Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: hiddenext/worm.gen verschickt E-Mails

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 12.03.2014, 20:56   #1
ich753
 
hiddenext/worm.gen verschickt E-Mails - Pfeil

hiddenext/worm.gen verschickt E-Mails



Hallo an alle,
ich habe seit einigen Tagen das Problem, dass mir Avira meldet dass es einen Schädling gefunden hat (hiddenext/worm.gen) und immer wieder von meinem Outlook E-Mails mit einem foto.zip Anhang an meine Kontakte verschickt werden, ich habe den Fund schon mehrmals in Quarantäne verschoben aber das hilft anscheinend nichts :/
Gibt es eine Möglichkeit den Wurm los zu werden ohne dass ich das Betriebssystem neu aufsetzten muss ?

Hier mein FRST Log:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-03-2014
Ran by Philipp (administrator) on PHIL on 12-03-2014 20:18:52
Running from D:\Downloads
Windows 8.1 Pro (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ 
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(AMD) C:\WINDOWS\system32\atiesrxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\svchost.exe
() C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(TeamViewer GmbH) D:\Programme\TV8\TeamViewer_Service.exe
(Western Digital) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\WINDOWS\system32\dashost.exe
(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\SeaPort.exe
(AMD) C:\WINDOWS\system32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\skydrive.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Spotify Ltd) C:\Users\Philipp\AppData\Roaming\Spotify\spotify.exe
() C:\Users\Philipp\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Philipp\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Philipp\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Philipp\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Philipp\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Spotify Ltd) C:\Users\Philipp\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Dropbox, Inc.) C:\Users\Philipp\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrobat.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\WINDOWS\splwow64.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.0\ToolbarUpdater.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.0\loggingserver.exe
() C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
(Emsisoft GmbH) C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2guard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-07-31] (Logitech, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13636824 2013-07-26] (Realtek Semiconductor)
HKLM\...\Run: [SpywareTerminatorShield] - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe
HKLM\...\Run: [SpywareTerminatorUpdater] - C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [WD Quick View] - C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5235640 2012-08-23] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-10-08] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Software Update] - C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3478392 2013-09-05] (Adobe Systems Inc.)
HKLM-x32\...\Run: [iTunesHelper] - D:\Programme\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\Run: [AVG_UI] - C:\Program Files (x86)\AVG\AVG2014\avgui.exe [4962320 2014-01-22] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [vProt] - C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2539544 2014-03-12] ()
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-187558832-4231007970-1350263331-1001\...\Run: [Steam] - D:\Programme\Steam\Steam.exe [1821888 2014-02-25] (Valve Corporation)
HKU\S-1-5-21-187558832-4231007970-1350263331-1001\...\Run: [Spotify] - C:\Users\Philipp\AppData\Roaming\Spotify\Spotify.exe [6118400 2014-01-13] (Spotify Ltd)
HKU\S-1-5-21-187558832-4231007970-1350263331-1001\...\Run: [Spotify Web Helper] - C:\Users\Philipp\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-01-13] (Spotify Ltd)
HKU\S-1-5-21-187558832-4231007970-1350263331-1001\...\Run: [DAEMON Tools Lite] - D:\Programme\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-187558832-4231007970-1350263331-1001\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-187558832-4231007970-1350263331-1001\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-187558832-4231007970-1350263331-1001\...\Run: [AVG-Secure-Search-Update_0214c] - C:\Users\Philipp\AppData\Roaming\AVG 0214c Campaign\AVG-Secure-Search-Update-0214c.exe /PROMPT /mid=b845be539e6647d29d0e6d16b28a7412-ad1491be2ce6c122f6b66faa90e70c2decf7d34c /CMPID=0214c
HKU\S-1-5-21-187558832-4231007970-1350263331-1001\...\MountPoints2: {896be18f-9c7b-11e2-be6a-bc5ff46e9de1} - "F:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-21-187558832-4231007970-1350263331-1001\...\MountPoints2: {cc8882b4-6973-11e3-bead-bc5ff46e9de1} - "G:\Setup.exe" -auto
Startup: C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Philipp\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

ProxyServer: 114.23.245.21:8080
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.at.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xAE7B83565539CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-AT,de-DE;q=0.8,de;q=0.5,ru;q=0.3
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://mysearch.avg.com/search?cid={BF8E6FB2-0776-462F-A1FD-090A73F4673B}&mid=b845be539e6647d29d0e6d16b28a7412-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=de&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-03-11 19:13:29&v=17.3.1.91&pid=safeguard&sg=&sap=dsp&q={searchTerms}
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\IEExt\OnlineBanking\online_banking_bho.dll No File
BHO: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO: Adobe Acrobat Create PDF from Selection - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\IEExt\OnlineBanking\online_banking_bho.dll No File
BHO-x32: Adobe Acrobat Create PDF Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.124.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} -  No File
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 195.34.133.21 212.186.211.21

Chrome: 
=======
CHR HomePage: hxxp://mysearch.avg.com?cid={BF8E6FB2-0776-462F-A1FD-090A73F4673B}&mid=b845be539e6647d29d0e6d16b28a7412-ad1491be2ce6c122f6b66faa90e70c2decf7d34c&lang=de&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-03-11 19:13:29&v=17.3.1.91&pid=safeguard&sg=&sap=hp
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Microsoft Office 2013) - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CHR Plugin: (Microsoft Office 2013) - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
CHR Plugin: (Uplay PC) - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
CHR Plugin: (VLC Web Plugin) - D:\Programme\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Extension: (Google Docs) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-05-04]
CHR Extension: (Google Drive) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-05-04]
CHR Extension: (YouTube) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-05-04]
CHR Extension: (Google-Suche) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-05-04]
CHR Extension: (Adobe Acrobat – PDF-Datei erstellen) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2014-01-09]
CHR Extension: (AdBlock) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-09-09]
CHR Extension: (Google Wallet) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-01]
CHR Extension: (Google Mail) - C:\Users\Philipp\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-05-04]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2013-09-05]

==================== Services (Whitelisted) =================

R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [4163584 2014-02-15] (Emsisoft GmbH)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3788816 2014-01-22] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-24] (AVG Technologies CZ, s.r.o.)
R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [182248 2013-03-14] ()
R2 TeamViewer8; D:\Programme\TV8\TeamViewer_Service.exe [5087584 2013-10-01] (TeamViewer GmbH)
R2 vToolbarUpdater18.0.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.0\ToolbarUpdater.exe [1759768 2014-03-12] (AVG Secure Search)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [248248 2012-08-23] (Western Digital)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

S3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [70960 2013-08-24] (Emsisoft GmbH)
R1 A2DDA; C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [26176 2013-03-28] (Emsisoft GmbH)
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [138240 2013-06-22] (Advanced Micro Devices)
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [20496 2013-09-04] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [150808 2013-11-25] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [243480 2013-11-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [196376 2013-11-25] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [212280 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [294712 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123704 2013-10-01] (AVG Technologies CZ, s.r.o.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-12] (Avira Operations GmbH & Co. KG)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31544 2013-09-10] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\WINDOWS\system32\drivers\avgtpx64.sys [50976 2014-03-12] (AVG Technologies)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [252728 2013-10-21] (AVG Technologies CZ, s.r.o.)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131576 2013-12-12] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-10-01] (Avira Operations GmbH & Co. KG)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
R3 cleanhlp; C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [57024 2013-12-04] (Emsisoft GmbH)
R3 dot4; C:\Windows\system32\DRIVERS\Dot4.sys [151968 2012-10-19] (Windows (R) Win 7 DDK provider)
R3 Dot4Print; C:\Windows\System32\drivers\Dot4Prt.sys [27040 2012-10-19] (Windows (R) Win 7 DDK provider)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2013-12-20] (Disc Soft Ltd)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21048 2013-03-14] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21048 2013-03-14] ()
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-11] (Microsoft Corporation)
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-03-14] ()
S3 kbldfltr; C:\Windows\System32\drivers\kbldfltr.sys [22272 2013-09-30] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-26] (Microsoft Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation)
S3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42184 2013-10-16] (Anchorfree Inc.)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2014-03-11] ()

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-12 20:18 - 2014-03-12 20:18 - 00000000 ____D () C:\FRST
2014-03-12 19:22 - 2014-03-12 19:22 - 00000000 ____D () C:\ProgramData\AVG Secure Search
2014-03-11 21:24 - 2014-03-11 21:24 - 00001103 _____ () C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2014-03-11 21:23 - 2014-03-12 20:18 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
2014-03-11 21:23 - 2014-03-11 21:23 - 00000000 ____D () C:\Users\Philipp\Documents\Anti-Malware
2014-03-11 19:13 - 2014-03-12 19:22 - 00050976 _____ (AVG Technologies) C:\WINDOWS\system32\Drivers\avgtpx64.sys
2014-03-11 19:13 - 2014-03-12 19:22 - 00000000 ____D () C:\Program Files (x86)\AVG SafeGuard toolbar
2014-03-11 19:13 - 2014-03-11 19:13 - 00000000 ____D () C:\Users\Philipp\AppData\Local\AVG SafeGuard toolbar
2014-03-11 19:13 - 2014-03-11 19:13 - 00000000 ____D () C:\ProgramData\AVG Security Toolbar
2014-03-11 19:13 - 2014-03-11 19:13 - 00000000 ____D () C:\ProgramData\AVG SafeGuard toolbar
2014-03-11 18:09 - 2014-03-11 21:20 - 00000000 ____D () C:\Program Files (x86)\Spyware Terminator
2014-03-11 18:09 - 2014-03-11 18:09 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\stflt.sys
2014-03-11 17:46 - 2014-03-11 21:18 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-03-11 16:36 - 2014-03-12 19:53 - 01611249 _____ () C:\WINDOWS\WindowsUpdate.log
2014-03-11 16:34 - 2014-03-11 21:20 - 00003234 _____ () C:\WINDOWS\PFRO.log
2014-03-11 16:07 - 2014-03-11 16:07 - 00000000 ____D () C:\AdwCleaner
2014-03-11 16:04 - 2014-03-11 16:04 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\Malwarebytes
2014-03-11 16:04 - 2014-03-11 16:04 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-10 14:55 - 2014-03-10 14:55 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\AVG2014
2014-03-10 14:54 - 2014-03-11 15:58 - 00000000 ____D () C:\ProgramData\AVG2014
2014-03-10 14:54 - 2014-03-10 14:54 - 00000997 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-03-10 14:54 - 2014-03-10 14:54 - 00000000 ___HD () C:\$AVG
2014-03-10 14:54 - 2014-03-10 14:54 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\TuneUp Software
2014-03-10 14:54 - 2014-03-10 14:54 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-03-10 14:53 - 2014-03-12 17:00 - 00000000 ____D () C:\ProgramData\MFAData
2014-03-10 14:53 - 2014-03-10 14:56 - 00000000 ____D () C:\Users\Philipp\AppData\Local\Avg2014
2014-03-10 14:53 - 2014-03-10 14:53 - 00000000 ____D () C:\Users\Philipp\AppData\Local\MFAData
2014-03-07 18:01 - 2014-03-07 18:01 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM
2014-03-07 18:01 - 2014-03-07 18:01 - 00000000 ____D () C:\Program Files\Realtek
2014-03-07 18:01 - 2013-07-30 20:16 - 03564376 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2014-03-07 18:01 - 2013-07-30 17:14 - 02585304 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkAPO64.dll
2014-03-07 18:01 - 2013-07-30 13:47 - 00620273 _____ () C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2014-03-07 18:01 - 2013-07-29 18:41 - 00147672 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2014-03-07 18:01 - 2013-07-29 13:48 - 30311936 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2014-03-07 18:01 - 2013-07-27 03:56 - 06219096 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2014-03-07 18:01 - 2013-07-27 03:55 - 01908568 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2014-03-07 18:01 - 2013-07-27 03:55 - 00312152 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2014-03-07 18:01 - 2013-07-27 03:55 - 00261464 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2014-03-07 18:01 - 2013-07-26 14:26 - 05694504 _____ () C:\WINDOWS\system32\Drivers\rtvienna.dat
2014-03-07 18:01 - 2013-07-26 14:05 - 00617176 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2014-03-07 18:01 - 2013-07-24 10:07 - 27519232 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioVnA64.dll
2014-03-07 18:01 - 2013-07-24 10:07 - 14042880 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRealtek64.dll
2014-03-07 18:01 - 2013-07-24 10:07 - 03604224 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioVnN64.dll
2014-03-07 18:01 - 2013-07-24 10:07 - 02103040 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\WavesGUILib64.dll
2014-03-07 18:01 - 2013-07-24 10:07 - 02032896 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioEQ64.dll
2014-03-07 18:01 - 2013-07-24 10:07 - 01904384 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioRealtek264.dll
2014-03-07 18:01 - 2013-07-24 10:07 - 01044736 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO5064.dll
2014-03-07 18:01 - 2013-07-24 10:07 - 00933120 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO4064.dll
2014-03-07 18:01 - 2013-07-24 10:07 - 00920832 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPOShell64.dll
2014-03-07 18:01 - 2013-07-24 10:07 - 00660224 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO30.dll
2014-03-07 18:01 - 2013-07-24 10:07 - 00650496 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVoiceAPO2064.dll
2014-03-07 18:01 - 2013-07-24 01:45 - 00875776 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2014-03-07 18:01 - 2013-07-24 01:45 - 00845568 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\slcnt64.dll
2014-03-07 18:01 - 2013-07-24 01:45 - 00720128 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
2014-03-07 18:01 - 2013-07-24 01:45 - 00244480 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
2014-03-07 18:01 - 2013-07-22 15:37 - 01004248 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2014-03-07 18:01 - 2013-07-19 15:55 - 02080472 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\RtlExUpd.dll
2014-03-07 18:01 - 2013-07-18 14:48 - 02795224 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2014-03-07 18:01 - 2013-07-17 16:17 - 02743328 _____ (Fortemedia Corporation) C:\WINDOWS\system32\FMAPO64.dll
2014-03-07 18:01 - 2013-07-08 18:32 - 04810008 _____ (ASUSTeKcomputer.Inc) C:\WINDOWS\system32\RTKSMlfx.dll
2014-03-07 18:01 - 2013-07-08 18:31 - 00758104 _____ (A-Volute) C:\WINDOWS\system32\RTKSMSettingsIPC.dll
2014-03-07 18:01 - 2013-06-25 12:47 - 00871856 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tossaeapo64.dll
2014-03-07 18:01 - 2013-06-25 12:47 - 00162224 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\toseaeapo64.dll
2014-03-07 18:01 - 2013-06-25 12:46 - 00582056 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosasfapo64.dll
2014-03-07 18:01 - 2013-06-21 11:01 - 00109848 _____ () C:\WINDOWS\system32\AcpiServiceVnA64.dll
2014-03-07 18:01 - 2013-06-18 17:00 - 00947760 _____ (Sony Corporation) C:\WINDOWS\system32\SFSS_APO.dll
2014-03-07 18:01 - 2013-06-05 21:42 - 00208072 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAC64.dll
2014-03-07 18:01 - 2013-04-24 17:16 - 01662024 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2014-03-07 18:01 - 2013-04-03 14:13 - 00906800 _____ (Sony Corporation) C:\WINDOWS\system32\MISS_APO.dll
2014-03-07 18:01 - 2013-02-20 18:55 - 01284680 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2014-03-07 18:01 - 2012-10-02 14:41 - 00501192 _____ (DTS) C:\WINDOWS\system32\DTSU2PLFX64.dll
2014-03-07 18:01 - 2012-10-02 14:41 - 00487368 _____ (DTS) C:\WINDOWS\system32\DTSU2PGFX64.dll
2014-03-07 18:01 - 2012-10-02 14:41 - 00415688 _____ (DTS) C:\WINDOWS\system32\DTSU2PREC64.dll
2014-03-07 18:01 - 2012-08-31 19:18 - 07164176 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2014-03-07 18:01 - 2012-08-31 19:17 - 00434960 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2014-03-07 18:01 - 2012-08-31 19:17 - 00141584 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2014-03-07 18:01 - 2012-08-31 19:17 - 00124176 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2014-03-07 18:01 - 2012-08-31 19:17 - 00075024 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2014-03-07 18:01 - 2012-07-15 21:13 - 00394616 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxVolumeSDAPO.dll
2014-03-07 18:01 - 2012-06-20 17:26 - 00110592 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2014-03-07 18:01 - 2012-03-08 11:47 - 00108640 _____ (Andrea Electronics Corporation) C:\WINDOWS\system32\AERTAR64.dll
2014-03-07 18:01 - 2012-01-30 11:43 - 00836544 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo264.dll
2014-03-07 18:01 - 2012-01-10 10:20 - 00065944 _____ (TOSHIBA CORPORATION.) C:\WINDOWS\system32\tepeqapo64.dll
2014-03-07 18:01 - 2011-12-20 15:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2014-03-07 18:01 - 2011-11-22 16:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2014-03-07 18:01 - 2011-09-02 14:21 - 00221024 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFNHK64.dll
2014-03-07 18:01 - 2011-09-02 14:21 - 00081248 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFCOM64.dll
2014-03-07 18:01 - 2011-09-02 14:21 - 00078688 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SFAPO64.dll
2014-03-07 18:01 - 2011-08-23 17:00 - 00603984 _____ (Knowles Acoustics ) C:\WINDOWS\system32\KAAPORT64.dll
2014-03-07 18:01 - 2011-05-31 09:42 - 01756264 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2014-03-07 18:01 - 2011-05-31 09:42 - 01568360 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2014-03-07 18:01 - 2011-05-31 09:42 - 01486952 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
2014-03-07 18:01 - 2011-05-31 09:42 - 00728680 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2014-03-07 18:01 - 2011-05-31 09:42 - 00712296 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2014-03-07 18:01 - 2011-05-31 09:42 - 00693352 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2014-03-07 18:01 - 2011-05-31 09:42 - 00491112 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2014-03-07 18:01 - 2011-05-31 09:42 - 00432744 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
2014-03-07 18:01 - 2011-05-31 09:42 - 00428648 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2014-03-07 18:01 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
2014-03-07 18:01 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
2014-03-07 18:01 - 2011-05-31 09:42 - 00241768 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
2014-03-07 18:01 - 2011-03-17 12:17 - 01361336 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tosade.dll
2014-03-07 18:01 - 2011-03-07 17:11 - 00148416 _____ (TOSHIBA Corporation) C:\WINDOWS\system32\tadefxapo.dll
2014-03-07 18:01 - 2010-11-08 07:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2014-03-07 18:01 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2014-03-07 18:01 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2014-03-07 18:01 - 2010-11-08 07:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2014-03-07 18:01 - 2010-11-08 07:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2014-03-07 18:01 - 2010-11-08 07:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2014-03-07 18:01 - 2010-11-03 18:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2014-03-07 18:01 - 2010-09-27 09:34 - 00318808 _____ (Waves Audio Ltd.) C:\WINDOWS\system32\MaxxAudioAPO20.dll
2014-03-07 18:01 - 2010-07-22 16:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\WINDOWS\SysWOW64\SFCOM.dll
2014-03-07 18:01 - 2009-11-24 09:55 - 00518896 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2014-03-07 18:01 - 2009-11-24 09:55 - 00211184 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2014-03-07 18:01 - 2009-11-24 09:55 - 00198896 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2014-03-07 18:01 - 2009-11-24 09:55 - 00155888 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2014-03-06 11:57 - 2014-03-06 11:57 - 00001556 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-03-06 11:57 - 2014-03-06 11:57 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-06 11:57 - 2014-03-06 11:57 - 00000000 ____D () C:\Program Files\iTunes
2014-03-06 11:57 - 2014-03-06 11:57 - 00000000 ____D () C:\Program Files\iPod
2014-03-05 20:16 - 2014-03-11 18:19 - 00002715 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-03-05 20:16 - 2014-03-05 20:16 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-05 20:16 - 2014-03-05 20:16 - 00000000 ____D () C:\Users\Philipp\AppData\Local\Skype
2014-03-05 10:31 - 2014-03-05 10:31 - 00005327 _____ () C:\WINDOWS\SysWOW64\jupdate-1.7.0_51-b13.log
2014-03-04 23:09 - 2014-03-12 01:24 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\TS3Client
2014-03-04 23:08 - 2014-03-04 23:08 - 00000979 _____ () C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2014-03-04 23:08 - 2014-03-04 23:08 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2014-02-16 12:13 - 2013-12-09 01:34 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-02-16 12:13 - 2013-12-09 01:04 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-02-16 12:13 - 2013-11-27 16:34 - 03210528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2014-02-16 12:13 - 2013-11-27 16:27 - 00809872 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-02-16 12:13 - 2013-11-27 15:00 - 00663680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-02-16 12:13 - 2013-11-27 14:47 - 02804528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2014-02-16 12:13 - 2013-11-27 13:02 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ipnat.sys
2014-02-16 12:13 - 2013-11-27 11:54 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-02-16 12:13 - 2013-11-27 11:24 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2014-02-16 12:13 - 2013-11-27 11:08 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-02-16 12:13 - 2013-11-27 10:46 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2014-02-16 12:13 - 2013-11-27 10:41 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2014-02-16 12:13 - 2013-11-27 10:17 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-02-16 12:13 - 2013-11-27 10:10 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2014-02-16 12:13 - 2013-11-27 09:58 - 01503232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-02-16 12:13 - 2013-11-27 09:56 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2014-02-16 12:13 - 2013-11-27 05:01 - 00385614 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-02-16 12:13 - 2013-11-26 14:22 - 01928144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2014-02-16 12:13 - 2013-11-26 14:20 - 02131120 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-02-16 12:13 - 2013-11-26 14:20 - 01399176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-02-16 12:13 - 2013-11-26 14:20 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-02-16 12:13 - 2013-11-26 12:50 - 01371312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2014-02-16 12:13 - 2013-11-26 12:44 - 02142936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-02-16 12:13 - 2013-11-26 12:44 - 01204968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-02-16 12:13 - 2013-11-26 11:13 - 04191232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-02-16 12:13 - 2013-11-26 10:21 - 18577920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-02-16 12:13 - 2013-11-26 09:28 - 13925888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-02-16 12:13 - 2013-11-25 02:45 - 00142680 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-02-16 12:13 - 2013-11-25 02:32 - 01119064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-02-16 12:13 - 2013-11-25 00:30 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-02-16 12:13 - 2013-11-25 00:28 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-02-16 12:13 - 2013-11-23 13:47 - 00032088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-02-16 12:13 - 2013-11-23 12:49 - 21196664 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-02-16 12:13 - 2013-11-23 09:19 - 18642504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-02-16 12:13 - 2013-11-23 08:13 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\system32\bi.dll
2014-02-16 12:13 - 2013-11-23 08:13 - 00019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BtaMPM.sys
2014-02-16 12:13 - 2013-11-23 08:08 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-02-16 12:13 - 2013-11-23 05:50 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-02-16 12:13 - 2013-11-23 04:57 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-02-16 12:13 - 2013-11-23 04:48 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-02-16 12:13 - 2013-11-23 04:25 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-02-16 12:13 - 2013-11-23 04:25 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2014-02-16 12:13 - 2013-11-23 04:19 - 02617344 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-02-16 12:13 - 2013-11-23 04:15 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-02-16 12:13 - 2013-11-21 07:58 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceregistration.dll
2014-02-16 12:13 - 2013-11-21 07:26 - 01415680 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-02-16 12:13 - 2013-11-16 06:11 - 00764856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2014-02-16 12:13 - 2013-11-15 19:19 - 00669344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2014-02-16 12:13 - 2013-11-15 15:59 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2014-02-16 12:13 - 2013-11-15 15:25 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2014-02-16 12:13 - 2013-11-15 15:08 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-02-16 12:13 - 2013-11-15 14:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-02-16 12:13 - 2013-11-05 21:12 - 02551128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-02-16 12:13 - 2013-10-31 01:29 - 00745336 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-02-16 12:13 - 2013-10-31 00:41 - 00552624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-02-12 21:43 - 2014-01-07 06:00 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-02-12 21:43 - 2014-01-07 05:30 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-02-12 21:43 - 2013-12-09 01:27 - 02152448 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-02-12 21:43 - 2013-12-09 01:19 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll
2014-02-12 21:43 - 2013-12-09 00:55 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll
2014-02-12 21:43 - 2013-12-09 00:54 - 01317376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-02-12 21:43 - 2013-11-21 07:42 - 04604416 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2014-02-12 21:43 - 2013-11-21 06:44 - 03936256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2014-02-12 21:42 - 2014-02-06 13:16 - 23170048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-02-12 21:42 - 2014-02-06 12:30 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-02-12 21:42 - 2014-02-06 12:30 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-02-12 21:42 - 2014-02-06 12:12 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-02-12 21:42 - 2014-02-06 12:07 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-02-12 21:42 - 2014-02-06 12:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-02-12 21:42 - 2014-02-06 11:57 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-02-12 21:42 - 2014-02-06 11:56 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-02-12 21:42 - 2014-02-06 11:49 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-02-12 21:42 - 2014-02-06 11:48 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-02-12 21:42 - 2014-02-06 11:48 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-02-12 21:42 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-02-12 21:42 - 2014-02-06 11:32 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-02-12 21:42 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-02-12 21:42 - 2014-02-06 11:17 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-02-12 21:42 - 2014-02-06 11:11 - 05768704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-02-12 21:42 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-02-12 21:42 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-02-12 21:42 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-02-12 21:42 - 2014-02-06 10:57 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-02-12 21:42 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-02-12 21:42 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-02-12 21:42 - 2014-02-06 10:50 - 02041856 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-02-12 21:42 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-02-12 21:42 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-02-12 21:42 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-02-12 21:42 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-02-12 21:42 - 2014-02-06 10:24 - 02334208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-02-12 21:42 - 2014-02-06 10:22 - 13051392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-02-12 21:42 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-02-12 21:42 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-02-12 21:42 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-02-12 21:42 - 2014-02-06 09:55 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-02-12 21:42 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-02-12 21:42 - 2014-02-06 09:40 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-02-12 21:42 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-02-12 21:42 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-02-12 21:42 - 2014-01-09 09:25 - 02804224 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-02-12 21:42 - 2014-01-09 08:59 - 01020928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-02-12 21:42 - 2014-01-09 08:59 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-02-12 21:42 - 2014-01-09 08:49 - 00919040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-02-12 21:42 - 2014-01-09 08:44 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-02-12 21:42 - 2014-01-09 08:43 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-02-12 21:42 - 2014-01-09 08:29 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-02-12 21:42 - 2014-01-09 08:28 - 04217344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-02-12 21:42 - 2014-01-09 08:28 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-02-12 21:42 - 2014-01-09 08:18 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-02-12 21:42 - 2014-01-07 08:03 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2014-02-12 21:42 - 2014-01-07 06:59 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2014-02-12 21:42 - 2014-01-04 21:50 - 01462216 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-02-12 21:42 - 2014-01-04 20:22 - 01202888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-02-12 21:42 - 2014-01-04 15:30 - 13209088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-02-12 21:42 - 2014-01-04 15:23 - 11702272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-02-12 21:42 - 2014-01-04 14:42 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-02-12 21:42 - 2014-01-04 14:40 - 07416832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-02-12 21:42 - 2014-01-04 14:36 - 00830976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-02-12 21:42 - 2014-01-04 14:28 - 04961792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-02-12 21:42 - 2013-12-21 03:10 - 00009701 _____ () C:\WINDOWS\SysWOW64\connectedsearch-results.searchconnector-ms
2014-02-12 21:42 - 2013-12-21 03:10 - 00009701 _____ () C:\WINDOWS\system32\connectedsearch-results.searchconnector-ms
2014-02-12 21:42 - 2013-12-20 11:10 - 01113040 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-02-12 21:42 - 2013-12-20 07:13 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-02-12 21:42 - 2013-12-09 03:57 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-02-12 21:42 - 2013-12-09 02:51 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll

==================== One Month Modified Files and Folders =======

2014-03-12 20:18 - 2014-03-12 20:18 - 00000000 ____D () C:\FRST
2014-03-12 20:18 - 2014-03-11 21:23 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
2014-03-12 20:12 - 2013-03-28 00:33 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-187558832-4231007970-1350263331-1001
2014-03-12 20:10 - 2013-11-23 18:24 - 00003922 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{D84AB914-FB89-406D-8E48-C037220A523E}
2014-03-12 20:02 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-03-12 19:53 - 2014-03-11 16:36 - 01611249 _____ () C:\WINDOWS\WindowsUpdate.log
2014-03-12 19:38 - 2013-12-08 17:54 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\Spotify
2014-03-12 19:36 - 2013-03-28 01:06 - 00002195 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-12 19:36 - 2013-03-28 01:06 - 00001122 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-12 19:36 - 2013-03-28 01:06 - 00001118 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-12 19:22 - 2014-03-12 19:22 - 00000000 ____D () C:\ProgramData\AVG Secure Search
2014-03-12 19:22 - 2014-03-11 19:13 - 00050976 _____ (AVG Technologies) C:\WINDOWS\system32\Drivers\avgtpx64.sys
2014-03-12 19:22 - 2014-03-11 19:13 - 00000000 ____D () C:\Program Files (x86)\AVG SafeGuard toolbar
2014-03-12 17:00 - 2014-03-10 14:53 - 00000000 ____D () C:\ProgramData\MFAData
2014-03-12 16:18 - 2013-09-30 05:14 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-03-12 16:18 - 2013-09-30 04:56 - 00764340 _____ () C:\WINDOWS\system32\perfh007.dat
2014-03-12 16:18 - 2013-09-30 04:56 - 00159160 _____ () C:\WINDOWS\system32\perfc007.dat
2014-03-12 16:13 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-03-12 16:04 - 2013-04-17 09:45 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\Dropbox
2014-03-12 16:03 - 2013-11-11 10:22 - 00000000 __RDO () C:\Users\Philipp\SkyDrive
2014-03-12 01:24 - 2014-03-04 23:09 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\TS3Client
2014-03-11 21:24 - 2014-03-11 21:24 - 00001103 _____ () C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
2014-03-11 21:23 - 2014-03-11 21:23 - 00000000 ____D () C:\Users\Philipp\Documents\Anti-Malware
2014-03-11 21:20 - 2014-03-11 18:09 - 00000000 ____D () C:\Program Files (x86)\Spyware Terminator
2014-03-11 21:20 - 2014-03-11 16:34 - 00003234 _____ () C:\WINDOWS\PFRO.log
2014-03-11 21:20 - 2013-11-15 12:15 - 00094656 _____ (CACE Technologies) C:\WINDOWS\system32\WPRO_41_2001woem.tmp
2014-03-11 21:20 - 2013-11-15 12:15 - 00034752 _____ () C:\WINDOWS\system32\Drivers\WPRO_41_2001.sys
2014-03-11 21:20 - 2013-08-22 15:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-03-11 21:18 - 2014-03-11 17:46 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-03-11 21:18 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-03-11 21:18 - 2012-07-26 09:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-03-11 21:18 - 2012-07-26 06:37 - 00000000 ____D () C:\Users\Default.migrated
2014-03-11 20:39 - 2013-12-06 17:04 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\Skype
2014-03-11 19:15 - 2013-08-22 14:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-03-11 19:13 - 2014-03-11 19:13 - 00000000 ____D () C:\Users\Philipp\AppData\Local\AVG SafeGuard toolbar
2014-03-11 19:13 - 2014-03-11 19:13 - 00000000 ____D () C:\ProgramData\AVG Security Toolbar
2014-03-11 19:13 - 2014-03-11 19:13 - 00000000 ____D () C:\ProgramData\AVG SafeGuard toolbar
2014-03-11 18:19 - 2014-03-05 20:16 - 00002715 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-03-11 18:19 - 2013-12-06 17:04 - 00000000 ____D () C:\ProgramData\Skype
2014-03-11 18:09 - 2014-03-11 18:09 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\stflt.sys
2014-03-11 16:45 - 2013-09-30 19:15 - 00001797 _____ () C:\Users\Philipp\Desktop\Neues Textdokument.txt
2014-03-11 16:23 - 2013-04-02 21:19 - 00000000 ____D () C:\Program Files (x86)\JDownloader
2014-03-11 16:22 - 2013-11-11 10:40 - 00244224 ___SH () C:\Users\Philipp\Desktop\Thumbs.db
2014-03-11 16:21 - 2013-11-18 22:13 - 00000000 ____D () C:\Users\Philipp\AppData\Local\CrashDumps
2014-03-11 16:21 - 2013-11-11 10:07 - 00000000 ___DC () C:\WINDOWS\Panther
2014-03-11 16:21 - 2013-04-02 23:41 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\DAEMON Tools Lite
2014-03-11 16:07 - 2014-03-11 16:07 - 00000000 ____D () C:\AdwCleaner
2014-03-11 16:04 - 2014-03-11 16:04 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\Malwarebytes
2014-03-11 16:04 - 2014-03-11 16:04 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-11 15:58 - 2014-03-10 14:54 - 00000000 ____D () C:\ProgramData\AVG2014
2014-03-10 14:56 - 2014-03-10 14:53 - 00000000 ____D () C:\Users\Philipp\AppData\Local\Avg2014
2014-03-10 14:55 - 2014-03-10 14:55 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\AVG2014
2014-03-10 14:54 - 2014-03-10 14:54 - 00000997 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-03-10 14:54 - 2014-03-10 14:54 - 00000000 ___HD () C:\$AVG
2014-03-10 14:54 - 2014-03-10 14:54 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\TuneUp Software
2014-03-10 14:54 - 2014-03-10 14:54 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-03-10 14:53 - 2014-03-10 14:53 - 00000000 ____D () C:\Users\Philipp\AppData\Local\MFAData
2014-03-10 13:14 - 2013-12-08 17:54 - 00000000 ____D () C:\Users\Philipp\AppData\Local\Spotify
2014-03-07 21:09 - 2013-03-28 01:13 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\vlc
2014-03-07 19:12 - 2013-09-16 09:47 - 00000000 ____D () C:\Users\Philipp\Documents\Anki
2014-03-07 18:01 - 2014-03-07 18:01 - 00000000 ____D () C:\WINDOWS\SysWOW64\RTCOM
2014-03-07 18:01 - 2014-03-07 18:01 - 00000000 ____D () C:\Program Files\Realtek
2014-03-07 18:01 - 2013-12-06 17:17 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-03-07 18:01 - 2013-03-28 17:56 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-03-06 12:21 - 2013-05-23 15:32 - 00000000 ____D () C:\Users\Philipp\AppData\Roaming\Apple Computer
2014-03-06 12:20 - 2013-05-23 15:32 - 00000000 ____D () C:\Users\Philipp\AppData\Local\Apple Computer
2014-03-06 11:57 - 2014-03-06 11:57 - 00001556 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-03-06 11:57 - 2014-03-06 11:57 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-06 11:57 - 2014-03-06 11:57 - 00000000 ____D () C:\Program Files\iTunes
2014-03-06 11:57 - 2014-03-06 11:57 - 00000000 ____D () C:\Program Files\iPod
2014-03-06 11:56 - 2013-05-23 15:32 - 00000000 ____D () C:\ProgramData\Apple
2014-03-06 11:55 - 2013-05-23 15:32 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-03-05 20:16 - 2014-03-05 20:16 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-05 20:16 - 2014-03-05 20:16 - 00000000 ____D () C:\Users\Philipp\AppData\Local\Skype
2014-03-05 16:30 - 2013-09-16 10:15 - 00000963 _____ () C:\Users\Philipp\Desktop\Anki.lnk
2014-03-05 10:31 - 2014-03-05 10:31 - 00005327 _____ () C:\WINDOWS\SysWOW64\jupdate-1.7.0_51-b13.log
2014-03-05 10:31 - 2013-09-11 10:17 - 00000000 ____D () C:\ProgramData\Oracle
2014-03-05 10:31 - 2013-09-11 10:16 - 00000000 ____D () C:\Program Files (x86)\Java
2014-03-04 23:08 - 2014-03-04 23:08 - 00000979 _____ () C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2014-03-04 23:08 - 2014-03-04 23:08 - 00000000 ____D () C:\Program Files\TeamSpeak 3 Client
2014-03-04 17:29 - 2012-10-08 04:09 - 00000000 ____D () C:\Users\Philipp\AppData\Local\Packages
2014-02-26 17:11 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-02-26 16:25 - 2013-08-22 15:44 - 00483960 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-02-26 16:25 - 2012-10-08 04:09 - 00000000 ___RD () C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-02-26 16:25 - 2012-10-08 04:09 - 00000000 ___RD () C:\Users\Philipp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-02-26 16:24 - 2013-08-22 16:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-02-26 16:24 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
2014-02-26 16:24 - 2013-08-22 14:36 - 00000000 ____D () C:\WINDOWS\system32\Dism
2014-02-21 21:41 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-02-17 22:00 - 2013-08-22 16:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-02-17 22:00 - 2013-08-22 16:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-17 19:31 - 2013-03-28 01:06 - 00004094 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-17 19:31 - 2013-03-28 01:06 - 00003858 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-16 12:47 - 2013-08-31 09:05 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-02-16 12:47 - 2013-03-28 09:31 - 88567024 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-02-13 12:25 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-02-13 12:25 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-02-13 12:25 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-02-13 12:25 - 2013-08-22 16:36 - 00000000 ____D () C:\WINDOWS\Camera

Some content of TEMP:
====================
C:\Users\Philipp\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-12 09:58

==================== End Of Log ============================
         
Addition:

Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-03-2014
Ran by Philipp at 2014-03-12 20:19:10
Running from D:\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Emsisoft Anti-Malware (Disabled - Up to date) {8504DEEF-CC04-1F76-2137-F1A5F4A659DA}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Emsisoft Anti-Malware (Disabled - Up to date) {3E653F0B-EA3E-10F8-1B87-CAD78F211367}
AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

==================== Installed Programs ======================

6300 (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
6300_Help (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
6300Trb (x32 Version: 82.0.242.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.04 - Adobe Systems)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
AIO_CDB_ProductContext (x32 Version: 140.0.425.000 - Hewlett-Packard) Hidden
AIO_CDB_Software (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
AIO_Scan (x32 Version: 130.0.421.000 - Hewlett-Packard) Hidden
AMD Accelerated Video Transcoding (Version: 13.15.100.31008 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1084.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.1008.932.15229 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (HKLM\...\{5AE0838D-19B1-5D12-5FE8-E6503B2C8716}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
Anki (HKLM-x32\...\Anki) (Version:  - )
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Assassin's Creed Revelations (HKLM-x32\...\{33A22B2D-55BA-4508-B767-BF2E9C21A73F}) (Version: 1.00 - Ubisoft)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4335 - AVG Technologies)
AVG 2014 (Version: 14.0.3722 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4335 - AVG Technologies) Hidden
AVG SafeGuard toolbar (HKLM-x32\...\AVG SafeGuard toolbar) (Version: 18.0.0.248 - AVG Technologies)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
Bing Bar (HKLM-x32\...\{FF6DD716-7B10-4269-9F19-FFB07AC4CD95}) (Version: 7.3.124.0 - Microsoft Corporation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.1008.932.15229 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.1008.932.15229 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.1008.932.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.1008.0931.15229 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.1008.932.15229 - Advanced Micro Devices, Inc.) Hidden
Copy (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{BED39C88-768C-4345-BF11-58436C984F2A}) (Version:  - Microsoft)
Destinations (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 140.0.185.000 - Hewlett-Packard) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)
Emsisoft Anti-Malware (HKLM-x32\...\{BC30E5E7-047D-4232-A7E8-F2CB7CC7B2E0}_is1) (Version: 8.1 - Emsisoft GmbH)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Fax (x32 Version: 140.0.307.000 - Hewlett-Packard) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.146 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart Officejet and Deskjet All-In-One Driver Software (HKLM\...\{6F5B70F0-EA6C-4A5B-BB16-8390BD66B251}) (Version: 14.0 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.298.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2932 - Intel Corporation)
Intel(R) Smart Connect Technology 4.1 x64 (HKLM\...\{1EF24D7D-7B14-4EBA-A686-9E91C9C6763D}) (Version: 4.1.40.2143 - Intel)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Logitech SetPoint 6.61 (HKLM\...\sp6) (Version: 6.61.15 - Logitech)
MarketResearch (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
Microsoft Access MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft DCF MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Excel MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Groove MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Lync MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Italiano (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Word MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Narzędzia sprawdzające pakietu Microsoft Office 2013 — polski (HKLM\...\{90150000-001F-0415-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation)
Network64 (Version: 140.0.306.000 - Hewlett-Packard) Hidden
OCR Software by I.R.I.S. 14.0 (HKLM\...\HPOCR) (Version: 14.0 - HP)
Origin (HKLM-x32\...\Origin) (Version: 9.3.6.4643 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.19.726.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7004 - Realtek Semiconductor Corp.)
Scan (x32 Version: 140.0.253.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 1.0.0.0 - Electronic Arts)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
SolutionCenter (x32 Version: 140.0.299.000 - Hewlett-Packard) Hidden
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Spotify (HKCU\...\Spotify) (Version: 0.9.7.16.g4b197456 - Spotify AB)
Status (x32 Version: 140.0.342.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.22298 - TeamViewer)
Toolbox (x32 Version: 140.0.596.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.297.000 - Hewlett-Packard) Hidden
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Update for Microsoft Access 2013 (KB2768008) 64-Bit Edition (HKLM\...\{90150000-0015-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{47F15B72-AB15-4B81-BDB8-28B204596EB7}) (Version:  - Microsoft)
Update for Microsoft Access 2013 (KB2827233) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{614E655F-A0ED-435A-8E0C-A81EE4BA7BC7}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2013 (KB2837648) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{5E759A69-FA72-4B3C-BE2F-D1194764D31E}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2817678) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{237834D6-FA98-44E1-8739-ABD56DDADC59}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{43EB1F58-DAA0-4F61-A4EE-C5651F85A047}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{43EB1F58-DAA0-4F61-A4EE-C5651F85A047}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{76CACE05-7A19-4EAC-87D7-5BFF63AF7CDF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition (HKLM\...\{90150000-00C1-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{79469196-F138-4CF0-8681-F1889D53B56B}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{76CACE05-7A19-4EAC-87D7-5BFF63AF7CDF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2738038) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{FEFF9FF6-FF61-455E-A8CC-3A1311A657AD}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760224) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{3FF4EA9F-3505-4726-A974-6593A968FFCC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760242) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{9406D70B-2D9C-4613-A75A-F35B66BA8AFA}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760267) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{CA390537-AA88-450F-A240-5FB4648A124A}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760539) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{C8D57F4A-0824-4043-89E7-3C6280B67A47}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760553) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{AC4470FB-8011-4F16-B5D4-E0A34DE10C87}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760610) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{526C9E5A-A734-4DC0-B829-ED1CDE793C6B}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760610) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D8B3D175-48B8-413F-8484-4D81E744B51C}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2767845) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{8587E5B1-6279-4396-B9AC-20B334F4FF88}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768016) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{30C13416-B124-46AB-9E44-96CEFFA893F9}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817314) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{C809B1D6-BD31-4496-BCFE-4567E0854F5F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817316) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{1A789784-5825-4B26-BB57-71FF7D3484CB}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817316) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{856D47BC-036C-4692-8702-D6CCA8F428D0}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817316) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{4FD8F672-3206-469C-B9F0-D6E72F7ACAB2}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817490) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{CA0554C4-62FE-4F66-BC87-1EE1EAC675EF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817490) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{CA0554C4-62FE-4F66-BC87-1EE1EAC675EF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817626) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{F33ABF6A-3007-47E8-8E38-506A18E54641}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2826004) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{B38036CB-BAF6-41D4-8810-FD016453ABB9}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827225) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{2A286156-257B-4528-9DB5-B4D4D53211BC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 64-Bit Edition (HKLM\...\{90150000-001F-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{B5E3E636-7913-4775-BC9B-E4B56F4ED73B}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.PROPLUSR_{92833C80-DC88-4A22-8630-407F810EF57B}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 64-Bit Edition (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}_Office15.PROPLUSR_{602346D6-8E2F-4B0E-820A-CD62AC5B0DC9}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 64-Bit Edition (HKLM\...\{90150000-001F-0410-1000-0000000FF1CE}_Office15.PROPLUSR_{869B93B9-E75A-44DE-8AC5-A030A7A21FDD}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827230) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{F2187E8D-C68A-4655-8551-1932878A5581}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827239) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{9353CD85-4B19-45C4-8DBA-1391926351F6}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827239) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{9353CD85-4B19-45C4-8DBA-1391926351F6}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837626) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{6EE51F51-57B1-4DC7-96C2-857DB7F0BE93}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837637) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{0A90C645-3F9A-4CF9-BF62-2609602E3DAB}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837638) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{3A48DE63-607B-4FEA-A862-B52669C4433C}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837655) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{34F51E79-0110-4B49-A245-81319F58453E}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837655) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{C4B559C7-AA71-4B77-ACA3-50BEA8B4241B}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2837655) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{C4B559C7-AA71-4B77-ACA3-50BEA8B4241B}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2850066) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{000791D2-642D-418E-A3E9-96E72D8C67B8}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2850066) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{000791D2-642D-418E-A3E9-96E72D8C67B8}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2850063) 64-Bit Edition (HKLM\...\{90150000-00A1-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{05D8C7F6-9A93-4925-B2B3-7D6507AD2FC9}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2850063) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{CF6FBF49-BE22-4B98-9D7D-CB2A3236BC44}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2850063) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{CF6FBF49-BE22-4B98-9D7D-CB2A3236BC44}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2850061) 64-Bit Edition (HKLM\...\{90150000-001A-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{3D39D716-E74B-4079-883E-4171A40A6ECE}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2850061) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{E8F64CB5-1419-47A8-9FCE-F6E4137F2D25}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2767850) 64-Bit Edition (HKLM\...\{90150000-0018-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{CA014CB4-B26F-4D27-BF26-C994CC3428E5}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2767850) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{6FF949A3-1C3F-41C2-9464-933E885ECB53}) (Version:  - Microsoft)
Update for Microsoft Project 2013 (KB2727085) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{BBD4F4CE-65D4-4CEB-AE19-E5296A57AA6C}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2837635) 64-Bit Edition (HKLM\...\{90150000-0019-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{E9172003-60C1-447B-9569-7AA9FADE26B0}) (Version:  - Microsoft)
Update for Microsoft Publisher 2013 (KB2837635) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{2837C624-A972-43CF-BCE5-0AE2EFED72E3}) (Version:  - Microsoft)
Update for Microsoft SkyDrive Pro (KB2817495) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{A3417E9E-5B94-4BFF-AAA4-933B1AE46306}) (Version:  - Microsoft)
Update for Microsoft SkyDrive Pro (KB2817495) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{A3417E9E-5B94-4BFF-AAA4-933B1AE46306}) (Version:  - Microsoft)
Update for Microsoft SkyDrive Pro (KB2837652) 64-Bit Edition (HKLM\...\{90150000-00BA-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{AAB7E20E-E896-495E-AD19-1A0EF515DCED}) (Version:  - Microsoft)
Update for Microsoft SkyDrive Pro (KB2837652) 64-Bit Edition (HKLM\...\{90150000-00C1-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{AAB7E20E-E896-495E-AD19-1A0EF515DCED}) (Version:  - Microsoft)
Update for Microsoft Visio 2013 (KB2817306) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{F16E7B82-23FE-4054-AB73-EAE53965251C}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2768338) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D1F1940B-94DF-4DCB-BF82-9530D7FBB1BF}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2837647) 64-Bit Edition (HKLM\...\{90150000-001A-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{A96FBD56-0376-465E-8A60-7E73B9C51658}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2837647) 64-Bit Edition (HKLM\...\{90150000-001B-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{A96FBD56-0376-465E-8A60-7E73B9C51658}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2837647) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{A96FBD56-0376-465E-8A60-7E73B9C51658}) (Version:  - Microsoft)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.1.1 (HKLM-x32\...\VLC media player) (Version: 2.1.1 - VideoLAN)
WD Quick View (HKLM-x32\...\{19A2103A-A588-421C-B4CD-30E02FA401A3}) (Version: 1.6.3.4 - Western Digital)
WebReg (x32 Version: 140.0.297.017 - Hewlett-Packard) Hidden
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

==================== Restore Points  =========================

10-03-2014 13:54:40 Installed AVG 2014

==================== Hosts content: ==========================

2013-08-22 14:25 - 2014-01-09 11:24 - 00000898 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com


==================== Scheduled Tasks (whitelisted) =============

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {1D6067B7-6661-4FDA-8B4D-0AD8E1BE39B0} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {1DCC2630-0B7B-4708-8967-AEA0FB0CEAD2} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\SYSTEM32\MRT.EXE [2014-02-16] (Microsoft Corporation)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {3D8C5304-E77C-42BA-86B5-DBC10558D6F5} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {3FC60A42-BF55-4E94-B17B-B4D521308C01} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-28] (Google Inc.)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {69A41DED-E41C-4672-8393-34B8F211BE26} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {92B0F4AF-F333-4A6C-8F25-4764A914FFAB} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {F05600CE-9088-4A82-A526-E3B9CB291076} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-28] (Google Inc.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-03-14 14:42 - 2013-03-14 14:42 - 00182248 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-03-14 14:42 - 2013-03-14 14:42 - 00059880 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2013-10-03 23:42 - 2013-10-03 23:42 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-12-08 17:54 - 2014-01-13 16:34 - 00603648 _____ () C:\Users\Philipp\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2014-03-12 19:22 - 2014-03-12 19:22 - 00159768 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.0\loggingserver.exe
2014-03-11 19:13 - 2014-03-12 19:22 - 02539544 _____ () C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
2013-03-28 00:52 - 2013-03-28 00:51 - 00397704 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-12-08 17:54 - 2014-01-13 16:34 - 36967424 _____ () C:\Users\Philipp\AppData\Roaming\Spotify\Data\libcef.dll
2013-12-08 17:54 - 2014-01-13 16:34 - 00887808 _____ () C:\Users\Philipp\AppData\Roaming\Spotify\Data\libglesv2.dll
2013-12-08 17:54 - 2014-01-13 16:34 - 00109568 _____ () C:\Users\Philipp\AppData\Roaming\Spotify\Data\libegl.dll
2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2013-10-19 00:55 - 2013-10-19 00:55 - 25100288 _____ () C:\Users\Philipp\AppData\Roaming\Dropbox\bin\libcef.dll
2012-09-23 20:43 - 2012-09-23 20:43 - 00010240 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\locale\de_de\acrotray.deu
2012-09-23 20:43 - 2012-09-23 20:43 - 00313992 _____ () C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\sqlite.dll
2014-03-12 19:22 - 2014-03-12 19:22 - 00519704 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.0\log4cplusU.dll
2014-03-04 10:37 - 2014-03-02 03:35 - 00051016 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\chrome_elf.dll
2014-03-04 10:37 - 2014-03-02 03:35 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\libglesv2.dll
2014-03-04 10:37 - 2014-03-02 03:35 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\libegl.dll
2014-03-04 10:37 - 2014-03-02 03:35 - 04061000 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\pdf.dll
2014-03-04 10:37 - 2014-03-02 03:35 - 00394568 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\ppGoogleNaClPluginChrome.dll
2014-03-04 10:37 - 2014-03-02 03:35 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.146\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Philipp\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"

==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (03/12/2014 10:14:55 AM) (Source: Microsoft-Windows-Defrag) (User: )
Description: Das Volume "System-reserviert" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)

Error: (03/11/2014 09:24:05 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall

Error: (03/11/2014 09:22:35 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 30469

Error: (03/11/2014 09:22:35 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 30469

Error: (03/11/2014 09:22:35 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/11/2014 09:22:20 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15438

Error: (03/11/2014 09:22:20 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15438

Error: (03/11/2014 09:22:20 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/11/2014 09:14:21 PM) (Source: Application Hang) (User: )
Description: Programm ScriptHelper.exe, Version 17.3.1.91 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 910

Startzeit: 01cf3d6477a3a673

Endzeit: 6

Anwendungspfad: C:\Program Files (x86)\Common Files\AVG Secure Search\ScriptHelperInstaller\17.3.0\ScriptHelper.exe

Berichts-ID: b960276d-a959-11e3-beb6-bc5ff46e9de1

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (03/11/2014 08:53:58 PM) (Source: Microsoft-Windows-Defrag) (User: )
Description: Das Volume "System-reserviert" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)


System errors:
=============
Error: (03/12/2014 10:24:49 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (03/12/2014 10:00:01 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (03/12/2014 01:24:34 AM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (03/11/2014 09:21:58 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (03/11/2014 09:19:33 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (03/11/2014 07:17:11 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (03/11/2014 07:14:50 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (03/11/2014 06:09:56 PM) (Source: Service Control Manager) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden Fehlers fehlgeschlagen: 
%%5

Error: (03/11/2014 06:09:44 PM) (Source: disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.

Error: (03/11/2014 04:34:29 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar


Microsoft Office Sessions:
=========================
Error: (03/12/2014 10:14:55 AM) (Source: Microsoft-Windows-Defrag)(User: )
Description: System-reserviertFalscher Parameter. (0x80070057)

Error: (03/11/2014 09:24:05 PM) (Source: Steam Client Service)(User: )
Description: Failed to poke open firewall

Error: (03/11/2014 09:22:35 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 30469

Error: (03/11/2014 09:22:35 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 30469

Error: (03/11/2014 09:22:35 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/11/2014 09:22:20 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15438

Error: (03/11/2014 09:22:20 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15438

Error: (03/11/2014 09:22:20 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/11/2014 09:14:21 PM) (Source: Application Hang)(User: )
Description: ScriptHelper.exe17.3.1.9191001cf3d6477a3a6736C:\Program Files (x86)\Common Files\AVG Secure Search\ScriptHelperInstaller\17.3.0\ScriptHelper.exeb960276d-a959-11e3-beb6-bc5ff46e9de1

Error: (03/11/2014 08:53:58 PM) (Source: Microsoft-Windows-Defrag)(User: )
Description: System-reserviertFalscher Parameter. (0x80070057)


CodeIntegrity Errors:
===================================
  Date: 2014-03-11 16:13:27.645
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Avira\AntiVir Desktop\avnotify.exe that did not meet the Microsoft signing level requirements.

  Date: 2014-03-11 16:13:25.240
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Avira\AntiVir Desktop\avnotify.exe that did not meet the Microsoft signing level requirements.

  Date: 2014-03-11 16:13:23.955
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Avira\AntiVir Desktop\avnotify.exe that did not meet the Microsoft signing level requirements.

  Date: 2014-03-11 16:13:22.285
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Avira\AntiVir Desktop\avnotify.exe that did not meet the Microsoft signing level requirements.


==================== Memory info =========================== 

Percentage of memory in use: 31%
Total physical RAM: 8080.73 MB
Available physical RAM: 5510.16 MB
Total Pagefile: 13712.73 MB
Available Pagefile: 9759.45 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.45 GB) (Free:45.59 GB) NTFS
Drive d: (Volume) (Fixed) (Total:931.51 GB) (Free:758.41 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 112 GB) (Disk ID: 91B7E22D)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 91B7E226)
Partition 1: (Not Active) - (Size=932 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
Danke im Voraus!

m.f.G.
Philipp

Alt 12.03.2014, 22:03   #2
schrauber
/// the machine
/// TB-Ausbilder
 

hiddenext/worm.gen verschickt E-Mails - Standard

hiddenext/worm.gen verschickt E-Mails



hi,

Logfile von Avira?
__________________

__________________

Alt 12.03.2014, 23:15   #3
ich753
 
hiddenext/worm.gen verschickt E-Mails - Standard

hiddenext/worm.gen verschickt E-Mails



Code:
ATTFilter
Avira Free Antivirus
Erstellungsdatum der Reportdatei: Mittwoch, 12. März 2014  19:41


Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.

Lizenznehmer   : Avira Antivirus Free
Seriennummer   : 0000149996-AVHOE-0000001
Plattform      : Windows 8.1 Pro
Windowsversion : (plain)  [6.2.9200]
Boot Modus     : Normal gebootet
Benutzername   : SYSTEM
Computername   : PHIL

Versionsinformationen:
BUILD.DAT      : 14.0.3.350     56624 Bytes  25.02.2014 11:41:00
AVSCAN.EXE     : 14.0.3.332   1058384 Bytes  20.02.2014 11:59:48
AVSCANRC.DLL   : 14.0.2.292     62008 Bytes  18.02.2014 14:47:39
LUKE.DLL       : 14.0.3.336     65616 Bytes  20.02.2014 11:59:50
AVSCPLR.DLL    : 14.0.3.336    124496 Bytes  20.02.2014 11:59:48
AVREG.DLL      : 14.0.3.336    250448 Bytes  20.02.2014 11:59:48
avlode.dll     : 14.0.3.336    544848 Bytes  20.02.2014 11:59:48
avlode.rdf     : 14.0.3.30      58574 Bytes  07.03.2014 12:41:04
VBASE000.VDF   : 7.11.70.0   66736640 Bytes  04.04.2013 15:06:49
VBASE001.VDF   : 7.11.74.226  2201600 Bytes  30.04.2013 15:29:20
VBASE002.VDF   : 7.11.80.60   2751488 Bytes  28.05.2013 12:19:08
VBASE003.VDF   : 7.11.85.214  2162688 Bytes  21.06.2013 14:18:19
VBASE004.VDF   : 7.11.91.176  3903488 Bytes  23.07.2013 15:24:25
VBASE005.VDF   : 7.11.98.186  6822912 Bytes  29.08.2013 00:02:07
VBASE006.VDF   : 7.11.103.230  2293248 Bytes  24.09.2013 14:58:30
VBASE007.VDF   : 7.11.116.38  5485568 Bytes  28.11.2013 15:23:26
VBASE008.VDF   : 7.11.126.50  3615744 Bytes  22.01.2014 17:10:30
VBASE009.VDF   : 7.11.128.174  2030080 Bytes  03.02.2014 13:56:20
VBASE010.VDF   : 7.11.134.72  3034112 Bytes  03.03.2014 09:26:27
VBASE011.VDF   : 7.11.134.73     2048 Bytes  03.03.2014 09:26:27
VBASE012.VDF   : 7.11.134.74     2048 Bytes  03.03.2014 09:26:27
VBASE013.VDF   : 7.11.134.75     2048 Bytes  03.03.2014 09:26:27
VBASE014.VDF   : 7.11.134.201   232960 Bytes  05.03.2014 09:25:28
VBASE015.VDF   : 7.11.135.75   149504 Bytes  07.03.2014 12:41:05
VBASE016.VDF   : 7.11.135.171   131072 Bytes  08.03.2014 02:59:38
VBASE017.VDF   : 7.11.135.239   139264 Bytes  10.03.2014 18:14:18
VBASE018.VDF   : 7.11.136.109   225792 Bytes  12.03.2014 15:03:56
VBASE019.VDF   : 7.11.136.110     2048 Bytes  12.03.2014 15:03:56
VBASE020.VDF   : 7.11.136.111     2048 Bytes  12.03.2014 15:03:56
VBASE021.VDF   : 7.11.136.112     2048 Bytes  12.03.2014 15:03:56
VBASE022.VDF   : 7.11.136.113     2048 Bytes  12.03.2014 15:03:56
VBASE023.VDF   : 7.11.136.114     2048 Bytes  12.03.2014 15:03:56
VBASE024.VDF   : 7.11.136.115     2048 Bytes  12.03.2014 15:03:56
VBASE025.VDF   : 7.11.136.116     2048 Bytes  12.03.2014 15:03:56
VBASE026.VDF   : 7.11.136.117     2048 Bytes  12.03.2014 15:03:56
VBASE027.VDF   : 7.11.136.118     2048 Bytes  12.03.2014 15:03:56
VBASE028.VDF   : 7.11.136.119     2048 Bytes  12.03.2014 15:03:56
VBASE029.VDF   : 7.11.136.120     2048 Bytes  12.03.2014 15:03:57
VBASE030.VDF   : 7.11.136.121     2048 Bytes  12.03.2014 15:03:57
VBASE031.VDF   : 7.11.136.174   107008 Bytes  12.03.2014 15:03:57
Engineversion  : 8.3.16.8  
AEVDF.DLL      : 8.3.0.2       110966 Bytes  11.03.2014 14:58:12
AESCRIPT.DLL   : 8.1.4.194     524670 Bytes  27.02.2014 21:04:29
AESCN.DLL      : 8.3.0.0       131446 Bytes  11.03.2014 14:58:12
AESBX.DLL      : 8.2.20.6     1331575 Bytes  13.01.2014 21:34:40
AERDL.DLL      : 8.2.0.138     704888 Bytes  02.12.2013 22:46:56
AEPACK.DLL     : 8.4.0.4       774520 Bytes  27.02.2014 21:04:29
AEOFFICE.DLL   : 8.3.0.0       205180 Bytes  11.03.2014 14:58:12
AEHEUR.DLL     : 8.1.4.958    6545786 Bytes  11.03.2014 14:58:12
AEHELP.DLL     : 8.3.0.0       274808 Bytes  11.03.2014 14:58:12
AEGEN.DLL      : 8.1.7.24      442743 Bytes  11.03.2014 14:58:12
AEEXP.DLL      : 8.4.1.242     495992 Bytes  11.03.2014 14:58:12
AEEMU.DLL      : 8.1.3.2       393587 Bytes  27.03.2013 23:49:59
AECORE.DLL     : 8.3.0.4       237944 Bytes  11.03.2014 14:58:12
AEBB.DLL       : 8.1.1.4        53619 Bytes  27.03.2013 23:49:59
AVWINLL.DLL    : 14.0.3.252     23608 Bytes  20.02.2014 11:59:47
AVPREF.DLL     : 14.0.3.252     48696 Bytes  20.02.2014 11:59:48
AVREP.DLL      : 14.0.3.252    175672 Bytes  20.02.2014 11:59:48
AVARKT.DLL     : 14.0.3.336    256080 Bytes  20.02.2014 11:59:47
AVEVTLOG.DLL   : 14.0.3.336    165968 Bytes  20.02.2014 11:59:48
SQLITE3.DLL    : 3.7.0.1       397704 Bytes  27.03.2013 23:51:37
AVSMTP.DLL     : 14.0.3.252     60472 Bytes  20.02.2014 11:59:48
NETNT.DLL      : 14.0.3.252     13368 Bytes  20.02.2014 11:59:50
RCIMAGE.DLL    : 14.0.3.260   4979256 Bytes  20.02.2014 11:59:47
RCTEXT.DLL     : 14.0.3.282     72760 Bytes  20.02.2014 11:59:47

Konfiguration für den aktuellen Suchlauf:
Job Name..............................: AVGuardAsyncScan
Konfigurationsdatei...................: C:\ProgramData\Avira\AntiVir Desktop\TEMP\AVGUARD_531f7028\guard_slideup.avp
Protokollierung.......................: standard
Primäre Aktion........................: Reparieren
Sekundäre Aktion......................: Quarantäne
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: aus
Durchsuche aktive Programme...........: ein
Durchsuche Registrierung..............: aus
Suche nach Rootkits...................: aus
Integritätsprüfung von Systemdateien..: aus
Prüfe alle Dateien....................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: Vollständig

Beginn des Suchlaufs: Mittwoch, 12. März 2014  19:41

Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'avgrsa.exe' - '11' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgcsrva.exe' - '9' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '54' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'atiesrxx.exe' - '16' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '97' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '103' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '169' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '70' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '73' Modul(e) wurden durchsucht
Durchsuche Prozess 'spoolsv.exe' - '82' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '58' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '88' Modul(e) wurden durchsucht
Durchsuche Prozess 'GoogleCrashHandler.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'GoogleCrashHandler64.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'armsvc.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '106' Modul(e) wurden durchsucht
Durchsuche Prozess 'AppleMobileDeviceService.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgidsagent.exe' - '68' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgwdsvc.exe' - '77' Modul(e) wurden durchsucht
Durchsuche Prozess 'mDNSResponder.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '42' Modul(e) wurden durchsucht
Durchsuche Prozess 'iSCTAgent.exe' - '71' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnsa.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgemca.exe' - '23' Modul(e) wurden durchsucht
Durchsuche Prozess 'TeamViewer_Service.exe' - '144' Modul(e) wurden durchsucht
Durchsuche Prozess 'WDDriveService.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'avshadow.exe' - '22' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '56' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchIndexer.exe' - '64' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '42' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '51' Modul(e) wurden durchsucht
Durchsuche Prozess 'DllHost.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'dashost.exe' - '64' Modul(e) wurden durchsucht
Durchsuche Prozess 'WUDFHost.exe' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmpnetwk.exe' - '80' Modul(e) wurden durchsucht
Durchsuche Prozess 'a2service.exe' - '74' Modul(e) wurden durchsucht
Durchsuche Prozess 'SeaPort.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'dwm.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'atieclxx.exe' - '44' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskhostex.exe' - '50' Modul(e) wurden durchsucht
Durchsuche Prozess 'Explorer.EXE' - '221' Modul(e) wurden durchsucht
Durchsuche Prozess 'skydrive.exe' - '92' Modul(e) wurden durchsucht
Durchsuche Prozess 'SettingSyncHost.exe' - '126' Modul(e) wurden durchsucht
Durchsuche Prozess 'igfxsrvc.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'igfxpers.exe' - '41' Modul(e) wurden durchsucht
Durchsuche Prozess 'SetPoint.exe' - '89' Modul(e) wurden durchsucht
Durchsuche Prozess 'KHALMNPR.EXE' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'RAVCpl64.exe' - '44' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '117' Modul(e) wurden durchsucht
Durchsuche Prozess 'spotify.exe' - '116' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '77' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'SpotifyHelper.exe' - '55' Modul(e) wurden durchsucht
Durchsuche Prozess 'SpotifyHelper.exe' - '55' Modul(e) wurden durchsucht
Durchsuche Prozess 'SpotifyHelper.exe' - '55' Modul(e) wurden durchsucht
Durchsuche Prozess 'SpotifyHelper.exe' - '55' Modul(e) wurden durchsucht
Durchsuche Prozess 'SpotifyHelper.exe' - '73' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'SpotifyWebHelper.exe' - '44' Modul(e) wurden durchsucht
Durchsuche Prozess 'iCloudServices.exe' - '77' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'ApplePhotoStreams.exe' - '113' Modul(e) wurden durchsucht
Durchsuche Prozess 'APSDaemon.exe' - '79' Modul(e) wurden durchsucht
Durchsuche Prozess 'iSCTsysTray8.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '93' Modul(e) wurden durchsucht
Durchsuche Prozess 'Dropbox.exe' - '97' Modul(e) wurden durchsucht
Durchsuche Prozess 'WDDMStatus.exe' - '64' Modul(e) wurden durchsucht
Durchsuche Prozess 'jusched.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'MOM.exe' - '67' Modul(e) wurden durchsucht
Durchsuche Prozess 'acrotray.exe' - '42' Modul(e) wurden durchsucht
Durchsuche Prozess 'CCC.exe' - '218' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgui.exe' - '102' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgcsrva.exe' - '9' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'Acrobat.exe' - '112' Modul(e) wurden durchsucht
Durchsuche Prozess 'AdobeARM.exe' - '63' Modul(e) wurden durchsucht
Durchsuche Prozess 'splwow64.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'OUTLOOK.EXE' - '214' Modul(e) wurden durchsucht
Durchsuche Prozess 'chrome.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'ToolbarUpdater.exe' - '52' Modul(e) wurden durchsucht
Durchsuche Prozess 'loggingserver.exe' - '20' Modul(e) wurden durchsucht
Durchsuche Prozess 'conhost.exe' - '12' Modul(e) wurden durchsucht
Durchsuche Prozess 'vprot.exe' - '82' Modul(e) wurden durchsucht
Durchsuche Prozess 'LiveComm.exe' - '92' Modul(e) wurden durchsucht
Durchsuche Prozess 'RuntimeBroker.exe' - '55' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchProtocolHost.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchFilterHost.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '112' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgcsrva.exe' - '9' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchProtocolHost.exe' - '76' Modul(e) wurden durchsucht
Durchsuche Prozess 'wininit.exe' - '17' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsass.exe' - '67' Modul(e) wurden durchsucht
Durchsuche Prozess 'WinLogon.exe' - '27' Modul(e) wurden durchsucht

Der Suchlauf über die ausgewählten Dateien wird begonnen:

Beginne mit der Suche in 'C:\Users\Philipp\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\LiveComm\e46deba3053405f2\120712-0049\Att\2000d24a\foto.zip'
C:\Users\Philipp\AppData\Local\Packages\microsoft.windowscommunicationsapps_8wekyb3d8bbwe\LocalState\LiveComm\e46deba3053405f2\120712-0049\Att\2000d24a\foto.zip
  [FUND]      Die Datei enthält ein ausführbares Programm. Dies wird jedoch durch eine harmlose Dateierweiterung verschleiert (HIDDENEXT/Worm.Gen)
  [HINWEIS]   Der Fund wurde als verdächtig eingestuft.
  [HINWEIS]   Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '55d93574.qua' verschoben!


Ende des Suchlaufs: Mittwoch, 12. März 2014  19:41
Benötigte Zeit: 00:10 Minute(n)

Der Suchlauf wurde vollständig durchgeführt.

      0 Verzeichnisse wurden überprüft
   3017 Dateien wurden geprüft
      0 Viren bzw. unerwünschte Programme wurden gefunden
      1 Dateien wurden als verdächtig eingestuft
      0 Dateien wurden gelöscht
      0 Viren bzw. unerwünschte Programme wurden repariert
      1 Dateien wurden in die Quarantäne verschoben
      0 Dateien wurden umbenannt
      0 Dateien konnten nicht durchsucht werden
   3016 Dateien ohne Befall
    160 Archive wurden durchsucht
      0 Warnungen
      1 Hinweise
         
__________________

Alt 13.03.2014, 13:34   #4
schrauber
/// the machine
/// TB-Ausbilder
 

hiddenext/worm.gen verschickt E-Mails - Standard

hiddenext/worm.gen verschickt E-Mails



Hast Du im Communicator irgendeine Datei "Foto.zip" bekommen? Also bevor das in Outlook anfing?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 13.03.2014, 13:41   #5
ich753
 
hiddenext/worm.gen verschickt E-Mails - Standard

hiddenext/worm.gen verschickt E-Mails



mit communicator meinst du outlook ..??
Nein ich hab keine Foto.zip Datei o.ä. bekommen oder gar geöffnet.


Alt 14.03.2014, 10:32   #6
schrauber
/// the machine
/// TB-Ausbilder
 

hiddenext/worm.gen verschickt E-Mails - Standard

hiddenext/worm.gen verschickt E-Mails



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
--> hiddenext/worm.gen verschickt E-Mails

Antwort

Themen zu hiddenext/worm.gen verschickt E-Mails
antivir, antivirus, avg antivirus, avira, bingbar, bonjour, branding, browser, cid, desktop, e-mail, ebanking, excel, failed, firefox, focus, frst log:, google, homepage, kaspersky, mozilla, officejet, outlook 2013, problem, realtek, registry, scan, schädling, secure search, security, software, spotify web helper, spyware, teamspeak, uplay, verschickt e-mails, vtoolbarupdater, wurm



Ähnliche Themen: hiddenext/worm.gen verschickt E-Mails


  1. HIDDENEXT/Worm.Gen und andere Malware
    Plagegeister aller Art und deren Bekämpfung - 22.06.2015 (4)
  2. iPhone verschickt E-Mails.
    Smartphone, Tablet & Handy Security - 22.12.2014 (1)
  3. hiddenext/worm.gen - was tut das genau und bin ich es losgeworden?
    Plagegeister aller Art und deren Bekämpfung - 19.04.2014 (12)
  4. MacOS: Avira hat 'HIDDENEXT/Worm.gen' und 'TR/Matsmu.A.111' entdeckt - was tun?
    Alles rund um Mac OSX & Linux - 15.04.2014 (2)
  5. Outlook mit Hiddenext/worm.gen befallen
    Plagegeister aller Art und deren Bekämpfung - 28.03.2014 (7)
  6. Alle Browser gesperrt, Virenscanner aus, "Hiddenext/Worm.Gen"
    Plagegeister aller Art und deren Bekämpfung - 29.01.2014 (11)
  7. T-mobile MMS {SYMBOL}_foto.zip "HIDDENEXT/Worm.Gen" Avira Archiv geöffnet...
    Log-Analyse und Auswertung - 16.04.2013 (23)
  8. Mein PC verschickt e-mails
    Plagegeister aller Art und deren Bekämpfung - 26.03.2013 (13)
  9. Computer verschickt mails !
    Log-Analyse und Auswertung - 18.03.2013 (30)
  10. gmx konto verschickt spam mails
    Plagegeister aller Art und deren Bekämpfung - 20.02.2013 (39)
  11. web.de verschickt eigenständig Spam-mails
    Plagegeister aller Art und deren Bekämpfung - 21.06.2012 (30)
  12. Imgnute0011.exe (hiddenext worm.gen)
    Plagegeister aller Art und deren Bekämpfung - 22.02.2011 (3)
  13. GMX-Account verschickt E-Mails
    Plagegeister aller Art und deren Bekämpfung - 17.09.2010 (22)
  14. MSN e-mail konto verschickt eigenständig spam mails an kontakte.. WORM/kido.XI gefunden
    Plagegeister aller Art und deren Bekämpfung - 18.06.2010 (2)
  15. PC verschickt unaufgefordert mails
    Log-Analyse und Auswertung - 26.07.2009 (2)
  16. PC verschickt willkürlich E-Mails
    Plagegeister aller Art und deren Bekämpfung - 19.07.2008 (2)
  17. Winlogon verschickt Mails!
    Plagegeister aller Art und deren Bekämpfung - 30.12.2005 (4)

Zum Thema hiddenext/worm.gen verschickt E-Mails - Hallo an alle, ich habe seit einigen Tagen das Problem, dass mir Avira meldet dass es einen Schädling gefunden hat (hiddenext/worm.gen) und immer wieder von meinem Outlook E-Mails mit einem - hiddenext/worm.gen verschickt E-Mails...
Archiv
Du betrachtest: hiddenext/worm.gen verschickt E-Mails auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.