalten?

Gruss Jola

Alt 05.12.2013, 08:47   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Windows Sicherheitscenter kann wieder nicht mehr aktiviert werden - Standard

Windows Sicherheitscenter kann wieder nicht mehr aktiviert werden



Avast
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 05.12.2013, 10:43   #13
jola58
 
Windows Sicherheitscenter kann wieder nicht mehr aktiviert werden - Standard

Windows Sicherheitscenter kann wieder nicht mehr aktiviert werden



Hallo schrauber,

Soweit ich sehen kann, ist nun alles in Ordnung. Für deine Hilfe möchte ich mich ganz herzlich bedanken.

Gruss Jola

Alt 06.12.2013, 09:24   #14
schrauber
/// the machine
/// TB-Ausbilder
 

Windows Sicherheitscenter kann wieder nicht mehr aktiviert werden - Standard

Windows Sicherheitscenter kann wieder nicht mehr aktiviert werden



Gern Geschehen
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Windows Sicherheitscenter kann wieder nicht mehr aktiviert werden
ad-aware, adblock, adobe, antivirus, avast, avg, browser, cid, defender, explorer, firefox, flash player, home, homepage, kaspersky, mozilla, problem, registry, scan, secure search, security, services.exe, software, system, temp, virus, windows



Ähnliche Themen: Windows Sicherheitscenter kann wieder nicht mehr aktiviert werden


  1. Windows Firewall kann nicht aktiviert werden
    Log-Analyse und Auswertung - 15.09.2015 (15)
  2. Windows Firewall kann nicht aktiviert werden
    Antiviren-, Firewall- und andere Schutzprogramme - 04.09.2015 (46)
  3. Windows 7: Sicherheitscenter kann nicht aktiviert werden, Avira funktioniert nicht mehr
    Log-Analyse und Auswertung - 24.06.2015 (13)
  4. Windows 7: Nach BKA Trojaner Fehlermeldung beim Starten, Windows Sicherheitscenter kann nicht gestartet werden
    Log-Analyse und Auswertung - 18.11.2014 (9)
  5. Windows 7 (32bit): Virenfund und Windows Firewall kann nicht aktiviert werden
    Log-Analyse und Auswertung - 03.02.2014 (9)
  6. Windows Firewall kann nicht aktiviert werden
    Antiviren-, Firewall- und andere Schutzprogramme - 02.01.2014 (16)
  7. Windows-Sicherheitscenter war deaktiviert - nun kann ich Windows-Defender nicht mehr starten
    Log-Analyse und Auswertung - 20.12.2013 (13)
  8. Windows 7: Sicherheitscenter kann nicht aktiviert werden, Update funktioniert nicht mehr!
    Log-Analyse und Auswertung - 22.11.2013 (19)
  9. Windows 7 : Sicherheitscenter bleibt deaktiviert , Microsoft Security Essentials kann nicht gestartet werden
    Log-Analyse und Auswertung - 04.09.2013 (21)
  10. Windows Sicherheitscenter kann nicht gestartet werdem werden
    Plagegeister aller Art und deren Bekämpfung - 17.11.2012 (2)
  11. Windows Sicherheitscenter kann nicht gestartet werden
    Plagegeister aller Art und deren Bekämpfung - 12.11.2012 (33)
  12. Windows-Sicherheitscenter kann nicht aktiviert werden und Windows-Firewall Fehlercode 0x80070424
    Log-Analyse und Auswertung - 17.10.2012 (27)
  13. Redirect + Windows-Sicherheitscenter kann nicht gestartet werden
    Log-Analyse und Auswertung - 06.09.2012 (17)
  14. Firewall, Essentiel und Windows Defender können nicht mehr aktiviert werden
    Plagegeister aller Art und deren Bekämpfung - 08.06.2012 (1)
  15. Google Suchergebnisse werden weiter geleitet Windows 7 Firewall kann nicht mehr aktiviert werden
    Log-Analyse und Auswertung - 15.07.2011 (19)
  16. Goggle Redirects unter Firefox & Windows Sicherheitscenter kann nicht gestartet werden
    Log-Analyse und Auswertung - 19.04.2011 (16)
  17. Dienste in Windows XP können nicht mehr aktiviert werden
    Alles rund um Windows - 03.09.2010 (8)

Zum Thema Windows Sicherheitscenter kann wieder nicht mehr aktiviert werden - Seit gestern kann ich das Windows-Sicherheitscenter wieder nicht mehr aktivieren. Vor zwei Monaten hatte ich schon mal das Problem mit dem Virus ihavnet. Hier meine Log-Files: Code: Alles auswählen Aufklappen - Windows Sicherheitscenter kann wieder nicht mehr aktiviert werden...
Archiv
Du betrachtest: Windows Sicherheitscenter kann wieder nicht mehr aktiviert werden auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.