Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Mehrere Wörter erscheinen im Firefox und Explorer unterstrichen als Link

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 06.03.2014, 22:29   #1
wievik
 
Mehrere Wörter erscheinen im Firefox und Explorer unterstrichen als Link - Standard

Mehrere Wörter erscheinen im Firefox und Explorer unterstrichen als Link



Hallo und guten Abend,
habe seit ein paar Tagen das Problem, dass mehrere Wörter im Firefox sowie im IE unterstrichen und in blau erscheinen. Wenn man mit der Maus drüber geht, geht ein "kleines Fenster mit einem Grünen Pfeil" wo dann diverse Werbung erscheint. Z.b Download beschleunigen => SpeedAnalysis.net, oder The Hidden Facts About => eanswers.com. usw.
Also kann es passieren das auf einer Seite zig diverse unterstrichen Wörter erscheinen und alle Fenster unterschiedliche Werbung haben. Bin langsam am verzweifeln. Kann mir bitte einer helfen. Habe mich zwar versucht hier im Board etwas einzulesen, jedoch erscheint es mir, das die Lösungen hier wirklich individuell sind, und bevor ich irgend etwas falsch mache, wende ich mich hier mit der Bitte an die Profis. Danke im Voraus.

Alt 06.03.2014, 23:33   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Mehrere Wörter erscheinen im Firefox und Explorer unterstrichen als Link - Standard

Mehrere Wörter erscheinen im Firefox und Explorer unterstrichen als Link



Hallo und

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!




Zudem bitte auch ein Log mit Farbars Tool machen:

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)



Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 06.03.2014, 23:54   #3
wievik
 
Mehrere Wörter erscheinen im Firefox und Explorer unterstrichen als Link - Standard

Mehrere Wörter erscheinen im Firefox und Explorer unterstrichen als Link



FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-03-2014
Ran by Wiebe (administrator) on WIEBE-PC on 06-03-2014 23:49:49
Running from C:\Users\Wiebe\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(ASUSTeK Computer Inc.) C:\Windows\system32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
() c:\Program Files\SavingsbullFilter\SavingsbullFilterService64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(ASUS) C:\Program Files\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(ASUS) C:\Windows\AsScrPro.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 7500 E910\Bin\ScanToPCActivationApp.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Virage Logic Corporation / Sonic Focus) C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(ASUS) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems Incorporated) C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_12_0_0_70_ActiveX.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2213992 2011-05-12] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2587944 2010-12-31] (ELAN Microelectronics Corp.)
HKLM\...\Run: [IntelTBRunOnce] - wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM-x32\...\Run: [ASUSPRP] - C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2018032 2011-04-13] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] - C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe [731472 2011-02-23] (ecareme)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-13] (Intel Corporation)
HKLM-x32\...\Run: [SonicMasterTray] - C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe [984400 2010-07-10] (Virage Logic Corporation / Sonic Focus)
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [ATKOSD2] - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)
HKLM-x32\...\Run: [HControlUser] - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2255360 2011-06-10] (ASUS)
HKLM-x32\...\Run: [USBChargerPlusTray] - C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [496560 2011-04-19] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [UpdateLBPShortCut] - C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] - C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [VNT] - C:\Program Files (x86)\VNT\vntldr.exe [202192 2013-12-20] (APN LLC.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [ArcSoft Connection Service] - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2143194781-2833874438-559236793-1000\...\Run: [ISUSPM] - C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
HKU\S-1-5-21-2143194781-2833874438-559236793-1002\...\Run: [HP Officejet 7500 E910 (NET)] - C:\Program Files\HP\HP Officejet 7500 E910\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-2143194781-2833874438-559236793-1002\...\Run: [Xvid] - C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
BHO: No Name - {41564952-412D-5637-4300-7A786E7484D7} -  No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {41564952-412D-5637-4300-7A786E7484D7} -  No File
Toolbar: HKLM-x32 - No Name - {41564952-412D-5637-4300-7A786E7484D7} -  No File
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - No Name - {41564952-412D-5637-4300-7A786E7484D7} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Wiebe\AppData\Roaming\Mozilla\Firefox\Profiles\tom8mqxa.default-1393952867356
FF Homepage: https://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @nsroblox.roblox.com/launcher - C:\Users\Wiebe\AppData\Local\Roblox\Versions\version-9dddd6d1e4534c53\\NPRobloxProxy.dll ( ROBLOX Corporation)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Wiebe\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\awesomehp.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [irobinhood@irobinhood.org] - C:\Program Files (x86)\iRobinHood\iRobinHood Addon\irobinhood@irobinhood.org.xpi
FF HKLM-x32\...\Firefox\Extensions: [OKitSpace@OKitSpace.es] - C:\Users\Wiebe\AppData\Roaming\okitSpace\Firefox
FF HKLM-x32\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\Wiebe\AppData\Roaming\Mozilla\Firefox\Profiles\tloq7a8v.default\extensions\quick_start@gmail.com

==================== Services (Whitelisted) =================

R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1017424 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2013-12-20] (APN LLC.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [46904 2013-12-17] (Hewlett-Packard Company)
R2 SavingsbullFilterService64; c:\Program Files\SavingsbullFilter\SavingsbullFilterService64.exe [210432 2014-02-12] ()

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-09] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [84720 2013-12-09] (Avira Operations GmbH & Co. KG)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2012-06-22] ()
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R1 netfilter64; C:\Windows\System32\drivers\netfilter64.sys [61592 2013-12-17] (NetFilterSDK.com)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-06 23:49 - 2014-03-06 23:49 - 00015878 _____ () C:\Users\Wiebe\Desktop\FRST.txt
2014-03-06 23:11 - 2014-03-06 23:49 - 00000000 ____D () C:\FRST
2014-03-06 23:10 - 2014-03-06 23:10 - 02156544 _____ (Farbar) C:\Users\Wiebe\Desktop\FRST64.exe
2014-03-06 22:14 - 2014-03-06 22:15 - 00000000 ____D () C:\Users\Wiebe\AppData\Local\{7D7A83AC-A82E-4977-8C85-187E78FD0625}
2014-03-05 21:49 - 2014-03-05 21:49 - 00000000 ____D () C:\Users\Wiebe\AppData\Local\{A9774A77-4C32-445F-B4CE-CF716D6539D0}
2014-03-05 18:12 - 2014-03-06 17:03 - 00000112 _____ () C:\Windows\setupact.log
2014-03-05 18:12 - 2014-03-05 18:12 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-04 21:53 - 2014-03-04 21:53 - 00000000 _____ () C:\autoexec.bat
2014-03-04 21:52 - 2014-03-04 21:53 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-03-04 21:52 - 2014-03-04 21:52 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-03-04 21:52 - 2012-06-22 11:01 - 00022704 _____ () C:\Windows\system32\Drivers\EsgScanner.sys
2014-03-04 21:50 - 2014-03-04 21:50 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Wiebe\Downloads\SpyHunter-Installer.exe
2014-03-04 16:26 - 2014-03-04 16:26 - 00821760 _____ (Browser Opt-out) C:\Users\Wiebe\Downloads\uninstall.exe
2014-03-04 16:00 - 2014-03-04 16:19 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-03-03 00:35 - 2014-03-03 00:35 - 00000000 ____D () C:\Windows\ERUNT
2014-03-02 23:40 - 2014-03-04 16:00 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-02 23:40 - 2014-03-02 23:40 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-02 23:39 - 2014-03-04 16:19 - 00000000 ____D () C:\Users\Wiebe\Desktop\mbar
2014-03-02 23:39 - 2014-03-04 15:59 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-02 23:32 - 2014-03-02 23:32 - 01037734 _____ (Thisisu) C:\Users\Wiebe\Desktop\JRT.exe
2014-03-02 23:29 - 2014-03-02 23:29 - 01244192 _____ () C:\Users\Wiebe\Downloads\adwcleaner(1).exe
2014-03-02 23:24 - 2014-03-02 23:35 - 00000000 ____D () C:\Users\Wiebe\AppData\Roaming\Nico Mak Computing
2014-03-02 23:23 - 2014-03-02 23:23 - 04892480 _____ (WinZip International LLC ) C:\Users\Wiebe\Downloads\wzmp_8.exe
2014-03-02 11:16 - 2014-03-02 11:16 - 00000000 ____D () C:\Users\Wiebe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2014-03-02 01:01 - 2014-03-04 23:07 - 00000000 ____D () C:\AdwCleaner
2014-03-02 01:01 - 2014-03-02 01:01 - 01244192 _____ () C:\Users\Wiebe\Desktop\adwcleaner.exe
2014-03-01 23:15 - 2014-03-01 23:15 - 00000000 ____D () C:\Users\Wiebe\AppData\Local\Tuguu_SL
2014-03-01 23:11 - 2014-03-01 23:11 - 00376736 _____ () C:\Users\Wiebe\Downloads\Setup.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 17849344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 12345344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 09739264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 03695416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-03-01 08:26 - 2014-03-01 08:26 - 03695416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-03-01 08:26 - 2014-03-01 08:26 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-01 08:26 - 2014-03-01 08:26 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-01 08:26 - 2014-03-01 08:26 - 02334720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-01 08:26 - 2014-03-01 08:26 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-01 08:26 - 2014-03-01 08:26 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 01347072 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 01105408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-03-01 08:26 - 2014-03-01 08:26 - 00434176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00403248 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-03-01 08:26 - 2014-03-01 08:26 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00353584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00227840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00130560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00123392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00118784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00101888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-03-01 08:26 - 2014-03-01 08:26 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-03-01 08:26 - 2014-03-01 08:26 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-02-27 22:34 - 2014-03-02 01:03 - 00001051 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-02-27 22:34 - 2014-02-27 22:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-27 20:53 - 2014-03-06 23:49 - 28261522 _____ () C:\Windows\system32\SavingsBullFilterService.log
2014-02-27 20:53 - 2014-02-27 20:53 - 00000000 _____ () C:\Windows\SysWOW64\Service.log
2014-02-27 20:53 - 2014-02-27 20:53 - 00000000 _____ () C:\Windows\system32\Service.log
2014-02-25 18:49 - 2014-02-25 18:49 - 00001266 _____ () C:\Users\Wiebe\Desktop\Rettungswagen Simulator 2012 spielen.lnk
2014-02-25 18:33 - 2014-02-25 18:33 - 00000000 ____D () C:\Users\Wiebe\AppData\Roaming\Z-Software
2014-02-25 18:32 - 2014-02-25 18:32 - 00001248 _____ () C:\Users\Public\Desktop\Rettungswagen Simulator 2012 spielen.lnk
2014-02-25 18:32 - 2014-02-25 18:32 - 00000000 ____D () C:\ProgramData\Z-Software
2014-02-25 18:28 - 2014-02-25 18:32 - 00000000 ____D () C:\Program Files (x86)\Rettungswagen Simulator 2012
2014-02-25 18:25 - 2000-08-19 20:29 - 00268048 _____ (MetaCreations Corporation) C:\Windows\SysWOW64\dxtmeta2.dll
2014-02-24 22:55 - 2014-03-02 23:30 - 00000000 ____D () C:\Users\Wiebe\AppData\Local\Windows Live
2014-02-21 23:36 - 2014-02-21 23:59 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Exploit
2014-02-21 23:36 - 2014-02-21 23:36 - 01768696 _____ (Malwarebytes ) C:\Users\Wiebe\Downloads\nw_32531_mbaesetupexe.exe
2014-02-21 23:36 - 2013-07-16 03:41 - 01858896 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100d.dll
2014-02-21 23:36 - 2013-07-16 03:41 - 01498960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100d.dll
2014-02-21 23:36 - 2013-07-16 03:41 - 01014096 _____ (Microsoft Corporation) C:\Windows\system32\msvcp100d.dll
2014-02-21 23:36 - 2013-07-16 03:41 - 00743248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp100d.dll
2014-02-21 19:56 - 2014-02-21 19:56 - 00000000 ____D () C:\Users\Wiebe\AppData\Roaming\Google
2014-02-21 19:08 - 2014-02-21 19:08 - 00000043 _____ () C:\Users\Wiebe\AppData\Roaming\WB.CFG
2014-02-21 18:57 - 2014-03-04 23:08 - 00000284 _____ () C:\Windows\Tasks\FF Watcher {675B2A98-C100-4F4C-99FF-4CB08FC6A6E8}.job
2014-02-21 18:57 - 2014-03-04 16:26 - 00003264 _____ () C:\Windows\System32\Tasks\FF Watcher {675B2A98-C100-4F4C-99FF-4CB08FC6A6E8}
2014-02-21 18:55 - 2014-02-21 18:56 - 04719512 _____ () C:\Users\Wiebe\Downloads\installer_minecraft_Deutsch.exe
2014-02-18 18:05 - 2014-02-18 18:05 - 05987372 _____ () C:\Users\Wiebe\Downloads\CAT_Forte_Powerlift_2011.exe
2014-02-18 17:55 - 2014-02-18 17:55 - 04160754 _____ () C:\Users\Wiebe\Downloads\zzz_tipAnywhere.exe
2014-02-18 17:55 - 2014-02-18 17:55 - 00112180 _____ () C:\Users\Wiebe\Downloads\Sunflowers.exe
2014-02-18 17:52 - 2014-02-18 17:53 - 11187480 _____ () C:\Users\Wiebe\Downloads\CT3200XL.exe
2014-02-18 17:45 - 2014-02-18 17:45 - 01728324 _____ () C:\Users\Wiebe\Downloads\Chieftain_Fuel_Bowser_2011 zip.exe
2014-02-18 17:43 - 2014-02-18 17:43 - 18908016 _____ () C:\Users\Wiebe\Downloads\z_John_Deere_Servicetruck.exe
2014-02-18 17:42 - 2014-02-18 17:42 - 00104315 _____ () C:\Users\Wiebe\Downloads\WeserberglandMap_Unpack!!.exe
2014-02-18 17:41 - 2014-02-18 17:41 - 05741458 _____ () C:\Users\Wiebe\Downloads\DR21000.exe
2014-02-17 20:06 - 2014-02-17 20:06 - 02849949 _____ () C:\Users\Wiebe\Downloads\Veenhuis_Shuttle.exe
2014-02-17 20:05 - 2014-02-17 20:05 - 07572022 _____ () C:\Users\Wiebe\Downloads\John_Derre_500.exe
2014-02-17 19:54 - 2014-02-17 19:54 - 13529045 _____ () C:\Users\Wiebe\Downloads\ManTga.exe
2014-02-15 16:39 - 2014-02-27 22:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-13 21:22 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-13 21:22 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-13 21:22 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-13 21:22 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-13 21:22 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-13 21:22 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-13 21:22 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-13 21:22 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-13 21:22 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-13 21:22 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-13 21:22 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-13 21:22 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-13 21:22 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-13 21:22 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-13 21:22 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-13 21:22 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-13 21:22 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-13 21:22 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-13 21:22 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-13 21:22 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-13 21:22 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-13 21:22 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-13 21:22 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-13 21:22 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-13 21:22 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-13 21:22 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-13 21:22 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-13 21:22 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-06 22:42 - 2014-02-06 22:42 - 00175104 _____ () C:\Users\Wiebe\Downloads\dienstwagenrechner2011.xls

==================== One Month Modified Files and Folders =======

2014-03-06 23:49 - 2014-03-06 23:49 - 00015878 _____ () C:\Users\Wiebe\Desktop\FRST.txt
2014-03-06 23:49 - 2014-03-06 23:11 - 00000000 ____D () C:\FRST
2014-03-06 23:49 - 2014-02-27 20:53 - 28261522 _____ () C:\Windows\system32\SavingsBullFilterService.log
2014-03-06 23:38 - 2013-12-24 23:42 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-06 23:10 - 2014-03-06 23:10 - 02156544 _____ (Farbar) C:\Users\Wiebe\Desktop\FRST64.exe
2014-03-06 22:38 - 2013-12-24 22:42 - 01359815 _____ () C:\Windows\WindowsUpdate.log
2014-03-06 22:15 - 2014-03-06 22:14 - 00000000 ____D () C:\Users\Wiebe\AppData\Local\{7D7A83AC-A82E-4977-8C85-187E78FD0625}
2014-03-06 18:52 - 2014-01-23 17:49 - 00000000 ____D () C:\Users\Wiebe\Documents\German Truck Simulator
2014-03-06 18:38 - 2013-12-24 23:02 - 00045056 _____ () C:\Windows\system32\acovcnt.exe
2014-03-06 18:38 - 2013-12-24 16:32 - 00000000 ___HD () C:\ASUS.DAT
2014-03-06 17:11 - 2009-07-14 05:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-06 17:11 - 2009-07-14 05:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-06 17:03 - 2014-03-05 18:12 - 00000112 _____ () C:\Windows\setupact.log
2014-03-06 17:03 - 2013-12-24 22:48 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-06 17:03 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-05 21:49 - 2014-03-05 21:49 - 00000000 ____D () C:\Users\Wiebe\AppData\Local\{A9774A77-4C32-445F-B4CE-CF716D6539D0}
2014-03-05 18:12 - 2014-03-05 18:12 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-04 23:18 - 2013-12-27 14:04 - 00003930 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{9F7041A3-58B8-4506-9FF7-ABAF2630609B}
2014-03-04 23:08 - 2014-02-21 18:57 - 00000284 _____ () C:\Windows\Tasks\FF Watcher {675B2A98-C100-4F4C-99FF-4CB08FC6A6E8}.job
2014-03-04 23:07 - 2014-03-02 01:01 - 00000000 ____D () C:\AdwCleaner
2014-03-04 21:53 - 2014-03-04 21:53 - 00000000 _____ () C:\autoexec.bat
2014-03-04 21:53 - 2014-03-04 21:52 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-03-04 21:52 - 2014-03-04 21:52 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-03-04 21:50 - 2014-03-04 21:50 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Wiebe\Downloads\SpyHunter-Installer.exe
2014-03-04 16:26 - 2014-03-04 16:26 - 00821760 _____ (Browser Opt-out) C:\Users\Wiebe\Downloads\uninstall.exe
2014-03-04 16:26 - 2014-02-21 18:57 - 00003264 _____ () C:\Windows\System32\Tasks\FF Watcher {675B2A98-C100-4F4C-99FF-4CB08FC6A6E8}
2014-03-04 16:26 - 2014-01-23 21:56 - 00002774 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-03-04 16:26 - 2014-01-08 22:17 - 00003614 _____ () C:\Windows\System32\Tasks\HPCustParticipation HP Officejet 7500 E910
2014-03-04 16:26 - 2013-12-24 23:00 - 00003232 _____ () C:\Windows\System32\Tasks\SidebarExecute
2014-03-04 16:19 - 2014-03-04 16:00 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-03-04 16:19 - 2014-03-02 23:39 - 00000000 ____D () C:\Users\Wiebe\Desktop\mbar
2014-03-04 16:00 - 2014-03-02 23:40 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-04 15:59 - 2014-03-02 23:39 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-03 00:35 - 2014-03-03 00:35 - 00000000 ____D () C:\Windows\ERUNT
2014-03-02 23:55 - 2014-01-17 22:31 - 00000000 ____D () C:\Users\Wiebe\AppData\Roaming\speedtest4354
2014-03-02 23:55 - 2014-01-17 22:31 - 00000000 ____D () C:\Users\Wiebe\AppData\Roaming\freegames111
2014-03-02 23:40 - 2014-03-02 23:40 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-02 23:35 - 2014-03-02 23:24 - 00000000 ____D () C:\Users\Wiebe\AppData\Roaming\Nico Mak Computing
2014-03-02 23:32 - 2014-03-02 23:32 - 01037734 _____ (Thisisu) C:\Users\Wiebe\Desktop\JRT.exe
2014-03-02 23:30 - 2014-02-24 22:55 - 00000000 ____D () C:\Users\Wiebe\AppData\Local\Windows Live
2014-03-02 23:29 - 2014-03-02 23:29 - 01244192 _____ () C:\Users\Wiebe\Downloads\adwcleaner(1).exe
2014-03-02 23:23 - 2014-03-02 23:23 - 04892480 _____ (WinZip International LLC ) C:\Users\Wiebe\Downloads\wzmp_8.exe
2014-03-02 11:16 - 2014-03-02 11:16 - 00000000 ____D () C:\Users\Wiebe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2014-03-02 11:16 - 2013-12-25 20:23 - 00001352 _____ () C:\Users\Wiebe\Desktop\ROBLOX Player.lnk
2014-03-02 11:16 - 2013-12-25 20:22 - 00001171 _____ () C:\Users\Wiebe\Desktop\ROBLOX Studio 2013.lnk
2014-03-02 02:49 - 2009-07-29 07:03 - 00000000 ____D () C:\Windows\Panther
2014-03-02 01:03 - 2014-02-27 22:34 - 00001051 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-03-02 01:01 - 2014-03-02 01:01 - 01244192 _____ () C:\Users\Wiebe\Desktop\adwcleaner.exe
2014-03-01 23:24 - 2013-12-24 23:00 - 00001509 _____ () C:\Windows\system32\ServiceFilter.ini
2014-03-01 23:15 - 2014-03-01 23:15 - 00000000 ____D () C:\Users\Wiebe\AppData\Local\Tuguu_SL
2014-03-01 23:11 - 2014-03-01 23:11 - 00376736 _____ () C:\Users\Wiebe\Downloads\Setup.exe
2014-03-01 08:30 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-03-01 08:26 - 2014-03-01 08:26 - 17849344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 12345344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 09739264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 03695416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-03-01 08:26 - 2014-03-01 08:26 - 03695416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-03-01 08:26 - 2014-03-01 08:26 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-01 08:26 - 2014-03-01 08:26 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-01 08:26 - 2014-03-01 08:26 - 02334720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-01 08:26 - 2014-03-01 08:26 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-01 08:26 - 2014-03-01 08:26 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 01347072 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 01105408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-03-01 08:26 - 2014-03-01 08:26 - 00434176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00403248 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-03-01 08:26 - 2014-03-01 08:26 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00353584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00227840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00130560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00123392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00118784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00101888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-03-01 08:26 - 2014-03-01 08:26 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-03-01 08:26 - 2014-03-01 08:26 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-02-27 23:10 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\ar-SA
2014-02-27 23:10 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\ar-SA
2014-02-27 23:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\he-IL
2014-02-27 23:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\he-IL
2014-02-27 22:51 - 2009-07-14 06:08 - 00032572 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-27 22:34 - 2014-02-27 22:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-27 22:34 - 2014-02-15 16:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-27 22:34 - 2013-12-24 16:58 - 00000000 ____D () C:\Users\Wiebe\AppData\Roaming\Mozilla
2014-02-27 20:53 - 2014-02-27 20:53 - 00000000 _____ () C:\Windows\SysWOW64\Service.log
2014-02-27 20:53 - 2014-02-27 20:53 - 00000000 _____ () C:\Windows\system32\Service.log
2014-02-27 20:53 - 2014-01-31 20:41 - 00000000 ____D () C:\Program Files\SavingsbullFilter
2014-02-26 18:47 - 2014-01-06 22:06 - 01625524 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-26 18:47 - 2011-02-19 05:24 - 00711116 _____ () C:\Windows\system32\perfh007.dat
2014-02-26 18:47 - 2011-02-19 05:24 - 00153306 _____ () C:\Windows\system32\perfc007.dat
2014-02-26 18:47 - 2009-07-14 06:13 - 01625524 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-25 18:49 - 2014-02-25 18:49 - 00001266 _____ () C:\Users\Wiebe\Desktop\Rettungswagen Simulator 2012 spielen.lnk
2014-02-25 18:33 - 2014-02-25 18:33 - 00000000 ____D () C:\Users\Wiebe\AppData\Roaming\Z-Software
2014-02-25 18:32 - 2014-02-25 18:32 - 00001248 _____ () C:\Users\Public\Desktop\Rettungswagen Simulator 2012 spielen.lnk
2014-02-25 18:32 - 2014-02-25 18:32 - 00000000 ____D () C:\ProgramData\Z-Software
2014-02-25 18:32 - 2014-02-25 18:28 - 00000000 ____D () C:\Program Files (x86)\Rettungswagen Simulator 2012
2014-02-21 23:59 - 2014-02-21 23:36 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Exploit
2014-02-21 23:36 - 2014-02-21 23:36 - 01768696 _____ (Malwarebytes ) C:\Users\Wiebe\Downloads\nw_32531_mbaesetupexe.exe
2014-02-21 21:38 - 2013-12-24 23:42 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-21 21:38 - 2013-12-24 23:42 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-21 21:38 - 2013-12-24 23:42 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-21 21:22 - 2011-04-13 03:33 - 00000000 ____D () C:\Program Files\Google
2014-02-21 21:22 - 2011-04-13 03:33 - 00000000 ____D () C:\Program Files (x86)\Google
2014-02-21 19:56 - 2014-02-21 19:56 - 00000000 ____D () C:\Users\Wiebe\AppData\Roaming\Google
2014-02-21 19:56 - 2013-12-24 16:54 - 00000000 ____D () C:\Users\Wiebe\AppData\Local\Google
2014-02-21 19:16 - 2014-01-04 20:43 - 00000000 ____D () C:\Users\Wiebe\Documents\My Games
2014-02-21 19:16 - 2014-01-04 20:43 - 00000000 ____D () C:\Program Files (x86)\WarThunder
2014-02-21 19:08 - 2014-02-21 19:08 - 00000043 _____ () C:\Users\Wiebe\AppData\Roaming\WB.CFG
2014-02-21 18:57 - 2013-12-27 20:56 - 00000000 ____D () C:\Users\Wiebe\AppData\Roaming\.minecraft
2014-02-21 18:56 - 2014-02-21 18:55 - 04719512 _____ () C:\Users\Wiebe\Downloads\installer_minecraft_Deutsch.exe
2014-02-18 18:05 - 2014-02-18 18:05 - 05987372 _____ () C:\Users\Wiebe\Downloads\CAT_Forte_Powerlift_2011.exe
2014-02-18 17:55 - 2014-02-18 17:55 - 04160754 _____ () C:\Users\Wiebe\Downloads\zzz_tipAnywhere.exe
2014-02-18 17:55 - 2014-02-18 17:55 - 00112180 _____ () C:\Users\Wiebe\Downloads\Sunflowers.exe
2014-02-18 17:53 - 2014-02-18 17:52 - 11187480 _____ () C:\Users\Wiebe\Downloads\CT3200XL.exe
2014-02-18 17:45 - 2014-02-18 17:45 - 01728324 _____ () C:\Users\Wiebe\Downloads\Chieftain_Fuel_Bowser_2011 zip.exe
2014-02-18 17:43 - 2014-02-18 17:43 - 18908016 _____ () C:\Users\Wiebe\Downloads\z_John_Deere_Servicetruck.exe
2014-02-18 17:42 - 2014-02-18 17:42 - 00104315 _____ () C:\Users\Wiebe\Downloads\WeserberglandMap_Unpack!!.exe
2014-02-18 17:41 - 2014-02-18 17:41 - 05741458 _____ () C:\Users\Wiebe\Downloads\DR21000.exe
2014-02-17 21:40 - 2014-01-23 21:31 - 00000000 ____D () C:\Users\Wiebe\AppData\Roaming\TeamViewer
2014-02-17 20:06 - 2014-02-17 20:06 - 02849949 _____ () C:\Users\Wiebe\Downloads\Veenhuis_Shuttle.exe
2014-02-17 20:05 - 2014-02-17 20:05 - 07572022 _____ () C:\Users\Wiebe\Downloads\John_Derre_500.exe
2014-02-17 19:54 - 2014-02-17 19:54 - 13529045 _____ () C:\Users\Wiebe\Downloads\ManTga.exe
2014-02-17 18:16 - 2014-01-26 13:00 - 00000000 ____D () C:\Users\Wiebe\Documents\Flight Simulator X-Dateien
2014-02-17 00:38 - 2013-12-27 14:05 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-17 00:35 - 2013-12-27 14:05 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-07 22:40 - 2013-12-24 16:32 - 00060968 _____ () C:\Users\Wiebe\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-07 01:50 - 2014-01-06 22:07 - 00000000 ____D () C:\Users\Wiebe\AppData\Roaming\SoftGrid Client
2014-02-06 22:42 - 2014-02-06 22:42 - 00175104 _____ () C:\Users\Wiebe\Downloads\dienstwagenrechner2011.xls

Some content of TEMP:
====================
C:\Users\Wiebe\AppData\Local\Temp\avgnt.exe
C:\Users\Wiebe\AppData\Local\Temp\SHSetup.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-19 12:58

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---


Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-03-2014
Ran by Wiebe at 2014-03-06 23:13:01
Running from C:\Users\Wiebe\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
ASUS Power4Gear Hybrid (HKLM\...\{33B98264-A889-4913-A0CA-C364A75032B3}) (Version: 1.1.45 - ASUS)
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
ETDWare PS/2-X64 8.0.5.1_WHQL (HKLM\...\Elantech) (Version: 8.0.5.1 - ELAN Microelectronic Corp.)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.9 - ASUS)
HP Officejet 7500 E910 - Grundlegende Software für das Gerät (HKLM\...\{6B3982D8-8E88-4A42-B1C4-66B4E9B34CFB}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
Intel(R) Turbo Boost Technology Monitor 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
NVIDIA 3D Vision Driver 268.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 268.39 - NVIDIA Corporation)
NVIDIA Control Panel 268.39 (Version: 268.39 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 268.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 268.39 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.2.22.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.2.22.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.265.41.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.0.21 (Version: 1.0.21 - NVIDIA Corporation) Hidden
NVIDIA Update Components (Version: 1.0.21 - NVIDIA Corporation) Hidden
ROBLOX Player for Wiebe (HKCU\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - ROBLOX Corporation)
SavingsbullFilter (Version: 1.0.0.0 - SavingsBull Filter) Hidden <==== ATTENTION
Studie zur Verbesserung von HP Officejet 7500 E910 Produkten (HKLM\...\{DD52EE0D-3F63-4203-8AC3-7804D32B44EA}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Windows Live Family Safety (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

==================== Restore Points  =========================

25-02-2014 08:53:15 Windows Update
25-02-2014 17:30:05 DirectX wurde installiert
26-02-2014 08:06:41 Windows Update
27-02-2014 21:44:03 Windows Modules Installer
27-02-2014 22:02:26 Windows Modules Installer
27-02-2014 22:04:02 Windows Modules Installer
27-02-2014 22:04:33 Windows Modules Installer
27-02-2014 22:05:09 Windows Modules Installer
27-02-2014 22:06:45 Windows Modules Installer
27-02-2014 22:07:28 Windows Modules Installer
27-02-2014 22:08:11 Windows Modules Installer
27-02-2014 22:08:57 Windows Modules Installer
27-02-2014 22:09:52 Windows Modules Installer
27-02-2014 22:11:14 Windows Modules Installer
28-02-2014 23:45:08 Windows Update
01-03-2014 22:13:26 Uniblue SpeedUpMyPC installation
02-03-2014 22:54:55 Malwarebytes Anti-Rootkit Restore Point
04-03-2014 12:17:00 Windows Update
04-03-2014 20:52:15 Installed SpyHunter
04-03-2014 21:59:04 Removed SpyHunter
04-03-2014 22:14:00 Removed SavingsBull

==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {104003E1-DE2A-4ED8-9720-BA48848E0675} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: {2C6B901E-7D16-45B8-9F5D-2B9EBDCDC72C} - System32\Tasks\HPCustParticipation HP Officejet 7500 E910 => C:\Program Files\HP\HP Officejet 7500 E910\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {618B11A7-AF33-461E-84CB-FCC38BAD32DB} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17] (ASUS)
Task: {88BD668C-AE60-4DEF-ADE9-7DCABB59397E} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2010-08-02] (ASUS)
Task: {8E9659D4-5D49-45E5-91DC-30D883B90336} - System32\Tasks\FF Watcher {675B2A98-C100-4F4C-99FF-4CB08FC6A6E8} => C:\Program Files\V-bates\PrefHelper.exe
Task: {AB40A391-1C9F-4DEB-9C92-46A9D66CBD6A} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2011-06-01] (ASUS)
Task: {BAC835DA-ECDB-4970-A37E-B1573562A34F} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [2007-11-30] ()
Task: {D9AFB573-B6AB-419C-BAAF-BD97ADA619F9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-21] (Adobe Systems Incorporated)
Task: {F8DA9EFD-0EAB-4BA5-B1AD-355823B8477F} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2010-11-15] (ASUS)
Task: {FC42B53D-B0C4-4485-935F-D67B576D58BA} - \SpyHunter4Startup No Task File
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FF Watcher {675B2A98-C100-4F4C-99FF-4CB08FC6A6E8}.job => C:\Program Files\V-bates\PrefHelper.exe

==================== Loaded Modules (whitelisted) =============

2014-02-12 14:16 - 2014-02-12 14:16 - 00210432 _____ () c:\Program Files\SavingsbullFilter\SavingsbullFilterService64.exe
2014-02-02 11:26 - 2014-02-02 11:26 - 00317952 _____ () c:\Program Files\SavingsbullFilter\ProtocolFilters.dll
2013-11-19 00:42 - 2013-11-19 00:42 - 00110080 _____ () c:\Program Files\SavingsbullFilter\nfapi.dll
2010-07-15 01:11 - 2010-07-15 01:11 - 00031360 _____ () C:\Program Files\P4G\DevMng.dll
2010-04-03 04:21 - 2008-10-01 08:08 - 00011264 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2013-12-24 23:00 - 2007-11-30 20:20 - 00051768 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
2011-06-20 15:01 - 2011-03-26 08:29 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-12-24 17:00 - 2013-12-09 11:37 - 00394808 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2014-02-14 23:20 - 2014-02-14 23:20 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\6c712c9be7cce11c0c68039c762ff55a\IsdiInterop.ni.dll
2013-12-24 22:45 - 2011-01-13 02:56 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2011-06-10 19:49 - 2011-06-10 19:49 - 01163264 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll
2009-11-02 23:20 - 2009-11-02 23:20 - 00619816 ____N () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-02 23:23 - 2009-11-02 23:23 - 00013096 ____N () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2014-02-27 22:34 - 2014-02-13 01:36 - 03578992 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2011-04-28 15:03 - 2011-04-28 15:03 - 00235112 _____ () C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
2014-02-21 21:38 - 2014-02-21 21:38 - 16265096 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/06/2014 10:07:39 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (03/06/2014 06:27:35 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (03/06/2014 05:13:52 PM) (Source: CVHSVC) (User: )
Description: Nur zur Information.
Die Aktion kann nicht abgeschlossen werden. Versuchen Sie es erneut. Wenden Sie sich bei Fortbestehen des Problems an den Microsoft-Produktsupport.

Error: (03/06/2014 05:03:52 PM) (Source: CVHSVC) (User: )
Description: Nur zur Information.
Die Aktion kann nicht abgeschlossen werden. Versuchen Sie es erneut. Wenden Sie sich bei Fortbestehen des Problems an den Microsoft-Produktsupport.

Error: (03/06/2014 05:03:52 PM) (Source: CVHSVC) (User: )
Description: Nur zur Information.
Product registration is corrupted for {90140011-0066-0407-0000-0000000FF1CE}

Error: (03/06/2014 05:03:52 PM) (Source: CVHSVC) (User: )
Description: Nur zur Information.
Uninstall key is not found for product {90140011-0066-0407-0000-0000000FF1CE}

Error: (03/06/2014 05:03:52 PM) (Source: CVHSVC) (User: )
Description: Nur zur Information.
Product registration is corrupted for {90140011-0066-0407-0000-0000000FF1CE}

Error: (03/06/2014 05:03:52 PM) (Source: CVHSVC) (User: )
Description: Nur zur Information.
Uninstall key is not found for product {90140011-0066-0407-0000-0000000FF1CE}

Error: (03/06/2014 05:03:52 PM) (Source: CVHSVC) (User: )
Description: Nur zur Information.
Product registration is corrupted for {90140011-0066-0407-0000-0000000FF1CE}

Error: (03/06/2014 05:03:52 PM) (Source: CVHSVC) (User: )
Description: Nur zur Information.
Uninstall key is not found for product {90140011-0066-0407-0000-0000000FF1CE}


System errors:
=============
Error: (03/06/2014 05:03:35 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "SeaPort" wurde mit folgendem Fehler beendet: 
%%-2147467243

Error: (03/05/2014 06:12:51 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "SeaPort" wurde mit folgendem Fehler beendet: 
%%-2147467243

Error: (03/04/2014 11:08:16 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "SeaPort" wurde mit folgendem Fehler beendet: 
%%-2147467243

Error: (03/04/2014 11:08:06 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "SpyHunter 4 Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (03/04/2014 09:53:49 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{A4033F9C-1838-4740-9BBB-B825B3F21335}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (03/04/2014 03:57:23 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "SeaPort" wurde mit folgendem Fehler beendet: 
%%-2147467243

Error: (03/03/2014 04:34:20 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "SeaPort" wurde mit folgendem Fehler beendet: 
%%-2147467243


Microsoft Office Sessions:
=========================
Error: (03/06/2014 10:07:39 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005

Error: (03/06/2014 06:27:35 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80004005

Error: (03/06/2014 05:13:52 PM) (Source: CVHSVC)(User: )
Description: Die Aktion kann nicht abgeschlossen werden. Versuchen Sie es erneut. Wenden Sie sich bei Fortbestehen des Problems an den Microsoft-Produktsupport.

Error: (03/06/2014 05:03:52 PM) (Source: CVHSVC)(User: )
Description: Die Aktion kann nicht abgeschlossen werden. Versuchen Sie es erneut. Wenden Sie sich bei Fortbestehen des Problems an den Microsoft-Produktsupport.

Error: (03/06/2014 05:03:52 PM) (Source: CVHSVC)(User: )
Description: Product registration is corrupted for {90140011-0066-0407-0000-0000000FF1CE}

Error: (03/06/2014 05:03:52 PM) (Source: CVHSVC)(User: )
Description: Uninstall key is not found for product {90140011-0066-0407-0000-0000000FF1CE}

Error: (03/06/2014 05:03:52 PM) (Source: CVHSVC)(User: )
Description: Product registration is corrupted for {90140011-0066-0407-0000-0000000FF1CE}

Error: (03/06/2014 05:03:52 PM) (Source: CVHSVC)(User: )
Description: Uninstall key is not found for product {90140011-0066-0407-0000-0000000FF1CE}

Error: (03/06/2014 05:03:52 PM) (Source: CVHSVC)(User: )
Description: Product registration is corrupted for {90140011-0066-0407-0000-0000000FF1CE}

Error: (03/06/2014 05:03:52 PM) (Source: CVHSVC)(User: )
Description: Uninstall key is not found for product {90140011-0066-0407-0000-0000000FF1CE}


==================== Memory info =========================== 

Percentage of memory in use: 28%
Total physical RAM: 8100.97 MB
Available physical RAM: 5819.91 MB
Total Pagefile: 16200.13 MB
Available Pagefile: 13645.89 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:390.7 GB) (Free:314.49 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Data) (Fixed) (Total:515.81 GB) (Free:515.5 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 43EBFD28)
Partition 1: (Not Active) - (Size=25 GB) - (Type=1C)
Partition 2: (Active) - (Size=391 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=516 GB) - (Type=OF Extended)

==================== End Of Log ============================
         
Ich hoffe es war jetzt richtig !!!
__________________

Alt 07.03.2014, 00:14   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Mehrere Wörter erscheinen im Firefox und Explorer unterstrichen als Link - Standard

Mehrere Wörter erscheinen im Firefox und Explorer unterstrichen als Link



Hast du den Rechner erst neulich komplett installiert? Kommt mir so vor, denn da sind auffällig wenig Programme installiert.

Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 07.03.2014, 00:39   #5
wievik
 
Mehrere Wörter erscheinen im Firefox und Explorer unterstrichen als Link - Standard

Mehrere Wörter erscheinen im Firefox und Explorer unterstrichen als Link



rechner ist kurz nach weihnachten neu aufgesetzt worden, weil meine alte Festplatte den geist aufgegeben hat. :-(

Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.07.0.1009
www.malwarebytes.org

Database version: v2014.03.06.10

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Wiebe :: WIEBE-PC [administrator]

07.03.2014 00:24:14
mbar-log-2014-03-07 (00-24-14).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 268319
Time elapsed: 14 minute(s), 25 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         


Alt 07.03.2014, 00:42   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Mehrere Wörter erscheinen im Firefox und Explorer unterstrichen als Link - Standard

Mehrere Wörter erscheinen im Firefox und Explorer unterstrichen als Link



Alles klar, hat mich nur gewundert, dass so wenig installiert ist, denn das ist ziemlich selten


Adware/Junkware/Toolbars entfernen


1. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).




2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.




3. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________
--> Mehrere Wörter erscheinen im Firefox und Explorer unterstrichen als Link

Alt 07.03.2014, 01:34   #7
wievik
 
Mehrere Wörter erscheinen im Firefox und Explorer unterstrichen als Link - Standard

Mehrere Wörter erscheinen im Firefox und Explorer unterstrichen als Link



Code:
ATTFilter
# AdwCleaner v3.020 - Bericht erstellt am 07/03/2014 um 00:53:26
# Aktualisiert 27/02/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Wiebe - WIEBE-PC
# Gestartet von : C:\Users\Wiebe\Desktop\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Browser ] *****

-\\ Internet Explorer v9.0.8112.16533


-\\ Mozilla Firefox v27.0.1 (de)

[ Datei : C:\Users\Wiebe\AppData\Roaming\Mozilla\Firefox\Profiles\tom8mqxa.default-1393952867356\prefs.js ]


*************************

AdwCleaner[R0].txt - [17596 octets] - [02/03/2014 01:02:04]
AdwCleaner[R1].txt - [926 octets] - [03/03/2014 00:16:10]
AdwCleaner[R2].txt - [985 octets] - [03/03/2014 00:23:23]
AdwCleaner[R3].txt - [1181 octets] - [04/03/2014 23:04:45]
AdwCleaner[R4].txt - [1239 octets] - [07/03/2014 00:51:46]
AdwCleaner[S0].txt - [14211 octets] - [02/03/2014 01:03:13]
AdwCleaner[S1].txt - [1045 octets] - [03/03/2014 00:24:27]
AdwCleaner[S2].txt - [1243 octets] - [04/03/2014 23:07:13]
AdwCleaner[S3].txt - [1161 octets] - [07/03/2014 00:53:26]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1221 octets] ##########
         
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 7 Home Premium x64
Ran by Wiebe on 07.03.2014 at  0:58:40,33
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Empty Folder] C:\Users\Wiebe\appdata\local\{7D7A83AC-A82E-4977-8C85-187E78FD0625}
Successfully deleted: [Empty Folder] C:\Users\Wiebe\appdata\local\{A9774A77-4C32-445F-B4CE-CF716D6539D0}



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 07.03.2014 at  1:16:31,79
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.07.0.1009
www.malwarebytes.org

Database version: v2014.03.06.10

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Wiebe :: WIEBE-PC [administrator]

07.03.2014 01:19:18
mbar-log-2014-03-07 (01-19-18).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 268251
Time elapsed: 14 minute(s), 8 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         

Alt 07.03.2014, 01:36   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Mehrere Wörter erscheinen im Firefox und Explorer unterstrichen als Link - Standard

Mehrere Wörter erscheinen im Firefox und Explorer unterstrichen als Link



Wieso Log von MBAR??

FRST Logs fehlen
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 07.03.2014, 02:21   #9
wievik
 
Mehrere Wörter erscheinen im Firefox und Explorer unterstrichen als Link - Standard

Mehrere Wörter erscheinen im Firefox und Explorer unterstrichen als Link



hab´s gerade gemerkt, wird gerade erstellt, kommt sofort.
Sorry


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-03-2014
Ran by Wiebe (administrator) on WIEBE-PC on 07-03-2014 02:17:56
Running from C:\Users\Wiebe\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(ASUSTeK Computer Inc.) C:\Windows\system32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
() c:\Program Files\SavingsbullFilter\SavingsbullFilterService64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(ASUS) C:\Windows\AsScrPro.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 7500 E910\Bin\ScanToPCActivationApp.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Virage Logic Corporation / Sonic Focus) C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(ASUS) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\IELowutil.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_70.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 7500 E910\Bin\HPNetworkCommunicator.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2213992 2011-05-12] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2587944 2010-12-31] (ELAN Microelectronics Corp.)
HKLM\...\Run: [IntelTBRunOnce] - wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM-x32\...\Run: [ASUSPRP] - C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2018032 2011-04-13] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] - C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe [731472 2011-02-23] (ecareme)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-13] (Intel Corporation)
HKLM-x32\...\Run: [SonicMasterTray] - C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe [984400 2010-07-10] (Virage Logic Corporation / Sonic Focus)
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [ATKOSD2] - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)
HKLM-x32\...\Run: [HControlUser] - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2255360 2011-06-10] (ASUS)
HKLM-x32\...\Run: [USBChargerPlusTray] - C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [496560 2011-04-19] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [UpdateLBPShortCut] - C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] - C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [VNT] - C:\Program Files (x86)\VNT\vntldr.exe [202192 2013-12-20] (APN LLC.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [ArcSoft Connection Service] - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2143194781-2833874438-559236793-1000\...\Run: [ISUSPM] - C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
HKU\S-1-5-21-2143194781-2833874438-559236793-1002\...\Run: [HP Officejet 7500 E910 (NET)] - C:\Program Files\HP\HP Officejet 7500 E910\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-2143194781-2833874438-559236793-1002\...\Run: [Xvid] - C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
BHO: No Name - {41564952-412D-5637-4300-7A786E7484D7} -  No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {41564952-412D-5637-4300-7A786E7484D7} -  No File
Toolbar: HKLM-x32 - No Name - {41564952-412D-5637-4300-7A786E7484D7} -  No File
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - No Name - {41564952-412D-5637-4300-7A786E7484D7} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Wiebe\AppData\Roaming\Mozilla\Firefox\Profiles\tom8mqxa.default-1393952867356
FF Homepage: https://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @nsroblox.roblox.com/launcher - C:\Users\Wiebe\AppData\Local\Roblox\Versions\version-9dddd6d1e4534c53\\NPRobloxProxy.dll ( ROBLOX Corporation)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Wiebe\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\awesomehp.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [irobinhood@irobinhood.org] - C:\Program Files (x86)\iRobinHood\iRobinHood Addon\irobinhood@irobinhood.org.xpi
FF HKLM-x32\...\Firefox\Extensions: [OKitSpace@OKitSpace.es] - C:\Users\Wiebe\AppData\Roaming\okitSpace\Firefox
FF HKLM-x32\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\Wiebe\AppData\Roaming\Mozilla\Firefox\Profiles\tloq7a8v.default\extensions\quick_start@gmail.com

==================== Services (Whitelisted) =================

R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1017424 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2013-12-20] (APN LLC.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [46904 2013-12-17] (Hewlett-Packard Company)
R2 SavingsbullFilterService64; c:\Program Files\SavingsbullFilter\SavingsbullFilterService64.exe [210432 2014-02-12] ()

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-09] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [84720 2013-12-09] (Avira Operations GmbH & Co. KG)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2012-06-22] ()
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R1 netfilter64; C:\Windows\System32\drivers\netfilter64.sys [61592 2013-12-17] (NetFilterSDK.com)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-07 02:17 - 2014-03-07 02:17 - 00015955 _____ () C:\Users\Wiebe\Desktop\FRST.txt
2014-03-07 00:21 - 2014-03-07 00:21 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Wiebe\Desktop\mbar-1.07.0.1009.exe
2014-03-06 23:11 - 2014-03-07 01:35 - 00000000 ____D () C:\FRST
2014-03-06 23:10 - 2014-03-06 23:10 - 02156544 _____ (Farbar) C:\Users\Wiebe\Desktop\FRST64.exe
2014-03-05 18:12 - 2014-03-07 00:54 - 00000168 _____ () C:\Windows\setupact.log
2014-03-05 18:12 - 2014-03-05 18:12 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-04 21:53 - 2014-03-04 21:53 - 00000000 _____ () C:\autoexec.bat
2014-03-04 21:52 - 2014-03-04 21:53 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-03-04 21:52 - 2014-03-04 21:52 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-03-04 21:52 - 2012-06-22 11:01 - 00022704 _____ () C:\Windows\system32\Drivers\EsgScanner.sys
2014-03-04 21:50 - 2014-03-04 21:50 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Wiebe\Downloads\SpyHunter-Installer.exe
2014-03-04 16:26 - 2014-03-04 16:26 - 00821760 _____ (Browser Opt-out) C:\Users\Wiebe\Downloads\uninstall.exe
2014-03-04 16:00 - 2014-03-07 01:33 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-03-03 00:35 - 2014-03-03 00:35 - 00000000 ____D () C:\Windows\ERUNT
2014-03-02 23:40 - 2014-03-07 01:19 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-02 23:40 - 2014-03-02 23:40 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-02 23:39 - 2014-03-07 01:33 - 00000000 ____D () C:\Users\Wiebe\Desktop\mbar
2014-03-02 23:39 - 2014-03-07 01:18 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-02 23:32 - 2014-03-02 23:32 - 01037734 _____ (Thisisu) C:\Users\Wiebe\Desktop\JRT.exe
2014-03-02 23:29 - 2014-03-02 23:29 - 01244192 _____ () C:\Users\Wiebe\Downloads\adwcleaner(1).exe
2014-03-02 23:24 - 2014-03-02 23:35 - 00000000 ____D () C:\Users\Wiebe\AppData\Roaming\Nico Mak Computing
2014-03-02 23:23 - 2014-03-02 23:23 - 04892480 _____ (WinZip International LLC ) C:\Users\Wiebe\Downloads\wzmp_8.exe
2014-03-02 11:16 - 2014-03-02 11:16 - 00000000 ____D () C:\Users\Wiebe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2014-03-02 01:01 - 2014-03-07 00:53 - 00000000 ____D () C:\AdwCleaner
2014-03-02 01:01 - 2014-03-02 01:01 - 01244192 _____ () C:\Users\Wiebe\Desktop\adwcleaner.exe
2014-03-01 23:15 - 2014-03-01 23:15 - 00000000 ____D () C:\Users\Wiebe\AppData\Local\Tuguu_SL
2014-03-01 23:11 - 2014-03-01 23:11 - 00376736 _____ () C:\Users\Wiebe\Downloads\Setup.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 17849344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 12345344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 09739264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 03695416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-03-01 08:26 - 2014-03-01 08:26 - 03695416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-03-01 08:26 - 2014-03-01 08:26 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-01 08:26 - 2014-03-01 08:26 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-01 08:26 - 2014-03-01 08:26 - 02334720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-01 08:26 - 2014-03-01 08:26 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-01 08:26 - 2014-03-01 08:26 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 01347072 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 01105408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-03-01 08:26 - 2014-03-01 08:26 - 00434176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00403248 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-03-01 08:26 - 2014-03-01 08:26 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00353584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00227840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00130560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00123392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00118784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00101888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-03-01 08:26 - 2014-03-01 08:26 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-03-01 08:26 - 2014-03-01 08:26 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-02-27 22:34 - 2014-03-02 01:03 - 00001051 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-02-27 22:34 - 2014-02-27 22:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-27 20:53 - 2014-03-07 02:17 - 28669643 _____ () C:\Windows\system32\SavingsBullFilterService.log
2014-02-27 20:53 - 2014-02-27 20:53 - 00000000 _____ () C:\Windows\SysWOW64\Service.log
2014-02-27 20:53 - 2014-02-27 20:53 - 00000000 _____ () C:\Windows\system32\Service.log
2014-02-25 18:49 - 2014-02-25 18:49 - 00001266 _____ () C:\Users\Wiebe\Desktop\Rettungswagen Simulator 2012 spielen.lnk
2014-02-25 18:33 - 2014-02-25 18:33 - 00000000 ____D () C:\Users\Wiebe\AppData\Roaming\Z-Software
2014-02-25 18:32 - 2014-02-25 18:32 - 00001248 _____ () C:\Users\Public\Desktop\Rettungswagen Simulator 2012 spielen.lnk
2014-02-25 18:32 - 2014-02-25 18:32 - 00000000 ____D () C:\ProgramData\Z-Software
2014-02-25 18:28 - 2014-02-25 18:32 - 00000000 ____D () C:\Program Files (x86)\Rettungswagen Simulator 2012
2014-02-25 18:25 - 2000-08-19 20:29 - 00268048 _____ (MetaCreations Corporation) C:\Windows\SysWOW64\dxtmeta2.dll
2014-02-24 22:55 - 2014-03-02 23:30 - 00000000 ____D () C:\Users\Wiebe\AppData\Local\Windows Live
2014-02-21 23:36 - 2014-02-21 23:59 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Exploit
2014-02-21 23:36 - 2014-02-21 23:36 - 01768696 _____ (Malwarebytes ) C:\Users\Wiebe\Downloads\nw_32531_mbaesetupexe.exe
2014-02-21 23:36 - 2013-07-16 03:41 - 01858896 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100d.dll
2014-02-21 23:36 - 2013-07-16 03:41 - 01498960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100d.dll
2014-02-21 23:36 - 2013-07-16 03:41 - 01014096 _____ (Microsoft Corporation) C:\Windows\system32\msvcp100d.dll
2014-02-21 23:36 - 2013-07-16 03:41 - 00743248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp100d.dll
2014-02-21 19:56 - 2014-02-21 19:56 - 00000000 ____D () C:\Users\Wiebe\AppData\Roaming\Google
2014-02-21 19:08 - 2014-02-21 19:08 - 00000043 _____ () C:\Users\Wiebe\AppData\Roaming\WB.CFG
2014-02-21 18:57 - 2014-03-04 23:08 - 00000284 _____ () C:\Windows\Tasks\FF Watcher {675B2A98-C100-4F4C-99FF-4CB08FC6A6E8}.job
2014-02-21 18:57 - 2014-03-04 16:26 - 00003264 _____ () C:\Windows\System32\Tasks\FF Watcher {675B2A98-C100-4F4C-99FF-4CB08FC6A6E8}
2014-02-21 18:55 - 2014-02-21 18:56 - 04719512 _____ () C:\Users\Wiebe\Downloads\installer_minecraft_Deutsch.exe
2014-02-18 18:05 - 2014-02-18 18:05 - 05987372 _____ () C:\Users\Wiebe\Downloads\CAT_Forte_Powerlift_2011.exe
2014-02-18 17:55 - 2014-02-18 17:55 - 04160754 _____ () C:\Users\Wiebe\Downloads\zzz_tipAnywhere.exe
2014-02-18 17:55 - 2014-02-18 17:55 - 00112180 _____ () C:\Users\Wiebe\Downloads\Sunflowers.exe
2014-02-18 17:52 - 2014-02-18 17:53 - 11187480 _____ () C:\Users\Wiebe\Downloads\CT3200XL.exe
2014-02-18 17:45 - 2014-02-18 17:45 - 01728324 _____ () C:\Users\Wiebe\Downloads\Chieftain_Fuel_Bowser_2011 zip.exe
2014-02-18 17:43 - 2014-02-18 17:43 - 18908016 _____ () C:\Users\Wiebe\Downloads\z_John_Deere_Servicetruck.exe
2014-02-18 17:42 - 2014-02-18 17:42 - 00104315 _____ () C:\Users\Wiebe\Downloads\WeserberglandMap_Unpack!!.exe
2014-02-18 17:41 - 2014-02-18 17:41 - 05741458 _____ () C:\Users\Wiebe\Downloads\DR21000.exe
2014-02-17 20:06 - 2014-02-17 20:06 - 02849949 _____ () C:\Users\Wiebe\Downloads\Veenhuis_Shuttle.exe
2014-02-17 20:05 - 2014-02-17 20:05 - 07572022 _____ () C:\Users\Wiebe\Downloads\John_Derre_500.exe
2014-02-17 19:54 - 2014-02-17 19:54 - 13529045 _____ () C:\Users\Wiebe\Downloads\ManTga.exe
2014-02-15 16:39 - 2014-02-27 22:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-13 21:22 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-13 21:22 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-13 21:22 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-13 21:22 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-13 21:22 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-13 21:22 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-13 21:22 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-13 21:22 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-13 21:22 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-13 21:22 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-13 21:22 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-13 21:22 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-13 21:22 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-13 21:22 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-13 21:22 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-13 21:22 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-13 21:22 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-13 21:22 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-13 21:22 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-13 21:22 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-13 21:22 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-13 21:22 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-13 21:22 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-13 21:22 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-13 21:22 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-13 21:22 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-13 21:22 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-13 21:22 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-06 22:42 - 2014-02-06 22:42 - 00175104 _____ () C:\Users\Wiebe\Downloads\dienstwagenrechner2011.xls

==================== One Month Modified Files and Folders =======

2014-03-07 02:18 - 2014-03-07 02:17 - 00015955 _____ () C:\Users\Wiebe\Desktop\FRST.txt
2014-03-07 02:17 - 2014-02-27 20:53 - 28669643 _____ () C:\Windows\system32\SavingsBullFilterService.log
2014-03-07 01:38 - 2013-12-24 23:42 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-07 01:35 - 2014-03-06 23:11 - 00000000 ____D () C:\FRST
2014-03-07 01:33 - 2014-03-04 16:00 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-03-07 01:33 - 2014-03-02 23:39 - 00000000 ____D () C:\Users\Wiebe\Desktop\mbar
2014-03-07 01:19 - 2014-03-02 23:40 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-07 01:18 - 2014-03-02 23:39 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-07 01:02 - 2009-07-14 05:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-07 01:02 - 2009-07-14 05:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-07 01:01 - 2013-12-27 14:04 - 00003930 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{9F7041A3-58B8-4506-9FF7-ABAF2630609B}
2014-03-07 00:58 - 2013-12-24 22:42 - 01367424 _____ () C:\Windows\WindowsUpdate.log
2014-03-07 00:55 - 2013-12-24 23:02 - 00045056 _____ () C:\Windows\system32\acovcnt.exe
2014-03-07 00:55 - 2013-12-24 16:32 - 00000000 ___HD () C:\ASUS.DAT
2014-03-07 00:54 - 2014-03-05 18:12 - 00000168 _____ () C:\Windows\setupact.log
2014-03-07 00:54 - 2013-12-24 22:48 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-07 00:54 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-07 00:53 - 2014-03-02 01:01 - 00000000 ____D () C:\AdwCleaner
2014-03-07 00:21 - 2014-03-07 00:21 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Wiebe\Desktop\mbar-1.07.0.1009.exe
2014-03-06 23:10 - 2014-03-06 23:10 - 02156544 _____ (Farbar) C:\Users\Wiebe\Desktop\FRST64.exe
2014-03-06 18:52 - 2014-01-23 17:49 - 00000000 ____D () C:\Users\Wiebe\Documents\German Truck Simulator
2014-03-05 18:12 - 2014-03-05 18:12 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-04 23:08 - 2014-02-21 18:57 - 00000284 _____ () C:\Windows\Tasks\FF Watcher {675B2A98-C100-4F4C-99FF-4CB08FC6A6E8}.job
2014-03-04 21:53 - 2014-03-04 21:53 - 00000000 _____ () C:\autoexec.bat
2014-03-04 21:53 - 2014-03-04 21:52 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-03-04 21:52 - 2014-03-04 21:52 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-03-04 21:50 - 2014-03-04 21:50 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Wiebe\Downloads\SpyHunter-Installer.exe
2014-03-04 16:26 - 2014-03-04 16:26 - 00821760 _____ (Browser Opt-out) C:\Users\Wiebe\Downloads\uninstall.exe
2014-03-04 16:26 - 2014-02-21 18:57 - 00003264 _____ () C:\Windows\System32\Tasks\FF Watcher {675B2A98-C100-4F4C-99FF-4CB08FC6A6E8}
2014-03-04 16:26 - 2014-01-23 21:56 - 00002774 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-03-04 16:26 - 2014-01-08 22:17 - 00003614 _____ () C:\Windows\System32\Tasks\HPCustParticipation HP Officejet 7500 E910
2014-03-04 16:26 - 2013-12-24 23:00 - 00003232 _____ () C:\Windows\System32\Tasks\SidebarExecute
2014-03-03 00:35 - 2014-03-03 00:35 - 00000000 ____D () C:\Windows\ERUNT
2014-03-02 23:55 - 2014-01-17 22:31 - 00000000 ____D () C:\Users\Wiebe\AppData\Roaming\speedtest4354
2014-03-02 23:55 - 2014-01-17 22:31 - 00000000 ____D () C:\Users\Wiebe\AppData\Roaming\freegames111
2014-03-02 23:40 - 2014-03-02 23:40 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-02 23:35 - 2014-03-02 23:24 - 00000000 ____D () C:\Users\Wiebe\AppData\Roaming\Nico Mak Computing
2014-03-02 23:32 - 2014-03-02 23:32 - 01037734 _____ (Thisisu) C:\Users\Wiebe\Desktop\JRT.exe
2014-03-02 23:30 - 2014-02-24 22:55 - 00000000 ____D () C:\Users\Wiebe\AppData\Local\Windows Live
2014-03-02 23:29 - 2014-03-02 23:29 - 01244192 _____ () C:\Users\Wiebe\Downloads\adwcleaner(1).exe
2014-03-02 23:23 - 2014-03-02 23:23 - 04892480 _____ (WinZip International LLC ) C:\Users\Wiebe\Downloads\wzmp_8.exe
2014-03-02 11:16 - 2014-03-02 11:16 - 00000000 ____D () C:\Users\Wiebe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2014-03-02 11:16 - 2013-12-25 20:23 - 00001352 _____ () C:\Users\Wiebe\Desktop\ROBLOX Player.lnk
2014-03-02 11:16 - 2013-12-25 20:22 - 00001171 _____ () C:\Users\Wiebe\Desktop\ROBLOX Studio 2013.lnk
2014-03-02 02:49 - 2009-07-29 07:03 - 00000000 ____D () C:\Windows\Panther
2014-03-02 01:03 - 2014-02-27 22:34 - 00001051 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-03-02 01:01 - 2014-03-02 01:01 - 01244192 _____ () C:\Users\Wiebe\Desktop\adwcleaner.exe
2014-03-01 23:24 - 2013-12-24 23:00 - 00001509 _____ () C:\Windows\system32\ServiceFilter.ini
2014-03-01 23:15 - 2014-03-01 23:15 - 00000000 ____D () C:\Users\Wiebe\AppData\Local\Tuguu_SL
2014-03-01 23:11 - 2014-03-01 23:11 - 00376736 _____ () C:\Users\Wiebe\Downloads\Setup.exe
2014-03-01 08:30 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-03-01 08:26 - 2014-03-01 08:26 - 17849344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 12345344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 09739264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 03695416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-03-01 08:26 - 2014-03-01 08:26 - 03695416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-03-01 08:26 - 2014-03-01 08:26 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-01 08:26 - 2014-03-01 08:26 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-01 08:26 - 2014-03-01 08:26 - 02334720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-01 08:26 - 2014-03-01 08:26 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-01 08:26 - 2014-03-01 08:26 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 01347072 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 01105408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-03-01 08:26 - 2014-03-01 08:26 - 00434176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00403248 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-03-01 08:26 - 2014-03-01 08:26 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00353584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00227840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00130560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00123392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00118784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00101888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-03-01 08:26 - 2014-03-01 08:26 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-03-01 08:26 - 2014-03-01 08:26 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-02-27 23:10 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\ar-SA
2014-02-27 23:10 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\ar-SA
2014-02-27 23:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\he-IL
2014-02-27 23:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\he-IL
2014-02-27 22:51 - 2009-07-14 06:08 - 00032572 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-27 22:34 - 2014-02-27 22:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-27 22:34 - 2014-02-15 16:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-27 22:34 - 2013-12-24 16:58 - 00000000 ____D () C:\Users\Wiebe\AppData\Roaming\Mozilla
2014-02-27 20:53 - 2014-02-27 20:53 - 00000000 _____ () C:\Windows\SysWOW64\Service.log
2014-02-27 20:53 - 2014-02-27 20:53 - 00000000 _____ () C:\Windows\system32\Service.log
2014-02-27 20:53 - 2014-01-31 20:41 - 00000000 ____D () C:\Program Files\SavingsbullFilter
2014-02-26 18:47 - 2014-01-06 22:06 - 01625524 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-26 18:47 - 2011-02-19 05:24 - 00711116 _____ () C:\Windows\system32\perfh007.dat
2014-02-26 18:47 - 2011-02-19 05:24 - 00153306 _____ () C:\Windows\system32\perfc007.dat
2014-02-26 18:47 - 2009-07-14 06:13 - 01625524 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-25 18:49 - 2014-02-25 18:49 - 00001266 _____ () C:\Users\Wiebe\Desktop\Rettungswagen Simulator 2012 spielen.lnk
2014-02-25 18:33 - 2014-02-25 18:33 - 00000000 ____D () C:\Users\Wiebe\AppData\Roaming\Z-Software
2014-02-25 18:32 - 2014-02-25 18:32 - 00001248 _____ () C:\Users\Public\Desktop\Rettungswagen Simulator 2012 spielen.lnk
2014-02-25 18:32 - 2014-02-25 18:32 - 00000000 ____D () C:\ProgramData\Z-Software
2014-02-25 18:32 - 2014-02-25 18:28 - 00000000 ____D () C:\Program Files (x86)\Rettungswagen Simulator 2012
2014-02-21 23:59 - 2014-02-21 23:36 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Exploit
2014-02-21 23:36 - 2014-02-21 23:36 - 01768696 _____ (Malwarebytes ) C:\Users\Wiebe\Downloads\nw_32531_mbaesetupexe.exe
2014-02-21 21:38 - 2013-12-24 23:42 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-21 21:38 - 2013-12-24 23:42 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-21 21:38 - 2013-12-24 23:42 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-21 21:22 - 2011-04-13 03:33 - 00000000 ____D () C:\Program Files\Google
2014-02-21 21:22 - 2011-04-13 03:33 - 00000000 ____D () C:\Program Files (x86)\Google
2014-02-21 19:56 - 2014-02-21 19:56 - 00000000 ____D () C:\Users\Wiebe\AppData\Roaming\Google
2014-02-21 19:56 - 2013-12-24 16:54 - 00000000 ____D () C:\Users\Wiebe\AppData\Local\Google
2014-02-21 19:16 - 2014-01-04 20:43 - 00000000 ____D () C:\Users\Wiebe\Documents\My Games
2014-02-21 19:16 - 2014-01-04 20:43 - 00000000 ____D () C:\Program Files (x86)\WarThunder
2014-02-21 19:08 - 2014-02-21 19:08 - 00000043 _____ () C:\Users\Wiebe\AppData\Roaming\WB.CFG
2014-02-21 18:57 - 2013-12-27 20:56 - 00000000 ____D () C:\Users\Wiebe\AppData\Roaming\.minecraft
2014-02-21 18:56 - 2014-02-21 18:55 - 04719512 _____ () C:\Users\Wiebe\Downloads\installer_minecraft_Deutsch.exe
2014-02-18 18:05 - 2014-02-18 18:05 - 05987372 _____ () C:\Users\Wiebe\Downloads\CAT_Forte_Powerlift_2011.exe
2014-02-18 17:55 - 2014-02-18 17:55 - 04160754 _____ () C:\Users\Wiebe\Downloads\zzz_tipAnywhere.exe
2014-02-18 17:55 - 2014-02-18 17:55 - 00112180 _____ () C:\Users\Wiebe\Downloads\Sunflowers.exe
2014-02-18 17:53 - 2014-02-18 17:52 - 11187480 _____ () C:\Users\Wiebe\Downloads\CT3200XL.exe
2014-02-18 17:45 - 2014-02-18 17:45 - 01728324 _____ () C:\Users\Wiebe\Downloads\Chieftain_Fuel_Bowser_2011 zip.exe
2014-02-18 17:43 - 2014-02-18 17:43 - 18908016 _____ () C:\Users\Wiebe\Downloads\z_John_Deere_Servicetruck.exe
2014-02-18 17:42 - 2014-02-18 17:42 - 00104315 _____ () C:\Users\Wiebe\Downloads\WeserberglandMap_Unpack!!.exe
2014-02-18 17:41 - 2014-02-18 17:41 - 05741458 _____ () C:\Users\Wiebe\Downloads\DR21000.exe
2014-02-17 21:40 - 2014-01-23 21:31 - 00000000 ____D () C:\Users\Wiebe\AppData\Roaming\TeamViewer
2014-02-17 20:06 - 2014-02-17 20:06 - 02849949 _____ () C:\Users\Wiebe\Downloads\Veenhuis_Shuttle.exe
2014-02-17 20:05 - 2014-02-17 20:05 - 07572022 _____ () C:\Users\Wiebe\Downloads\John_Derre_500.exe
2014-02-17 19:54 - 2014-02-17 19:54 - 13529045 _____ () C:\Users\Wiebe\Downloads\ManTga.exe
2014-02-17 18:16 - 2014-01-26 13:00 - 00000000 ____D () C:\Users\Wiebe\Documents\Flight Simulator X-Dateien
2014-02-17 00:38 - 2013-12-27 14:05 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-17 00:35 - 2013-12-27 14:05 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-07 22:40 - 2013-12-24 16:32 - 00060968 _____ () C:\Users\Wiebe\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-07 01:50 - 2014-01-06 22:07 - 00000000 ____D () C:\Users\Wiebe\AppData\Roaming\SoftGrid Client
2014-02-06 22:42 - 2014-02-06 22:42 - 00175104 _____ () C:\Users\Wiebe\Downloads\dienstwagenrechner2011.xls

Some content of TEMP:
====================
C:\Users\Wiebe\AppData\Local\Temp\avgnt.exe
C:\Users\Wiebe\AppData\Local\Temp\Quarantine.exe
C:\Users\Wiebe\AppData\Local\Temp\SHSetup.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-19 12:58

==================== End Of Log ============================
         
--- --- ---

--- --- ---

Alt 07.03.2014, 09:06   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Mehrere Wörter erscheinen im Firefox und Explorer unterstrichen als Link - Standard

Mehrere Wörter erscheinen im Firefox und Explorer unterstrichen als Link



Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
R1 netfilter64; C:\Windows\System32\drivers\netfilter64.sys [61592 2013-12-17] (NetFilterSDK.com)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2012-06-22] ()
R2 SavingsbullFilterService64; c:\Program Files\SavingsbullFilter\SavingsbullFilterService64.exe [210432 2014-02-12] ()
c:\Program Files\SavingsbullFilter
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 07.03.2014, 18:54   #11
wievik
 
Mehrere Wörter erscheinen im Firefox und Explorer unterstrichen als Link - Standard

Mehrere Wörter erscheinen im Firefox und Explorer unterstrichen als Link



Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 06-03-2014
Ran by Wiebe at 2014-03-07 18:47:54 Run:1
Running from C:\Users\Wiebe\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
R1 netfilter64; C:\Windows\System32\drivers\netfilter64.sys [61592 2013-12-17] (NetFilterSDK.com)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2012-06-22] ()
R2 SavingsbullFilterService64; c:\Program Files\SavingsbullFilter\SavingsbullFilterService64.exe [210432 2014-02-12] ()
c:\Program Files\SavingsbullFilter
*****************

netfilter64 => Unable to stop service
netfilter64 => Service deleted successfully.
esgiguard => Service deleted successfully.
EsgScanner => Service deleted successfully.
SavingsbullFilterService64 => Service stopped successfully.
SavingsbullFilterService64 => Service deleted successfully.
c:\Program Files\SavingsbullFilter => Moved successfully.


The system needed a reboot. 

==== End of Fixlog ====
         

Alt 07.03.2014, 19:26   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Mehrere Wörter erscheinen im Firefox und Explorer unterstrichen als Link - Standard

Mehrere Wörter erscheinen im Firefox und Explorer unterstrichen als Link



Rechner neu starten, dann frische Logs mit FRST. Haken setzen bei additions
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 07.03.2014, 19:44   #13
wievik
 
Mehrere Wörter erscheinen im Firefox und Explorer unterstrichen als Link - Standard

Mehrere Wörter erscheinen im Firefox und Explorer unterstrichen als Link



ich hoffe du meintest, dass ich die kiste nochmal mit frst scannen soll, mit hacken in addition.

hier hast du den log :-)

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-03-2014
Ran by Wiebe at 2014-03-07 19:40:57
Running from C:\Users\Wiebe\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
ASUS Power4Gear Hybrid (HKLM\...\{33B98264-A889-4913-A0CA-C364A75032B3}) (Version: 1.1.45 - ASUS)
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
ETDWare PS/2-X64 8.0.5.1_WHQL (HKLM\...\Elantech) (Version: 8.0.5.1 - ELAN Microelectronic Corp.)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.9 - ASUS)
HP Officejet 7500 E910 - Grundlegende Software für das Gerät (HKLM\...\{6B3982D8-8E88-4A42-B1C4-66B4E9B34CFB}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
Intel(R) Turbo Boost Technology Monitor 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
NVIDIA 3D Vision Driver 268.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 268.39 - NVIDIA Corporation)
NVIDIA Control Panel 268.39 (Version: 268.39 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 268.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 268.39 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.2.22.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.2.22.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.265.41.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.0.21 (Version: 1.0.21 - NVIDIA Corporation) Hidden
NVIDIA Update Components (Version: 1.0.21 - NVIDIA Corporation) Hidden
ROBLOX Player for Wiebe (HKCU\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - ROBLOX Corporation)
SavingsbullFilter (Version: 1.0.0.0 - SavingsBull Filter) Hidden <==== ATTENTION
Studie zur Verbesserung von HP Officejet 7500 E910 Produkten (HKLM\...\{DD52EE0D-3F63-4203-8AC3-7804D32B44EA}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Windows Live Family Safety (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

==================== Restore Points  =========================

25-02-2014 17:30:05 DirectX wurde installiert
26-02-2014 08:06:41 Windows Update
27-02-2014 21:44:03 Windows Modules Installer
27-02-2014 22:02:26 Windows Modules Installer
27-02-2014 22:04:02 Windows Modules Installer
27-02-2014 22:04:33 Windows Modules Installer
27-02-2014 22:05:09 Windows Modules Installer
27-02-2014 22:06:45 Windows Modules Installer
27-02-2014 22:07:28 Windows Modules Installer
27-02-2014 22:08:11 Windows Modules Installer
27-02-2014 22:08:57 Windows Modules Installer
27-02-2014 22:09:52 Windows Modules Installer
27-02-2014 22:11:14 Windows Modules Installer
28-02-2014 23:45:08 Windows Update
01-03-2014 22:13:26 Uniblue SpeedUpMyPC installation
02-03-2014 22:54:55 Malwarebytes Anti-Rootkit Restore Point
04-03-2014 12:17:00 Windows Update
04-03-2014 20:52:15 Installed SpyHunter
04-03-2014 21:59:04 Removed SpyHunter
04-03-2014 22:14:00 Removed SavingsBull
07-03-2014 14:14:04 Windows Update

==================== Hosts content: ==========================

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {104003E1-DE2A-4ED8-9720-BA48848E0675} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: {2C6B901E-7D16-45B8-9F5D-2B9EBDCDC72C} - System32\Tasks\HPCustParticipation HP Officejet 7500 E910 => C:\Program Files\HP\HP Officejet 7500 E910\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {618B11A7-AF33-461E-84CB-FCC38BAD32DB} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2010-08-17] (ASUS)
Task: {88BD668C-AE60-4DEF-ADE9-7DCABB59397E} - System32\Tasks\ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2010-08-02] (ASUS)
Task: {8E9659D4-5D49-45E5-91DC-30D883B90336} - System32\Tasks\FF Watcher {675B2A98-C100-4F4C-99FF-4CB08FC6A6E8} => C:\Program Files\V-bates\PrefHelper.exe
Task: {AB40A391-1C9F-4DEB-9C92-46A9D66CBD6A} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2011-06-01] (ASUS)
Task: {BAC835DA-ECDB-4970-A37E-B1573562A34F} - System32\Tasks\ASUS Live Update => C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe [2007-11-30] ()
Task: {D9AFB573-B6AB-419C-BAAF-BD97ADA619F9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-21] (Adobe Systems Incorporated)
Task: {F8DA9EFD-0EAB-4BA5-B1AD-355823B8477F} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2010-11-15] (ASUS)
Task: {FC42B53D-B0C4-4485-935F-D67B576D58BA} - \SpyHunter4Startup No Task File
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FF Watcher {675B2A98-C100-4F4C-99FF-4CB08FC6A6E8}.job => C:\Program Files\V-bates\PrefHelper.exe

==================== Loaded Modules (whitelisted) =============

2010-07-15 01:11 - 2010-07-15 01:11 - 00031360 _____ () C:\Program Files\P4G\DevMng.dll
2010-04-03 04:21 - 2008-10-01 08:08 - 00011264 _____ () C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
2013-12-24 23:00 - 2007-11-30 20:20 - 00051768 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
2011-06-20 15:01 - 2011-03-26 08:29 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-12-24 17:00 - 2013-12-09 11:37 - 00394808 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2011-06-10 19:49 - 2011-06-10 19:49 - 01163264 _____ () C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll
2009-11-02 23:20 - 2009-11-02 23:20 - 00619816 ____N () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-02 23:23 - 2009-11-02 23:23 - 00013096 ____N () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2014-02-27 22:34 - 2014-02-13 01:36 - 03578992 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2011-04-28 15:03 - 2011-04-28 15:03 - 00235112 _____ () C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
2014-02-14 23:20 - 2014-02-14 23:20 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\6c712c9be7cce11c0c68039c762ff55a\IsdiInterop.ni.dll
2013-12-24 22:45 - 2011-01-13 02:56 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============

MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/07/2014 07:37:52 PM) (Source: CVHSVC) (User: )
Description: Nur zur Information.
Die Aktion kann nicht abgeschlossen werden. Versuchen Sie es erneut. Wenden Sie sich bei Fortbestehen des Problems an den Microsoft-Produktsupport.

Error: (03/07/2014 07:37:52 PM) (Source: CVHSVC) (User: )
Description: Nur zur Information.
Product registration is corrupted for {90140011-0066-0407-0000-0000000FF1CE}

Error: (03/07/2014 07:37:52 PM) (Source: CVHSVC) (User: )
Description: Nur zur Information.
Uninstall key is not found for product {90140011-0066-0407-0000-0000000FF1CE}

Error: (03/07/2014 07:37:52 PM) (Source: CVHSVC) (User: )
Description: Nur zur Information.
Product registration is corrupted for {90140011-0066-0407-0000-0000000FF1CE}

Error: (03/07/2014 07:37:52 PM) (Source: CVHSVC) (User: )
Description: Nur zur Information.
Uninstall key is not found for product {90140011-0066-0407-0000-0000000FF1CE}

Error: (03/07/2014 07:37:52 PM) (Source: CVHSVC) (User: )
Description: Nur zur Information.
Product registration is corrupted for {90140011-0066-0407-0000-0000000FF1CE}

Error: (03/07/2014 07:37:52 PM) (Source: CVHSVC) (User: )
Description: Nur zur Information.
Uninstall key is not found for product {90140011-0066-0407-0000-0000000FF1CE}

Error: (03/07/2014 06:59:39 PM) (Source: CVHSVC) (User: )
Description: Nur zur Information.
Die Aktion kann nicht abgeschlossen werden. Versuchen Sie es erneut. Wenden Sie sich bei Fortbestehen des Problems an den Microsoft-Produktsupport.

Error: (03/07/2014 06:49:39 PM) (Source: CVHSVC) (User: )
Description: Nur zur Information.
Die Aktion kann nicht abgeschlossen werden. Versuchen Sie es erneut. Wenden Sie sich bei Fortbestehen des Problems an den Microsoft-Produktsupport.

Error: (03/07/2014 06:49:39 PM) (Source: CVHSVC) (User: )
Description: Nur zur Information.
Product registration is corrupted for {90140011-0066-0407-0000-0000000FF1CE}


System errors:
=============
Error: (03/07/2014 07:37:44 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "SeaPort" wurde mit folgendem Fehler beendet: 
%%-2147467243

Error: (03/07/2014 06:50:39 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{A4033F9C-1838-4740-9BBB-B825B3F21335}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (03/07/2014 06:49:30 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "SeaPort" wurde mit folgendem Fehler beendet: 
%%-2147467243

Error: (03/07/2014 04:14:02 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{A4033F9C-1838-4740-9BBB-B825B3F21335}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (03/07/2014 03:05:53 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "SeaPort" wurde mit folgendem Fehler beendet: 
%%-2147467243


Microsoft Office Sessions:
=========================
Error: (03/07/2014 07:37:52 PM) (Source: CVHSVC)(User: )
Description: Die Aktion kann nicht abgeschlossen werden. Versuchen Sie es erneut. Wenden Sie sich bei Fortbestehen des Problems an den Microsoft-Produktsupport.

Error: (03/07/2014 07:37:52 PM) (Source: CVHSVC)(User: )
Description: Product registration is corrupted for {90140011-0066-0407-0000-0000000FF1CE}

Error: (03/07/2014 07:37:52 PM) (Source: CVHSVC)(User: )
Description: Uninstall key is not found for product {90140011-0066-0407-0000-0000000FF1CE}

Error: (03/07/2014 07:37:52 PM) (Source: CVHSVC)(User: )
Description: Product registration is corrupted for {90140011-0066-0407-0000-0000000FF1CE}

Error: (03/07/2014 07:37:52 PM) (Source: CVHSVC)(User: )
Description: Uninstall key is not found for product {90140011-0066-0407-0000-0000000FF1CE}

Error: (03/07/2014 07:37:52 PM) (Source: CVHSVC)(User: )
Description: Product registration is corrupted for {90140011-0066-0407-0000-0000000FF1CE}

Error: (03/07/2014 07:37:52 PM) (Source: CVHSVC)(User: )
Description: Uninstall key is not found for product {90140011-0066-0407-0000-0000000FF1CE}

Error: (03/07/2014 06:59:39 PM) (Source: CVHSVC)(User: )
Description: Die Aktion kann nicht abgeschlossen werden. Versuchen Sie es erneut. Wenden Sie sich bei Fortbestehen des Problems an den Microsoft-Produktsupport.

Error: (03/07/2014 06:49:39 PM) (Source: CVHSVC)(User: )
Description: Die Aktion kann nicht abgeschlossen werden. Versuchen Sie es erneut. Wenden Sie sich bei Fortbestehen des Problems an den Microsoft-Produktsupport.

Error: (03/07/2014 06:49:39 PM) (Source: CVHSVC)(User: )
Description: Product registration is corrupted for {90140011-0066-0407-0000-0000000FF1CE}


==================== Memory info =========================== 

Percentage of memory in use: 27%
Total physical RAM: 8100.97 MB
Available physical RAM: 5913.41 MB
Total Pagefile: 16200.13 MB
Available Pagefile: 13904.44 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:390.7 GB) (Free:315.68 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Data) (Fixed) (Total:515.81 GB) (Free:515.5 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 43EBFD28)
Partition 1: (Not Active) - (Size=25 GB) - (Type=1C)
Partition 2: (Active) - (Size=391 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=516 GB) - (Type=OF Extended)

==================== End Of Log ============================
         

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-03-2014
Ran by Wiebe (administrator) on WIEBE-PC on 07-03-2014 19:39:25
Running from C:\Users\Wiebe\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(ASUSTeK Computer Inc.) C:\Windows\system32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
() C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
(ASUS) C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
(ASUSTeK) C:\Windows\SysWOW64\ACEngSvr.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Windows\AsScrPro.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 7500 E910\Bin\ScanToPCActivationApp.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\APRP\aprp.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Virage Logic Corporation / Sonic Focus) C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(ASUS) C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 7500 E910\Bin\HPNetworkCommunicator.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2213992 2011-05-12] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] - C:\Program Files\Elantech\ETDCtrl.exe [2587944 2010-12-31] (ELAN Microelectronics Corp.)
HKLM\...\Run: [IntelTBRunOnce] - wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
HKLM-x32\...\Run: [ASUSPRP] - C:\Program Files (x86)\ASUS\APRP\APRP.EXE [2018032 2011-04-13] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] - C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe [731472 2011-02-23] (ecareme)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-13] (Intel Corporation)
HKLM-x32\...\Run: [SonicMasterTray] - C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe [984400 2010-07-10] (Virage Logic Corporation / Sonic Focus)
HKLM-x32\...\Run: [NUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [ATKOSD2] - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [5732992 2010-08-17] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-10-07] (ASUS)
HKLM-x32\...\Run: [HControlUser] - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Wireless Console 3] - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe [2255360 2011-06-10] (ASUS)
HKLM-x32\...\Run: [USBChargerPlusTray] - C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [496560 2011-04-19] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [UpdateLBPShortCut] - C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] - C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [VNT] - C:\Program Files (x86)\VNT\vntldr.exe [202192 2013-12-20] (APN LLC.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [ArcSoft Connection Service] - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2143194781-2833874438-559236793-1002\...\Run: [HP Officejet 7500 E910 (NET)] - C:\Program Files\HP\HP Officejet 7500 E910\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-2143194781-2833874438-559236793-1002\...\Run: [Xvid] - C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
BHO: No Name - {41564952-412D-5637-4300-7A786E7484D7} -  No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {41564952-412D-5637-4300-7A786E7484D7} -  No File
Toolbar: HKLM-x32 - No Name - {41564952-412D-5637-4300-7A786E7484D7} -  No File
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - No Name - {41564952-412D-5637-4300-7A786E7484D7} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Wiebe\AppData\Roaming\Mozilla\Firefox\Profiles\tom8mqxa.default-1393952867356
FF Homepage: https://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @nsroblox.roblox.com/launcher - C:\Users\Wiebe\AppData\Local\Roblox\Versions\version-9dddd6d1e4534c53\\NPRobloxProxy.dll ( ROBLOX Corporation)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Wiebe\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\awesomehp.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [irobinhood@irobinhood.org] - C:\Program Files (x86)\iRobinHood\iRobinHood Addon\irobinhood@irobinhood.org.xpi
FF HKLM-x32\...\Firefox\Extensions: [OKitSpace@OKitSpace.es] - C:\Users\Wiebe\AppData\Roaming\okitSpace\Firefox
FF HKLM-x32\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\Wiebe\AppData\Roaming\Mozilla\Firefox\Profiles\tloq7a8v.default\extensions\quick_start@gmail.com

==================== Services (Whitelisted) =================

R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1017424 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2013-12-20] (APN LLC.)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [46904 2013-12-17] (Hewlett-Packard Company)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-09] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [84720 2013-12-09] (Avira Operations GmbH & Co. KG)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-07 19:37 - 2014-03-07 19:37 - 00000000 _____ () C:\Windows\SysWOW64\sho3ED4.tmp
2014-03-07 02:17 - 2014-03-07 19:39 - 00014782 _____ () C:\Users\Wiebe\Desktop\FRST.txt
2014-03-07 00:21 - 2014-03-07 00:21 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Wiebe\Desktop\mbar-1.07.0.1009.exe
2014-03-06 23:11 - 2014-03-07 19:39 - 00000000 ____D () C:\FRST
2014-03-06 23:10 - 2014-03-06 23:10 - 02156544 _____ (Farbar) C:\Users\Wiebe\Desktop\FRST64.exe
2014-03-05 18:12 - 2014-03-07 19:37 - 00000336 _____ () C:\Windows\setupact.log
2014-03-05 18:12 - 2014-03-05 18:12 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-04 21:53 - 2014-03-04 21:53 - 00000000 _____ () C:\autoexec.bat
2014-03-04 21:52 - 2014-03-04 21:53 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-03-04 21:52 - 2014-03-04 21:52 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-03-04 21:52 - 2012-06-22 11:01 - 00022704 _____ () C:\Windows\system32\Drivers\EsgScanner.sys
2014-03-04 21:50 - 2014-03-04 21:50 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Wiebe\Downloads\SpyHunter-Installer.exe
2014-03-04 16:26 - 2014-03-04 16:26 - 00821760 _____ (Browser Opt-out) C:\Users\Wiebe\Downloads\uninstall.exe
2014-03-04 16:00 - 2014-03-07 01:33 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-03-03 00:35 - 2014-03-03 00:35 - 00000000 ____D () C:\Windows\ERUNT
2014-03-02 23:40 - 2014-03-07 01:19 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-02 23:40 - 2014-03-02 23:40 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-02 23:39 - 2014-03-07 01:33 - 00000000 ____D () C:\Users\Wiebe\Desktop\mbar
2014-03-02 23:39 - 2014-03-07 01:18 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-02 23:32 - 2014-03-02 23:32 - 01037734 _____ (Thisisu) C:\Users\Wiebe\Desktop\JRT.exe
2014-03-02 23:29 - 2014-03-02 23:29 - 01244192 _____ () C:\Users\Wiebe\Downloads\adwcleaner(1).exe
2014-03-02 23:24 - 2014-03-02 23:35 - 00000000 ____D () C:\Users\Wiebe\AppData\Roaming\Nico Mak Computing
2014-03-02 23:23 - 2014-03-02 23:23 - 04892480 _____ (WinZip International LLC ) C:\Users\Wiebe\Downloads\wzmp_8.exe
2014-03-02 11:16 - 2014-03-02 11:16 - 00000000 ____D () C:\Users\Wiebe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2014-03-02 01:01 - 2014-03-07 00:53 - 00000000 ____D () C:\AdwCleaner
2014-03-02 01:01 - 2014-03-02 01:01 - 01244192 _____ () C:\Users\Wiebe\Desktop\adwcleaner.exe
2014-03-01 23:15 - 2014-03-01 23:15 - 00000000 ____D () C:\Users\Wiebe\AppData\Local\Tuguu_SL
2014-03-01 23:11 - 2014-03-01 23:11 - 00376736 _____ () C:\Users\Wiebe\Downloads\Setup.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 17849344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 12345344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 09739264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 03695416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-03-01 08:26 - 2014-03-01 08:26 - 03695416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-03-01 08:26 - 2014-03-01 08:26 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-01 08:26 - 2014-03-01 08:26 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-01 08:26 - 2014-03-01 08:26 - 02334720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-01 08:26 - 2014-03-01 08:26 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-01 08:26 - 2014-03-01 08:26 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 01347072 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 01105408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-03-01 08:26 - 2014-03-01 08:26 - 00434176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00403248 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-03-01 08:26 - 2014-03-01 08:26 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00353584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00227840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00130560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00123392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00118784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00101888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-03-01 08:26 - 2014-03-01 08:26 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-03-01 08:26 - 2014-03-01 08:26 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-02-27 22:34 - 2014-03-02 01:03 - 00001051 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-02-27 22:34 - 2014-02-27 22:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-27 20:53 - 2014-03-07 18:47 - 29120808 _____ () C:\Windows\system32\SavingsBullFilterService.log
2014-02-27 20:53 - 2014-02-27 20:53 - 00000000 _____ () C:\Windows\SysWOW64\Service.log
2014-02-27 20:53 - 2014-02-27 20:53 - 00000000 _____ () C:\Windows\system32\Service.log
2014-02-25 18:49 - 2014-02-25 18:49 - 00001266 _____ () C:\Users\Wiebe\Desktop\Rettungswagen Simulator 2012 spielen.lnk
2014-02-25 18:33 - 2014-02-25 18:33 - 00000000 ____D () C:\Users\Wiebe\AppData\Roaming\Z-Software
2014-02-25 18:32 - 2014-02-25 18:32 - 00001248 _____ () C:\Users\Public\Desktop\Rettungswagen Simulator 2012 spielen.lnk
2014-02-25 18:32 - 2014-02-25 18:32 - 00000000 ____D () C:\ProgramData\Z-Software
2014-02-25 18:28 - 2014-02-25 18:32 - 00000000 ____D () C:\Program Files (x86)\Rettungswagen Simulator 2012
2014-02-25 18:25 - 2000-08-19 20:29 - 00268048 _____ (MetaCreations Corporation) C:\Windows\SysWOW64\dxtmeta2.dll
2014-02-24 22:55 - 2014-03-02 23:30 - 00000000 ____D () C:\Users\Wiebe\AppData\Local\Windows Live
2014-02-21 23:36 - 2014-02-21 23:59 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Exploit
2014-02-21 23:36 - 2014-02-21 23:36 - 01768696 _____ (Malwarebytes ) C:\Users\Wiebe\Downloads\nw_32531_mbaesetupexe.exe
2014-02-21 23:36 - 2013-07-16 03:41 - 01858896 _____ (Microsoft Corporation) C:\Windows\system32\msvcr100d.dll
2014-02-21 23:36 - 2013-07-16 03:41 - 01498960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr100d.dll
2014-02-21 23:36 - 2013-07-16 03:41 - 01014096 _____ (Microsoft Corporation) C:\Windows\system32\msvcp100d.dll
2014-02-21 23:36 - 2013-07-16 03:41 - 00743248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp100d.dll
2014-02-21 19:56 - 2014-02-21 19:56 - 00000000 ____D () C:\Users\Wiebe\AppData\Roaming\Google
2014-02-21 19:08 - 2014-02-21 19:08 - 00000043 _____ () C:\Users\Wiebe\AppData\Roaming\WB.CFG
2014-02-21 18:57 - 2014-03-04 23:08 - 00000284 _____ () C:\Windows\Tasks\FF Watcher {675B2A98-C100-4F4C-99FF-4CB08FC6A6E8}.job
2014-02-21 18:57 - 2014-03-04 16:26 - 00003264 _____ () C:\Windows\System32\Tasks\FF Watcher {675B2A98-C100-4F4C-99FF-4CB08FC6A6E8}
2014-02-21 18:55 - 2014-02-21 18:56 - 04719512 _____ () C:\Users\Wiebe\Downloads\installer_minecraft_Deutsch.exe
2014-02-18 18:05 - 2014-02-18 18:05 - 05987372 _____ () C:\Users\Wiebe\Downloads\CAT_Forte_Powerlift_2011.exe
2014-02-18 17:55 - 2014-02-18 17:55 - 04160754 _____ () C:\Users\Wiebe\Downloads\zzz_tipAnywhere.exe
2014-02-18 17:55 - 2014-02-18 17:55 - 00112180 _____ () C:\Users\Wiebe\Downloads\Sunflowers.exe
2014-02-18 17:52 - 2014-02-18 17:53 - 11187480 _____ () C:\Users\Wiebe\Downloads\CT3200XL.exe
2014-02-18 17:45 - 2014-02-18 17:45 - 01728324 _____ () C:\Users\Wiebe\Downloads\Chieftain_Fuel_Bowser_2011 zip.exe
2014-02-18 17:43 - 2014-02-18 17:43 - 18908016 _____ () C:\Users\Wiebe\Downloads\z_John_Deere_Servicetruck.exe
2014-02-18 17:42 - 2014-02-18 17:42 - 00104315 _____ () C:\Users\Wiebe\Downloads\WeserberglandMap_Unpack!!.exe
2014-02-18 17:41 - 2014-02-18 17:41 - 05741458 _____ () C:\Users\Wiebe\Downloads\DR21000.exe
2014-02-17 20:06 - 2014-02-17 20:06 - 02849949 _____ () C:\Users\Wiebe\Downloads\Veenhuis_Shuttle.exe
2014-02-17 20:05 - 2014-02-17 20:05 - 07572022 _____ () C:\Users\Wiebe\Downloads\John_Derre_500.exe
2014-02-17 19:54 - 2014-02-17 19:54 - 13529045 _____ () C:\Users\Wiebe\Downloads\ManTga.exe
2014-02-15 16:39 - 2014-02-27 22:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-13 21:22 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-02-13 21:22 - 2014-01-01 00:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-13 21:22 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-02-13 21:22 - 2013-12-24 23:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-13 21:22 - 2013-12-06 03:30 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-13 21:22 - 2013-12-06 03:30 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-13 21:22 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-02-13 21:22 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-02-13 21:22 - 2013-12-04 03:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-13 21:22 - 2013-12-04 03:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-13 21:22 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-13 21:22 - 2013-12-04 03:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-13 21:22 - 2013-12-04 03:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-13 21:22 - 2013-12-04 03:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-13 21:22 - 2013-12-04 03:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-13 21:22 - 2013-12-04 03:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-13 21:22 - 2013-12-04 03:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-13 21:22 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-02-13 21:22 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-02-13 21:22 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-02-13 21:22 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-02-13 21:22 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-02-13 21:22 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-02-13 21:22 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-02-13 21:22 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-02-13 21:22 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-02-13 21:22 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-02-13 21:22 - 2013-11-22 23:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-06 22:42 - 2014-02-06 22:42 - 00175104 _____ () C:\Users\Wiebe\Downloads\dienstwagenrechner2011.xls

==================== One Month Modified Files and Folders =======

2014-03-07 19:39 - 2014-03-07 02:17 - 00014782 _____ () C:\Users\Wiebe\Desktop\FRST.txt
2014-03-07 19:39 - 2014-03-06 23:11 - 00000000 ____D () C:\FRST
2014-03-07 19:38 - 2013-12-24 23:42 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-07 19:38 - 2013-12-24 16:32 - 00000000 ___HD () C:\ASUS.DAT
2014-03-07 19:37 - 2014-03-07 19:37 - 00000000 _____ () C:\Windows\SysWOW64\sho3ED4.tmp
2014-03-07 19:37 - 2014-03-05 18:12 - 00000336 _____ () C:\Windows\setupact.log
2014-03-07 19:37 - 2013-12-24 23:02 - 00045056 _____ () C:\Windows\system32\acovcnt.exe
2014-03-07 19:37 - 2013-12-24 22:48 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-07 19:37 - 2013-12-24 22:42 - 01409415 _____ () C:\Windows\WindowsUpdate.log
2014-03-07 19:37 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-07 18:57 - 2009-07-14 05:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-07 18:57 - 2009-07-14 05:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-07 18:47 - 2014-02-27 20:53 - 29120808 _____ () C:\Windows\system32\SavingsBullFilterService.log
2014-03-07 18:42 - 2014-01-08 22:17 - 00000000 ____D () C:\Users\Wiebe\AppData\Roaming\HpUpdate
2014-03-07 01:33 - 2014-03-04 16:00 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-03-07 01:33 - 2014-03-02 23:39 - 00000000 ____D () C:\Users\Wiebe\Desktop\mbar
2014-03-07 01:19 - 2014-03-02 23:40 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-03-07 01:18 - 2014-03-02 23:39 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-07 01:01 - 2013-12-27 14:04 - 00003930 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{9F7041A3-58B8-4506-9FF7-ABAF2630609B}
2014-03-07 00:53 - 2014-03-02 01:01 - 00000000 ____D () C:\AdwCleaner
2014-03-07 00:21 - 2014-03-07 00:21 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Wiebe\Desktop\mbar-1.07.0.1009.exe
2014-03-06 23:10 - 2014-03-06 23:10 - 02156544 _____ (Farbar) C:\Users\Wiebe\Desktop\FRST64.exe
2014-03-06 18:52 - 2014-01-23 17:49 - 00000000 ____D () C:\Users\Wiebe\Documents\German Truck Simulator
2014-03-05 18:12 - 2014-03-05 18:12 - 00000000 _____ () C:\Windows\setuperr.log
2014-03-04 23:08 - 2014-02-21 18:57 - 00000284 _____ () C:\Windows\Tasks\FF Watcher {675B2A98-C100-4F4C-99FF-4CB08FC6A6E8}.job
2014-03-04 21:53 - 2014-03-04 21:53 - 00000000 _____ () C:\autoexec.bat
2014-03-04 21:53 - 2014-03-04 21:52 - 00000000 ____D () C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-03-04 21:52 - 2014-03-04 21:52 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-03-04 21:50 - 2014-03-04 21:50 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Wiebe\Downloads\SpyHunter-Installer.exe
2014-03-04 16:26 - 2014-03-04 16:26 - 00821760 _____ (Browser Opt-out) C:\Users\Wiebe\Downloads\uninstall.exe
2014-03-04 16:26 - 2014-02-21 18:57 - 00003264 _____ () C:\Windows\System32\Tasks\FF Watcher {675B2A98-C100-4F4C-99FF-4CB08FC6A6E8}
2014-03-04 16:26 - 2014-01-23 21:56 - 00002774 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-03-04 16:26 - 2014-01-08 22:17 - 00003614 _____ () C:\Windows\System32\Tasks\HPCustParticipation HP Officejet 7500 E910
2014-03-04 16:26 - 2013-12-24 23:00 - 00003232 _____ () C:\Windows\System32\Tasks\SidebarExecute
2014-03-03 00:35 - 2014-03-03 00:35 - 00000000 ____D () C:\Windows\ERUNT
2014-03-02 23:55 - 2014-01-17 22:31 - 00000000 ____D () C:\Users\Wiebe\AppData\Roaming\speedtest4354
2014-03-02 23:55 - 2014-01-17 22:31 - 00000000 ____D () C:\Users\Wiebe\AppData\Roaming\freegames111
2014-03-02 23:40 - 2014-03-02 23:40 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-02 23:35 - 2014-03-02 23:24 - 00000000 ____D () C:\Users\Wiebe\AppData\Roaming\Nico Mak Computing
2014-03-02 23:32 - 2014-03-02 23:32 - 01037734 _____ (Thisisu) C:\Users\Wiebe\Desktop\JRT.exe
2014-03-02 23:30 - 2014-02-24 22:55 - 00000000 ____D () C:\Users\Wiebe\AppData\Local\Windows Live
2014-03-02 23:29 - 2014-03-02 23:29 - 01244192 _____ () C:\Users\Wiebe\Downloads\adwcleaner(1).exe
2014-03-02 23:23 - 2014-03-02 23:23 - 04892480 _____ (WinZip International LLC ) C:\Users\Wiebe\Downloads\wzmp_8.exe
2014-03-02 11:16 - 2014-03-02 11:16 - 00000000 ____D () C:\Users\Wiebe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox
2014-03-02 11:16 - 2013-12-25 20:23 - 00001352 _____ () C:\Users\Wiebe\Desktop\ROBLOX Player.lnk
2014-03-02 11:16 - 2013-12-25 20:22 - 00001171 _____ () C:\Users\Wiebe\Desktop\ROBLOX Studio 2013.lnk
2014-03-02 02:49 - 2009-07-29 07:03 - 00000000 ____D () C:\Windows\Panther
2014-03-02 01:03 - 2014-02-27 22:34 - 00001051 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-03-02 01:01 - 2014-03-02 01:01 - 01244192 _____ () C:\Users\Wiebe\Desktop\adwcleaner.exe
2014-03-01 23:24 - 2013-12-24 23:00 - 00001509 _____ () C:\Windows\system32\ServiceFilter.ini
2014-03-01 23:15 - 2014-03-01 23:15 - 00000000 ____D () C:\Users\Wiebe\AppData\Local\Tuguu_SL
2014-03-01 23:11 - 2014-03-01 23:11 - 00376736 _____ () C:\Users\Wiebe\Downloads\Setup.exe
2014-03-01 08:30 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-03-01 08:26 - 2014-03-01 08:26 - 17849344 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 12345344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 09739264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 03695416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-03-01 08:26 - 2014-03-01 08:26 - 03695416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-03-01 08:26 - 2014-03-01 08:26 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-01 08:26 - 2014-03-01 08:26 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-01 08:26 - 2014-03-01 08:26 - 02334720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 01806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-01 08:26 - 2014-03-01 08:26 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-01 08:26 - 2014-03-01 08:26 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 01347072 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 01105408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-03-01 08:26 - 2014-03-01 08:26 - 00434176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00403248 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-03-01 08:26 - 2014-03-01 08:26 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00353584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00227840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00130560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00123392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00118784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00101888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-03-01 08:26 - 2014-03-01 08:26 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-03-01 08:26 - 2014-03-01 08:26 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-03-01 08:26 - 2014-03-01 08:26 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-03-01 08:26 - 2014-03-01 08:26 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-02-27 23:10 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\ar-SA
2014-02-27 23:10 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\ar-SA
2014-02-27 23:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\he-IL
2014-02-27 23:07 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\he-IL
2014-02-27 22:51 - 2009-07-14 06:08 - 00032572 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-02-27 22:34 - 2014-02-27 22:34 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-02-27 22:34 - 2014-02-15 16:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-02-27 22:34 - 2013-12-24 16:58 - 00000000 ____D () C:\Users\Wiebe\AppData\Roaming\Mozilla
2014-02-27 20:53 - 2014-02-27 20:53 - 00000000 _____ () C:\Windows\SysWOW64\Service.log
2014-02-27 20:53 - 2014-02-27 20:53 - 00000000 _____ () C:\Windows\system32\Service.log
2014-02-26 18:47 - 2014-01-06 22:06 - 01625524 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-02-26 18:47 - 2011-02-19 05:24 - 00711116 _____ () C:\Windows\system32\perfh007.dat
2014-02-26 18:47 - 2011-02-19 05:24 - 00153306 _____ () C:\Windows\system32\perfc007.dat
2014-02-26 18:47 - 2009-07-14 06:13 - 01625524 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-25 18:49 - 2014-02-25 18:49 - 00001266 _____ () C:\Users\Wiebe\Desktop\Rettungswagen Simulator 2012 spielen.lnk
2014-02-25 18:33 - 2014-02-25 18:33 - 00000000 ____D () C:\Users\Wiebe\AppData\Roaming\Z-Software
2014-02-25 18:32 - 2014-02-25 18:32 - 00001248 _____ () C:\Users\Public\Desktop\Rettungswagen Simulator 2012 spielen.lnk
2014-02-25 18:32 - 2014-02-25 18:32 - 00000000 ____D () C:\ProgramData\Z-Software
2014-02-25 18:32 - 2014-02-25 18:28 - 00000000 ____D () C:\Program Files (x86)\Rettungswagen Simulator 2012
2014-02-21 23:59 - 2014-02-21 23:36 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Exploit
2014-02-21 23:36 - 2014-02-21 23:36 - 01768696 _____ (Malwarebytes ) C:\Users\Wiebe\Downloads\nw_32531_mbaesetupexe.exe
2014-02-21 21:38 - 2013-12-24 23:42 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-21 21:38 - 2013-12-24 23:42 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-21 21:38 - 2013-12-24 23:42 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-21 21:22 - 2011-04-13 03:33 - 00000000 ____D () C:\Program Files\Google
2014-02-21 21:22 - 2011-04-13 03:33 - 00000000 ____D () C:\Program Files (x86)\Google
2014-02-21 19:56 - 2014-02-21 19:56 - 00000000 ____D () C:\Users\Wiebe\AppData\Roaming\Google
2014-02-21 19:56 - 2013-12-24 16:54 - 00000000 ____D () C:\Users\Wiebe\AppData\Local\Google
2014-02-21 19:16 - 2014-01-04 20:43 - 00000000 ____D () C:\Users\Wiebe\Documents\My Games
2014-02-21 19:16 - 2014-01-04 20:43 - 00000000 ____D () C:\Program Files (x86)\WarThunder
2014-02-21 19:08 - 2014-02-21 19:08 - 00000043 _____ () C:\Users\Wiebe\AppData\Roaming\WB.CFG
2014-02-21 18:57 - 2013-12-27 20:56 - 00000000 ____D () C:\Users\Wiebe\AppData\Roaming\.minecraft
2014-02-21 18:56 - 2014-02-21 18:55 - 04719512 _____ () C:\Users\Wiebe\Downloads\installer_minecraft_Deutsch.exe
2014-02-18 18:05 - 2014-02-18 18:05 - 05987372 _____ () C:\Users\Wiebe\Downloads\CAT_Forte_Powerlift_2011.exe
2014-02-18 17:55 - 2014-02-18 17:55 - 04160754 _____ () C:\Users\Wiebe\Downloads\zzz_tipAnywhere.exe
2014-02-18 17:55 - 2014-02-18 17:55 - 00112180 _____ () C:\Users\Wiebe\Downloads\Sunflowers.exe
2014-02-18 17:53 - 2014-02-18 17:52 - 11187480 _____ () C:\Users\Wiebe\Downloads\CT3200XL.exe
2014-02-18 17:45 - 2014-02-18 17:45 - 01728324 _____ () C:\Users\Wiebe\Downloads\Chieftain_Fuel_Bowser_2011 zip.exe
2014-02-18 17:43 - 2014-02-18 17:43 - 18908016 _____ () C:\Users\Wiebe\Downloads\z_John_Deere_Servicetruck.exe
2014-02-18 17:42 - 2014-02-18 17:42 - 00104315 _____ () C:\Users\Wiebe\Downloads\WeserberglandMap_Unpack!!.exe
2014-02-18 17:41 - 2014-02-18 17:41 - 05741458 _____ () C:\Users\Wiebe\Downloads\DR21000.exe
2014-02-17 21:40 - 2014-01-23 21:31 - 00000000 ____D () C:\Users\Wiebe\AppData\Roaming\TeamViewer
2014-02-17 20:06 - 2014-02-17 20:06 - 02849949 _____ () C:\Users\Wiebe\Downloads\Veenhuis_Shuttle.exe
2014-02-17 20:05 - 2014-02-17 20:05 - 07572022 _____ () C:\Users\Wiebe\Downloads\John_Derre_500.exe
2014-02-17 19:54 - 2014-02-17 19:54 - 13529045 _____ () C:\Users\Wiebe\Downloads\ManTga.exe
2014-02-17 18:16 - 2014-01-26 13:00 - 00000000 ____D () C:\Users\Wiebe\Documents\Flight Simulator X-Dateien
2014-02-17 00:38 - 2013-12-27 14:05 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-17 00:35 - 2013-12-27 14:05 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-07 22:40 - 2013-12-24 16:32 - 00060968 _____ () C:\Users\Wiebe\AppData\Local\GDIPFONTCACHEV1.DAT
2014-02-07 01:50 - 2014-01-06 22:07 - 00000000 ____D () C:\Users\Wiebe\AppData\Roaming\SoftGrid Client
2014-02-06 22:42 - 2014-02-06 22:42 - 00175104 _____ () C:\Users\Wiebe\Downloads\dienstwagenrechner2011.xls

Some content of TEMP:
====================
C:\Users\Wiebe\AppData\Local\Temp\avgnt.exe
C:\Users\Wiebe\AppData\Local\Temp\Quarantine.exe
C:\Users\Wiebe\AppData\Local\Temp\SHSetup.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-19 12:58

==================== End Of Log ============================
         
--- --- ---

--- --- ---

Alt 08.03.2014, 14:18   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Mehrere Wörter erscheinen im Firefox und Explorer unterstrichen als Link - Standard

Mehrere Wörter erscheinen im Firefox und Explorer unterstrichen als Link



Neuer Fix:

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
Task: C:\Windows\Tasks\FF Watcher {675B2A98-C100-4F4C-99FF-4CB08FC6A6E8}.job => C:\Program Files\V-bates\PrefHelper.exe
Task: {FC42B53D-B0C4-4485-935F-D67B576D58BA} - \SpyHunter4Startup No Task File
Task: {8E9659D4-5D49-45E5-91DC-30D883B90336} - System32\Tasks\FF Watcher {675B2A98-C100-4F4C-99FF-4CB08FC6A6E8} => C:\Program Files\V-bates\PrefHelper.exe
C:\Program Files\V-bates
C:\Windows\SysWOW64\sho3ED4.tmp
C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
C:\Program Files\Enigma Software Group
C:\Windows\system32\Drivers\EsgScanner.sys
C:\Users\Wiebe\Downloads\SpyHunter-Installer.exe
C:\Users\Wiebe\Downloads\uninstall.exe
C:\Users\Wiebe\AppData\Local\Tuguu_SL
C:\Users\Wiebe\Downloads\Setup.exe
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 08.03.2014, 22:06   #15
wievik
 
Mehrere Wörter erscheinen im Firefox und Explorer unterstrichen als Link - Standard

Mehrere Wörter erscheinen im Firefox und Explorer unterstrichen als Link



HTML-Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 06-03-2014
Ran by Wiebe at 2014-03-08 21:56:21 Run:2
Running from C:\Users\Wiebe\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Task: C:\Windows\Tasks\FF Watcher {675B2A98-C100-4F4C-99FF-4CB08FC6A6E8}.job => C:\Program Files\V-bates\PrefHelper.exe
Task: {FC42B53D-B0C4-4485-935F-D67B576D58BA} - \SpyHunter4Startup No Task File
Task: {8E9659D4-5D49-45E5-91DC-30D883B90336} - System32\Tasks\FF Watcher {675B2A98-C100-4F4C-99FF-4CB08FC6A6E8} => C:\Program Files\V-bates\PrefHelper.exe
C:\Program Files\V-bates
C:\Windows\SysWOW64\sho3ED4.tmp
C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP
C:\Program Files\Enigma Software Group
C:\Windows\system32\Drivers\EsgScanner.sys
C:\Users\Wiebe\Downloads\SpyHunter-Installer.exe
C:\Users\Wiebe\Downloads\uninstall.exe
C:\Users\Wiebe\AppData\Local\Tuguu_SL
C:\Users\Wiebe\Downloads\Setup.exe
*****************

C:\Windows\Tasks\FF Watcher {675B2A98-C100-4F4C-99FF-4CB08FC6A6E8}.job => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FC42B53D-B0C4-4485-935F-D67B576D58BA} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FC42B53D-B0C4-4485-935F-D67B576D58BA} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SpyHunter4Startup => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8E9659D4-5D49-45E5-91DC-30D883B90336} => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8E9659D4-5D49-45E5-91DC-30D883B90336} => Key deleted successfully.
C:\Windows\System32\Tasks\FF Watcher {675B2A98-C100-4F4C-99FF-4CB08FC6A6E8} => Moved successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FF Watcher {675B2A98-C100-4F4C-99FF-4CB08FC6A6E8} => Key deleted successfully.
"C:\Program Files\V-bates" => File/Directory not found.
C:\Windows\SysWOW64\sho3ED4.tmp => Moved successfully.
C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP => Moved successfully.
C:\Program Files\Enigma Software Group => Moved successfully.
C:\Windows\system32\Drivers\EsgScanner.sys => Moved successfully.
C:\Users\Wiebe\Downloads\SpyHunter-Installer.exe => Moved successfully.
C:\Users\Wiebe\Downloads\uninstall.exe => Moved successfully.
C:\Users\Wiebe\AppData\Local\Tuguu_SL => Moved successfully.
C:\Users\Wiebe\Downloads\Setup.exe => Moved successfully.

==== End of Fixlog ====

Antwort

Themen zu Mehrere Wörter erscheinen im Firefox und Explorer unterstrichen als Link
about, blau, board, diverse, download, erscheine, explorer, falsch, fenster, firefox, grüne, guten, hidden, kleines, langsam, link, lösungen, maus, passieren, problem, seite, tagen, versucht, werbung, wirklich, wörter unterstichen als links



Ähnliche Themen: Mehrere Wörter erscheinen im Firefox und Explorer unterstrichen als Link


  1. Firefox, Wörter doppelt blau unterstrichen, Werbung an den Seiten und am unteren Bildschirmrand
    Log-Analyse und Auswertung - 05.08.2015 (19)
  2. Windows 8 und Firefox...Einzelne Wörter doppelt unterstrichen/Werbepopups/Werbelinks
    Plagegeister aller Art und deren Bekämpfung - 11.04.2015 (9)
  3. Win 8.1 - einzelne Wörter im Mozilla Firefox blau unterstrichen; Pop-ups
    Plagegeister aller Art und deren Bekämpfung - 06.02.2015 (19)
  4. Blau unterstrichene Wörter mit Werbung erscheinen bei Firefox
    Log-Analyse und Auswertung - 09.01.2015 (15)
  5. Windows 7, Firefox Wörter blau unterstrichen
    Plagegeister aller Art und deren Bekämpfung - 13.11.2014 (5)
  6. Windows 7 Firefox Wörter blau und unterstrichen
    Plagegeister aller Art und deren Bekämpfung - 01.09.2014 (13)
  7. doppelt unterstrichene Wörter erscheinen bei Firefox und posten Werbung
    Plagegeister aller Art und deren Bekämpfung - 08.08.2014 (7)
  8. Firefox, einzelne Wörter in blauer Schrift und doppelt unterstrichen, beim Hoovern erscheint ein Popup/Werbung
    Log-Analyse und Auswertung - 12.07.2014 (17)
  9. Windows 8.1, Firefox, Wörter doppelt blau unterstrichen, Werbung an den Seiten und am unteren Bildschirmrand
    Plagegeister aller Art und deren Bekämpfung - 06.06.2014 (12)
  10. Unerwünschte, leere Pop-up Fenster erscheinen und Wörter sind unterstrichen und verlinkt
    Log-Analyse und Auswertung - 03.06.2014 (21)
  11. Firefox --> Einzelne Wörter doppelt unterstrichen, blau unterlegt. Popups öffnen sich beim Herüberfahren
    Plagegeister aller Art und deren Bekämpfung - 02.03.2014 (1)
  12. Manche Wörter in Firefox grün und doppelt unterstrichen, virus?
    Plagegeister aller Art und deren Bekämpfung - 20.01.2014 (11)
  13. Firefox erscheinen doppelt unterstichene Wörter; es erschein ein Verweis auf "MediaPlayerTotal" Holen Mediaplayer
    Plagegeister aller Art und deren Bekämpfung - 13.01.2014 (23)
  14. Wörter erscheinen im Browser Grün und doppelt unterstrichen
    Log-Analyse und Auswertung - 30.12.2013 (9)
  15. In Firefox erscheinen doppelt unterstichene Wörter und es erscheint ein Verweis auf "MediaPlayerTotal" - was tun?
    Log-Analyse und Auswertung - 11.12.2013 (11)
  16. Unerwünschte, leere Pop-up Fenster erscheinen und Wörter sind unterstrichen und verlinkt
    Log-Analyse und Auswertung - 20.11.2013 (9)
  17. Windows 8 wörter im Firefox unterstrichen viel Werbung oft keine Rückmeldung beim Rechtsklick
    Plagegeister aller Art und deren Bekämpfung - 09.10.2013 (23)

Zum Thema Mehrere Wörter erscheinen im Firefox und Explorer unterstrichen als Link - Hallo und guten Abend, habe seit ein paar Tagen das Problem, dass mehrere Wörter im Firefox sowie im IE unterstrichen und in blau erscheinen. Wenn man mit der Maus drüber - Mehrere Wörter erscheinen im Firefox und Explorer unterstrichen als Link...
Archiv
Du betrachtest: Mehrere Wörter erscheinen im Firefox und Explorer unterstrichen als Link auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.