Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: VIRUS Werbung bei lila unterstrichenen Wörtern

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 03.04.2014, 09:35   #1
Sophie8492
 
VIRUS Werbung bei lila unterstrichenen Wörtern - Standard

VIRUS Werbung bei lila unterstrichenen Wörtern



Hallo!

Ich habe seit ein paar Tagen Probleme mit meinem Browser (Firefox). Auf manchen Seiten werden Wörter lila doppelt unterstrichen, die auf Werbung für irgendwelche Handy-Flats verweisen. Kann mir bitte jemand schnell helfen? Schreibe gerade etwas für die Uni, und es nervt echt!

Danke und Liebe Grüße

Alt 03.04.2014, 09:51   #2
schrauber
/// the machine
/// TB-Ausbilder
 

VIRUS Werbung bei lila unterstrichenen Wörtern - Standard

VIRUS Werbung bei lila unterstrichenen Wörtern



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 03.04.2014, 13:58   #3
Sophie8492
 
VIRUS Werbung bei lila unterstrichenen Wörtern - Standard

VIRUS Werbung bei lila unterstrichenen Wörtern



Erste:
FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Freya-Sophie (administrator) on FREYA-SOPHIE-HP on 03-04-2014 09:55:39
Running from C:\Users\Freya-Sophie\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool 
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(HP) C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(AuthenTec Inc.) C:\Program Files (x86)\HP SimplePass\TouchControl.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(HP) C:\Program Files (x86)\HP SimplePass\BioMonitor.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(NewSoft Technology Corporation) C:\Windows\System32\spool\drivers\x64\3\WrtMon.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIHTU.EXE
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIHTU.EXE
(NewSoft Technology Corporation) C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\Pmsb.exe
(NewSoft Technology Corporation) C:\Windows\System32\spool\drivers\x64\3\WrtProc.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
() C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(NewSoft Technology Corporation) C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMSpeed.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Intel Corporation) C:\Windows\system32\igfxsrvc.exe
(Farbar) C:\Users\Freya-Sophie\Downloads\FRST64(1).exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6463592 2012-02-13] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2885904 2012-02-24] (Synaptics Incorporated)
HKLM\...\Run: [SetDefault] - C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [44880 2011-12-19] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [WrtMon.exe] - C:\Windows\system32\spool\drivers\x64\3\WrtMon.exe [26448 2008-05-24] (NewSoft Technology Corporation)
HKLM-x32\...\Run: [Easybits Recovery] - C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2012-01-30] (EasyBits Software AS)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HPOSD] - C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-21] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [B2C_AGENT] - C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe [404568 2012-03-28] (LG Electronics)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-11-28] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152544 2012-12-12] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [EEventManager] - C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [PMSpeed] - C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMSpeed.EXE [116632 2010-07-29] (NewSoft Technology Corporation)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707472 2013-12-13] (Cisco Systems, Inc.)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-03-25] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-1595992211-3356558206-601454915-1000\...\Run: [EPLTarget\P0000000000000000] - C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHTU.EXE [241280 2012-12-13] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1595992211-3356558206-601454915-1000\...\Run: [EPLTarget\P0000000000000001] - C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHTU.EXE [241280 2012-12-13] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1595992211-3356558206-601454915-1000\...\Run: [Scan Buttons] - C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMSB.EXE [214360 2011-01-21] (NewSoft Technology Corporation)
HKU\S-1-5-21-1595992211-3356558206-601454915-1000\...\Run: [jSugLyCC] - wscript.exe //B "C:\Users\FREYA-~1\AppData\Local\Temp\jSugLyCC.vbs" <===== ATTENTION
HKU\S-1-5-21-1595992211-3356558206-601454915-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-1595992211-3356558206-601454915-1000\...\Policies\system: [DisableChangePassword] 0
Startup: C:\Users\Freya-Sophie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://www.ebay.de/sch/i.html?_nkw={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://www.ebay.de/sch/i.html?_nkw={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=horus
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://www.ebay.de/sch/i.html?_nkw={searchTerms}
BHO: HP SimplePass Browser Helper Object - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass\x64\IEBHO.dll (HP)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: HP SimplePass Browser Helper Object - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass\IEBHO.DLL (HP)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - HP SimplePass Toolbar - {C98EE38D-21E4-4A50-907D-2B56FEC7013E} - C:\Program Files (x86)\HP SimplePass\x64\IEBHO.dll (HP)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - HP SimplePass Toolbar - {C98EE38D-21E4-4A50-907D-2B56FEC7013E} - C:\Program Files (x86)\HP SimplePass\IEBHO.DLL (HP)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} -  No File
Handler-x32: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2012-06-21] (EasyBits Software Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Freya-Sophie\AppData\Roaming\Mozilla\Firefox\Profiles\n3jtrf3m.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\IPSFFPlgn\
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\IPSFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\coFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: E-Web Print - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2013-04-24]

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-21] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-21] (Avira Operations GmbH & Co. KG)
R2 FPLService; C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [260424 2011-12-11] (HP)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-08] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe [138272 2012-06-16] (Symantec Corporation)
S3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [269640 2011-12-09] (AuthenTec, Inc.)

==================== Drivers (Whitelisted) ====================

S3 Andbus; C:\Windows\System32\DRIVERS\lgandbus64.sys [19456 2012-03-02] (LG Electronics Inc.)
S3 AndDiag; C:\Windows\System32\DRIVERS\lganddiag64.sys [27648 2012-03-02] (LG Electronics Inc.)
S3 AndGps; C:\Windows\System32\DRIVERS\lgandgps64.sys [27136 2012-03-02] (LG Electronics Inc.)
S3 ANDModem; C:\Windows\System32\DRIVERS\lgandmodem64.sys [34304 2012-03-02] (LG Electronics Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-05] (Avira Operations GmbH & Co. KG)
R3 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\BASHDefs\20111201.001\BHDrvx64.sys [1157240 2011-11-28] (Symantec Corporation)
R3 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1309010.00E\ccSetx64.sys [167072 2012-06-07] (Symantec Corporation)
R3 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\IPSDefs\20111130.012\IDSVia64.sys [488568 2011-11-23] (Symantec Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\VirusDefs\20111203.009\ENG64.SYS [117880 2011-12-03] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\VirusDefs\20111203.009\EX64.SYS [2048632 2011-12-03] (Symantec Corporation)
S3 RSP2STOR; C:\Windows\System32\DRIVERS\RtsP2Stor.sys [259688 2011-10-27] (Realtek Semiconductor Corp.)
R3 SmbDrv; C:\Windows\system32\drivers\Smb_driver.sys [21264 2012-02-24] (Synaptics Incorporated)
S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1309010.00E\SRTSP64.SYS [737952 2012-07-06] (Symantec Corporation)
R3 SRTSPX; C:\Windows\system32\drivers\NISx64\1309010.00E\SRTSPX64.SYS [37536 2012-07-06] (Symantec Corporation)
R3 SymDS; C:\Windows\system32\drivers\NISx64\1309010.00E\SYMDS64.SYS [451192 2011-08-16] (Symantec Corporation)
R3 SymEFA; C:\Windows\system32\drivers\NISx64\1309010.00E\SYMEFA64.SYS [1129120 2012-05-22] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [175736 2012-06-21] (Symantec Corporation)
R3 SymIRON; C:\Windows\system32\drivers\NISx64\1309010.00E\Ironx64.SYS [190072 2012-04-18] (Symantec Corporation)
R3 SymNetS; C:\Windows\System32\Drivers\NISx64\1309010.00E\SYMNETS.SYS [405624 2012-04-18] (Symantec Corporation)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52080 2013-12-13] (Cisco Systems, Inc.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-03 09:55 - 2014-04-03 09:55 - 02157056 _____ (Farbar) C:\Users\Freya-Sophie\Downloads\FRST64(1).exe
2014-04-03 09:00 - 2014-04-03 09:00 - 01426178 _____ () C:\Users\Freya-Sophie\Downloads\adwcleaner(1).exe
2014-03-30 20:15 - 2014-03-30 20:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-26 09:56 - 2014-03-26 10:11 - 00025561 _____ () C:\Users\Freya-Sophie\Desktop\Drux Arbeit korrigiert.odt
2014-03-25 17:57 - 2014-03-28 11:46 - 00000000 ____D () C:\Users\Freya-Sophie\Desktop\BA Arbeit
2014-03-17 23:18 - 2014-03-17 23:18 - 00000000 ____D () C:\Users\Freya-Sophie\Desktop\Hamburg
2014-03-17 22:45 - 2014-03-17 22:45 - 00000000 ____D () C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
2014-03-13 14:36 - 2014-03-01 07:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-13 14:36 - 2014-03-01 06:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-13 14:36 - 2014-03-01 06:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-13 14:36 - 2014-03-01 05:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-13 14:36 - 2014-03-01 05:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-13 14:36 - 2014-03-01 05:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-13 14:36 - 2014-03-01 05:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-13 14:36 - 2014-03-01 04:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-13 14:36 - 2014-02-07 03:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-13 14:36 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-13 14:36 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-13 14:36 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-13 14:35 - 2014-03-01 08:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-13 14:35 - 2014-03-01 07:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-13 14:35 - 2014-03-01 06:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-13 14:35 - 2014-03-01 06:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-13 14:35 - 2014-03-01 06:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-13 14:35 - 2014-03-01 06:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-13 14:35 - 2014-03-01 06:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-13 14:35 - 2014-03-01 06:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-13 14:35 - 2014-03-01 06:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-13 14:35 - 2014-03-01 06:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-13 14:35 - 2014-03-01 06:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-13 14:35 - 2014-03-01 06:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-13 14:35 - 2014-03-01 06:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-13 14:35 - 2014-03-01 06:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-13 14:35 - 2014-03-01 05:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-13 14:35 - 2014-03-01 05:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-13 14:35 - 2014-03-01 05:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-13 14:35 - 2014-03-01 05:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-13 14:35 - 2014-03-01 05:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-13 14:35 - 2014-03-01 05:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-13 14:35 - 2014-03-01 05:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-13 14:35 - 2014-03-01 05:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-13 14:35 - 2014-03-01 05:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-13 14:35 - 2014-03-01 05:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-13 14:35 - 2014-03-01 05:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-13 14:35 - 2014-03-01 05:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-13 14:35 - 2014-03-01 05:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-13 14:35 - 2014-03-01 04:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-13 14:35 - 2014-03-01 04:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-13 14:35 - 2014-03-01 04:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-13 14:35 - 2014-03-01 04:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-13 14:35 - 2014-03-01 04:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-13 14:35 - 2014-02-04 04:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-13 14:35 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-13 14:34 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-13 14:34 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-09 18:42 - 2014-03-09 18:46 - 00000000 ____D () C:\Users\Freya-Sophie\AppData\Roaming\Skype
2014-03-06 14:06 - 2014-03-06 14:06 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-05 13:17 - 2014-03-26 10:02 - 00019789 _____ () C:\Users\Freya-Sophie\Desktop\Sonderteil Drux.odt

==================== One Month Modified Files and Folders =======

2014-04-03 09:55 - 2014-04-03 09:55 - 02157056 _____ (Farbar) C:\Users\Freya-Sophie\Downloads\FRST64(1).exe
2014-04-03 09:55 - 2013-10-14 12:33 - 00021996 _____ () C:\Users\Freya-Sophie\Downloads\FRST.txt
2014-04-03 09:55 - 2013-10-14 12:31 - 00000000 ____D () C:\FRST
2014-04-03 09:50 - 2012-03-15 07:32 - 00700134 _____ () C:\Windows\system32\perfh007.dat
2014-04-03 09:50 - 2012-03-15 07:32 - 00149984 _____ () C:\Windows\system32\perfc007.dat
2014-04-03 09:50 - 2009-07-14 07:13 - 01622236 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-03 09:43 - 2013-10-15 18:13 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-03 09:30 - 2009-07-14 06:45 - 00031472 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-03 09:30 - 2009-07-14 06:45 - 00031472 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-03 09:23 - 2013-04-25 07:58 - 00000000 ____D () C:\Users\Freya-Sophie\AppData\Roaming\.oit
2014-04-03 09:22 - 2012-10-13 11:39 - 01374959 _____ () C:\Windows\WindowsUpdate.log
2014-04-03 09:22 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-03 09:22 - 2009-07-14 06:51 - 00110864 _____ () C:\Windows\setupact.log
2014-04-03 09:21 - 2013-10-13 23:36 - 00000000 ____D () C:\AdwCleaner
2014-04-03 09:00 - 2014-04-03 09:00 - 01426178 _____ () C:\Users\Freya-Sophie\Downloads\adwcleaner(1).exe
2014-04-02 23:23 - 2012-11-28 23:49 - 00000000 ___HD () C:\Users\Freya-Sophie\Desktop\.picasaoriginals
2014-04-02 22:13 - 2012-10-13 11:46 - 00003986 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{85A2C3B9-F210-4290-81FF-A833E868492A}
2014-04-02 17:55 - 2014-01-02 22:41 - 00003228 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForFreya-Sophie
2014-04-02 17:55 - 2014-01-02 22:41 - 00000360 _____ () C:\Windows\Tasks\HPCeeScheduleForFreya-Sophie.job
2014-04-02 17:53 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-04-01 13:41 - 2013-10-13 22:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-30 20:15 - 2014-03-30 20:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-30 19:46 - 2013-03-17 16:01 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-03-30 19:46 - 2012-11-04 18:48 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-03-28 11:46 - 2014-03-25 17:57 - 00000000 ____D () C:\Users\Freya-Sophie\Desktop\BA Arbeit
2014-03-26 10:11 - 2014-03-26 09:56 - 00025561 _____ () C:\Users\Freya-Sophie\Desktop\Drux Arbeit korrigiert.odt
2014-03-26 10:02 - 2014-03-05 13:17 - 00019789 _____ () C:\Users\Freya-Sophie\Desktop\Sonderteil Drux.odt
2014-03-25 20:25 - 2014-02-17 17:10 - 00046196 _____ () C:\Users\Freya-Sophie\Desktop\Ha Drux Fertig.odt
2014-03-25 19:31 - 2012-11-26 00:10 - 00000000 ____D () C:\Users\Freya-Sophie\Desktop\Dokumente
2014-03-25 17:56 - 2013-03-12 23:07 - 00000000 ____D () C:\ProgramData\Cisco
2014-03-25 17:56 - 2013-03-12 23:07 - 00000000 ____D () C:\Program Files (x86)\Cisco
2014-03-25 17:21 - 2012-10-26 12:18 - 00000000 ____D () C:\Users\Freya-Sophie\Desktop\Musik
2014-03-19 16:17 - 2013-09-08 00:07 - 00000000 ___RD () C:\Users\Freya-Sophie\Desktop\Sonstiges
2014-03-19 15:54 - 2012-10-26 12:31 - 00000000 ____D () C:\Users\Freya-Sophie\Desktop\Bilder
2014-03-17 23:18 - 2014-03-17 23:18 - 00000000 ____D () C:\Users\Freya-Sophie\Desktop\Hamburg
2014-03-17 22:50 - 2012-03-14 23:33 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-03-17 22:50 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help
2014-03-17 22:47 - 2012-03-14 23:07 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-03-17 22:45 - 2014-03-17 22:45 - 00000000 ____D () C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
2014-03-17 22:43 - 2012-03-14 23:24 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-03-17 22:43 - 2011-02-10 21:23 - 00000000 ____D () C:\SWSetup
2014-03-16 23:19 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-03-14 10:10 - 2009-07-14 06:45 - 00311952 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-14 10:09 - 2013-03-15 21:51 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-14 10:09 - 2013-03-15 21:51 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-12 18:43 - 2013-10-15 18:13 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-12 18:43 - 2013-10-15 18:13 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-12 18:43 - 2013-10-15 18:13 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-10 22:46 - 2013-07-04 12:13 - 00000000 ____D () C:\Users\Freya-Sophie\Desktop\Uni
2014-03-09 18:46 - 2014-03-09 18:42 - 00000000 ____D () C:\Users\Freya-Sophie\AppData\Roaming\Skype
2014-03-06 14:06 - 2014-03-06 14:06 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-06 14:06 - 2012-03-14 23:24 - 00000000 ____D () C:\ProgramData\Skype
2014-03-06 14:01 - 2012-10-13 16:26 - 01596516 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-03-06 13:52 - 2010-11-21 05:47 - 00207720 _____ () C:\Windows\PFRO.log

Some content of TEMP:
====================
C:\Users\Freya-Sophie\AppData\Local\Temp\AskSLib.dll
C:\Users\Freya-Sophie\AppData\Local\Temp\avgnt.exe
C:\Users\Freya-Sophie\AppData\Local\Temp\Extract.exe
C:\Users\Freya-Sophie\AppData\Local\Temp\HPHelpUpdater.exe
C:\Users\Freya-Sophie\AppData\Local\Temp\Quarantine.exe
C:\Users\Freya-Sophie\AppData\Local\Temp\Resource.exe
C:\Users\Freya-Sophie\AppData\Local\Temp\SP56942.exe
C:\Users\Freya-Sophie\AppData\Local\Temp\sp58915.exe
C:\Users\Freya-Sophie\AppData\Local\Temp\SP59202.exe
C:\Users\Freya-Sophie\AppData\Local\Temp\sp64126.exe
C:\Users\Freya-Sophie\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\Freya-Sophie\AppData\Local\Temp\ylb2mz36.dll
C:\Users\Freya-Sophie\AppData\Local\Temp\_is3325.exe
C:\Users\Freya-Sophie\AppData\Local\Temp\_is6F4A.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-16 23:11

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---

--- --- ---

--- --- ---

--- --- ---


Das war alles...Das Programm hat nur das angezeigt.

Auf dem Desktop wurde auch nichts gespeichert. Hab ich etwas falsch gemacht?


FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Freya-Sophie (administrator) on FREYA-SOPHIE-HP on 03-04-2014 10:03:08
Running from C:\Users\Freya-Sophie\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool 
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(HP) C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(AuthenTec Inc.) C:\Program Files (x86)\HP SimplePass\TouchControl.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(HP) C:\Program Files (x86)\HP SimplePass\BioMonitor.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(NewSoft Technology Corporation) C:\Windows\System32\spool\drivers\x64\3\WrtMon.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIHTU.EXE
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIHTU.EXE
(NewSoft Technology Corporation) C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\Pmsb.exe
(NewSoft Technology Corporation) C:\Windows\System32\spool\drivers\x64\3\WrtProc.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
() C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(NewSoft Technology Corporation) C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMSpeed.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Farbar) C:\Users\Freya-Sophie\Downloads\FRST64(2).exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6463592 2012-02-13] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2885904 2012-02-24] (Synaptics Incorporated)
HKLM\...\Run: [SetDefault] - C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [44880 2011-12-19] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [WrtMon.exe] - C:\Windows\system32\spool\drivers\x64\3\WrtMon.exe [26448 2008-05-24] (NewSoft Technology Corporation)
HKLM-x32\...\Run: [Easybits Recovery] - C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2012-01-30] (EasyBits Software AS)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HPOSD] - C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-21] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [B2C_AGENT] - C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe [404568 2012-03-28] (LG Electronics)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-11-28] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152544 2012-12-12] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [EEventManager] - C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [PMSpeed] - C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMSpeed.EXE [116632 2010-07-29] (NewSoft Technology Corporation)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [707472 2013-12-13] (Cisco Systems, Inc.)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-03-25] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-1595992211-3356558206-601454915-1000\...\Run: [EPLTarget\P0000000000000000] - C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHTU.EXE [241280 2012-12-13] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1595992211-3356558206-601454915-1000\...\Run: [EPLTarget\P0000000000000001] - C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHTU.EXE [241280 2012-12-13] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1595992211-3356558206-601454915-1000\...\Run: [Scan Buttons] - C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMSB.EXE [214360 2011-01-21] (NewSoft Technology Corporation)
HKU\S-1-5-21-1595992211-3356558206-601454915-1000\...\Run: [jSugLyCC] - wscript.exe //B "C:\Users\FREYA-~1\AppData\Local\Temp\jSugLyCC.vbs" <===== ATTENTION
HKU\S-1-5-21-1595992211-3356558206-601454915-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-1595992211-3356558206-601454915-1000\...\Policies\system: [DisableChangePassword] 0
Startup: C:\Users\Freya-Sophie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://www.ebay.de/sch/i.html?_nkw={searchTerms}
SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://www.ebay.de/sch/i.html?_nkw={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=horus
SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://www.ebay.de/sch/i.html?_nkw={searchTerms}
BHO: HP SimplePass Browser Helper Object - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass\x64\IEBHO.dll (HP)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: HP SimplePass Browser Helper Object - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass\IEBHO.DLL (HP)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - HP SimplePass Toolbar - {C98EE38D-21E4-4A50-907D-2B56FEC7013E} - C:\Program Files (x86)\HP SimplePass\x64\IEBHO.dll (HP)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - HP SimplePass Toolbar - {C98EE38D-21E4-4A50-907D-2B56FEC7013E} - C:\Program Files (x86)\HP SimplePass\IEBHO.DLL (HP)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} -  No File
Handler-x32: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2012-06-21] (EasyBits Software Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Freya-Sophie\AppData\Roaming\Mozilla\Firefox\Profiles\n3jtrf3m.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\IPSFFPlgn\
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\IPSFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\coFFPlgn\ []
FF HKLM-x32\...\Firefox\Extensions: [e-webprint@epson.com] - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on
FF Extension: E-Web Print - C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on [2013-04-24]

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-21] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-21] (Avira Operations GmbH & Co. KG)
R2 FPLService; C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [260424 2011-12-11] (HP)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-08] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe [138272 2012-06-16] (Symantec Corporation)
S3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [269640 2011-12-09] (AuthenTec, Inc.)

==================== Drivers (Whitelisted) ====================

S3 Andbus; C:\Windows\System32\DRIVERS\lgandbus64.sys [19456 2012-03-02] (LG Electronics Inc.)
S3 AndDiag; C:\Windows\System32\DRIVERS\lganddiag64.sys [27648 2012-03-02] (LG Electronics Inc.)
S3 AndGps; C:\Windows\System32\DRIVERS\lgandgps64.sys [27136 2012-03-02] (LG Electronics Inc.)
S3 ANDModem; C:\Windows\System32\DRIVERS\lgandmodem64.sys [34304 2012-03-02] (LG Electronics Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-12-05] (Avira Operations GmbH & Co. KG)
R3 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\BASHDefs\20111201.001\BHDrvx64.sys [1157240 2011-11-28] (Symantec Corporation)
R3 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1309010.00E\ccSetx64.sys [167072 2012-06-07] (Symantec Corporation)
R3 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\IPSDefs\20111130.012\IDSVia64.sys [488568 2011-11-23] (Symantec Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\VirusDefs\20111203.009\ENG64.SYS [117880 2011-12-03] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\VirusDefs\20111203.009\EX64.SYS [2048632 2011-12-03] (Symantec Corporation)
S3 RSP2STOR; C:\Windows\System32\DRIVERS\RtsP2Stor.sys [259688 2011-10-27] (Realtek Semiconductor Corp.)
R3 SmbDrv; C:\Windows\system32\drivers\Smb_driver.sys [21264 2012-02-24] (Synaptics Incorporated)
S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1309010.00E\SRTSP64.SYS [737952 2012-07-06] (Symantec Corporation)
R3 SRTSPX; C:\Windows\system32\drivers\NISx64\1309010.00E\SRTSPX64.SYS [37536 2012-07-06] (Symantec Corporation)
R3 SymDS; C:\Windows\system32\drivers\NISx64\1309010.00E\SYMDS64.SYS [451192 2011-08-16] (Symantec Corporation)
R3 SymEFA; C:\Windows\system32\drivers\NISx64\1309010.00E\SYMEFA64.SYS [1129120 2012-05-22] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [175736 2012-06-21] (Symantec Corporation)
R3 SymIRON; C:\Windows\system32\drivers\NISx64\1309010.00E\Ironx64.SYS [190072 2012-04-18] (Symantec Corporation)
R3 SymNetS; C:\Windows\System32\Drivers\NISx64\1309010.00E\SYMNETS.SYS [405624 2012-04-18] (Symantec Corporation)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52080 2013-12-13] (Cisco Systems, Inc.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-03 10:02 - 2014-04-03 10:02 - 02157056 _____ (Farbar) C:\Users\Freya-Sophie\Downloads\FRST64(2).exe
2014-04-03 09:55 - 2014-04-03 09:55 - 02157056 _____ (Farbar) C:\Users\Freya-Sophie\Downloads\FRST64(1).exe
2014-04-03 09:00 - 2014-04-03 09:00 - 01426178 _____ () C:\Users\Freya-Sophie\Downloads\adwcleaner(1).exe
2014-03-30 20:15 - 2014-03-30 20:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-26 09:56 - 2014-03-26 10:11 - 00025561 _____ () C:\Users\Freya-Sophie\Desktop\Drux Arbeit korrigiert.odt
2014-03-25 17:57 - 2014-03-28 11:46 - 00000000 ____D () C:\Users\Freya-Sophie\Desktop\BA Arbeit
2014-03-17 23:18 - 2014-03-17 23:18 - 00000000 ____D () C:\Users\Freya-Sophie\Desktop\Hamburg
2014-03-17 22:45 - 2014-03-17 22:45 - 00000000 ____D () C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
2014-03-13 14:36 - 2014-03-01 07:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-13 14:36 - 2014-03-01 06:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-13 14:36 - 2014-03-01 06:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-13 14:36 - 2014-03-01 05:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-13 14:36 - 2014-03-01 05:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-13 14:36 - 2014-03-01 05:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-13 14:36 - 2014-03-01 05:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-13 14:36 - 2014-03-01 04:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-13 14:36 - 2014-02-07 03:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-13 14:36 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-13 14:36 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-13 14:36 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-13 14:35 - 2014-03-01 08:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-13 14:35 - 2014-03-01 07:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-13 14:35 - 2014-03-01 06:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-13 14:35 - 2014-03-01 06:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-13 14:35 - 2014-03-01 06:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-13 14:35 - 2014-03-01 06:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-13 14:35 - 2014-03-01 06:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-13 14:35 - 2014-03-01 06:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-13 14:35 - 2014-03-01 06:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-13 14:35 - 2014-03-01 06:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-13 14:35 - 2014-03-01 06:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-13 14:35 - 2014-03-01 06:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-13 14:35 - 2014-03-01 06:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-13 14:35 - 2014-03-01 06:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-13 14:35 - 2014-03-01 05:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-13 14:35 - 2014-03-01 05:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-13 14:35 - 2014-03-01 05:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-13 14:35 - 2014-03-01 05:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-13 14:35 - 2014-03-01 05:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-13 14:35 - 2014-03-01 05:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-13 14:35 - 2014-03-01 05:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-13 14:35 - 2014-03-01 05:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-13 14:35 - 2014-03-01 05:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-13 14:35 - 2014-03-01 05:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-13 14:35 - 2014-03-01 05:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-13 14:35 - 2014-03-01 05:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-13 14:35 - 2014-03-01 05:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-13 14:35 - 2014-03-01 04:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-13 14:35 - 2014-03-01 04:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-13 14:35 - 2014-03-01 04:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-13 14:35 - 2014-03-01 04:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-13 14:35 - 2014-03-01 04:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-13 14:35 - 2014-02-04 04:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-13 14:35 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-13 14:34 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-13 14:34 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-09 18:42 - 2014-03-09 18:46 - 00000000 ____D () C:\Users\Freya-Sophie\AppData\Roaming\Skype
2014-03-06 14:06 - 2014-03-06 14:06 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-05 13:17 - 2014-03-26 10:02 - 00019789 _____ () C:\Users\Freya-Sophie\Desktop\Sonderteil Drux.odt

==================== One Month Modified Files and Folders =======

2014-04-03 10:03 - 2013-10-14 12:33 - 00021942 _____ () C:\Users\Freya-Sophie\Downloads\FRST.txt
2014-04-03 10:03 - 2013-10-14 12:31 - 00000000 ____D () C:\FRST
2014-04-03 10:02 - 2014-04-03 10:02 - 02157056 _____ (Farbar) C:\Users\Freya-Sophie\Downloads\FRST64(2).exe
2014-04-03 09:59 - 2012-10-26 12:31 - 00000000 ____D () C:\Users\Freya-Sophie\Desktop\Bilder
2014-04-03 09:58 - 2009-07-14 06:45 - 00031472 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-03 09:58 - 2009-07-14 06:45 - 00031472 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-03 09:55 - 2014-04-03 09:55 - 02157056 _____ (Farbar) C:\Users\Freya-Sophie\Downloads\FRST64(1).exe
2014-04-03 09:54 - 2012-10-13 11:39 - 01374959 _____ () C:\Windows\WindowsUpdate.log
2014-04-03 09:50 - 2012-03-15 07:32 - 00700134 _____ () C:\Windows\system32\perfh007.dat
2014-04-03 09:50 - 2012-03-15 07:32 - 00149984 _____ () C:\Windows\system32\perfc007.dat
2014-04-03 09:50 - 2009-07-14 07:13 - 01622236 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-03 09:43 - 2013-10-15 18:13 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-03 09:23 - 2013-04-25 07:58 - 00000000 ____D () C:\Users\Freya-Sophie\AppData\Roaming\.oit
2014-04-03 09:22 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-03 09:22 - 2009-07-14 06:51 - 00110864 _____ () C:\Windows\setupact.log
2014-04-03 09:21 - 2013-10-13 23:36 - 00000000 ____D () C:\AdwCleaner
2014-04-03 09:00 - 2014-04-03 09:00 - 01426178 _____ () C:\Users\Freya-Sophie\Downloads\adwcleaner(1).exe
2014-04-02 23:23 - 2012-11-28 23:49 - 00000000 ___HD () C:\Users\Freya-Sophie\Desktop\.picasaoriginals
2014-04-02 22:13 - 2012-10-13 11:46 - 00003986 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{85A2C3B9-F210-4290-81FF-A833E868492A}
2014-04-02 17:55 - 2014-01-02 22:41 - 00003228 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForFreya-Sophie
2014-04-02 17:55 - 2014-01-02 22:41 - 00000360 _____ () C:\Windows\Tasks\HPCeeScheduleForFreya-Sophie.job
2014-04-02 17:53 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-04-01 13:41 - 2013-10-13 22:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-03-30 20:15 - 2014-03-30 20:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-30 19:46 - 2013-03-17 16:01 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-03-30 19:46 - 2012-11-04 18:48 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-03-28 11:46 - 2014-03-25 17:57 - 00000000 ____D () C:\Users\Freya-Sophie\Desktop\BA Arbeit
2014-03-26 10:11 - 2014-03-26 09:56 - 00025561 _____ () C:\Users\Freya-Sophie\Desktop\Drux Arbeit korrigiert.odt
2014-03-26 10:02 - 2014-03-05 13:17 - 00019789 _____ () C:\Users\Freya-Sophie\Desktop\Sonderteil Drux.odt
2014-03-25 20:25 - 2014-02-17 17:10 - 00046196 _____ () C:\Users\Freya-Sophie\Desktop\Ha Drux Fertig.odt
2014-03-25 19:31 - 2012-11-26 00:10 - 00000000 ____D () C:\Users\Freya-Sophie\Desktop\Dokumente
2014-03-25 17:56 - 2013-03-12 23:07 - 00000000 ____D () C:\ProgramData\Cisco
2014-03-25 17:56 - 2013-03-12 23:07 - 00000000 ____D () C:\Program Files (x86)\Cisco
2014-03-25 17:21 - 2012-10-26 12:18 - 00000000 ____D () C:\Users\Freya-Sophie\Desktop\Musik
2014-03-19 16:17 - 2013-09-08 00:07 - 00000000 ___RD () C:\Users\Freya-Sophie\Desktop\Sonstiges
2014-03-17 23:18 - 2014-03-17 23:18 - 00000000 ____D () C:\Users\Freya-Sophie\Desktop\Hamburg
2014-03-17 22:50 - 2012-03-14 23:33 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-03-17 22:50 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help
2014-03-17 22:47 - 2012-03-14 23:07 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-03-17 22:45 - 2014-03-17 22:45 - 00000000 ____D () C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
2014-03-17 22:43 - 2012-03-14 23:24 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-03-17 22:43 - 2011-02-10 21:23 - 00000000 ____D () C:\SWSetup
2014-03-16 23:19 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-03-14 10:10 - 2009-07-14 06:45 - 00311952 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-14 10:09 - 2013-03-15 21:51 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-14 10:09 - 2013-03-15 21:51 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-12 18:43 - 2013-10-15 18:13 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-12 18:43 - 2013-10-15 18:13 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-12 18:43 - 2013-10-15 18:13 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-10 22:46 - 2013-07-04 12:13 - 00000000 ____D () C:\Users\Freya-Sophie\Desktop\Uni
2014-03-09 18:46 - 2014-03-09 18:42 - 00000000 ____D () C:\Users\Freya-Sophie\AppData\Roaming\Skype
2014-03-06 14:06 - 2014-03-06 14:06 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-06 14:06 - 2012-03-14 23:24 - 00000000 ____D () C:\ProgramData\Skype
2014-03-06 14:01 - 2012-10-13 16:26 - 01596516 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-03-06 13:52 - 2010-11-21 05:47 - 00207720 _____ () C:\Windows\PFRO.log

Some content of TEMP:
====================
C:\Users\Freya-Sophie\AppData\Local\Temp\AskSLib.dll
C:\Users\Freya-Sophie\AppData\Local\Temp\avgnt.exe
C:\Users\Freya-Sophie\AppData\Local\Temp\Extract.exe
C:\Users\Freya-Sophie\AppData\Local\Temp\HPHelpUpdater.exe
C:\Users\Freya-Sophie\AppData\Local\Temp\Quarantine.exe
C:\Users\Freya-Sophie\AppData\Local\Temp\Resource.exe
C:\Users\Freya-Sophie\AppData\Local\Temp\SP56942.exe
C:\Users\Freya-Sophie\AppData\Local\Temp\sp58915.exe
C:\Users\Freya-Sophie\AppData\Local\Temp\SP59202.exe
C:\Users\Freya-Sophie\AppData\Local\Temp\sp64126.exe
C:\Users\Freya-Sophie\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\Freya-Sophie\AppData\Local\Temp\ylb2mz36.dll
C:\Users\Freya-Sophie\AppData\Local\Temp\_is3325.exe
C:\Users\Freya-Sophie\AppData\Local\Temp\_is6F4A.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-16 23:11

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---

--- --- ---

Habe es nochmal gemacht, kam wieder nur das, was ich gepostet habe...

Mittlerweile sind die Wörter grün unterstrichen und in ejdem Browser auf jeder Seite vorhanden ( HIIILFE
__________________

Alt 03.04.2014, 17:00   #4
schrauber
/// the machine
/// TB-Ausbilder
 

VIRUS Werbung bei lila unterstrichenen Wörtern - Standard

VIRUS Werbung bei lila unterstrichenen Wörtern



hi,

da fehlt noch die Additional.txt. Wenn nicht vorhanden, FRST öffnen , Haken setzen bei Additional und scannen, dann das Logfile posten.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 04.04.2014, 07:16   #5
Sophie8492
 
VIRUS Werbung bei lila unterstrichenen Wörtern - Standard

VIRUS Werbung bei lila unterstrichenen Wörtern



Ok Fertig: Hier nochmal alles, danke schonmal für deine Antwort!
FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Freya-Sophie (administrator) on FREYA-SOPHIE-HP on 03-04-2014 18:28:14
Running from C:\Users\Freya-Sophie\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool 
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(HP) C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
() C:\Program Files (x86)\LPT\srpts.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
() C:\Program Files (x86)\Mobogenie\MgAssist.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
() C:\Program Files (x86)\PlurPush\updatePlurPush.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
() C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
() C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe
(NewSoft Technology Corporation) C:\Windows\System32\spool\drivers\x64\3\WrtMon.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIHTU.EXE
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIHTU.EXE
(NewSoft Technology Corporation) C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\Pmsb.exe
(NewSoft Technology Corporation) C:\Windows\System32\spool\drivers\x64\3\WrtProc.exe
(Smartbar) C:\Users\Freya-Sophie\AppData\Local\Smartbar\Application\Smartbar.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(NewSoft Technology Corporation) C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMSpeed.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
() C:\Program Files (x86)\PlurPush\bin\utilPlurPush.exe
(AuthenTec Inc.) C:\Program Files (x86)\HP SimplePass\TouchControl.exe
(HP) C:\Program Files (x86)\HP SimplePass\BioMonitor.exe
(Farbar) C:\Users\Freya-Sophie\Downloads\FRST64(1).exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6463592 2012-02-13] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2885904 2012-02-24] (Synaptics Incorporated)
HKLM\...\Run: [SetDefault] - C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [44880 2011-12-19] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [WrtMon.exe] - C:\Windows\system32\spool\drivers\x64\3\WrtMon.exe [26448 2008-05-24] (NewSoft Technology Corporation)
HKLM-x32\...\Run: [Easybits Recovery] - C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2012-01-30] (EasyBits Software AS)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HPOSD] - C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [B2C_AGENT] - C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe [404568 2012-03-28] (LG Electronics)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-11-28] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152544 2012-12-12] (Apple Inc.)
HKLM-x32\...\Run: [EEventManager] - C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [PMSpeed] - C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMSpeed.EXE [116632 2010-07-29] (NewSoft Technology Corporation)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [703888 2013-08-31] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [mobilegeni daemon] - C:\Program Files (x86)\Mobogenie\DaemonProcess.exe [748736 2014-04-02] ()
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-25] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-1595992211-3356558206-601454915-1000\...\Run: [EPLTarget\P0000000000000000] - C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHTU.EXE [241280 2012-12-13] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1595992211-3356558206-601454915-1000\...\Run: [EPLTarget\P0000000000000001] - C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHTU.EXE [241280 2012-12-13] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1595992211-3356558206-601454915-1000\...\Run: [Scan Buttons] - C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMSB.EXE [214360 2011-01-21] (NewSoft Technology Corporation)
HKU\S-1-5-21-1595992211-3356558206-601454915-1000\...\Run: [jSugLyCC] - wscript.exe //B "C:\Users\FREYA-~1\AppData\Local\Temp\jSugLyCC.vbs" <===== ATTENTION
HKU\S-1-5-21-1595992211-3356558206-601454915-1000\...\Run: [Browser Infrastructure Helper] - C:\Users\Freya-Sophie\AppData\Local\Smartbar\Application\Smartbar.exe [28192 2014-03-30] (Smartbar)
HKU\S-1-5-21-1595992211-3356558206-601454915-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-1595992211-3356558206-601454915-1000\...\Policies\system: [DisableChangePassword] 0
Startup: C:\Users\Freya-Sophie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Search,
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWmwugvkecS8vMTddoFZ1JOSS-uAGUK354Imucep18IhloEg7llTGPxnjSNp8kBWLfHiVco_6HBvCvSGhU3jxB6OOO3v0XVmj0r_HzkiMYdL0DH98XwsM2ADUn9oClXvB_cBsksIsBciYKe8AxozxXYjbFrlA,&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWmwugvkecS8vMTddoFZ1JOSS-uAGUK354Imucep18IhloEg7llTGPxnjSNp8kBWLfHiVco_6HBvCvSGhU3jxB6OOO3v0XVmj0r_HzkiMYdL0DH98XwsM2ADUn9oClXvB_cBsksIsBciYKe8AxozxXYjbFrlA,&q={searchTerms}
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://www.ebay.de/sch/i.html?_nkw={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWmwugvkecS8vMTddoFZ1JOSS-uAGUK354Imucep18IhloEg7llTGPxnjSNp8kBWLfHiVco_6HBvCvSGhU3jxB6OOO3v0XVmj0r_HzkiMYdL0DH98XwsM2ADUn9oClXvB_cBsksIsBciYKe8AxozxXYjbFrlA,&q={searchTerms}
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWmwugvkecS8vMTddoFZ1JOSS-uAGUK354Imucep18IhloEg7llTGPxnjSNp8kBWLfHiVco_6HBvCvSGhU3jxB6OOO3v0XVmj0r_HzkiMYdL0DH98XwsM2ADUn9oClXvB_cBsksIsBciYKe8AxozxXYjbFrlA,&q={searchTerms}
SearchScopes: HKCU - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWmwugvkecS8vMTddoFZ1JOSS-uAGUK354Imucep18IhloEg7llTGPxnjSNp8kBWLfHiVco_6HBvCvSGhU3jxB6OOO3v0XVmj0r_HzkiMYdL0DH98XwsM2ADUn9oClXvB_cBsksIsBciYKe8AxozxXYjbFrlA,&q={searchTerms}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWmwugvkecS8vMTddoFZ1JOSS-uAGUK354Imucep18IhloEg7llTGPxnjSNp8kBWLfHiVco_6HBvCvSGhU3jxB6OOO3v0XVmj0r_HzkiMYdL0DH98XwsM2ADUn9oClXvB_cBsksIsBciYKe8AxozxXYjbFrlA,&q={searchTerms}
BHO: SmartbarInternetExplorerBHOEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: HP SimplePass Browser Helper Object - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass\x64\IEBHO.dll (HP)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
BHO-x32: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION)
BHO-x32: SmartbarInternetExplorerBHOEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: PlurPush - {82249076-d5c8-431d-982b-023779779587} - C:\Program Files (x86)\PlurPush\PlurPushbho.dll (PlurPush)
BHO-x32: HP SimplePass Browser Helper Object - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass\IEBHO.DLL (HP)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
Toolbar: HKLM - HP SimplePass Toolbar - {C98EE38D-21E4-4A50-907D-2B56FEC7013E} - C:\Program Files (x86)\HP SimplePass\x64\IEBHO.dll (HP)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
Toolbar: HKLM - Shopping Helper Smartbar - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - HP SimplePass Toolbar - {C98EE38D-21E4-4A50-907D-2B56FEC7013E} - C:\Program Files (x86)\HP SimplePass\IEBHO.DLL (HP)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION)
Toolbar: HKLM-x32 - Shopping Helper Smartbar - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} -  No File
Handler-x32: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2012-06-21] (EasyBits Software Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Freya-Sophie\AppData\Roaming\Mozilla\Firefox\Profiles\nmtme4z7.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\coFFPlgn\ []

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 FPLService; C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [260424 2011-12-11] (HP)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-08] (Intel Corporation)
R2 LPTSystemUpdater; C:\Program Files (x86)\LPT\srpts.exe [37920 2014-03-30] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MgAssistService; C:\Program Files (x86)\Mobogenie\MgAssist.exe [70848 2014-04-02] ()
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe [138272 2012-06-16] (Symantec Corporation)
S3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [269640 2011-12-09] (AuthenTec, Inc.)
R2 Update PlurPush; C:\Program Files (x86)\PlurPush\updatePlurPush.exe [350488 2014-04-02] ()
R2 Util PlurPush; C:\Program Files (x86)\PlurPush\bin\utilPlurPush.exe [350488 2014-04-03] ()

==================== Drivers (Whitelisted) ====================

S3 Andbus; C:\Windows\System32\DRIVERS\lgandbus64.sys [19456 2012-03-02] (LG Electronics Inc.)
S3 AndDiag; C:\Windows\System32\DRIVERS\lganddiag64.sys [27648 2012-03-02] (LG Electronics Inc.)
S3 AndGps; C:\Windows\System32\DRIVERS\lgandgps64.sys [27136 2012-03-02] (LG Electronics Inc.)
S3 ANDModem; C:\Windows\System32\DRIVERS\lgandmodem64.sys [34304 2012-03-02] (LG Electronics Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2014-02-25] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2014-02-25] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)
R3 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\BASHDefs\20111201.001\BHDrvx64.sys [1157240 2011-11-28] (Symantec Corporation)
R3 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1309010.00E\ccSetx64.sys [167072 2012-06-07] (Symantec Corporation)
R3 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\IPSDefs\20111130.012\IDSVia64.sys [488568 2011-11-23] (Symantec Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\VirusDefs\20111203.009\ENG64.SYS [117880 2011-12-03] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\VirusDefs\20111203.009\EX64.SYS [2048632 2011-12-03] (Symantec Corporation)
S3 RSP2STOR; C:\Windows\System32\DRIVERS\RtsP2Stor.sys [259688 2011-10-27] (Realtek Semiconductor Corp.)
R3 SmbDrv; C:\Windows\system32\drivers\Smb_driver.sys [21264 2012-02-24] (Synaptics Incorporated)
S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1309010.00E\SRTSP64.SYS [737952 2012-07-06] (Symantec Corporation)
R3 SRTSPX; C:\Windows\system32\drivers\NISx64\1309010.00E\SRTSPX64.SYS [37536 2012-07-06] (Symantec Corporation)
R3 SymDS; C:\Windows\system32\drivers\NISx64\1309010.00E\SYMDS64.SYS [451192 2011-08-16] (Symantec Corporation)
R3 SymEFA; C:\Windows\system32\drivers\NISx64\1309010.00E\SYMEFA64.SYS [1129120 2012-05-22] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [175736 2012-06-21] (Symantec Corporation)
R3 SymIRON; C:\Windows\system32\drivers\NISx64\1309010.00E\Ironx64.SYS [190072 2012-04-18] (Symantec Corporation)
R3 SymNetS; C:\Windows\System32\Drivers\NISx64\1309010.00E\SYMNETS.SYS [405624 2012-04-18] (Symantec Corporation)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52080 2013-08-30] (Cisco Systems, Inc.)
R1 wStLibG64; C:\Windows\System32\drivers\wStLibG64.sys [61112 2014-04-03] (StdLib)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-03 18:27 - 2014-04-03 18:28 - 02157056 _____ (Farbar) C:\Users\Freya-Sophie\Downloads\FRST64(1).exe
2014-04-03 17:31 - 2014-04-03 17:31 - 00000000 ____D () C:\Users\Freya-Sophie\AppData\Roaming\Avira
2014-04-03 17:30 - 2014-04-03 17:30 - 00002066 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2014-04-03 17:30 - 2014-04-03 17:30 - 00000000 ____D () C:\ProgramData\Avira
2014-04-03 17:30 - 2014-04-03 17:30 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-04-03 17:30 - 2014-02-25 11:41 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-04-03 17:30 - 2014-02-25 11:41 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-04-03 17:30 - 2014-02-25 11:41 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-04-03 17:26 - 2014-04-03 17:26 - 00061112 _____ (StdLib) C:\Windows\system32\Drivers\wStLibG64.sys
2014-04-03 17:25 - 2014-04-03 17:28 - 138607664 _____ () C:\Users\Freya-Sophie\Downloads\avira_free_antivirus_de_14.0.3.350.exe
2014-04-03 17:20 - 2014-04-03 17:20 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-03 17:20 - 2014-04-03 17:20 - 00000000 ____D () C:\Users\Freya-Sophie\AppData\Roaming\Mozilla
2014-04-03 17:20 - 2014-04-03 17:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-03 17:20 - 2014-04-03 17:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-03 17:19 - 2014-04-03 17:20 - 25032080 _____ (Mozilla) C:\Users\Freya-Sophie\Downloads\Firefox_Setup_de28.0.exe
2014-04-03 16:53 - 2014-04-03 16:58 - 00000000 ____D () C:\Users\Freya-Sophie\AppData\Local\Mobogenie
2014-04-03 16:53 - 2014-04-03 16:54 - 00000000 ____D () C:\Program Files (x86)\Mobogenie
2014-04-03 16:53 - 2014-04-03 16:53 - 00000000 ____D () C:\Users\Freya-Sophie\Documents\Mobogenie
2014-04-03 16:53 - 2014-04-03 16:53 - 00000000 ____D () C:\Users\Freya-Sophie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
2014-04-03 16:53 - 2014-04-03 16:53 - 00000000 ____D () C:\Users\Freya-Sophie\AppData\Local\cache
2014-04-03 16:53 - 2014-04-03 16:53 - 00000000 ____D () C:\Users\Freya-Sophie\.android
2014-04-03 16:53 - 2014-04-03 16:53 - 00000000 _____ () C:\Users\Freya-Sophie\daemonprocess.txt
2014-04-03 16:52 - 2014-04-03 16:56 - 00000000 ____D () C:\Program Files (x86)\PlurPush
2014-04-03 16:51 - 2014-04-03 17:05 - 00000000 ____D () C:\Program Files (x86)\LPT
2014-04-03 16:51 - 2014-04-03 16:51 - 00002211 _____ () C:\Users\Freya-Sophie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-04-03 16:51 - 2014-04-03 16:51 - 00000000 ____D () C:\AuthLog
2014-04-03 16:50 - 2014-04-03 16:50 - 00000000 ____D () C:\Users\Freya-Sophie\AppData\Local\Smartbar
2014-04-03 16:50 - 2014-04-03 16:50 - 00000000 ____D () C:\Users\Freya-Sophie\AppData\Local\LPT
2014-04-03 16:43 - 2014-04-03 16:43 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Freya-Sophie\Downloads\revosetup95.exe
2014-04-03 16:43 - 2014-04-03 16:43 - 00001264 _____ () C:\Users\Freya-Sophie\Desktop\Revo Uninstaller.lnk
2014-04-03 16:43 - 2014-04-03 16:43 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-04-03 15:15 - 2014-04-03 15:15 - 00000000 ____D () C:\Users\Freya-Sophie\Desktop\pc
2014-04-03 13:12 - 2014-04-04 01:27 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-03-26 09:56 - 2014-03-26 10:11 - 00025561 _____ () C:\Users\Freya-Sophie\Desktop\Drux Arbeit korrigiert.odt
2014-03-25 17:57 - 2014-03-28 11:46 - 00000000 ____D () C:\Users\Freya-Sophie\Desktop\BA Arbeit
2014-03-17 23:18 - 2014-03-17 23:18 - 00000000 ____D () C:\Users\Freya-Sophie\Desktop\Hamburg
2014-03-17 22:45 - 2014-03-17 22:45 - 00000000 ____D () C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
2014-03-13 14:36 - 2014-03-01 07:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-13 14:36 - 2014-03-01 06:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-13 14:36 - 2014-03-01 06:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-13 14:36 - 2014-03-01 05:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-13 14:36 - 2014-03-01 05:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-13 14:36 - 2014-03-01 05:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-13 14:36 - 2014-03-01 05:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-13 14:36 - 2014-03-01 04:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-13 14:36 - 2014-02-07 03:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-13 14:36 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-13 14:36 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-13 14:36 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-13 14:35 - 2014-03-01 08:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-13 14:35 - 2014-03-01 07:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-13 14:35 - 2014-03-01 06:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-13 14:35 - 2014-03-01 06:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-13 14:35 - 2014-03-01 06:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-13 14:35 - 2014-03-01 06:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-13 14:35 - 2014-03-01 06:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-13 14:35 - 2014-03-01 06:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-13 14:35 - 2014-03-01 06:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-13 14:35 - 2014-03-01 06:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-13 14:35 - 2014-03-01 06:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-13 14:35 - 2014-03-01 06:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-13 14:35 - 2014-03-01 06:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-13 14:35 - 2014-03-01 06:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-13 14:35 - 2014-03-01 05:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-13 14:35 - 2014-03-01 05:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-13 14:35 - 2014-03-01 05:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-13 14:35 - 2014-03-01 05:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-13 14:35 - 2014-03-01 05:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-13 14:35 - 2014-03-01 05:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-13 14:35 - 2014-03-01 05:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-13 14:35 - 2014-03-01 05:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-13 14:35 - 2014-03-01 05:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-13 14:35 - 2014-03-01 05:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-13 14:35 - 2014-03-01 05:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-13 14:35 - 2014-03-01 05:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-13 14:35 - 2014-03-01 05:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-13 14:35 - 2014-03-01 04:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-13 14:35 - 2014-03-01 04:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-13 14:35 - 2014-03-01 04:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-13 14:35 - 2014-03-01 04:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-13 14:35 - 2014-03-01 04:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-13 14:35 - 2014-02-04 04:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-13 14:35 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-13 14:34 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-13 14:34 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-09 18:42 - 2014-03-09 18:46 - 00000000 ____D () C:\Users\Freya-Sophie\AppData\Roaming\Skype
2014-03-06 14:06 - 2014-03-06 14:06 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-05 13:17 - 2014-04-03 15:17 - 00020286 _____ () C:\Users\Freya-Sophie\Desktop\Sonderteil Drux.odt

==================== One Month Modified Files and Folders =======

2014-04-04 01:27 - 2014-04-03 13:12 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-04 01:27 - 2013-10-14 00:05 - 00000000 ____D () C:\Users\Freya-Sophie\AppData\Roaming\Malwarebytes
2014-04-04 01:27 - 2013-10-14 00:04 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-04 01:27 - 2013-10-14 00:04 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-04-04 01:27 - 2012-11-28 23:49 - 00000000 ___HD () C:\Users\Freya-Sophie\Desktop\.picasaoriginals
2014-04-04 01:27 - 2012-10-26 12:31 - 00000000 ____D () C:\Users\Freya-Sophie\Desktop\Bilder
2014-04-04 01:27 - 2012-06-21 09:44 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-04-04 01:27 - 2012-06-21 01:07 - 00000000 ____D () C:\ProgramData\Norton
2014-04-04 01:27 - 2012-03-14 23:33 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-04-04 01:27 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-04-04 01:26 - 2013-10-13 23:36 - 00000000 ____D () C:\AdwCleaner
2014-04-04 01:26 - 2013-03-12 23:07 - 00000000 ____D () C:\Program Files (x86)\Cisco
2014-04-03 18:28 - 2014-04-03 18:27 - 02157056 _____ (Farbar) C:\Users\Freya-Sophie\Downloads\FRST64(1).exe
2014-04-03 18:28 - 2013-10-14 12:33 - 00024011 _____ () C:\Users\Freya-Sophie\Downloads\FRST.txt
2014-04-03 18:28 - 2013-10-14 12:31 - 00000000 ____D () C:\FRST
2014-04-03 18:08 - 2012-03-15 07:32 - 00700134 _____ () C:\Windows\system32\perfh007.dat
2014-04-03 18:08 - 2012-03-15 07:32 - 00149984 _____ () C:\Windows\system32\perfc007.dat
2014-04-03 18:08 - 2009-07-14 07:13 - 01622236 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-03 18:07 - 2012-10-13 11:39 - 01107507 _____ () C:\Windows\WindowsUpdate.log
2014-04-03 17:49 - 2014-01-02 22:41 - 00003228 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForFreya-Sophie
2014-04-03 17:49 - 2014-01-02 22:41 - 00000360 _____ () C:\Windows\Tasks\HPCeeScheduleForFreya-Sophie.job
2014-04-03 17:43 - 2013-10-15 18:13 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-03 17:31 - 2014-04-03 17:31 - 00000000 ____D () C:\Users\Freya-Sophie\AppData\Roaming\Avira
2014-04-03 17:30 - 2014-04-03 17:30 - 00002066 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2014-04-03 17:30 - 2014-04-03 17:30 - 00000000 ____D () C:\ProgramData\Avira
2014-04-03 17:30 - 2014-04-03 17:30 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-04-03 17:28 - 2014-04-03 17:25 - 138607664 _____ () C:\Users\Freya-Sophie\Downloads\avira_free_antivirus_de_14.0.3.350.exe
2014-04-03 17:26 - 2014-04-03 17:26 - 00061112 _____ (StdLib) C:\Windows\system32\Drivers\wStLibG64.sys
2014-04-03 17:20 - 2014-04-03 17:20 - 00001147 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-03 17:20 - 2014-04-03 17:20 - 00000000 ____D () C:\Users\Freya-Sophie\AppData\Roaming\Mozilla
2014-04-03 17:20 - 2014-04-03 17:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-03 17:20 - 2014-04-03 17:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-03 17:20 - 2014-04-03 17:19 - 25032080 _____ (Mozilla) C:\Users\Freya-Sophie\Downloads\Firefox_Setup_de28.0.exe
2014-04-03 17:12 - 2009-07-14 06:45 - 00031472 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-03 17:12 - 2009-07-14 06:45 - 00031472 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-03 17:06 - 2013-04-25 07:58 - 00000000 ____D () C:\Users\Freya-Sophie\AppData\Roaming\.oit
2014-04-03 17:05 - 2014-04-03 16:51 - 00000000 ____D () C:\Program Files (x86)\LPT
2014-04-03 17:04 - 2010-11-21 05:47 - 00210884 _____ () C:\Windows\PFRO.log
2014-04-03 17:04 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-03 17:04 - 2009-07-14 06:51 - 00107930 _____ () C:\Windows\setupact.log
2014-04-03 17:01 - 2012-03-14 23:29 - 00000000 ____D () C:\ProgramData\Adobe
2014-04-03 16:58 - 2014-04-03 16:53 - 00000000 ____D () C:\Users\Freya-Sophie\AppData\Local\Mobogenie
2014-04-03 16:56 - 2014-04-03 16:52 - 00000000 ____D () C:\Program Files (x86)\PlurPush
2014-04-03 16:54 - 2014-04-03 16:53 - 00000000 ____D () C:\Program Files (x86)\Mobogenie
2014-04-03 16:53 - 2014-04-03 16:53 - 00000000 ____D () C:\Users\Freya-Sophie\Documents\Mobogenie
2014-04-03 16:53 - 2014-04-03 16:53 - 00000000 ____D () C:\Users\Freya-Sophie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
2014-04-03 16:53 - 2014-04-03 16:53 - 00000000 ____D () C:\Users\Freya-Sophie\AppData\Local\cache
2014-04-03 16:53 - 2014-04-03 16:53 - 00000000 ____D () C:\Users\Freya-Sophie\.android
2014-04-03 16:53 - 2014-04-03 16:53 - 00000000 _____ () C:\Users\Freya-Sophie\daemonprocess.txt
2014-04-03 16:53 - 2012-10-13 11:39 - 00000000 ____D () C:\Users\Freya-Sophie
2014-04-03 16:51 - 2014-04-03 16:51 - 00002211 _____ () C:\Users\Freya-Sophie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-04-03 16:51 - 2014-04-03 16:51 - 00000000 ____D () C:\AuthLog
2014-04-03 16:50 - 2014-04-03 16:50 - 00000000 ____D () C:\Users\Freya-Sophie\AppData\Local\Smartbar
2014-04-03 16:50 - 2014-04-03 16:50 - 00000000 ____D () C:\Users\Freya-Sophie\AppData\Local\LPT
2014-04-03 16:43 - 2014-04-03 16:43 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Freya-Sophie\Downloads\revosetup95.exe
2014-04-03 16:43 - 2014-04-03 16:43 - 00001264 _____ () C:\Users\Freya-Sophie\Desktop\Revo Uninstaller.lnk
2014-04-03 16:43 - 2014-04-03 16:43 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-04-03 16:34 - 2012-10-13 11:46 - 00003986 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{85A2C3B9-F210-4290-81FF-A833E868492A}
2014-04-03 16:34 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-04-03 16:33 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help
2014-04-03 15:17 - 2014-03-05 13:17 - 00020286 _____ () C:\Users\Freya-Sophie\Desktop\Sonderteil Drux.odt
2014-04-03 15:15 - 2014-04-03 15:15 - 00000000 ____D () C:\Users\Freya-Sophie\Desktop\pc
2014-03-28 11:46 - 2014-03-25 17:57 - 00000000 ____D () C:\Users\Freya-Sophie\Desktop\BA Arbeit
2014-03-26 10:11 - 2014-03-26 09:56 - 00025561 _____ () C:\Users\Freya-Sophie\Desktop\Drux Arbeit korrigiert.odt
2014-03-25 20:25 - 2014-02-17 17:10 - 00046196 _____ () C:\Users\Freya-Sophie\Desktop\Ha Drux Fertig.odt
2014-03-25 17:56 - 2013-03-12 23:07 - 00000000 ____D () C:\ProgramData\Cisco
2014-03-17 23:18 - 2014-03-17 23:18 - 00000000 ____D () C:\Users\Freya-Sophie\Desktop\Hamburg
2014-03-17 22:47 - 2012-03-14 23:07 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-03-17 22:45 - 2014-03-17 22:45 - 00000000 ____D () C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
2014-03-17 22:43 - 2012-03-14 23:24 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-03-17 22:43 - 2011-02-10 21:23 - 00000000 ____D () C:\SWSetup
2014-03-16 23:19 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-03-16 16:14 - 2012-11-04 18:48 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-03-16 16:13 - 2013-03-17 16:01 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-03-14 10:10 - 2009-07-14 06:45 - 00311952 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-14 10:09 - 2013-03-15 21:51 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-14 10:09 - 2013-03-15 21:51 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-12 18:43 - 2013-10-15 18:13 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-12 18:43 - 2013-10-15 18:13 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-12 18:43 - 2013-10-15 18:13 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-10 22:46 - 2013-07-04 12:13 - 00000000 ____D () C:\Users\Freya-Sophie\Desktop\Uni
2014-03-10 22:46 - 2012-10-26 12:18 - 00000000 ____D () C:\Users\Freya-Sophie\Desktop\Musik
2014-03-09 18:46 - 2014-03-09 18:42 - 00000000 ____D () C:\Users\Freya-Sophie\AppData\Roaming\Skype
2014-03-06 14:06 - 2014-03-06 14:06 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-06 14:06 - 2012-03-14 23:24 - 00000000 ____D () C:\ProgramData\Skype
2014-03-06 14:01 - 2012-10-13 16:26 - 01596516 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI

Some content of TEMP:
====================
C:\Users\Freya-Sophie\AppData\Local\Temp\6_Offer_13.exe
C:\Users\Freya-Sophie\AppData\Local\Temp\AskSLib.dll
C:\Users\Freya-Sophie\AppData\Local\Temp\avgnt.exe
C:\Users\Freya-Sophie\AppData\Local\Temp\Extract.exe
C:\Users\Freya-Sophie\AppData\Local\Temp\HPHelpUpdater.exe
C:\Users\Freya-Sophie\AppData\Local\Temp\instruct.exe
C:\Users\Freya-Sophie\AppData\Local\Temp\Quarantine.exe
C:\Users\Freya-Sophie\AppData\Local\Temp\Resource.exe
C:\Users\Freya-Sophie\AppData\Local\Temp\SP56942.exe
C:\Users\Freya-Sophie\AppData\Local\Temp\sp58915.exe
C:\Users\Freya-Sophie\AppData\Local\Temp\SP59202.exe
C:\Users\Freya-Sophie\AppData\Local\Temp\sp64126.exe
C:\Users\Freya-Sophie\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\Freya-Sophie\AppData\Local\Temp\ylb2mz36.dll
C:\Users\Freya-Sophie\AppData\Local\Temp\_is3325.exe
C:\Users\Freya-Sophie\AppData\Local\Temp\_is6F4A.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-16 23:11

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---

--- --- ---


FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Freya-Sophie at 2014-04-03 18:29:01
Running from C:\Users\Freya-Sophie\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Norton Internet Security (Disabled - Out of date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Disabled - Out of date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security (Disabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

==================== Installed Programs ======================

Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.3.633 - Adobe Systems, Inc.)
Apple Application Support (HKLM-x32\...\{CCE825DB-347A-4004-A186-5F4A6FDD8547}) (Version: 2.3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}) (Version: 6.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AuthenTec TrueAPI 64-bit (Version: 1.5.0.165 - AuthenTec, Inc.) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Benutzerhandbuch EPSON BX535WD Series (HKLM-x32\...\EPSON BX535WD Series Useg) (Version:  - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Cake Mania (x32 Version: 2.2.0.98 - WildTangent) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.06 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.04066 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.04066 - Cisco Systems, Inc.) Hidden
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.3.5010 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.5.3.5010 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Download Navigator (HKLM-x32\...\{D0353B68-A142-4F89-A46E-1C9A7745D636}) (Version: 3.4.1 - SEIKO EPSON CORPORATION)
EPSON BX535WD Series Printer Uninstall (HKLM\...\EPSON BX535WD Series) (Version:  - SEIKO EPSON Corporation)
Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.1.1 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print 2 (HKLM-x32\...\{FFF841F3-9A15-4F61-BD16-C19F132E5A27}) (Version: 2.3.0.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION2)
Epson Event Manager (HKLM-x32\...\{FA9D303D-0FB2-49C7-9397-8E6B11EA892D}) (Version: 2.50.0001 - SEIKO EPSON CORPORATION)
Epson E-Web Print (HKLM-x32\...\{695C8469-7822-4B31-A673-5ED84815B649}) (Version: 1.17.0000 - SEIKO EPSON CORPORATION)
EPSON Printer Finder (HKLM-x32\...\{B8ECD0D3-AE08-4891-B6C7-32F96B75EB6C}) (Version: 1.0.0 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.4j - SEIKO EPSON CORPORATION)
ESU for Microsoft Windows 7 SP1 (HKLM-x32\...\{7DA9DD7F-F4D9-40FB-BD27-69B7731DEDD9}) (Version: 5.1.3 - Hewlett-Packard)
Evernote v. 4.5.2 (HKLM-x32\...\{8CE152BA-1D16-11E1-867D-984BE15F174E}) (Version: 4.5.2.5904 - Evernote Corp.)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Farmscapes (x32 Version: 2.2.0.98 - WildTangent) Hidden
Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fishdom (TM) 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Auto (Version: 1.0.12935.3667 - Hewlett-Packard Company) Hidden
HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden
HP Documentation (HKLM-x32\...\{DB183033-C2DD-4A37-B43C-943DD4B28C77}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
HP Launch Box (HKLM\...\{5A847522-375C-4D05-BD3D-88C450CC047F}) (Version: 1.1.5 - Hewlett-Packard Company)
HP On Screen Display (HKLM-x32\...\{ED1BD69A-07E3-418C-91F1-D856582581BF}) (Version: 1.3.5 - Hewlett-Packard Company)
HP Power Manager (HKLM-x32\...\{7E799992-5DA0-4A1A-9443-B1836B063FEC}) (Version: 1.4.8 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{53B17A98-5BF0-40BC-AAFF-850A357975AC}) (Version: 2.7.2 - Hewlett-Packard Company)
HP Recovery Manager (x32 Version: 2.0.0 - Hewlett-Packard) Hidden
HP Security Assistant (HKLM\...\{D3AA8FD3-5FFA-4CFC-BA8E-99BFC6A41943}) (Version: 3.0.2 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{438363A8-F486-4C37-834C-4955773CB3D3}) (Version: 9.1.15430.4033 - Hewlett-Packard Company)
HP SimplePass PE (HKLM-x32\...\{880B5A98-B242-4B53-BD6F-41EA17495EAD}) (Version: 5.4.0.402 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{D2462056-BA75-4B2C-8267-DFEA2B6AC4AE}) (Version: 4.6.10.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
Insaniquarium Deluxe (x32 Version: 2.2.0.97 - WildTangent) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.2.1410 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2653 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
iTunes (HKLM\...\{0E5D76AD-A3FB-48D5-8400-8903B10317D3}) (Version: 11.0.1.12 - Apple Inc.)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Jewel Quest II (x32 Version: 2.2.0.97 - WildTangent) Hidden
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LG United Mobile Driver (HKLM-x32\...\{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}) (Version: 3.7.2.0 - LG Electronics)
LG USB WML Modem Driver (HKLM-x32\...\{FBA0CA60-8BF2-4381-B819-74F020E165A9}) (Version: 1.0 - LG Electronics)
LPT System Updater Service (x32 Version: 1.0.0.0 - LPT) Hidden <==== ATTENTION
Magic Desktop (HKLM-x32\...\EasyBits Magic Desktop) (Version: 3.0 - EasyBits Software AS)
Mahjongg Artifacts (x32 Version: 2.2.0.95 - WildTangent) Hidden
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Excel 2002 (HKLM-x32\...\{90160407-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2701.01 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.5139.5005 - Microsoft Corporation)
Microsoft PowerPoint 2002 (HKLM-x32\...\{90180407-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2701.01 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Word 2002 (HKLM-x32\...\{901B0407-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2701.01 - Microsoft Corporation)
Mobogenie (HKLM-x32\...\Mobogenie) (Version:  - Mobogenie.com) <==== ATTENTION
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden
Netzwerkhandbuch EPSON BX535WD Series (HKLM-x32\...\EPSON BX535WD Series Netg) (Version:  - )
Norton Internet Security (HKLM-x32\...\NIS) (Version: 19.9.1.14 - Symantec Corporation)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
PlurPush (HKLM\...\PlurPush) (Version: 2014.04.02.201943 - PlurPush)
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Presto! PageManager 9.03 SE (HKLM-x32\...\{04AF7536-446D-4F5A-8920-B4E885E4581B}) (Version: 9.03.06 - Newsoft Technology Corporation)
Ralink RT5390R 802.11b/g/n 1x1 Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 3.2.12.0 - Ralink)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.51.116.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6577 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.29005 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Shopping Helper Smartbar (HKLM-x32\...\{7DD65DA0-AD4F-4974-AAC6-5834DD7F6841}) (Version: 11.43.63.16271 - ReSoft Ltd.) <==== ATTENTION
Shopping Helper Smartbar Engine (HKCU\...\{268947d4-8200-431f-b198-d15a86aa9377}) (Version: 11.43.63.16271 - ReSoft Ltd.) <==== ATTENTION
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.0.1.0 - Synaptics Incorporated)
Torchlight (x32 Version: 2.2.0.98 - WildTangent) Hidden
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Virtual Families (x32 Version: 2.2.0.98 - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
VIS (HKLM-x32\...\VIS) (Version:  - ) <==== ATTENTION
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
WildTangent Games App (HP Games) (x32 Version: 4.0.5.36 - WildTangent) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden

==================== Restore Points  =========================

14-03-2014 00:16:15 Windows Update
17-03-2014 20:46:05 Installed HP Support Assistant
17-03-2014 20:48:58 Windows Modules Installer
17-03-2014 20:49:59 Windows Modules Installer
03-04-2014 14:31:25 Windows Modules Installer
03-04-2014 14:32:08 Windows Modules Installer
03-04-2014 14:44:51 Revo Uninstaller's restore point - Mozilla Firefox 27.0.1 (x86 de)
03-04-2014 14:46:22 Revo Uninstaller's restore point - Mozilla Firefox 27.0.1 (x86 de)
03-04-2014 14:51:35 Uniblue SpeedUpMyPC installation
03-04-2014 14:55:29 Revo Uninstaller's restore point - VO Package
03-04-2014 14:56:24 Revo Uninstaller's restore point - SpeedUpMyPC
03-04-2014 14:57:25 Revo Uninstaller's restore point - WebEnhance
03-04-2014 14:59:22 Revo Uninstaller's restore point - Windows Live Mesh ActiveX Control for Remote Connections
03-04-2014 15:00:47 Revo Uninstaller's restore point - Adobe Reader X (10.1.9) MUI
03-04-2014 15:02:46 Revo Uninstaller's restore point - Avira Free Antivirus

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {18C7C69B-D51D-47DE-A239-83AD5CB45283} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\SymErr.exe [2012-02-04] (Symantec Corporation)
Task: {20F939D9-1A8C-40F9-AE9E-B1306BB65BCC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-10-15] (Hewlett-Packard)
Task: {5C9F6B69-247C-418F-BFE0-34A9400DA327} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-12] (Adobe Systems Incorporated)
Task: {747B5C5E-AD3D-4116-8DF7-F07ABC373D96} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\SymErr.exe [2012-02-04] (Symantec Corporation)
Task: {79712EB4-8C55-438E-A146-B83F7F83EEC7} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\WSCStub.exe [2013-02-02] (Symantec Corporation)
Task: {7E1AB936-B3C3-43F4-B709-E5FD3E90A1EC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_backup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-10-15] (Hewlett-Packard)
Task: {964527E7-49EF-4396-9767-67E3D5879E39} - System32\Tasks\HPCeeScheduleForFreya-Sophie => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {B33C62BE-0DE7-4F33-8CBD-7E0B34EA2503} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {B4B5CF31-E967-42DA-8FCD-F6A159943364} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-12-12] (Hewlett-Packard Company)
Task: {BEA4A914-8432-4693-ABBE-C6427046EA76} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {CA75F678-04B9-4525-B195-80D589153504} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-02-10] (CyberLink)
Task: {CCD2C709-BF9F-47DF-89AE-A3EADE5559EC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-09-19] (Piriform Ltd)
Task: {F99EABE5-7105-470E-ACAD-CBD3542DE659} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\HPCeeScheduleForFreya-Sophie.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (whitelisted) =============

2014-03-30 10:50 - 2014-03-30 10:50 - 00037920 _____ () C:\Program Files (x86)\LPT\srpts.exe
2014-04-03 16:53 - 2014-04-02 09:17 - 00070848 _____ () C:\Program Files (x86)\Mobogenie\MgAssist.exe
2014-04-02 22:19 - 2014-04-02 22:19 - 00350488 _____ () C:\Program Files (x86)\PlurPush\updatePlurPush.exe
2014-04-03 16:53 - 2014-04-02 09:17 - 00748736 _____ () C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
2012-02-14 19:53 - 2012-02-14 19:53 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-12-19 23:34 - 2011-12-19 23:34 - 00108880 _____ () C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe
2014-04-03 16:56 - 2014-04-03 16:56 - 00350488 _____ () C:\Program Files (x86)\PlurPush\bin\utilPlurPush.exe
2013-12-13 00:36 - 2013-08-31 00:11 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2012-11-28 15:13 - 2012-11-28 15:13 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-11-28 15:13 - 2012-11-28 15:13 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-03-30 10:50 - 2014-03-30 10:50 - 00077856 _____ () C:\Program Files (x86)\LPT\srpt.dll
2014-03-30 10:50 - 2014-03-30 10:50 - 00023072 _____ () C:\Program Files (x86)\LPT\srptc.dll
2014-03-30 10:49 - 2014-03-30 10:49 - 00018976 _____ () C:\Program Files (x86)\LPT\Smartbar.Common.dll
2014-04-03 16:53 - 2014-04-02 09:17 - 00065728 _____ () C:\Program Files (x86)\Mobogenie\Device.dll
2014-04-03 16:53 - 2014-04-02 09:17 - 00474816 _____ () C:\Program Files (x86)\Mobogenie\DCR.dll
2013-04-24 20:13 - 2010-05-07 11:46 - 00057344 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PerformOcr.dll
2013-04-24 20:13 - 2010-12-23 13:17 - 00057344 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMISM.dll
2013-04-24 20:13 - 2007-03-30 10:24 - 00104528 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\Qem.dll
2013-04-24 20:13 - 2010-12-29 17:52 - 00147456 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMCommon.dll
2013-04-24 20:13 - 2008-08-25 17:19 - 00069632 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PHooKDlg.dll
2013-04-24 20:13 - 2011-03-11 10:47 - 00151040 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\ScanModule.dll
2013-04-24 20:13 - 2010-12-20 16:21 - 00098304 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\CategoryManager.dll
2013-04-24 20:13 - 2010-10-22 10:01 - 00139264 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMSet.dll
2013-04-24 20:13 - 2010-10-22 10:22 - 00090112 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMSave.dll
2013-04-24 20:13 - 2010-12-29 18:32 - 00614400 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMDB_N.dll
2013-04-24 20:13 - 2009-08-06 10:22 - 00421888 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\FT.dll
2013-04-24 20:13 - 2010-09-09 18:00 - 00061440 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMINSO.dll
2013-04-24 20:13 - 2009-09-09 14:44 - 00151552 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMANO.dll
2013-04-24 20:13 - 2007-03-30 09:49 - 00104528 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\ComClass.dll
2013-04-24 20:13 - 2010-08-03 10:44 - 00049152 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMOffice.dll
2013-04-24 20:13 - 2007-12-20 14:37 - 00176128 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\DocCate.dll
2013-04-24 20:13 - 2011-01-21 15:05 - 00258048 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMScnSet.dll
2013-04-24 20:13 - 2009-11-26 17:49 - 00081920 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\NetFun2k.dll
2014-03-30 10:49 - 2014-03-30 10:49 - 00046624 _____ () C:\Users\Freya-Sophie\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Core.dll
2014-03-30 10:50 - 2014-03-30 10:50 - 00068640 _____ () C:\Users\Freya-Sophie\AppData\Local\Smartbar\Application\srau.dll
2014-03-30 10:49 - 2014-03-30 10:49 - 00165408 _____ () C:\Users\Freya-Sophie\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Utilities.dll
2014-03-30 10:49 - 2014-03-30 10:49 - 02283040 _____ () C:\Users\Freya-Sophie\AppData\Local\Smartbar\Application\Smartbar.GUI.MainClient.dll
2014-03-30 10:50 - 2014-03-30 10:50 - 00066592 _____ () C:\Users\Freya-Sophie\AppData\Local\Smartbar\Application\spbl.dll
2014-03-30 10:49 - 2014-03-30 10:49 - 00154656 _____ () C:\Users\Freya-Sophie\AppData\Local\Smartbar\Application\Smartbar.Resources.HistoryAndStatsWrapper.dll
2014-03-30 10:49 - 2014-03-30 10:49 - 00014368 _____ () C:\Users\Freya-Sophie\AppData\Local\Smartbar\Application\siem.dll
2014-03-30 10:50 - 2014-03-30 10:50 - 00063520 _____ () C:\Users\Freya-Sophie\AppData\Local\Smartbar\Application\sppsm.dll
2014-03-30 10:49 - 2014-03-30 10:49 - 00696864 _____ () C:\Users\Freya-Sophie\AppData\Local\Smartbar\Application\Smartbar.GUI.Controls.dll
2014-03-30 10:49 - 2014-03-30 10:49 - 00014880 _____ () C:\Users\Freya-Sophie\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.BusinessEntities.dll
2014-03-30 10:49 - 2014-03-30 10:49 - 00078880 _____ () C:\Users\Freya-Sophie\AppData\Local\Smartbar\Application\Smartbar.GUI.Docking.dll
2014-03-30 10:49 - 2014-03-30 10:49 - 00027168 _____ () C:\Users\Freya-Sophie\AppData\Local\Smartbar\Application\Smartbar.Personalization.Common.dll
2014-03-30 10:50 - 2014-03-30 10:50 - 00056864 _____ () C:\Users\Freya-Sophie\AppData\Local\Smartbar\Application\srut.dll
2014-03-30 10:50 - 2014-03-30 10:50 - 00029216 _____ () C:\Users\Freya-Sophie\AppData\Local\Smartbar\Application\srsbs.dll
2014-03-30 10:49 - 2014-03-30 10:49 - 00065568 _____ () C:\Users\Freya-Sophie\AppData\Local\Smartbar\Application\Smartbar.Infrastructure.Plugins.InternetExplorerLocalPlugin.dll
2014-03-30 10:50 - 2014-03-30 10:50 - 00030752 _____ () C:\Users\Freya-Sophie\AppData\Local\Smartbar\Application\srom.dll
2014-03-30 10:50 - 2014-03-30 10:50 - 00030752 _____ () C:\Users\Freya-Sophie\AppData\Local\Smartbar\Application\smtu.dll
2014-03-30 10:50 - 2014-03-30 10:50 - 00038944 _____ () C:\Users\Freya-Sophie\AppData\Local\Smartbar\Application\smta.dll
2014-03-30 10:50 - 2014-03-30 10:50 - 00043552 _____ () C:\Users\Freya-Sophie\AppData\Local\Smartbar\Application\srbu.dll
2014-03-30 10:49 - 2014-03-30 10:49 - 00024096 _____ () C:\Users\Freya-Sophie\AppData\Local\Smartbar\Application\sgml.dll
2014-03-30 10:49 - 2014-03-30 10:49 - 00061472 _____ () C:\Users\Freya-Sophie\AppData\Local\Smartbar\Application\Smartbar.Resources.LanguageSettings.dll
2014-03-30 10:50 - 2014-03-30 10:50 - 00024608 _____ () C:\Users\Freya-Sophie\AppData\Local\Smartbar\Application\srpdm.dll
2014-03-30 10:49 - 2014-03-30 10:49 - 00043040 _____ () C:\Users\Freya-Sophie\AppData\Local\Smartbar\Application\MACTrackBarLib.dll
2014-03-30 10:48 - 2014-03-30 10:48 - 00026656 _____ () C:\Users\Freya-Sophie\AppData\Local\Smartbar\Application\de\Smartbar.Resources.LanguageSettings.resources.dll
2014-03-30 10:49 - 2014-03-30 10:49 - 00035360 _____ () C:\Users\Freya-Sophie\AppData\Local\Smartbar\Application\Smartbar.Resources.SocialNetsSharer.dll
2014-03-30 10:49 - 2014-03-30 10:49 - 00193056 _____ () C:\Users\Freya-Sophie\AppData\Local\Smartbar\Application\sgmu.dll
2014-03-30 10:46 - 2014-03-30 10:46 - 00061440 _____ () C:\Users\Freya-Sophie\AppData\Local\Smartbar\Application\AxInterop.WMPLib.dll
2014-03-30 10:50 - 2014-03-30 10:50 - 00255008 _____ () C:\Users\Freya-Sophie\AppData\Local\Smartbar\Application\srns.dll
2012-08-10 16:51 - 2012-08-10 16:51 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2013-04-24 20:13 - 2008-11-17 14:56 - 00102400 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\nsSign.dll
2013-04-24 20:13 - 2010-11-30 16:42 - 00352256 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMTree.dll
2013-04-24 20:13 - 2010-07-13 10:48 - 00106496 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMProp.dll
2013-04-24 20:13 - 2007-08-31 17:51 - 00040960 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMVoice.dll
2013-04-24 20:13 - 2010-09-08 17:10 - 00073728 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\OutlookVBA.dll
2013-04-24 20:13 - 2009-11-27 17:38 - 00331776 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMAppBar.dll
2013-04-24 20:13 - 2010-11-26 10:33 - 04583424 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMView.dll
2013-04-24 20:13 - 2007-03-30 10:01 - 00038992 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\NsOEMKey.dll
2013-04-24 20:13 - 2010-09-26 11:13 - 00430080 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMPageVW.dll
2013-04-24 20:13 - 2010-03-02 15:09 - 00102400 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMDocVW.dll
2013-04-24 20:13 - 2009-06-26 09:03 - 00086016 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMApSet.dll
2013-04-24 20:13 - 2010-08-03 10:51 - 01036288 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\SlideBarDLL.dll
2013-04-24 20:13 - 2009-12-04 17:20 - 00323584 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMAnoSet.dll
2013-04-24 20:13 - 2010-09-26 11:13 - 00184320 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMImgVW.dll
2013-04-24 20:13 - 2008-08-25 16:16 - 00040960 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMIEVW.dll
2013-04-24 20:13 - 2010-09-08 10:52 - 00036864 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMPDFView.dll
2013-04-24 20:13 - 2010-04-27 15:20 - 00065536 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMStatus.dll
2013-04-24 20:13 - 2007-03-30 09:57 - 00034896 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\Import.dll
2013-04-24 20:13 - 2010-11-26 10:45 - 00090112 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMImageSplitter.dll
2014-02-15 16:53 - 2014-02-15 16:53 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\b162055347700182d96325676dd591c4\IsdiInterop.ni.dll
2012-06-21 00:55 - 2011-11-29 20:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-06-21 00:59 - 2012-02-08 03:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-04-03 17:20 - 2014-03-15 10:40 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-03-12 18:43 - 2014-03-12 18:43 - 16276872 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll
2014-04-03 17:30 - 2014-02-25 11:41 - 00394808 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Cisco Systems
Service: vpnva
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/03/2014 05:56:49 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9064

Error: (04/03/2014 05:56:49 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9064

Error: (04/03/2014 05:56:49 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/03/2014 05:29:32 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2980

Error: (04/03/2014 05:29:32 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2980

Error: (04/03/2014 05:29:31 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/03/2014 05:05:36 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/03/2014 04:30:50 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/03/2014 04:29:35 PM) (Source: Avira Antivirus) (User: NT-AUTORITÄT)
Description: Die Lizenzdatei enthält keine gültige Lizenz. Der Dienst wird beendet!

Error: (04/03/2014 03:22:15 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (04/03/2014 05:10:24 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.

Error: (04/03/2014 05:10:24 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.

Error: (04/03/2014 04:53:16 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "MgAssist Service" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (04/03/2014 03:23:17 PM) (Source: NetBT) (User: )
Description: Die Registrierungsverknüpfung kann nicht geöffnet werden, um die Konfigurationsinformationen zu lesen.

Error: (04/03/2014 03:22:44 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst iphlpsvc erreicht.

Error: (04/03/2014 01:41:12 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.

Error: (04/03/2014 01:41:12 PM) (Source: Schannel) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 40. Der interne Fehlerstatus lautet: 252.

Error: (04/03/2014 08:46:53 AM) (Source: iaStor) (User: )
Description: Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht geantwortet.

Error: (03/26/2014 00:11:52 AM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am ‎25.‎03.‎2014 um 23:10:51 unerwartet heruntergefahren.

Error: (03/25/2014 04:21:57 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Norton Internet Security" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.


Microsoft Office Sessions:
=========================
Error: (04/03/2014 05:56:49 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9064

Error: (04/03/2014 05:56:49 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9064

Error: (04/03/2014 05:56:49 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/03/2014 05:29:32 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2980

Error: (04/03/2014 05:29:32 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2980

Error: (04/03/2014 05:29:31 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/03/2014 05:05:36 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/03/2014 04:30:50 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/03/2014 04:29:35 PM) (Source: Avira Antivirus)(User: NT-AUTORITÄT)
Description: 0x0

Error: (04/03/2014 03:22:15 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info =========================== 

Percentage of memory in use: 61%
Total physical RAM: 3996.36 MB
Available physical RAM: 1533.89 MB
Total Pagefile: 7990.9 MB
Available Pagefile: 5322.57 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:277.83 GB) (Free:190.93 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery) (Fixed) (Total:19.97 GB) (Free:2.14 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (JOY_04_2014) (CDROM) (Total:1.93 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: D2E3023C)

Partition: GPT Partition Type.

==================== End Of Log ============================
         
--- --- ---

Ich glaube ich habe mir wirklich einen ganzen Haufen an Viren etc eingefangen, mein PC läuft total langsam. Und auch auf dem Desktop die Pfeile die auf die Verklinkungen verweisen sind viel größer geworden ( Verzweifel gerade echt...

Hey Schrauber, ein Bekannter hat es jetzt anscheinend hinbekommen, die unterstrichenen Wörter sind weg, durch einen Adblocker für firefox. Kann ich denn ein Programm benutzen, was quasi meinen PC scannt womit du sehen kannst ob ich noch gefährliche Sachen drauf habe? Wäre super wenn du einmal drüber gucken könntetst bevor ich weiter mit dem PC arbeite
LG


Alt 04.04.2014, 13:08   #6
schrauber
/// the machine
/// TB-Ausbilder
 

VIRUS Werbung bei lila unterstrichenen Wörtern - Standard

VIRUS Werbung bei lila unterstrichenen Wörtern



Das verhindert nur die Fenster, die Malware ist immer noch auf dem System!


Revo Uninstaller - Download - Filepony
Damit alles deinstallieren was Du in der Additional.txt findest mit dem Zusatz <== ATTENTION

Mit Revo auch Moderat die Reste entfernen lassen.




Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
--> VIRUS Werbung bei lila unterstrichenen Wörtern

Alt 04.04.2014, 20:26   #7
Sophie8492
 
VIRUS Werbung bei lila unterstrichenen Wörtern - Standard

VIRUS Werbung bei lila unterstrichenen Wörtern



Ok dann mache ich das gleich. Kannst du mir bitte nich sagen was du mit dem ATTENTIOn löschen meinst? Ich kenne mich da leider überhaupt nicht mit aus. Wen du mir sagst was ich löschen soll mach ich das

Folgendes wollte ich nun löschen:
LPT System Updater Service
Mobogenie
Shopping Helper Smartbar
Shopping Helper Smartbar Engine
VIS

Wird dann im Program das Häcken da gesetz wo das programm steht oder darüber in der Tabelle von dem zweig herab alles wo das programm drunter steht?

Also ich habe jetzt alle Programme mit ATTENTION gelöscht mit dem Programm. Da ich schonmal ein Virenproblem hatte, hatte ich Malwarebytes Anti-Malware noch drauf. Habe das ebenfalls deinstalliert mit dem Programm, neu runtergeladen und alle Schritte befolgt. Nun läuft der Suchlauf...

So hier schonmal das von Malwarebytes:
(ich hoffe es war normal das der beim hochfahren ziemlich lange gebraucht hat mit schwarzem bildschirm dazwischen )

Malwarebytes Anti-Malware
Malwarebytes | Free Anti-Malware & Internet Security Software

Suchlauf Datum: 04.04.2014
Suchlauf-Zeit: 19:23:02
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.0.1000
Malware Datenbank: v2014.04.04.04
Rootkit Datenbank: v2014.03.27.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Chameleon: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Freya-Sophie

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 263708
Verstrichene Zeit: 41 Min, 46 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Shuriken: Aktiviert
PUP: Warnen
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 1
PUP.Optional.PlurPush, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update PlurPush, In Quarantäne, [c63a41bfbb4522debe7f382d0bf7f50b],

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 1
PUP.Optional.SnapDo.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWmwugvkecS8vMTddoFZ1JOSS-uAGUK354Imucep18IhloEg7llTGPxnjSNp8kBWLfHiVco_6HBvCvSGhU3jxB6OOO3v0XVmj0r_HzkiMYdL0DH98XwsM2ADUn9oClXvB_cBsksIsBciYKe8AxozxXYjbFrlA,&q={searchTerms}, Gut: (Google), Schlecht: (hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWmwugvkecS8vMTddoFZ1JOSS-uAGUK354Imucep18IhloEg7llTGPxnjSNp8kBWLfHiVco_6HBvCvSGhU3jxB6OOO3v0XVmj0r_HzkiMYdL0DH98XwsM2ADUn9oClXvB_cBsksIsBciYKe8AxozxXYjbFrlA,&q={searchTerms}), Ersetzt,[8977e91704fc27d99096a862fc08f30d]

Ordner: 0
(No malicious items detected)

Dateien: 0
(No malicious items detected)

Physische Sektoren: 0
(No malicious items detected)


(end)

Die beiden Funde hab ich in Qarantäne verschoben

Ich habe gerade das andere, adw cleaner laufen lassen, beim löschen kam eine fehlermeldung und es wurde abgebrochen, ich versuche es nochmal..

So jetzt im 2. Anlauf hat es mit dem ADWCleaner geklappt.. hier die DateiAdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v3.023 - Bericht erstellt am 03/04/2014 um 15:19:11
# Aktualisiert 01/04/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Freya-Sophie - FREYA-SOPHIE-HP
# Gestartet von : C:\Users\Freya-Sophie\Downloads\adwcleaner(2).exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16521


-\\ Mozilla Firefox v28.0 (de)

[ Datei : C:\Users\Freya-Sophie\AppData\Roaming\Mozilla\Firefox\Profiles\n3jtrf3m.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [10224 octets] - [13/10/2013 23:36:49]
AdwCleaner[R1].txt - [960 octets] - [13/10/2013 23:46:34]
AdwCleaner[R2].txt - [1068 octets] - [14/10/2013 17:59:04]
AdwCleaner[R3].txt - [2462 octets] - [03/04/2014 09:15:05]
AdwCleaner[R4].txt - [1317 octets] - [03/04/2014 15:18:04]
AdwCleaner[S0].txt - [9855 octets] - [13/10/2013 23:38:00]
AdwCleaner[S1].txt - [1020 octets] - [13/10/2013 23:48:50]
AdwCleaner[S2].txt - [1130 octets] - [14/10/2013 17:59:46]
AdwCleaner[S3].txt - [2446 octets] - [03/04/2014 09:21:06]
AdwCleaner[S4].txt - [1239 octets] - [03/04/2014 15:19:11]

########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [1299 octets] ##########
         
--- --- ---
AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v3.023 - Bericht erstellt am 04/04/2014 um 19:47:40
# Aktualisiert 01/04/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Freya-Sophie - FREYA-SOPHIE-HP
# Gestartet von : C:\Users\Freya-Sophie\Downloads\adwcleaner(2).exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHost.Tool
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\Software\Uniblue

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16521


-\\ Mozilla Firefox v28.0 (de)

[ Datei : C:\Users\Freya-Sophie\AppData\Roaming\Mozilla\Firefox\Profiles\pigyqhry.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [10224 octets] - [13/10/2013 23:36:49]
AdwCleaner[R1].txt - [960 octets] - [13/10/2013 23:46:34]
AdwCleaner[R2].txt - [1068 octets] - [14/10/2013 17:59:04]
AdwCleaner[R3].txt - [6206 octets] - [03/04/2014 09:15:05]
AdwCleaner[R4].txt - [4376 octets] - [03/04/2014 15:18:04]
AdwCleaner[S0].txt - [9855 octets] - [13/10/2013 23:38:00]
AdwCleaner[S1].txt - [1020 octets] - [13/10/2013 23:48:50]
AdwCleaner[S2].txt - [1130 octets] - [14/10/2013 17:59:46]
AdwCleaner[S3].txt - [3256 octets] - [03/04/2014 09:21:06]
AdwCleaner[S4].txt - [4295 octets] - [03/04/2014 15:19:11]

########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [4355 octets] ##########
         
--- --- ---

Hier das von Junkware Removal ToolJRT Logfile:
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows 7 Home Premium x64
Ran by Freya-Sophie on 04.04.2014 at 19:53:19,82
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 04.04.2014 at 20:15:39,80
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
--- --- ---

Und hier noch das letzte von FRST
FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Freya-Sophie (administrator) on FREYA-SOPHIE-HP on 04-04-2014 20:19:02
Running from C:\Users\Freya-Sophie\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool 
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(HP) C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AuthenTec Inc.) C:\Program Files (x86)\HP SimplePass\TouchControl.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Check Point Software Technologies, Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(NewSoft Technology Corporation) C:\Windows\System32\spool\drivers\x64\3\WrtMon.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIHTU.EXE
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIHTU.EXE
(NewSoft Technology Corporation) C:\Windows\System32\spool\drivers\x64\3\WrtProc.exe
(NewSoft Technology Corporation) C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\Pmsb.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
() C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(HP) C:\Program Files (x86)\HP SimplePass\BioMonitor.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(NewSoft Technology Corporation) C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMSpeed.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Farbar) C:\Users\Freya-Sophie\Downloads\FRST64(3).exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6463592 2012-02-13] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2885904 2012-02-24] (Synaptics Incorporated)
HKLM\...\Run: [SetDefault] - C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [44880 2011-12-19] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [WrtMon.exe] - C:\Windows\system32\spool\drivers\x64\3\WrtMon.exe [26448 2008-05-24] (NewSoft Technology Corporation)
HKLM-x32\...\Run: [Easybits Recovery] - C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2012-01-30] (EasyBits Software AS)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HPOSD] - C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [B2C_AGENT] - C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe [404568 2012-03-28] (LG Electronics)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-11-28] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152544 2012-12-12] (Apple Inc.)
HKLM-x32\...\Run: [EEventManager] - C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [PMSpeed] - C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMSpeed.EXE [116632 2010-07-29] (NewSoft Technology Corporation)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-25] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [703888 2013-08-31] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [ZoneAlarm] - C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [137352 2014-03-18] (Check Point Software Technologies Ltd.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-1595992211-3356558206-601454915-1000\...\Run: [EPLTarget\P0000000000000000] - C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHTU.EXE [241280 2012-12-13] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1595992211-3356558206-601454915-1000\...\Run: [EPLTarget\P0000000000000001] - C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHTU.EXE [241280 2012-12-13] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1595992211-3356558206-601454915-1000\...\Run: [Scan Buttons] - C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMSB.EXE [214360 2011-01-21] (NewSoft Technology Corporation)
HKU\S-1-5-21-1595992211-3356558206-601454915-1000\...\Run: [jSugLyCC] - wscript.exe //B "C:\Users\FREYA-~1\AppData\Local\Temp\jSugLyCC.vbs" <===== ATTENTION
HKU\S-1-5-21-1595992211-3356558206-601454915-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-1595992211-3356558206-601454915-1000\...\Policies\system: [DisableChangePassword] 0
Startup: C:\Users\Freya-Sophie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://www.ebay.de/sch/i.html?_nkw={searchTerms}
BHO: HP SimplePass Browser Helper Object - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass\x64\IEBHO.dll (HP)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: HP SimplePass Browser Helper Object - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass\IEBHO.DLL (HP)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
Toolbar: HKLM - HP SimplePass Toolbar - {C98EE38D-21E4-4A50-907D-2B56FEC7013E} - C:\Program Files (x86)\HP SimplePass\x64\IEBHO.dll (HP)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - HP SimplePass Toolbar - {C98EE38D-21E4-4A50-907D-2B56FEC7013E} - C:\Program Files (x86)\HP SimplePass\IEBHO.DLL (HP)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} -  No File
Handler-x32: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2012-06-21] (EasyBits Software Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Freya-Sophie\AppData\Roaming\Mozilla\Firefox\Profiles\pigyqhry.default
FF SearchEngineOrder.1: Search By ZoneAlarm
FF Homepage: https://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: zonealarm.com - C:\Users\Freya-Sophie\AppData\Roaming\Mozilla\Firefox\Profiles\pigyqhry.default\Extensions\ffxtlbr@zonealarm.com [2014-04-03]
FF Extension: Adblock Plus - C:\Users\Freya-Sophie\AppData\Roaming\Mozilla\Firefox\Profiles\pigyqhry.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-03]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\coFFPlgn\ []

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 FPLService; C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [260424 2011-12-11] (HP)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-08] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-03-05] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [857912 2014-03-05] (Malwarebytes Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe [138272 2012-06-16] (Symantec Corporation)
S3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [269640 2011-12-09] (AuthenTec, Inc.)
R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [3558112 2014-03-18] (Check Point Software Technologies Ltd.)
R2 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe [81752 2014-02-23] (Check Point Software Technologies, Ltd.)

==================== Drivers (Whitelisted) ====================

S3 Andbus; C:\Windows\System32\DRIVERS\lgandbus64.sys [19456 2012-03-02] (LG Electronics Inc.)
S3 AndDiag; C:\Windows\System32\DRIVERS\lganddiag64.sys [27648 2012-03-02] (LG Electronics Inc.)
S3 AndGps; C:\Windows\System32\DRIVERS\lgandgps64.sys [27136 2012-03-02] (LG Electronics Inc.)
S3 ANDModem; C:\Windows\System32\DRIVERS\lgandmodem64.sys [34304 2012-03-02] (LG Electronics Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2014-02-25] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2014-02-25] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)
R3 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\BASHDefs\20111201.001\BHDrvx64.sys [1157240 2011-11-28] (Symantec Corporation)
R3 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1309010.00E\ccSetx64.sys [167072 2012-06-07] (Symantec Corporation)
R3 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\IPSDefs\20111130.012\IDSVia64.sys [488568 2011-11-23] (Symantec Corporation)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [7717984 2013-12-24] (Kaspersky Lab ZAO)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [90208 2013-12-24] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [489568 2013-12-24] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-03-05] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-04-04] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-03-05] (Malwarebytes Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\VirusDefs\20111203.009\ENG64.SYS [117880 2011-12-03] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\VirusDefs\20111203.009\EX64.SYS [2048632 2011-12-03] (Symantec Corporation)
S3 RSP2STOR; C:\Windows\System32\DRIVERS\RtsP2Stor.sys [259688 2011-10-27] (Realtek Semiconductor Corp.)
R3 SmbDrv; C:\Windows\system32\drivers\Smb_driver.sys [21264 2012-02-24] (Synaptics Incorporated)
S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1309010.00E\SRTSP64.SYS [737952 2012-07-06] (Symantec Corporation)
R3 SRTSPX; C:\Windows\system32\drivers\NISx64\1309010.00E\SRTSPX64.SYS [37536 2012-07-06] (Symantec Corporation)
R3 SymDS; C:\Windows\system32\drivers\NISx64\1309010.00E\SYMDS64.SYS [451192 2011-08-16] (Symantec Corporation)
R3 SymEFA; C:\Windows\system32\drivers\NISx64\1309010.00E\SYMEFA64.SYS [1129120 2012-05-22] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [175736 2012-06-21] (Symantec Corporation)
R3 SymIRON; C:\Windows\system32\drivers\NISx64\1309010.00E\Ironx64.SYS [190072 2012-04-18] (Symantec Corporation)
R3 SymNetS; C:\Windows\System32\Drivers\NISx64\1309010.00E\SYMNETS.SYS [405624 2012-04-18] (Symantec Corporation)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52080 2013-08-30] (Cisco Systems, Inc.)
R1 Vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [451480 2014-03-18] (Check Point Software Technologies Ltd.)
R1 wStLibG64; C:\Windows\System32\drivers\wStLibG64.sys [61112 2014-04-03] (StdLib)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-04 20:18 - 2014-04-04 20:18 - 02157056 _____ (Farbar) C:\Users\Freya-Sophie\Downloads\FRST64(3).exe
2014-04-04 20:18 - 2014-04-04 20:18 - 02157056 _____ (Farbar) C:\Users\Freya-Sophie\Downloads\FRST64(2).exe
2014-04-04 20:15 - 2014-04-04 20:15 - 00000632 _____ () C:\Users\Freya-Sophie\Desktop\JRT.txt
2014-04-04 19:52 - 2014-04-04 19:52 - 01038974 _____ (Thisisu) C:\Users\Freya-Sophie\Downloads\JRT(1).exe
2014-04-04 19:46 - 2014-04-04 19:46 - 01426178 _____ () C:\Users\Freya-Sophie\Downloads\adwcleaner(2).exe
2014-04-04 19:41 - 2014-04-04 19:41 - 01426178 _____ () C:\Users\Freya-Sophie\Downloads\adwcleaner(1).exe
2014-04-04 19:38 - 2014-04-04 19:38 - 00001883 _____ () C:\Users\Freya-Sophie\Desktop\mbam.txt
2014-04-04 18:38 - 2014-04-04 19:51 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-04 18:38 - 2014-04-04 18:38 - 00001062 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-04 18:38 - 2014-03-05 09:26 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-04 18:38 - 2014-03-05 09:26 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-04 18:37 - 2014-04-04 18:38 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Freya-Sophie\Downloads\mbam-setup-2.0.0.1000(2).exe
2014-04-04 18:30 - 2014-04-04 18:30 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Freya-Sophie\Downloads\mbam-setup-2.0.0.1000(1).exe
2014-04-04 18:28 - 2014-04-04 18:29 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Freya-Sophie\Downloads\mbam-setup-2.0.0.1000.exe
2014-04-04 18:26 - 2014-04-04 18:26 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Freya-Sophie\Downloads\revosetup95(1).exe
2014-04-04 18:26 - 2014-04-04 18:26 - 00001224 _____ () C:\Users\Freya-Sophie\Desktop\Revo Uninstaller.lnk
2014-04-04 14:30 - 2014-04-04 14:30 - 00008972 _____ () C:\Users\Freya-Sophie\Desktop\Unbenannt 1.odt
2014-04-04 07:13 - 2014-04-04 07:13 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-04-03 22:07 - 2014-04-03 22:07 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-04-03 21:15 - 2014-04-03 21:15 - 00001979 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-04-03 21:15 - 2014-04-03 21:15 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-04-03 21:07 - 2014-04-03 21:07 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-04-03 21:07 - 2014-04-03 21:07 - 00000000 ____D () C:\ProgramData\McAfee
2014-04-03 20:43 - 2014-04-03 20:43 - 00431135 _____ () C:\Windows\system32\Drivers\vsconfig.xml
2014-04-03 20:42 - 2013-12-24 23:33 - 07717984 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kl1.sys
2014-04-03 20:42 - 2013-12-24 23:33 - 00489568 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-04-03 20:42 - 2013-12-24 23:33 - 00090208 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-04-03 20:36 - 2014-04-03 20:42 - 00000000 ____D () C:\Program Files (x86)\CheckPoint
2014-04-03 20:36 - 2014-04-03 20:36 - 00000000 ____D () C:\Users\Freya-Sophie\AppData\Roaming\Check Point Software Technologies LTD
2014-04-03 20:36 - 2014-04-03 20:36 - 00000000 ____D () C:\Program Files (x86)\Check Point Software Technologies LTD
2014-04-03 20:35 - 2014-04-03 20:35 - 03356760 _____ (Check Point Software Technologies Ltd.) C:\Users\Freya-Sophie\Downloads\zaSetupWeb_130_208_000.exe
2014-04-03 20:35 - 2014-04-03 20:35 - 00000000 ____D () C:\ProgramData\CheckPoint
2014-04-03 20:24 - 2014-04-03 20:24 - 00001107 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-03 20:24 - 2014-04-03 20:24 - 00000000 ____D () C:\Users\Freya-Sophie\AppData\Roaming\Mozilla
2014-04-03 20:24 - 2014-04-03 20:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-03 20:23 - 2014-04-03 20:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-03 19:49 - 2014-04-03 19:49 - 01037734 _____ (Thisisu) C:\Users\Freya-Sophie\Downloads\JRT_6.1.2.exe
2014-04-03 18:27 - 2014-04-03 18:28 - 02157056 _____ (Farbar) C:\Users\Freya-Sophie\Downloads\FRST64(1).exe
2014-04-03 17:31 - 2014-04-03 17:31 - 00000000 ____D () C:\Users\Freya-Sophie\AppData\Roaming\Avira
2014-04-03 17:30 - 2014-04-03 17:30 - 00002066 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2014-04-03 17:30 - 2014-04-03 17:30 - 00000000 ____D () C:\ProgramData\Avira
2014-04-03 17:30 - 2014-04-03 17:30 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-04-03 17:30 - 2014-02-25 11:41 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-04-03 17:30 - 2014-02-25 11:41 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-04-03 17:30 - 2014-02-25 11:41 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-04-03 17:26 - 2014-04-03 17:26 - 00061112 _____ (StdLib) C:\Windows\system32\Drivers\wStLibG64.sys
2014-04-03 17:25 - 2014-04-03 17:28 - 138607664 _____ () C:\Users\Freya-Sophie\Downloads\avira_free_antivirus_de_14.0.3.350.exe
2014-04-03 17:19 - 2014-04-03 17:20 - 25032080 _____ (Mozilla) C:\Users\Freya-Sophie\Downloads\Firefox_Setup_de28.0.exe
2014-04-03 16:53 - 2014-04-03 16:53 - 00000000 ____D () C:\Users\Freya-Sophie\AppData\Local\cache
2014-04-03 16:53 - 2014-04-03 16:53 - 00000000 ____D () C:\Users\Freya-Sophie\.android
2014-04-03 16:53 - 2014-04-03 16:53 - 00000000 _____ () C:\Users\Freya-Sophie\daemonprocess.txt
2014-04-03 16:52 - 2014-04-03 19:54 - 00000000 ____D () C:\Program Files (x86)\PlurPush
2014-04-03 16:51 - 2014-04-03 16:51 - 00000000 ____D () C:\AuthLog
2014-04-03 16:43 - 2014-04-04 18:26 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-04-03 16:43 - 2014-04-03 16:43 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Freya-Sophie\Downloads\revosetup95.exe
2014-04-03 13:12 - 2014-04-04 18:38 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-03-26 09:56 - 2014-03-26 10:11 - 00025561 _____ () C:\Users\Freya-Sophie\Desktop\Drux Arbeit korrigiert.odt
2014-03-25 17:57 - 2014-03-28 11:46 - 00000000 ____D () C:\Users\Freya-Sophie\Desktop\BA Arbeit
2014-03-18 02:24 - 2014-03-18 02:24 - 00451480 _____ (Check Point Software Technologies Ltd.) C:\Windows\system32\Drivers\vsdatant.sys
2014-03-17 23:18 - 2014-03-17 23:18 - 00000000 ____D () C:\Users\Freya-Sophie\Desktop\Hamburg
2014-03-17 22:45 - 2014-03-17 22:45 - 00000000 ____D () C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
2014-03-13 14:36 - 2014-03-01 07:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-13 14:36 - 2014-03-01 06:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-13 14:36 - 2014-03-01 06:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-13 14:36 - 2014-03-01 05:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-13 14:36 - 2014-03-01 05:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-13 14:36 - 2014-03-01 05:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-13 14:36 - 2014-03-01 05:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-13 14:36 - 2014-03-01 04:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-13 14:36 - 2014-02-07 03:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-13 14:36 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-13 14:36 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-13 14:36 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-13 14:35 - 2014-03-01 08:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-13 14:35 - 2014-03-01 07:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-13 14:35 - 2014-03-01 06:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-13 14:35 - 2014-03-01 06:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-13 14:35 - 2014-03-01 06:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-13 14:35 - 2014-03-01 06:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-13 14:35 - 2014-03-01 06:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-13 14:35 - 2014-03-01 06:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-13 14:35 - 2014-03-01 06:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-13 14:35 - 2014-03-01 06:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-13 14:35 - 2014-03-01 06:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-13 14:35 - 2014-03-01 06:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-13 14:35 - 2014-03-01 06:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-13 14:35 - 2014-03-01 06:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-13 14:35 - 2014-03-01 05:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-13 14:35 - 2014-03-01 05:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-13 14:35 - 2014-03-01 05:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-13 14:35 - 2014-03-01 05:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-13 14:35 - 2014-03-01 05:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-13 14:35 - 2014-03-01 05:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-13 14:35 - 2014-03-01 05:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-13 14:35 - 2014-03-01 05:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-13 14:35 - 2014-03-01 05:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-13 14:35 - 2014-03-01 05:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-13 14:35 - 2014-03-01 05:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-13 14:35 - 2014-03-01 05:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-13 14:35 - 2014-03-01 05:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-13 14:35 - 2014-03-01 04:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-13 14:35 - 2014-03-01 04:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-13 14:35 - 2014-03-01 04:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-13 14:35 - 2014-03-01 04:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-13 14:35 - 2014-03-01 04:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-13 14:35 - 2014-02-04 04:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-13 14:35 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-13 14:34 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-13 14:34 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-09 18:42 - 2014-03-09 18:46 - 00000000 ____D () C:\Users\Freya-Sophie\AppData\Roaming\Skype
2014-03-06 14:06 - 2014-03-06 14:06 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-05 13:17 - 2014-04-03 19:40 - 00020895 _____ () C:\Users\Freya-Sophie\Desktop\Sonderteil Drux.odt

==================== One Month Modified Files and Folders =======

2014-04-04 20:19 - 2013-10-14 12:33 - 00022257 _____ () C:\Users\Freya-Sophie\Downloads\FRST.txt
2014-04-04 20:19 - 2013-10-14 12:31 - 00000000 ____D () C:\FRST
2014-04-04 20:18 - 2014-04-04 20:18 - 02157056 _____ (Farbar) C:\Users\Freya-Sophie\Downloads\FRST64(3).exe
2014-04-04 20:18 - 2014-04-04 20:18 - 02157056 _____ (Farbar) C:\Users\Freya-Sophie\Downloads\FRST64(2).exe
2014-04-04 20:15 - 2014-04-04 20:15 - 00000632 _____ () C:\Users\Freya-Sophie\Desktop\JRT.txt
2014-04-04 19:57 - 2009-07-14 06:45 - 00031472 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-04 19:57 - 2009-07-14 06:45 - 00031472 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-04 19:54 - 2012-10-13 11:39 - 01242309 _____ () C:\Windows\WindowsUpdate.log
2014-04-04 19:52 - 2014-04-04 19:52 - 01038974 _____ (Thisisu) C:\Users\Freya-Sophie\Downloads\JRT(1).exe
2014-04-04 19:51 - 2014-04-04 18:38 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-04 19:51 - 2013-04-25 07:58 - 00000000 ____D () C:\Users\Freya-Sophie\AppData\Roaming\.oit
2014-04-04 19:48 - 2010-11-21 05:47 - 00315446 _____ () C:\Windows\PFRO.log
2014-04-04 19:48 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-04 19:48 - 2009-07-14 06:51 - 00108658 _____ () C:\Windows\setupact.log
2014-04-04 19:47 - 2013-10-13 23:36 - 00000000 ____D () C:\AdwCleaner
2014-04-04 19:46 - 2014-04-04 19:46 - 01426178 _____ () C:\Users\Freya-Sophie\Downloads\adwcleaner(2).exe
2014-04-04 19:43 - 2013-10-15 18:13 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-04 19:41 - 2014-04-04 19:41 - 01426178 _____ () C:\Users\Freya-Sophie\Downloads\adwcleaner(1).exe
2014-04-04 19:38 - 2014-04-04 19:38 - 00001883 _____ () C:\Users\Freya-Sophie\Desktop\mbam.txt
2014-04-04 19:37 - 2012-03-15 07:32 - 00700134 _____ () C:\Windows\system32\perfh007.dat
2014-04-04 19:37 - 2012-03-15 07:32 - 00149984 _____ () C:\Windows\system32\perfc007.dat
2014-04-04 19:37 - 2009-07-14 07:13 - 01622236 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-04 18:38 - 2014-04-04 18:38 - 00001062 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-04 18:38 - 2014-04-04 18:37 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Freya-Sophie\Downloads\mbam-setup-2.0.0.1000(2).exe
2014-04-04 18:38 - 2014-04-03 13:12 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-04 18:30 - 2014-04-04 18:30 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Freya-Sophie\Downloads\mbam-setup-2.0.0.1000(1).exe
2014-04-04 18:29 - 2014-04-04 18:28 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Freya-Sophie\Downloads\mbam-setup-2.0.0.1000.exe
2014-04-04 18:26 - 2014-04-04 18:26 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Freya-Sophie\Downloads\revosetup95(1).exe
2014-04-04 18:26 - 2014-04-04 18:26 - 00001224 _____ () C:\Users\Freya-Sophie\Desktop\Revo Uninstaller.lnk
2014-04-04 18:26 - 2014-04-03 16:43 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-04-04 18:23 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-04-04 14:30 - 2014-04-04 14:30 - 00008972 _____ () C:\Users\Freya-Sophie\Desktop\Unbenannt 1.odt
2014-04-04 07:15 - 2012-10-13 11:46 - 00003986 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{85A2C3B9-F210-4290-81FF-A833E868492A}
2014-04-04 07:13 - 2014-04-04 07:13 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-04-04 01:27 - 2013-10-14 00:05 - 00000000 ____D () C:\Users\Freya-Sophie\AppData\Roaming\Malwarebytes
2014-04-04 01:27 - 2013-10-14 00:04 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-04 01:27 - 2013-10-14 00:04 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-04-04 01:27 - 2012-11-28 23:49 - 00000000 ___HD () C:\Users\Freya-Sophie\Desktop\.picasaoriginals
2014-04-04 01:27 - 2012-10-26 12:31 - 00000000 ____D () C:\Users\Freya-Sophie\Desktop\Bilder
2014-04-04 01:27 - 2012-06-21 09:44 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-04-04 01:27 - 2012-06-21 01:07 - 00000000 ____D () C:\ProgramData\Norton
2014-04-04 01:27 - 2012-03-14 23:33 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-04-04 01:27 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-04-04 01:26 - 2013-03-12 23:07 - 00000000 ____D () C:\Program Files (x86)\Cisco
2014-04-03 22:07 - 2014-04-03 22:07 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-04-03 21:16 - 2012-10-13 16:20 - 00000000 ____D () C:\Users\Freya-Sophie\AppData\Local\Adobe
2014-04-03 21:15 - 2014-04-03 21:15 - 00001979 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-04-03 21:15 - 2014-04-03 21:15 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-04-03 21:15 - 2012-03-14 23:29 - 00000000 ____D () C:\ProgramData\Adobe
2014-04-03 21:07 - 2014-04-03 21:07 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-04-03 21:07 - 2014-04-03 21:07 - 00000000 ____D () C:\ProgramData\McAfee
2014-04-03 21:07 - 2013-10-15 18:13 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-03 21:07 - 2013-10-15 18:13 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-03 21:07 - 2013-10-15 18:13 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-03 20:53 - 2014-04-03 20:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-03 20:43 - 2014-04-03 20:43 - 00431135 _____ () C:\Windows\system32\Drivers\vsconfig.xml
2014-04-03 20:42 - 2014-04-03 20:36 - 00000000 ____D () C:\Program Files (x86)\CheckPoint
2014-04-03 20:36 - 2014-04-03 20:36 - 00000000 ____D () C:\Users\Freya-Sophie\AppData\Roaming\Check Point Software Technologies LTD
2014-04-03 20:36 - 2014-04-03 20:36 - 00000000 ____D () C:\Program Files (x86)\Check Point Software Technologies LTD
2014-04-03 20:35 - 2014-04-03 20:35 - 03356760 _____ (Check Point Software Technologies Ltd.) C:\Users\Freya-Sophie\Downloads\zaSetupWeb_130_208_000.exe
2014-04-03 20:35 - 2014-04-03 20:35 - 00000000 ____D () C:\ProgramData\CheckPoint
2014-04-03 20:24 - 2014-04-03 20:24 - 00001107 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-03 20:24 - 2014-04-03 20:24 - 00000000 ____D () C:\Users\Freya-Sophie\AppData\Roaming\Mozilla
2014-04-03 20:24 - 2014-04-03 20:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-03 19:54 - 2014-04-03 16:52 - 00000000 ____D () C:\Program Files (x86)\PlurPush
2014-04-03 19:54 - 2012-10-13 16:27 - 00000000 ____D () C:\Users\Freya-Sophie\AppData\Roaming\SoftGrid Client
2014-04-03 19:49 - 2014-04-03 19:49 - 01037734 _____ (Thisisu) C:\Users\Freya-Sophie\Downloads\JRT_6.1.2.exe
2014-04-03 19:40 - 2014-03-05 13:17 - 00020895 _____ () C:\Users\Freya-Sophie\Desktop\Sonderteil Drux.odt
2014-04-03 19:36 - 2012-03-14 23:16 - 00000000 ____D () C:\Program Files (x86)\HP Games
2014-04-03 19:35 - 2012-03-14 23:16 - 00000000 ____D () C:\ProgramData\WildTangent
2014-04-03 18:30 - 2013-10-14 12:32 - 00039464 _____ () C:\Users\Freya-Sophie\Downloads\Addition.txt
2014-04-03 18:28 - 2014-04-03 18:27 - 02157056 _____ (Farbar) C:\Users\Freya-Sophie\Downloads\FRST64(1).exe
2014-04-03 17:49 - 2014-01-02 22:41 - 00003228 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForFreya-Sophie
2014-04-03 17:49 - 2014-01-02 22:41 - 00000360 _____ () C:\Windows\Tasks\HPCeeScheduleForFreya-Sophie.job
2014-04-03 17:31 - 2014-04-03 17:31 - 00000000 ____D () C:\Users\Freya-Sophie\AppData\Roaming\Avira
2014-04-03 17:30 - 2014-04-03 17:30 - 00002066 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2014-04-03 17:30 - 2014-04-03 17:30 - 00000000 ____D () C:\ProgramData\Avira
2014-04-03 17:30 - 2014-04-03 17:30 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-04-03 17:28 - 2014-04-03 17:25 - 138607664 _____ () C:\Users\Freya-Sophie\Downloads\avira_free_antivirus_de_14.0.3.350.exe
2014-04-03 17:26 - 2014-04-03 17:26 - 00061112 _____ (StdLib) C:\Windows\system32\Drivers\wStLibG64.sys
2014-04-03 17:20 - 2014-04-03 17:19 - 25032080 _____ (Mozilla) C:\Users\Freya-Sophie\Downloads\Firefox_Setup_de28.0.exe
2014-04-03 16:53 - 2014-04-03 16:53 - 00000000 ____D () C:\Users\Freya-Sophie\AppData\Local\cache
2014-04-03 16:53 - 2014-04-03 16:53 - 00000000 ____D () C:\Users\Freya-Sophie\.android
2014-04-03 16:53 - 2014-04-03 16:53 - 00000000 _____ () C:\Users\Freya-Sophie\daemonprocess.txt
2014-04-03 16:53 - 2012-10-13 11:39 - 00000000 ____D () C:\Users\Freya-Sophie
2014-04-03 16:51 - 2014-04-03 16:51 - 00000000 ____D () C:\AuthLog
2014-04-03 16:43 - 2014-04-03 16:43 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Freya-Sophie\Downloads\revosetup95.exe
2014-04-03 16:33 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help
2014-03-28 11:46 - 2014-03-25 17:57 - 00000000 ____D () C:\Users\Freya-Sophie\Desktop\BA Arbeit
2014-03-26 10:11 - 2014-03-26 09:56 - 00025561 _____ () C:\Users\Freya-Sophie\Desktop\Drux Arbeit korrigiert.odt
2014-03-25 20:25 - 2014-02-17 17:10 - 00046196 _____ () C:\Users\Freya-Sophie\Desktop\Ha Drux Fertig.odt
2014-03-25 17:56 - 2013-03-12 23:07 - 00000000 ____D () C:\ProgramData\Cisco
2014-03-18 02:24 - 2014-03-18 02:24 - 00451480 _____ (Check Point Software Technologies Ltd.) C:\Windows\system32\Drivers\vsdatant.sys
2014-03-17 23:18 - 2014-03-17 23:18 - 00000000 ____D () C:\Users\Freya-Sophie\Desktop\Hamburg
2014-03-17 22:47 - 2012-03-14 23:07 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-03-17 22:45 - 2014-03-17 22:45 - 00000000 ____D () C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
2014-03-17 22:43 - 2012-03-14 23:24 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-03-17 22:43 - 2011-02-10 21:23 - 00000000 ____D () C:\SWSetup
2014-03-16 23:19 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-03-16 16:14 - 2012-11-04 18:48 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-03-16 16:13 - 2013-03-17 16:01 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-03-14 10:10 - 2009-07-14 06:45 - 00311952 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-14 10:09 - 2013-03-15 21:51 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-14 10:09 - 2013-03-15 21:51 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-10 22:46 - 2013-07-04 12:13 - 00000000 ____D () C:\Users\Freya-Sophie\Desktop\Uni
2014-03-10 22:46 - 2012-10-26 12:18 - 00000000 ____D () C:\Users\Freya-Sophie\Desktop\Musik
2014-03-09 18:46 - 2014-03-09 18:42 - 00000000 ____D () C:\Users\Freya-Sophie\AppData\Roaming\Skype
2014-03-06 14:06 - 2014-03-06 14:06 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-03-06 14:06 - 2012-03-14 23:24 - 00000000 ____D () C:\ProgramData\Skype
2014-03-06 14:01 - 2012-10-13 16:26 - 01596516 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-03-05 09:26 - 2014-04-04 18:38 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-05 09:26 - 2014-04-04 18:38 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-03-05 09:26 - 2013-10-14 00:04 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

Some content of TEMP:
====================
C:\Users\Freya-Sophie\AppData\Local\Temp\6_Offer_13.exe
C:\Users\Freya-Sophie\AppData\Local\Temp\AskSLib.dll
C:\Users\Freya-Sophie\AppData\Local\Temp\avgnt.exe
C:\Users\Freya-Sophie\AppData\Local\Temp\Extract.exe
C:\Users\Freya-Sophie\AppData\Local\Temp\HPHelpUpdater.exe
C:\Users\Freya-Sophie\AppData\Local\Temp\instruct.exe
C:\Users\Freya-Sophie\AppData\Local\Temp\Quarantine.exe
C:\Users\Freya-Sophie\AppData\Local\Temp\Resource.exe
C:\Users\Freya-Sophie\AppData\Local\Temp\SP56942.exe
C:\Users\Freya-Sophie\AppData\Local\Temp\sp58915.exe
C:\Users\Freya-Sophie\AppData\Local\Temp\SP59202.exe
C:\Users\Freya-Sophie\AppData\Local\Temp\sp64126.exe
C:\Users\Freya-Sophie\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\Freya-Sophie\AppData\Local\Temp\ylb2mz36.dll
C:\Users\Freya-Sophie\AppData\Local\Temp\_is3325.exe
C:\Users\Freya-Sophie\AppData\Local\Temp\_is6F4A.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-16 23:11

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---

--- --- ---

FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Freya-Sophie at 2014-04-04 20:20:04
Running from C:\Users\Freya-Sophie\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: ZoneAlarm Antivirus (Disabled - Up to date) {DE038A5B-9EDD-18A9-2361-FF7D98D43730}
AV: Norton Internet Security (Disabled - Out of date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ZoneAlarm Anti-Spyware (Disabled - Up to date) {65626BBF-B8E7-1727-19D1-C40FE3537D8D}
AS: Norton Internet Security (Disabled - Out of date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security (Disabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
FW: ZoneAlarm Firewall (Enabled) {E6380B7E-D4B2-19F1-083E-56486607704B}

==================== Installed Programs ======================

Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.3.633 - Adobe Systems, Inc.)
Apple Application Support (HKLM-x32\...\{CCE825DB-347A-4004-A186-5F4A6FDD8547}) (Version: 2.3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}) (Version: 6.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AuthenTec TrueAPI 64-bit (Version: 1.5.0.165 - AuthenTec, Inc.) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
Benutzerhandbuch EPSON BX535WD Series (HKLM-x32\...\EPSON BX535WD Series Useg) (Version:  - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.06 - Piriform)
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.04066 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.04066 - Cisco Systems, Inc.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.3.5010 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.5.3.5010 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Download Navigator (HKLM-x32\...\{D0353B68-A142-4F89-A46E-1C9A7745D636}) (Version: 3.4.1 - SEIKO EPSON CORPORATION)
EPSON BX535WD Series Printer Uninstall (HKLM\...\EPSON BX535WD Series) (Version:  - SEIKO EPSON Corporation)
Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.1.1 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print 2 (HKLM-x32\...\{FFF841F3-9A15-4F61-BD16-C19F132E5A27}) (Version: 2.3.0.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION2)
Epson Event Manager (HKLM-x32\...\{FA9D303D-0FB2-49C7-9397-8E6B11EA892D}) (Version: 2.50.0001 - SEIKO EPSON CORPORATION)
Epson E-Web Print (HKLM-x32\...\{695C8469-7822-4B31-A673-5ED84815B649}) (Version: 1.17.0000 - SEIKO EPSON CORPORATION)
EPSON Printer Finder (HKLM-x32\...\{B8ECD0D3-AE08-4891-B6C7-32F96B75EB6C}) (Version: 1.0.0 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.4j - SEIKO EPSON CORPORATION)
ESU for Microsoft Windows 7 SP1 (HKLM-x32\...\{7DA9DD7F-F4D9-40FB-BD27-69B7731DEDD9}) (Version: 5.1.3 - Hewlett-Packard)
Evernote v. 4.5.2 (HKLM-x32\...\{8CE152BA-1D16-11E1-867D-984BE15F174E}) (Version: 4.5.2.5904 - Evernote Corp.)
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Auto (Version: 1.0.12935.3667 - Hewlett-Packard Company) Hidden
HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden
HP Documentation (HKLM-x32\...\{DB183033-C2DD-4A37-B43C-943DD4B28C77}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Launch Box (HKLM\...\{5A847522-375C-4D05-BD3D-88C450CC047F}) (Version: 1.1.5 - Hewlett-Packard Company)
HP On Screen Display (HKLM-x32\...\{ED1BD69A-07E3-418C-91F1-D856582581BF}) (Version: 1.3.5 - Hewlett-Packard Company)
HP Power Manager (HKLM-x32\...\{7E799992-5DA0-4A1A-9443-B1836B063FEC}) (Version: 1.4.8 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{53B17A98-5BF0-40BC-AAFF-850A357975AC}) (Version: 2.7.2 - Hewlett-Packard Company)
HP Recovery Manager (x32 Version: 2.0.0 - Hewlett-Packard) Hidden
HP Security Assistant (HKLM\...\{D3AA8FD3-5FFA-4CFC-BA8E-99BFC6A41943}) (Version: 3.0.2 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{438363A8-F486-4C37-834C-4955773CB3D3}) (Version: 9.1.15430.4033 - Hewlett-Packard Company)
HP SimplePass PE (HKLM-x32\...\{880B5A98-B242-4B53-BD6F-41EA17495EAD}) (Version: 5.4.0.402 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{D2462056-BA75-4B2C-8267-DFEA2B6AC4AE}) (Version: 4.6.10.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.2.1410 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2653 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
iTunes (HKLM\...\{0E5D76AD-A3FB-48D5-8400-8903B10317D3}) (Version: 11.0.1.12 - Apple Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LG United Mobile Driver (HKLM-x32\...\{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}) (Version: 3.7.2.0 - LG Electronics)
LG USB WML Modem Driver (HKLM-x32\...\{FBA0CA60-8BF2-4381-B819-74F020E165A9}) (Version: 1.0 - LG Electronics)
Magic Desktop (HKLM-x32\...\EasyBits Magic Desktop) (Version: 3.0 - EasyBits Software AS)
Malwarebytes Anti-Malware Version 2.00.0.1000 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.00.0.1000 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Excel 2002 (HKLM-x32\...\{90160407-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2701.01 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.5139.5005 - Microsoft Corporation)
Microsoft PowerPoint 2002 (HKLM-x32\...\{90180407-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2701.01 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Word 2002 (HKLM-x32\...\{901B0407-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2701.01 - Microsoft Corporation)
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Netzwerkhandbuch EPSON BX535WD Series (HKLM-x32\...\EPSON BX535WD Series Netg) (Version:  - )
Norton Internet Security (HKLM-x32\...\NIS) (Version: 19.9.1.14 - Symantec Corporation)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Presto! PageManager 9.03 SE (HKLM-x32\...\{04AF7536-446D-4F5A-8920-B4E885E4581B}) (Version: 9.03.06 - Newsoft Technology Corporation)
Ralink RT5390R 802.11b/g/n 1x1 Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 3.2.12.0 - Ralink)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.51.116.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6577 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.29005 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.0.1.0 - Synaptics Incorporated)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
ZoneAlarm Antivirus (x32 Version: 13.0.208.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Firewall (x32 Version: 13.0.208.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Free Antivirus + Firewall (HKLM-x32\...\ZoneAlarm Free Antivirus + Firewall) (Version: 13.0.208.000 - Check Point)
ZoneAlarm Security (x32 Version: 13.0.208.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Security Toolbar  (HKCU\...\zonealarm) (Version: 1.8.29.17 - Check Point Software Technologies LTD)
ZoneAlarm Security Toolbar  (HKLM-x32\...\zonealarm) (Version: 1.8.29.17 - Check Point Software Technologies LTD)

==================== Restore Points  =========================

17-03-2014 20:46:05 Installed HP Support Assistant
17-03-2014 20:48:58 Windows Modules Installer
17-03-2014 20:49:59 Windows Modules Installer
03-04-2014 14:31:25 Windows Modules Installer
03-04-2014 14:32:08 Windows Modules Installer
03-04-2014 14:44:51 Revo Uninstaller's restore point - Mozilla Firefox 27.0.1 (x86 de)
03-04-2014 14:46:22 Revo Uninstaller's restore point - Mozilla Firefox 27.0.1 (x86 de)
03-04-2014 14:51:35 Uniblue SpeedUpMyPC installation
03-04-2014 14:55:29 Revo Uninstaller's restore point - VO Package
03-04-2014 14:56:24 Revo Uninstaller's restore point - SpeedUpMyPC
03-04-2014 14:57:25 Revo Uninstaller's restore point - WebEnhance
03-04-2014 14:59:22 Revo Uninstaller's restore point - Windows Live Mesh ActiveX Control for Remote Connections
03-04-2014 15:00:47 Revo Uninstaller's restore point - Adobe Reader X (10.1.9) MUI
03-04-2014 15:02:46 Revo Uninstaller's restore point - Avira Free Antivirus
03-04-2014 17:37:50 Removed Cisco AnyConnect Secure Mobility Client
04-04-2014 16:31:59 Revo Uninstaller's restore point - Malwarebytes Anti-Malware Version 1.75.0.1300

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {18C7C69B-D51D-47DE-A239-83AD5CB45283} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\SymErr.exe [2012-02-04] (Symantec Corporation)
Task: {20F939D9-1A8C-40F9-AE9E-B1306BB65BCC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-10-15] (Hewlett-Packard)
Task: {5C9F6B69-247C-418F-BFE0-34A9400DA327} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-03] (Adobe Systems Incorporated)
Task: {747B5C5E-AD3D-4116-8DF7-F07ABC373D96} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\SymErr.exe [2012-02-04] (Symantec Corporation)
Task: {79712EB4-8C55-438E-A146-B83F7F83EEC7} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\WSCStub.exe [2013-02-02] (Symantec Corporation)
Task: {7E1AB936-B3C3-43F4-B709-E5FD3E90A1EC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_backup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-10-15] (Hewlett-Packard)
Task: {964527E7-49EF-4396-9767-67E3D5879E39} - System32\Tasks\HPCeeScheduleForFreya-Sophie => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {B33C62BE-0DE7-4F33-8CBD-7E0B34EA2503} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {B4B5CF31-E967-42DA-8FCD-F6A159943364} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-12-12] (Hewlett-Packard Company)
Task: {BEA4A914-8432-4693-ABBE-C6427046EA76} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {CA75F678-04B9-4525-B195-80D589153504} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-02-10] (CyberLink)
Task: {CCD2C709-BF9F-47DF-89AE-A3EADE5559EC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-09-19] (Piriform Ltd)
Task: {F99EABE5-7105-470E-ACAD-CBD3542DE659} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\HPCeeScheduleForFreya-Sophie.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (whitelisted) =============

2012-02-14 19:53 - 2012-02-14 19:53 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-12-19 23:34 - 2011-12-19 23:34 - 00108880 _____ () C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe
2013-08-31 00:11 - 2013-08-31 00:11 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2014-04-03 17:30 - 2014-02-25 11:41 - 00394808 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2012-11-28 15:13 - 2012-11-28 15:13 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-11-28 15:13 - 2012-11-28 15:13 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-01-27 15:43 - 2014-01-27 15:43 - 00065936 _____ () C:\Program Files (x86)\CheckPoint\ZoneAlarm\Community.CsharpSqlite.SQLiteClient.dll
2013-04-24 20:13 - 2010-05-07 11:46 - 00057344 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PerformOcr.dll
2013-04-24 20:13 - 2010-12-23 13:17 - 00057344 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMISM.dll
2013-04-24 20:13 - 2007-03-30 10:24 - 00104528 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\Qem.dll
2013-04-24 20:13 - 2010-12-29 17:52 - 00147456 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMCommon.dll
2013-04-24 20:13 - 2008-08-25 17:19 - 00069632 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PHooKDlg.dll
2013-04-24 20:13 - 2011-03-11 10:47 - 00151040 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\ScanModule.dll
2013-04-24 20:13 - 2010-12-20 16:21 - 00098304 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\CategoryManager.dll
2013-04-24 20:13 - 2010-10-22 10:01 - 00139264 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMSet.dll
2013-04-24 20:13 - 2010-10-22 10:22 - 00090112 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMSave.dll
2013-04-24 20:13 - 2010-12-29 18:32 - 00614400 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMDB_N.dll
2013-04-24 20:13 - 2009-08-06 10:22 - 00421888 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\FT.dll
2013-04-24 20:13 - 2010-09-09 18:00 - 00061440 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMINSO.dll
2013-04-24 20:13 - 2009-09-09 14:44 - 00151552 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMANO.dll
2013-04-24 20:13 - 2007-03-30 09:49 - 00104528 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\ComClass.dll
2013-04-24 20:13 - 2010-08-03 10:44 - 00049152 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMOffice.dll
2013-04-24 20:13 - 2007-12-20 14:37 - 00176128 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\DocCate.dll
2013-04-24 20:13 - 2011-01-21 15:05 - 00258048 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMScnSet.dll
2013-04-24 20:13 - 2009-11-26 17:49 - 00081920 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\NetFun2k.dll
2012-08-10 16:51 - 2012-08-10 16:51 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2013-04-24 20:13 - 2008-11-17 14:56 - 00102400 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\nsSign.dll
2013-04-24 20:13 - 2010-11-30 16:42 - 00352256 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMTree.dll
2013-04-24 20:13 - 2010-07-13 10:48 - 00106496 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMProp.dll
2013-04-24 20:13 - 2007-08-31 17:51 - 00040960 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMVoice.dll
2013-04-24 20:13 - 2010-09-08 17:10 - 00073728 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\OutlookVBA.dll
2013-04-24 20:13 - 2009-11-27 17:38 - 00331776 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMAppBar.dll
2013-04-24 20:13 - 2010-11-26 10:33 - 04583424 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMView.dll
2013-04-24 20:13 - 2007-03-30 10:01 - 00038992 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\NsOEMKey.dll
2013-04-24 20:13 - 2010-09-26 11:13 - 00430080 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMPageVW.dll
2013-04-24 20:13 - 2010-03-02 15:09 - 00102400 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMDocVW.dll
2013-04-24 20:13 - 2009-06-26 09:03 - 00086016 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMApSet.dll
2013-04-24 20:13 - 2010-08-03 10:51 - 01036288 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\SlideBarDLL.dll
2013-04-24 20:13 - 2009-12-04 17:20 - 00323584 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMAnoSet.dll
2013-04-24 20:13 - 2010-09-26 11:13 - 00184320 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMImgVW.dll
2013-04-24 20:13 - 2008-08-25 16:16 - 00040960 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMIEVW.dll
2013-04-24 20:13 - 2010-09-08 10:52 - 00036864 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMPDFView.dll
2013-04-24 20:13 - 2010-04-27 15:20 - 00065536 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMStatus.dll
2013-04-24 20:13 - 2007-03-30 09:57 - 00034896 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\Import.dll
2013-04-24 20:13 - 2010-11-26 10:45 - 00090112 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMImageSplitter.dll
2014-02-15 16:53 - 2014-02-15 16:53 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\b162055347700182d96325676dd591c4\IsdiInterop.ni.dll
2012-06-21 00:55 - 2011-11-29 20:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-06-21 00:59 - 2012-02-08 03:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-04-03 20:23 - 2014-03-15 10:40 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"

==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Percentage of memory in use: 51%
Total physical RAM: 3996.36 MB
Available physical RAM: 1931.63 MB
Total Pagefile: 7990.9 MB
Available Pagefile: 5393.3 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:277.83 GB) (Free:193.82 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery) (Fixed) (Total:19.97 GB) (Free:2.14 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (JOY_04_2014) (CDROM) (Total:1.93 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: D2E3023C)

Partition: GPT Partition Type.

==================== End Of Log ============================
         
--- --- ---

Gib mir bitte wenn es geht schnell eine Rückmeldung, ob alles wieder ok und gut ist.
Vielen dank im vorraus

Alt 05.04.2014, 12:02   #8
schrauber
/// the machine
/// TB-Ausbilder
 

VIRUS Werbung bei lila unterstrichenen Wörtern - Standard

VIRUS Werbung bei lila unterstrichenen Wörtern



Perfekt. Kontrollscans, kannst aber normal am Rechner arbeiten. Während dem Onlinescan aber bitte nit rum surfen im Netz.


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 05.04.2014, 12:34   #9
Sophie8492
 
VIRUS Werbung bei lila unterstrichenen Wörtern - Standard

VIRUS Werbung bei lila unterstrichenen Wörtern



Ab dem Schritt mit Explorer habe ich das nicht verstanden. Wenn ich den geöffnet habe was soll ich dann genau machen?

Alt 06.04.2014, 12:59   #10
schrauber
/// the machine
/// TB-Ausbilder
 

VIRUS Werbung bei lila unterstrichenen Wörtern - Standard

VIRUS Werbung bei lila unterstrichenen Wörtern



Windows Eplorer öffnen und das Logfile vom Onlinescan am angegebenen Platz suchen
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 07.04.2014, 12:56   #11
Sophie8492
 
VIRUS Werbung bei lila unterstrichenen Wörtern - Standard

VIRUS Werbung bei lila unterstrichenen Wörtern



HAbe C geöffnet aber da gibt es kein ESET bei den Programmen...

Ok habe es gefunden:

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=44aefb49df01594b999eaf06f456266b
# engine=17766
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-04-05 04:20:46
# local_time=2014-04-05 06:20:46 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1799 16775165 100 94 24494 3397182 17259 0
# compatibility_mode=3591 16777213 100 95 36119117 159311431 0 0
# compatibility_mode=5893 16776574 100 94 23227940 148344696 0 0
# compatibility_mode=9217 16776893 100 13 22881 776440 0 0
# scanned=168054
# found=0
# cleaned=0
# scan_time=20932

Security Check:

Results of screen317's Security Check version 0.99.80
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Avira Desktop
ZoneAlarm Antivirus
Norton Internet Security
Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Adobe Flash Player 12.0.0.77
Adobe Reader XI
Mozilla Firefox (28.0)
````````Process Check: objlist.exe by Laurent````````
Norton ccSvcHst.exe
Malwarebytes Anti-Malware mbamservice.exe
Malwarebytes Anti-Malware mbam.exe
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
Malwarebytes Anti-Malware mbamscheduler.exe
CheckPoint ZoneAlarm vsmon.exe
CheckPoint ZoneAlarm ZAPrivacyService.exe
CheckPoint ZoneAlarm zatray.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````


FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Freya-Sophie (administrator) on FREYA-SOPHIE-HP on 06-04-2014 13:40:03
Running from C:\Users\Freya-Sophie\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool 
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(HP) C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE
(EasyBits Software AS) C:\Windows\SysWOW64\ezSharedSvcHost.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(NewSoft Technology Corporation) C:\Windows\System32\spool\drivers\x64\3\WrtMon.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIHTU.EXE
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIHTU.EXE
() C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar2.exe
(NewSoft Technology Corporation) C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\Pmsb.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
(NewSoft Technology Corporation) C:\Windows\System32\spool\drivers\x64\3\WrtProc.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Check Point Software Technologies, Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Synaptics Incorporated) C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
(NewSoft Technology Corporation) C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMSpeed.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files (x86)\Internet Explorer\IELowutil.exe
(AuthenTec Inc.) C:\Program Files (x86)\HP SimplePass\TouchControl.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(HP) C:\Program Files (x86)\HP SimplePass\BioMonitor.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Farbar) C:\Users\Freya-Sophie\Downloads\FRST64(4).exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6463592 2012-02-13] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2885904 2012-02-24] (Synaptics Incorporated)
HKLM\...\Run: [SetDefault] - C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe [44880 2011-12-19] (Hewlett-Packard Development Company, L.P.)
HKLM\...\Run: [WrtMon.exe] - C:\Windows\system32\spool\drivers\x64\3\WrtMon.exe [26448 2008-05-24] (NewSoft Technology Corporation)
HKLM-x32\...\Run: [Easybits Recovery] - C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe [61112 2012-01-30] (EasyBits Software AS)
HKLM-x32\...\Run: [] - [X]
HKLM-x32\...\Run: [HP Quick Launch] - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [HPOSD] - C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe [379960 2011-08-19] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [B2C_AGENT] - C:\ProgramData\LGMOBILEAX\B2C_Client\B2CNotiAgent.exe [404568 2012-03-28] (LG Electronics)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-11-28] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152544 2012-12-12] (Apple Inc.)
HKLM-x32\...\Run: [EEventManager] - C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [979328 2010-10-12] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [PMSpeed] - C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMSpeed.EXE [116632 2010-07-29] (NewSoft Technology Corporation)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-25] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [703888 2013-08-31] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [ZoneAlarm] - C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [137352 2014-03-18] (Check Point Software Technologies Ltd.)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM\...\RunOnce: [NCPluginUpdater] - "c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\NCPluginUpdater.exe" Update [21720 2014-03-25] (Hewlett-Packard)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-1595992211-3356558206-601454915-1000\...\Run: [EPLTarget\P0000000000000000] - C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHTU.EXE [241280 2012-12-13] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1595992211-3356558206-601454915-1000\...\Run: [EPLTarget\P0000000000000001] - C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHTU.EXE [241280 2012-12-13] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1595992211-3356558206-601454915-1000\...\Run: [Scan Buttons] - C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMSB.EXE [214360 2011-01-21] (NewSoft Technology Corporation)
HKU\S-1-5-21-1595992211-3356558206-601454915-1000\...\Run: [jSugLyCC] - wscript.exe //B "C:\Users\FREYA-~1\AppData\Local\Temp\jSugLyCC.vbs" <===== ATTENTION
HKU\S-1-5-21-1595992211-3356558206-601454915-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-1595992211-3356558206-601454915-1000\...\Policies\system: [DisableChangePassword] 0
HKU\S-1-5-21-1595992211-3356558206-601454915-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [EPLTarget\P0000000000000000] - C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHTU.EXE [241280 2012-12-13] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1595992211-3356558206-601454915-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [EPLTarget\P0000000000000001] - C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIHTU.EXE [241280 2012-12-13] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1595992211-3356558206-601454915-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Scan Buttons] - C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMSB.EXE [214360 2011-01-21] (NewSoft Technology Corporation)
HKU\S-1-5-21-1595992211-3356558206-601454915-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [jSugLyCC] - wscript.exe //B "C:\Users\FREYA-~1\AppData\Local\Temp\jSugLyCC.vbs" <===== ATTENTION
HKU\S-1-5-21-1595992211-3356558206-601454915-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-1595992211-3356558206-601454915-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [DisableChangePassword] 0
Startup: C:\Users\Freya-Sophie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-111076-19270-3/4?mpre=hxxp://www.ebay.de/sch/i.html?_nkw={searchTerms}
BHO: HP SimplePass Browser Helper Object - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass\x64\IEBHO.dll (HP)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: HP SimplePass Browser Helper Object - {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} - C:\Program Files (x86)\HP SimplePass\IEBHO.DLL (HP)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
Toolbar: HKLM - HP SimplePass Toolbar - {C98EE38D-21E4-4A50-907D-2B56FEC7013E} - C:\Program Files (x86)\HP SimplePass\x64\IEBHO.dll (HP)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - HP SimplePass Toolbar - {C98EE38D-21E4-4A50-907D-2B56FEC7013E} - C:\Program Files (x86)\HP SimplePass\IEBHO.DLL (HP)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll (SEIKO EPSON CORPORATION)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} -  No File
Handler-x32: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2012-06-21] (EasyBits Software Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Freya-Sophie\AppData\Roaming\Mozilla\Firefox\Profiles\pigyqhry.default
FF SearchEngineOrder.1: Search By ZoneAlarm
FF Homepage: https://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: zonealarm.com - C:\Users\Freya-Sophie\AppData\Roaming\Mozilla\Firefox\Profiles\pigyqhry.default\Extensions\ffxtlbr@zonealarm.com [2014-04-03]
FF Extension: Adblock Plus - C:\Users\Freya-Sophie\AppData\Roaming\Mozilla\Firefox\Profiles\pigyqhry.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-03]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\coFFPlgn\ []

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)
R2 FPLService; C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [260424 2011-12-11] (HP)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [161560 2012-02-08] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-03-05] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [857912 2014-03-05] (Malwarebytes Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\ccSvcHst.exe [138272 2012-06-16] (Symantec Corporation)
S3 TrueService; C:\Program Files\Common Files\AuthenTec\TrueService.exe [269640 2011-12-09] (AuthenTec, Inc.)
R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [3558112 2014-03-18] (Check Point Software Technologies Ltd.)
R2 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe [81752 2014-02-23] (Check Point Software Technologies, Ltd.)

==================== Drivers (Whitelisted) ====================

S3 Andbus; C:\Windows\System32\DRIVERS\lgandbus64.sys [19456 2012-03-02] (LG Electronics Inc.)
S3 AndDiag; C:\Windows\System32\DRIVERS\lganddiag64.sys [27648 2012-03-02] (LG Electronics Inc.)
S3 AndGps; C:\Windows\System32\DRIVERS\lgandgps64.sys [27136 2012-03-02] (LG Electronics Inc.)
S3 ANDModem; C:\Windows\System32\DRIVERS\lgandmodem64.sys [34304 2012-03-02] (LG Electronics Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2014-02-25] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2014-02-25] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)
R3 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\BASHDefs\20111201.001\BHDrvx64.sys [1157240 2011-11-28] (Symantec Corporation)
R3 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1309010.00E\ccSetx64.sys [167072 2012-06-07] (Symantec Corporation)
R3 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\IPSDefs\20111130.012\IDSVia64.sys [488568 2011-11-23] (Symantec Corporation)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [7717984 2013-12-24] (Kaspersky Lab ZAO)
U5 klflt; C:\Windows\System32\Drivers\klflt.sys [90208 2013-12-24] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [489568 2013-12-24] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-03-05] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-04-06] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-03-05] (Malwarebytes Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\VirusDefs\20111203.009\ENG64.SYS [117880 2011-12-03] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\VirusDefs\20111203.009\EX64.SYS [2048632 2011-12-03] (Symantec Corporation)
S3 RSP2STOR; C:\Windows\System32\DRIVERS\RtsP2Stor.sys [259688 2011-10-27] (Realtek Semiconductor Corp.)
R3 SmbDrv; C:\Windows\system32\drivers\Smb_driver.sys [21264 2012-02-24] (Synaptics Incorporated)
S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1309010.00E\SRTSP64.SYS [737952 2012-07-06] (Symantec Corporation)
R3 SRTSPX; C:\Windows\system32\drivers\NISx64\1309010.00E\SRTSPX64.SYS [37536 2012-07-06] (Symantec Corporation)
R3 SymDS; C:\Windows\system32\drivers\NISx64\1309010.00E\SYMDS64.SYS [451192 2011-08-16] (Symantec Corporation)
R3 SymEFA; C:\Windows\system32\drivers\NISx64\1309010.00E\SYMEFA64.SYS [1129120 2012-05-22] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [175736 2012-06-21] (Symantec Corporation)
R3 SymIRON; C:\Windows\system32\drivers\NISx64\1309010.00E\Ironx64.SYS [190072 2012-04-18] (Symantec Corporation)
R3 SymNetS; C:\Windows\System32\Drivers\NISx64\1309010.00E\SYMNETS.SYS [405624 2012-04-18] (Symantec Corporation)
S3 vpnva; C:\Windows\System32\DRIVERS\vpnva64-6.sys [52080 2013-08-30] (Cisco Systems, Inc.)
R1 Vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [451480 2014-03-18] (Check Point Software Technologies Ltd.)
R1 wStLibG64; C:\Windows\System32\drivers\wStLibG64.sys [61112 2014-04-03] (StdLib)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-06 13:39 - 2014-04-06 13:39 - 02157056 _____ (Farbar) C:\Users\Freya-Sophie\Downloads\FRST64(4).exe
2014-04-06 13:34 - 2014-04-06 13:34 - 00987442 _____ () C:\Users\Freya-Sophie\Downloads\SecurityCheck.exe
2014-04-06 13:25 - 2014-04-06 13:28 - 00000569 ____H () C:\Windows\SysWOW64\BTImages.dat
2014-04-05 12:29 - 2014-04-05 12:29 - 02347384 _____ (ESET) C:\Users\Freya-Sophie\Downloads\esetsmartinstaller_enu.exe
2014-04-04 20:18 - 2014-04-04 20:18 - 02157056 _____ (Farbar) C:\Users\Freya-Sophie\Downloads\FRST64(3).exe
2014-04-04 20:18 - 2014-04-04 20:18 - 02157056 _____ (Farbar) C:\Users\Freya-Sophie\Downloads\FRST64(2).exe
2014-04-04 20:15 - 2014-04-04 20:15 - 00000632 _____ () C:\Users\Freya-Sophie\Desktop\JRT.txt
2014-04-04 19:52 - 2014-04-04 19:52 - 01038974 _____ (Thisisu) C:\Users\Freya-Sophie\Downloads\JRT(1).exe
2014-04-04 19:46 - 2014-04-04 19:46 - 01426178 _____ () C:\Users\Freya-Sophie\Downloads\adwcleaner(2).exe
2014-04-04 19:41 - 2014-04-04 19:41 - 01426178 _____ () C:\Users\Freya-Sophie\Downloads\adwcleaner(1).exe
2014-04-04 19:38 - 2014-04-04 19:38 - 00001883 _____ () C:\Users\Freya-Sophie\Desktop\mbam.txt
2014-04-04 18:38 - 2014-04-06 13:22 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-04 18:38 - 2014-04-04 18:38 - 00001062 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-04 18:38 - 2014-03-05 09:26 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-04 18:38 - 2014-03-05 09:26 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-04 18:37 - 2014-04-04 18:38 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Freya-Sophie\Downloads\mbam-setup-2.0.0.1000(2).exe
2014-04-04 18:30 - 2014-04-04 18:30 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Freya-Sophie\Downloads\mbam-setup-2.0.0.1000(1).exe
2014-04-04 18:28 - 2014-04-04 18:29 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Freya-Sophie\Downloads\mbam-setup-2.0.0.1000.exe
2014-04-04 18:26 - 2014-04-04 18:26 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Freya-Sophie\Downloads\revosetup95(1).exe
2014-04-04 18:26 - 2014-04-04 18:26 - 00001224 _____ () C:\Users\Freya-Sophie\Desktop\Revo Uninstaller.lnk
2014-04-04 14:30 - 2014-04-04 14:30 - 00008972 _____ () C:\Users\Freya-Sophie\Desktop\Unbenannt 1.odt
2014-04-04 07:13 - 2014-04-04 07:13 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-04-03 22:07 - 2014-04-03 22:07 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-04-03 21:15 - 2014-04-03 21:15 - 00001979 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-04-03 21:15 - 2014-04-03 21:15 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-04-03 21:07 - 2014-04-03 21:07 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-04-03 21:07 - 2014-04-03 21:07 - 00000000 ____D () C:\ProgramData\McAfee
2014-04-03 20:43 - 2014-04-03 20:43 - 00431135 _____ () C:\Windows\system32\Drivers\vsconfig.xml
2014-04-03 20:42 - 2013-12-24 23:33 - 07717984 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kl1.sys
2014-04-03 20:42 - 2013-12-24 23:33 - 00489568 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys
2014-04-03 20:42 - 2013-12-24 23:33 - 00090208 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys
2014-04-03 20:36 - 2014-04-03 20:42 - 00000000 ____D () C:\Program Files (x86)\CheckPoint
2014-04-03 20:36 - 2014-04-03 20:36 - 00000000 ____D () C:\Users\Freya-Sophie\AppData\Roaming\Check Point Software Technologies LTD
2014-04-03 20:36 - 2014-04-03 20:36 - 00000000 ____D () C:\Program Files (x86)\Check Point Software Technologies LTD
2014-04-03 20:35 - 2014-04-03 20:35 - 03356760 _____ (Check Point Software Technologies Ltd.) C:\Users\Freya-Sophie\Downloads\zaSetupWeb_130_208_000.exe
2014-04-03 20:35 - 2014-04-03 20:35 - 00000000 ____D () C:\ProgramData\CheckPoint
2014-04-03 20:24 - 2014-04-03 20:24 - 00001107 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-03 20:24 - 2014-04-03 20:24 - 00000000 ____D () C:\Users\Freya-Sophie\AppData\Roaming\Mozilla
2014-04-03 20:24 - 2014-04-03 20:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-03 20:23 - 2014-04-03 20:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-03 19:49 - 2014-04-03 19:49 - 01037734 _____ (Thisisu) C:\Users\Freya-Sophie\Downloads\JRT_6.1.2.exe
2014-04-03 18:27 - 2014-04-03 18:28 - 02157056 _____ (Farbar) C:\Users\Freya-Sophie\Downloads\FRST64(1).exe
2014-04-03 17:31 - 2014-04-03 17:31 - 00000000 ____D () C:\Users\Freya-Sophie\AppData\Roaming\Avira
2014-04-03 17:30 - 2014-04-03 17:30 - 00002066 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2014-04-03 17:30 - 2014-04-03 17:30 - 00000000 ____D () C:\ProgramData\Avira
2014-04-03 17:30 - 2014-04-03 17:30 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-04-03 17:30 - 2014-02-25 11:41 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-04-03 17:30 - 2014-02-25 11:41 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-04-03 17:30 - 2014-02-25 11:41 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-04-03 17:26 - 2014-04-03 17:26 - 00061112 _____ (StdLib) C:\Windows\system32\Drivers\wStLibG64.sys
2014-04-03 17:25 - 2014-04-03 17:28 - 138607664 _____ () C:\Users\Freya-Sophie\Downloads\avira_free_antivirus_de_14.0.3.350.exe
2014-04-03 17:19 - 2014-04-03 17:20 - 25032080 _____ (Mozilla) C:\Users\Freya-Sophie\Downloads\Firefox_Setup_de28.0.exe
2014-04-03 16:53 - 2014-04-03 16:53 - 00000000 ____D () C:\Users\Freya-Sophie\AppData\Local\cache
2014-04-03 16:53 - 2014-04-03 16:53 - 00000000 ____D () C:\Users\Freya-Sophie\.android
2014-04-03 16:53 - 2014-04-03 16:53 - 00000000 _____ () C:\Users\Freya-Sophie\daemonprocess.txt
2014-04-03 16:52 - 2014-04-03 19:54 - 00000000 ____D () C:\Program Files (x86)\PlurPush
2014-04-03 16:51 - 2014-04-03 16:51 - 00000000 ____D () C:\AuthLog
2014-04-03 16:43 - 2014-04-04 18:26 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-04-03 16:43 - 2014-04-03 16:43 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Freya-Sophie\Downloads\revosetup95.exe
2014-04-03 13:12 - 2014-04-04 18:38 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-03-26 09:56 - 2014-03-26 10:11 - 00025561 _____ () C:\Users\Freya-Sophie\Desktop\Drux Arbeit korrigiert.odt
2014-03-25 17:57 - 2014-03-28 11:46 - 00000000 ____D () C:\Users\Freya-Sophie\Desktop\BA Arbeit
2014-03-18 02:24 - 2014-03-18 02:24 - 00451480 _____ (Check Point Software Technologies Ltd.) C:\Windows\system32\Drivers\vsdatant.sys
2014-03-17 23:18 - 2014-03-17 23:18 - 00000000 ____D () C:\Users\Freya-Sophie\Desktop\Hamburg
2014-03-17 22:45 - 2014-03-17 22:45 - 00000000 ____D () C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
2014-03-13 14:36 - 2014-03-01 07:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-13 14:36 - 2014-03-01 06:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-13 14:36 - 2014-03-01 06:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-13 14:36 - 2014-03-01 05:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-13 14:36 - 2014-03-01 05:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-13 14:36 - 2014-03-01 05:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-13 14:36 - 2014-03-01 05:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-13 14:36 - 2014-03-01 04:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-13 14:36 - 2014-02-07 03:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-13 14:36 - 2014-01-29 04:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-13 14:36 - 2014-01-29 04:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-13 14:36 - 2014-01-28 04:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-13 14:35 - 2014-03-01 08:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-13 14:35 - 2014-03-01 07:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-13 14:35 - 2014-03-01 06:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-13 14:35 - 2014-03-01 06:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-13 14:35 - 2014-03-01 06:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-13 14:35 - 2014-03-01 06:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-13 14:35 - 2014-03-01 06:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-13 14:35 - 2014-03-01 06:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-13 14:35 - 2014-03-01 06:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-13 14:35 - 2014-03-01 06:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-13 14:35 - 2014-03-01 06:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-03-13 14:35 - 2014-03-01 06:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-13 14:35 - 2014-03-01 06:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-13 14:35 - 2014-03-01 06:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-13 14:35 - 2014-03-01 05:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-13 14:35 - 2014-03-01 05:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-13 14:35 - 2014-03-01 05:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-13 14:35 - 2014-03-01 05:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-13 14:35 - 2014-03-01 05:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-13 14:35 - 2014-03-01 05:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-13 14:35 - 2014-03-01 05:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-13 14:35 - 2014-03-01 05:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-13 14:35 - 2014-03-01 05:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-13 14:35 - 2014-03-01 05:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-13 14:35 - 2014-03-01 05:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-13 14:35 - 2014-03-01 05:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-13 14:35 - 2014-03-01 05:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-13 14:35 - 2014-03-01 04:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-13 14:35 - 2014-03-01 04:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-13 14:35 - 2014-03-01 04:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-13 14:35 - 2014-03-01 04:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-13 14:35 - 2014-03-01 04:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-13 14:35 - 2014-02-04 04:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-13 14:35 - 2014-02-04 04:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-13 14:34 - 2014-02-04 04:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-13 14:34 - 2014-02-04 04:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-09 18:42 - 2014-03-09 18:46 - 00000000 ____D () C:\Users\Freya-Sophie\AppData\Roaming\Skype

==================== One Month Modified Files and Folders =======

2014-04-06 13:40 - 2013-10-14 12:33 - 00023689 _____ () C:\Users\Freya-Sophie\Downloads\FRST.txt
2014-04-06 13:40 - 2013-10-14 12:31 - 00000000 ____D () C:\FRST
2014-04-06 13:39 - 2014-04-06 13:39 - 02157056 _____ (Farbar) C:\Users\Freya-Sophie\Downloads\FRST64(4).exe
2014-04-06 13:34 - 2014-04-06 13:34 - 00987442 _____ () C:\Users\Freya-Sophie\Downloads\SecurityCheck.exe
2014-04-06 13:32 - 2012-10-13 11:39 - 01275746 _____ () C:\Windows\WindowsUpdate.log
2014-04-06 13:28 - 2014-04-06 13:25 - 00000569 ____H () C:\Windows\SysWOW64\BTImages.dat
2014-04-06 13:28 - 2012-11-04 18:48 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-04-06 13:27 - 2013-03-17 16:01 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-04-06 13:25 - 2012-10-13 11:46 - 00003986 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{85A2C3B9-F210-4290-81FF-A833E868492A}
2014-04-06 13:22 - 2014-04-04 18:38 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-06 13:22 - 2013-10-15 18:13 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-05 19:51 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-04-05 16:39 - 2012-03-15 07:32 - 00700134 _____ () C:\Windows\system32\perfh007.dat
2014-04-05 16:39 - 2012-03-15 07:32 - 00149984 _____ () C:\Windows\system32\perfc007.dat
2014-04-05 16:39 - 2009-07-14 07:13 - 01622236 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-05 12:29 - 2014-04-05 12:29 - 02347384 _____ (ESET) C:\Users\Freya-Sophie\Downloads\esetsmartinstaller_enu.exe
2014-04-05 11:37 - 2009-07-14 06:45 - 00031472 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-05 11:37 - 2009-07-14 06:45 - 00031472 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-05 11:31 - 2013-04-25 07:58 - 00000000 ____D () C:\Users\Freya-Sophie\AppData\Roaming\.oit
2014-04-05 11:27 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-05 11:27 - 2009-07-14 06:51 - 00108770 _____ () C:\Windows\setupact.log
2014-04-04 20:21 - 2013-10-14 12:32 - 00028157 _____ () C:\Users\Freya-Sophie\Downloads\Addition.txt
2014-04-04 20:18 - 2014-04-04 20:18 - 02157056 _____ (Farbar) C:\Users\Freya-Sophie\Downloads\FRST64(3).exe
2014-04-04 20:18 - 2014-04-04 20:18 - 02157056 _____ (Farbar) C:\Users\Freya-Sophie\Downloads\FRST64(2).exe
2014-04-04 20:15 - 2014-04-04 20:15 - 00000632 _____ () C:\Users\Freya-Sophie\Desktop\JRT.txt
2014-04-04 19:52 - 2014-04-04 19:52 - 01038974 _____ (Thisisu) C:\Users\Freya-Sophie\Downloads\JRT(1).exe
2014-04-04 19:48 - 2010-11-21 05:47 - 00315446 _____ () C:\Windows\PFRO.log
2014-04-04 19:47 - 2013-10-13 23:36 - 00000000 ____D () C:\AdwCleaner
2014-04-04 19:46 - 2014-04-04 19:46 - 01426178 _____ () C:\Users\Freya-Sophie\Downloads\adwcleaner(2).exe
2014-04-04 19:41 - 2014-04-04 19:41 - 01426178 _____ () C:\Users\Freya-Sophie\Downloads\adwcleaner(1).exe
2014-04-04 19:38 - 2014-04-04 19:38 - 00001883 _____ () C:\Users\Freya-Sophie\Desktop\mbam.txt
2014-04-04 18:38 - 2014-04-04 18:38 - 00001062 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-04 18:38 - 2014-04-04 18:37 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Freya-Sophie\Downloads\mbam-setup-2.0.0.1000(2).exe
2014-04-04 18:38 - 2014-04-03 13:12 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-04-04 18:30 - 2014-04-04 18:30 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Freya-Sophie\Downloads\mbam-setup-2.0.0.1000(1).exe
2014-04-04 18:29 - 2014-04-04 18:28 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Freya-Sophie\Downloads\mbam-setup-2.0.0.1000.exe
2014-04-04 18:26 - 2014-04-04 18:26 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Freya-Sophie\Downloads\revosetup95(1).exe
2014-04-04 18:26 - 2014-04-04 18:26 - 00001224 _____ () C:\Users\Freya-Sophie\Desktop\Revo Uninstaller.lnk
2014-04-04 18:26 - 2014-04-03 16:43 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-04-04 14:30 - 2014-04-04 14:30 - 00008972 _____ () C:\Users\Freya-Sophie\Desktop\Unbenannt 1.odt
2014-04-04 07:13 - 2014-04-04 07:13 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-04-04 01:27 - 2013-10-14 00:05 - 00000000 ____D () C:\Users\Freya-Sophie\AppData\Roaming\Malwarebytes
2014-04-04 01:27 - 2013-10-14 00:04 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-04 01:27 - 2013-10-14 00:04 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-04-04 01:27 - 2012-11-28 23:49 - 00000000 ___HD () C:\Users\Freya-Sophie\Desktop\.picasaoriginals
2014-04-04 01:27 - 2012-10-26 12:31 - 00000000 ____D () C:\Users\Freya-Sophie\Desktop\Bilder
2014-04-04 01:27 - 2012-06-21 09:44 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-04-04 01:27 - 2012-06-21 01:07 - 00000000 ____D () C:\ProgramData\Norton
2014-04-04 01:27 - 2012-03-14 23:33 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-04-04 01:27 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-04-04 01:26 - 2013-03-12 23:07 - 00000000 ____D () C:\Program Files (x86)\Cisco
2014-04-03 22:07 - 2014-04-03 22:07 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-04-03 21:16 - 2012-10-13 16:20 - 00000000 ____D () C:\Users\Freya-Sophie\AppData\Local\Adobe
2014-04-03 21:15 - 2014-04-03 21:15 - 00001979 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-04-03 21:15 - 2014-04-03 21:15 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-04-03 21:15 - 2012-03-14 23:29 - 00000000 ____D () C:\ProgramData\Adobe
2014-04-03 21:07 - 2014-04-03 21:07 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-04-03 21:07 - 2014-04-03 21:07 - 00000000 ____D () C:\ProgramData\McAfee
2014-04-03 21:07 - 2013-10-15 18:13 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-03 21:07 - 2013-10-15 18:13 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-03 21:07 - 2013-10-15 18:13 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-03 20:53 - 2014-04-03 20:23 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-03 20:43 - 2014-04-03 20:43 - 00431135 _____ () C:\Windows\system32\Drivers\vsconfig.xml
2014-04-03 20:42 - 2014-04-03 20:36 - 00000000 ____D () C:\Program Files (x86)\CheckPoint
2014-04-03 20:36 - 2014-04-03 20:36 - 00000000 ____D () C:\Users\Freya-Sophie\AppData\Roaming\Check Point Software Technologies LTD
2014-04-03 20:36 - 2014-04-03 20:36 - 00000000 ____D () C:\Program Files (x86)\Check Point Software Technologies LTD
2014-04-03 20:35 - 2014-04-03 20:35 - 03356760 _____ (Check Point Software Technologies Ltd.) C:\Users\Freya-Sophie\Downloads\zaSetupWeb_130_208_000.exe
2014-04-03 20:35 - 2014-04-03 20:35 - 00000000 ____D () C:\ProgramData\CheckPoint
2014-04-03 20:24 - 2014-04-03 20:24 - 00001107 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-03 20:24 - 2014-04-03 20:24 - 00000000 ____D () C:\Users\Freya-Sophie\AppData\Roaming\Mozilla
2014-04-03 20:24 - 2014-04-03 20:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-03 19:54 - 2014-04-03 16:52 - 00000000 ____D () C:\Program Files (x86)\PlurPush
2014-04-03 19:54 - 2012-10-13 16:27 - 00000000 ____D () C:\Users\Freya-Sophie\AppData\Roaming\SoftGrid Client
2014-04-03 19:49 - 2014-04-03 19:49 - 01037734 _____ (Thisisu) C:\Users\Freya-Sophie\Downloads\JRT_6.1.2.exe
2014-04-03 19:40 - 2014-03-05 13:17 - 00020895 _____ () C:\Users\Freya-Sophie\Desktop\Sonderteil Drux.odt
2014-04-03 19:36 - 2012-03-14 23:16 - 00000000 ____D () C:\Program Files (x86)\HP Games
2014-04-03 19:35 - 2012-03-14 23:16 - 00000000 ____D () C:\ProgramData\WildTangent
2014-04-03 18:28 - 2014-04-03 18:27 - 02157056 _____ (Farbar) C:\Users\Freya-Sophie\Downloads\FRST64(1).exe
2014-04-03 17:49 - 2014-01-02 22:41 - 00003228 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForFreya-Sophie
2014-04-03 17:49 - 2014-01-02 22:41 - 00000360 _____ () C:\Windows\Tasks\HPCeeScheduleForFreya-Sophie.job
2014-04-03 17:31 - 2014-04-03 17:31 - 00000000 ____D () C:\Users\Freya-Sophie\AppData\Roaming\Avira
2014-04-03 17:30 - 2014-04-03 17:30 - 00002066 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2014-04-03 17:30 - 2014-04-03 17:30 - 00000000 ____D () C:\ProgramData\Avira
2014-04-03 17:30 - 2014-04-03 17:30 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-04-03 17:28 - 2014-04-03 17:25 - 138607664 _____ () C:\Users\Freya-Sophie\Downloads\avira_free_antivirus_de_14.0.3.350.exe
2014-04-03 17:26 - 2014-04-03 17:26 - 00061112 _____ (StdLib) C:\Windows\system32\Drivers\wStLibG64.sys
2014-04-03 17:20 - 2014-04-03 17:19 - 25032080 _____ (Mozilla) C:\Users\Freya-Sophie\Downloads\Firefox_Setup_de28.0.exe
2014-04-03 16:53 - 2014-04-03 16:53 - 00000000 ____D () C:\Users\Freya-Sophie\AppData\Local\cache
2014-04-03 16:53 - 2014-04-03 16:53 - 00000000 ____D () C:\Users\Freya-Sophie\.android
2014-04-03 16:53 - 2014-04-03 16:53 - 00000000 _____ () C:\Users\Freya-Sophie\daemonprocess.txt
2014-04-03 16:53 - 2012-10-13 11:39 - 00000000 ____D () C:\Users\Freya-Sophie
2014-04-03 16:51 - 2014-04-03 16:51 - 00000000 ____D () C:\AuthLog
2014-04-03 16:43 - 2014-04-03 16:43 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Freya-Sophie\Downloads\revosetup95.exe
2014-04-03 16:33 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help
2014-03-28 11:46 - 2014-03-25 17:57 - 00000000 ____D () C:\Users\Freya-Sophie\Desktop\BA Arbeit
2014-03-26 10:11 - 2014-03-26 09:56 - 00025561 _____ () C:\Users\Freya-Sophie\Desktop\Drux Arbeit korrigiert.odt
2014-03-25 20:25 - 2014-02-17 17:10 - 00046196 _____ () C:\Users\Freya-Sophie\Desktop\Ha Drux Fertig.odt
2014-03-25 17:56 - 2013-03-12 23:07 - 00000000 ____D () C:\ProgramData\Cisco
2014-03-18 02:24 - 2014-03-18 02:24 - 00451480 _____ (Check Point Software Technologies Ltd.) C:\Windows\system32\Drivers\vsdatant.sys
2014-03-17 23:18 - 2014-03-17 23:18 - 00000000 ____D () C:\Users\Freya-Sophie\Desktop\Hamburg
2014-03-17 22:47 - 2012-03-14 23:07 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-03-17 22:45 - 2014-03-17 22:45 - 00000000 ____D () C:\ProgramData\{18165758-115C-4DC0-9EC2-FF89F725767F}
2014-03-17 22:43 - 2012-03-14 23:24 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-03-17 22:43 - 2011-02-10 21:23 - 00000000 ____D () C:\SWSetup
2014-03-16 23:19 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-03-14 10:10 - 2009-07-14 06:45 - 00311952 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-14 10:09 - 2013-03-15 21:51 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-14 10:09 - 2013-03-15 21:51 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-10 22:46 - 2013-07-04 12:13 - 00000000 ____D () C:\Users\Freya-Sophie\Desktop\Uni
2014-03-10 22:46 - 2012-10-26 12:18 - 00000000 ____D () C:\Users\Freya-Sophie\Desktop\Musik
2014-03-09 18:46 - 2014-03-09 18:42 - 00000000 ____D () C:\Users\Freya-Sophie\AppData\Roaming\Skype

Some content of TEMP:
====================
C:\Users\Freya-Sophie\AppData\Local\Temp\6_Offer_13.exe
C:\Users\Freya-Sophie\AppData\Local\Temp\AskSLib.dll
C:\Users\Freya-Sophie\AppData\Local\Temp\avgnt.exe
C:\Users\Freya-Sophie\AppData\Local\Temp\Extract.exe
C:\Users\Freya-Sophie\AppData\Local\Temp\HPHelpUpdater.exe
C:\Users\Freya-Sophie\AppData\Local\Temp\instruct.exe
C:\Users\Freya-Sophie\AppData\Local\Temp\Quarantine.exe
C:\Users\Freya-Sophie\AppData\Local\Temp\Resource.exe
C:\Users\Freya-Sophie\AppData\Local\Temp\SP56942.exe
C:\Users\Freya-Sophie\AppData\Local\Temp\sp58915.exe
C:\Users\Freya-Sophie\AppData\Local\Temp\SP59202.exe
C:\Users\Freya-Sophie\AppData\Local\Temp\sp64126.exe
C:\Users\Freya-Sophie\AppData\Local\Temp\UninstallHPSA.exe
C:\Users\Freya-Sophie\AppData\Local\Temp\ylb2mz36.dll
C:\Users\Freya-Sophie\AppData\Local\Temp\_is3325.exe
C:\Users\Freya-Sophie\AppData\Local\Temp\_is6F4A.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-16 23:11

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---

--- --- ---

--- --- ---

--- --- ---

--- --- ---

FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Freya-Sophie at 2014-04-06 13:41:04
Running from C:\Users\Freya-Sophie\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: ZoneAlarm Antivirus (Enabled - Up to date) {DE038A5B-9EDD-18A9-2361-FF7D98D43730}
AV: Norton Internet Security (Disabled - Out of date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ZoneAlarm Anti-Spyware (Enabled - Up to date) {65626BBF-B8E7-1727-19D1-C40FE3537D8D}
AS: Norton Internet Security (Disabled - Out of date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security (Disabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
FW: ZoneAlarm Firewall (Disabled) {E6380B7E-D4B2-19F1-083E-56486607704B}

==================== Installed Programs ======================

Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.3.633 - Adobe Systems, Inc.)
Apple Application Support (HKLM-x32\...\{CCE825DB-347A-4004-A186-5F4A6FDD8547}) (Version: 2.3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}) (Version: 6.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AuthenTec TrueAPI 64-bit (Version: 1.5.0.165 - AuthenTec, Inc.) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
Benutzerhandbuch EPSON BX535WD Series (HKLM-x32\...\EPSON BX535WD Series Useg) (Version:  - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.06 - Piriform)
Cisco AnyConnect Secure Mobility Client  (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.04066 - Cisco Systems, Inc.)
Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.04066 - Cisco Systems, Inc.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.3.5010 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.5.3.5010 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Download Navigator (HKLM-x32\...\{D0353B68-A142-4F89-A46E-1C9A7745D636}) (Version: 3.4.1 - SEIKO EPSON CORPORATION)
EPSON BX535WD Series Printer Uninstall (HKLM\...\EPSON BX535WD Series) (Version:  - SEIKO EPSON Corporation)
Epson Connect Printer Setup (HKLM-x32\...\{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}) (Version: 1.1.1 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print 2 (HKLM-x32\...\{FFF841F3-9A15-4F61-BD16-C19F132E5A27}) (Version: 2.3.0.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM-x32\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION2)
Epson Event Manager (HKLM-x32\...\{FA9D303D-0FB2-49C7-9397-8E6B11EA892D}) (Version: 2.50.0001 - SEIKO EPSON CORPORATION)
Epson E-Web Print (HKLM-x32\...\{695C8469-7822-4B31-A673-5ED84815B649}) (Version: 1.17.0000 - SEIKO EPSON CORPORATION)
EPSON Printer Finder (HKLM-x32\...\{B8ECD0D3-AE08-4891-B6C7-32F96B75EB6C}) (Version: 1.0.0 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.4j - SEIKO EPSON CORPORATION)
ESU for Microsoft Windows 7 SP1 (HKLM-x32\...\{7DA9DD7F-F4D9-40FB-BD27-69B7731DEDD9}) (Version: 5.1.3 - Hewlett-Packard)
Evernote v. 4.5.2 (HKLM-x32\...\{8CE152BA-1D16-11E1-867D-984BE15F174E}) (Version: 4.5.2.5904 - Evernote Corp.)
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Auto (Version: 1.0.12935.3667 - Hewlett-Packard Company) Hidden
HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden
HP Documentation (HKLM-x32\...\{DB183033-C2DD-4A37-B43C-943DD4B28C77}) (Version: 1.1.0.0 - Hewlett-Packard)
HP Launch Box (HKLM\...\{5A847522-375C-4D05-BD3D-88C450CC047F}) (Version: 1.1.5 - Hewlett-Packard Company)
HP On Screen Display (HKLM-x32\...\{ED1BD69A-07E3-418C-91F1-D856582581BF}) (Version: 1.3.5 - Hewlett-Packard Company)
HP Power Manager (HKLM-x32\...\{7E799992-5DA0-4A1A-9443-B1836B063FEC}) (Version: 1.4.8 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{53B17A98-5BF0-40BC-AAFF-850A357975AC}) (Version: 2.7.2 - Hewlett-Packard Company)
HP Recovery Manager (x32 Version: 2.0.0 - Hewlett-Packard) Hidden
HP Security Assistant (HKLM\...\{D3AA8FD3-5FFA-4CFC-BA8E-99BFC6A41943}) (Version: 3.0.2 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{438363A8-F486-4C37-834C-4955773CB3D3}) (Version: 9.1.15430.4033 - Hewlett-Packard Company)
HP SimplePass PE (HKLM-x32\...\{880B5A98-B242-4B53-BD6F-41EA17495EAD}) (Version: 5.4.0.402 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{D2462056-BA75-4B2C-8267-DFEA2B6AC4AE}) (Version: 4.6.10.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.2.1410 - Intel Corporation)
Intel(R) OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2653 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
iTunes (HKLM\...\{0E5D76AD-A3FB-48D5-8400-8903B10317D3}) (Version: 11.0.1.12 - Apple Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
LG United Mobile Driver (HKLM-x32\...\{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}) (Version: 3.7.2.0 - LG Electronics)
LG USB WML Modem Driver (HKLM-x32\...\{FBA0CA60-8BF2-4381-B819-74F020E165A9}) (Version: 1.0 - LG Electronics)
Magic Desktop (HKLM-x32\...\EasyBits Magic Desktop) (Version: 3.0 - EasyBits Software AS)
Malwarebytes Anti-Malware Version 2.00.0.1000 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.00.0.1000 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Excel 2002 (HKLM-x32\...\{90160407-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2701.01 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.5139.5005 - Microsoft Corporation)
Microsoft PowerPoint 2002 (HKLM-x32\...\{90180407-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2701.01 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Word 2002 (HKLM-x32\...\{901B0407-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2701.01 - Microsoft Corporation)
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Netzwerkhandbuch EPSON BX535WD Series (HKLM-x32\...\EPSON BX535WD Series Netg) (Version:  - )
Norton Internet Security (HKLM-x32\...\NIS) (Version: 19.9.1.14 - Symantec Corporation)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Presto! PageManager 9.03 SE (HKLM-x32\...\{04AF7536-446D-4F5A-8920-B4E885E4581B}) (Version: 9.03.06 - Newsoft Technology Corporation)
Ralink RT5390R 802.11b/g/n 1x1 Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 3.2.12.0 - Ralink)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.51.116.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6577 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.29005 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.0.1.0 - Synaptics Incorporated)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
ZoneAlarm Antivirus (x32 Version: 13.0.208.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Firewall (x32 Version: 13.0.208.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Free Antivirus + Firewall (HKLM-x32\...\ZoneAlarm Free Antivirus + Firewall) (Version: 13.0.208.000 - Check Point)
ZoneAlarm Security (x32 Version: 13.0.208.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Security Toolbar  (HKCU\...\zonealarm) (Version: 1.8.29.17 - Check Point Software Technologies LTD)
ZoneAlarm Security Toolbar  (HKLM-x32\...\zonealarm) (Version: 1.8.29.17 - Check Point Software Technologies LTD)

==================== Restore Points  =========================

17-03-2014 20:46:05 Installed HP Support Assistant
17-03-2014 20:48:58 Windows Modules Installer
17-03-2014 20:49:59 Windows Modules Installer
03-04-2014 14:31:25 Windows Modules Installer
03-04-2014 14:32:08 Windows Modules Installer
03-04-2014 14:44:51 Revo Uninstaller's restore point - Mozilla Firefox 27.0.1 (x86 de)
03-04-2014 14:46:22 Revo Uninstaller's restore point - Mozilla Firefox 27.0.1 (x86 de)
03-04-2014 14:51:35 Uniblue SpeedUpMyPC installation
03-04-2014 14:55:29 Revo Uninstaller's restore point - VO Package
03-04-2014 14:56:24 Revo Uninstaller's restore point - SpeedUpMyPC
03-04-2014 14:57:25 Revo Uninstaller's restore point - WebEnhance
03-04-2014 14:59:22 Revo Uninstaller's restore point - Windows Live Mesh ActiveX Control for Remote Connections
03-04-2014 15:00:47 Revo Uninstaller's restore point - Adobe Reader X (10.1.9) MUI
03-04-2014 15:02:46 Revo Uninstaller's restore point - Avira Free Antivirus
03-04-2014 17:37:50 Removed Cisco AnyConnect Secure Mobility Client
04-04-2014 16:31:59 Revo Uninstaller's restore point - Malwarebytes Anti-Malware Version 1.75.0.1300

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {18C7C69B-D51D-47DE-A239-83AD5CB45283} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\SymErr.exe [2012-02-04] (Symantec Corporation)
Task: {20F939D9-1A8C-40F9-AE9E-B1306BB65BCC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-10-15] (Hewlett-Packard)
Task: {3BE7C31D-EC71-4113-9CB3-E8E89A7D4274} - System32\Tasks\Hewlett-Packard\HP Support Assistant\NetworkCheck => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\Detection_NetworkCheck.exe [2014-03-25] (Hewlett-Packard)
Task: {5C9F6B69-247C-418F-BFE0-34A9400DA327} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-03] (Adobe Systems Incorporated)
Task: {747B5C5E-AD3D-4116-8DF7-F07ABC373D96} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\SymErr.exe [2012-02-04] (Symantec Corporation)
Task: {79712EB4-8C55-438E-A146-B83F7F83EEC7} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\19.9.1.14\WSCStub.exe [2013-02-02] (Symantec Corporation)
Task: {7E1AB936-B3C3-43F4-B709-E5FD3E90A1EC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_backup => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2013-10-15] (Hewlett-Packard)
Task: {964527E7-49EF-4396-9767-67E3D5879E39} - System32\Tasks\HPCeeScheduleForFreya-Sophie => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {B33C62BE-0DE7-4F33-8CBD-7E0B34EA2503} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {B4B5CF31-E967-42DA-8FCD-F6A159943364} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-12-12] (Hewlett-Packard Company)
Task: {BEA4A914-8432-4693-ABBE-C6427046EA76} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {CA75F678-04B9-4525-B195-80D589153504} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-02-10] (CyberLink)
Task: {CCD2C709-BF9F-47DF-89AE-A3EADE5559EC} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-09-19] (Piriform Ltd)
Task: {F99EABE5-7105-470E-ACAD-CBD3542DE659} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\HPCeeScheduleForFreya-Sophie.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Loaded Modules (whitelisted) =============

2012-02-14 19:53 - 2012-02-14 19:53 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-12-19 23:34 - 2011-12-19 23:34 - 00108880 _____ () C:\Program Files\Hewlett-Packard\HP LaunchBox\HPTaskBar1.exe
2013-08-31 00:11 - 2013-08-31 00:11 - 00063376 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
2014-04-03 17:30 - 2014-02-25 11:41 - 00394808 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2012-11-28 15:13 - 2012-11-28 15:13 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-11-28 15:13 - 2012-11-28 15:13 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-04-24 20:13 - 2010-05-07 11:46 - 00057344 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PerformOcr.dll
2013-04-24 20:13 - 2010-12-23 13:17 - 00057344 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMISM.dll
2013-04-24 20:13 - 2007-03-30 10:24 - 00104528 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\Qem.dll
2013-04-24 20:13 - 2010-12-29 17:52 - 00147456 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMCommon.dll
2013-04-24 20:13 - 2008-08-25 17:19 - 00069632 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PHooKDlg.dll
2013-04-24 20:13 - 2011-03-11 10:47 - 00151040 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\ScanModule.dll
2013-04-24 20:13 - 2010-12-20 16:21 - 00098304 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\CategoryManager.dll
2013-04-24 20:13 - 2010-10-22 10:01 - 00139264 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMSet.dll
2013-04-24 20:13 - 2010-10-22 10:22 - 00090112 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMSave.dll
2013-04-24 20:13 - 2010-12-29 18:32 - 00614400 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMDB_N.dll
2013-04-24 20:13 - 2009-08-06 10:22 - 00421888 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\FT.dll
2013-04-24 20:13 - 2010-09-09 18:00 - 00061440 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMINSO.dll
2013-04-24 20:13 - 2009-09-09 14:44 - 00151552 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMANO.dll
2013-04-24 20:13 - 2007-03-30 09:49 - 00104528 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\ComClass.dll
2013-04-24 20:13 - 2010-08-03 10:44 - 00049152 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMOffice.dll
2013-04-24 20:13 - 2007-12-20 14:37 - 00176128 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\DocCate.dll
2013-04-24 20:13 - 2011-01-21 15:05 - 00258048 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMScnSet.dll
2013-04-24 20:13 - 2009-11-26 17:49 - 00081920 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\NetFun2k.dll
2012-08-10 16:51 - 2012-08-10 16:51 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2014-01-27 15:43 - 2014-01-27 15:43 - 00065936 _____ () C:\Program Files (x86)\CheckPoint\ZoneAlarm\Community.CsharpSqlite.SQLiteClient.dll
2013-04-24 20:13 - 2008-11-17 14:56 - 00102400 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\nsSign.dll
2013-04-24 20:13 - 2010-11-30 16:42 - 00352256 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMTree.dll
2013-04-24 20:13 - 2010-07-13 10:48 - 00106496 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMProp.dll
2013-04-24 20:13 - 2007-08-31 17:51 - 00040960 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMVoice.dll
2013-04-24 20:13 - 2010-09-08 17:10 - 00073728 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\OutlookVBA.dll
2013-04-24 20:13 - 2009-11-27 17:38 - 00331776 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMAppBar.dll
2013-04-24 20:13 - 2010-11-26 10:33 - 04583424 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMView.dll
2013-04-24 20:13 - 2007-03-30 10:01 - 00038992 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\NsOEMKey.dll
2013-04-24 20:13 - 2010-09-26 11:13 - 00430080 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMPageVW.dll
2013-04-24 20:13 - 2010-03-02 15:09 - 00102400 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMDocVW.dll
2013-04-24 20:13 - 2009-06-26 09:03 - 00086016 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMApSet.dll
2013-04-24 20:13 - 2010-08-03 10:51 - 01036288 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\SlideBarDLL.dll
2013-04-24 20:13 - 2009-12-04 17:20 - 00323584 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMAnoSet.dll
2013-04-24 20:13 - 2010-09-26 11:13 - 00184320 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMImgVW.dll
2013-04-24 20:13 - 2008-08-25 16:16 - 00040960 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMIEVW.dll
2013-04-24 20:13 - 2010-09-08 10:52 - 00036864 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMPDFView.dll
2013-04-24 20:13 - 2010-04-27 15:20 - 00065536 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMStatus.dll
2013-04-24 20:13 - 2007-03-30 09:57 - 00034896 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\Import.dll
2013-04-24 20:13 - 2010-11-26 10:45 - 00090112 _____ () C:\Program Files (x86)\NewSoft\Presto! PageManager 9.03\PMImageSplitter.dll
2014-02-15 16:53 - 2014-02-15 16:53 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\b162055347700182d96325676dd591c4\IsdiInterop.ni.dll
2012-06-21 00:55 - 2011-11-29 20:00 - 00059392 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-06-21 00:59 - 2012-02-08 03:39 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-04-03 20:23 - 2014-03-15 10:40 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"

==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/06/2014 01:28:07 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (04/05/2014 07:51:27 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4702587

Error: (04/05/2014 07:51:27 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4702587

Error: (04/05/2014 07:51:27 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/05/2014 01:20:04 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15632

Error: (04/05/2014 01:20:04 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15632

Error: (04/05/2014 01:20:04 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/05/2014 00:29:26 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (04/05/2014 00:29:23 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (04/05/2014 11:27:45 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (04/05/2014 11:29:20 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Avira Echtzeit-Scanner" wurde nicht richtig gestartet.

Error: (04/04/2014 08:35:25 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "ZoneAlarm Privacy Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (04/04/2014 08:32:56 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst HPWMISVC erreicht.


Microsoft Office Sessions:
=========================
Error: (04/06/2014 01:28:07 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (04/05/2014 07:51:27 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4702587

Error: (04/05/2014 07:51:27 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4702587

Error: (04/05/2014 07:51:27 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/05/2014 01:20:04 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15632

Error: (04/05/2014 01:20:04 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15632

Error: (04/05/2014 01:20:04 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/05/2014 00:29:26 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Freya-Sophie\Downloads\esetsmartinstaller_enu.exe

Error: (04/05/2014 00:29:23 PM) (Source: SideBySide)(User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Freya-Sophie\Downloads\esetsmartinstaller_enu.exe

Error: (04/05/2014 11:27:45 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info =========================== 

Percentage of memory in use: 59%
Total physical RAM: 3996.36 MB
Available physical RAM: 1616.46 MB
Total Pagefile: 7990.9 MB
Available Pagefile: 5130.59 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:277.83 GB) (Free:193.75 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Recovery) (Fixed) (Total:19.97 GB) (Free:2.14 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (JOY_04_2014) (CDROM) (Total:1.93 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: D2E3023C)

Partition: GPT Partition Type.

==================== End Of Log ============================
         
--- --- ---

Ist nun alles ok mit dem pc? LG

Und wenn ja kann ich die programme löschen und wenn ja wie?

Und kannst du mir eben bitte sagen dass das normal ist dass wenn der nach all den Programmen das erste was wieder hoch fährt etwas länger brauch und auch kurz schwarz ist ? hatt ich sonst nämlich nicht..

=(...

Alt 07.04.2014, 13:01   #12
schrauber
/// the machine
/// TB-Ausbilder
 

VIRUS Werbung bei lila unterstrichenen Wörtern - Standard

VIRUS Werbung bei lila unterstrichenen Wörtern



War das mit dem Hochfahren jetzt nur einmal oder immer beim Hochfahren?

Fertig

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 07.04.2014, 13:10   #13
Sophie8492
 
VIRUS Werbung bei lila unterstrichenen Wörtern - Standard

VIRUS Werbung bei lila unterstrichenen Wörtern



Das ist immer beim hochfahren so =(

Was kann man da machen bzw was kann das sein?

# DelFix v10.6 - Datei am 07/04/2014 um 13:07:50 erstellt
# Aktualisiert am 11/11/2013 von Xplode
# Benutzer : Freya-Sophie - FREYA-SOPHIE-HP
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)

~ Aktiviere die Benutzerkontensteuerung ... OK

~ Entferne die Bereinigungsprogramme ...

Gelöscht : C:\FRST
Gelöscht : C:\AdwCleaner
Gelöscht : C:\Users\Freya-Sophie\Downloads\Addition.txt
Gelöscht : C:\Users\Freya-Sophie\Downloads\adwcleaner(1).exe
Gelöscht : C:\Users\Freya-Sophie\Downloads\adwcleaner(2).exe
Gelöscht : C:\Users\Freya-Sophie\Downloads\adwcleaner.exe
Gelöscht : C:\Users\Freya-Sophie\Downloads\adwcleaner_3.0.0.7(1).exe
Gelöscht : C:\Users\Freya-Sophie\Downloads\adwcleaner_3.0.0.7.exe
Gelöscht : C:\Users\Freya-Sophie\Downloads\esetsmartinstaller_enu.exe
Gelöscht : C:\Users\Freya-Sophie\Downloads\FRST.txt
Gelöscht : C:\Users\Freya-Sophie\Downloads\FRST64(1).exe
Gelöscht : C:\Users\Freya-Sophie\Downloads\FRST64(2).exe
Gelöscht : C:\Users\Freya-Sophie\Downloads\FRST64(3).exe
Gelöscht : C:\Users\Freya-Sophie\Downloads\FRST64(4).exe
Gelöscht : C:\Users\Freya-Sophie\Downloads\FRST64.exe
Gelöscht : C:\Users\Freya-Sophie\Downloads\JRT(1).exe
Gelöscht : C:\Users\Freya-Sophie\Downloads\JRT.exe
Gelöscht : C:\Users\Freya-Sophie\Downloads\JRT_6.1.2.exe
Gelöscht : C:\Users\Freya-Sophie\Downloads\SecurityCheck.exe
Gelöscht : HKLM\SOFTWARE\AdwCleaner

~ Erstelle ein Backup der Registrierungsdatenbank ... OK

~ Lösche die Wiederherstellungspunkte ...

Gelöscht : RP #79 [Installed HP Support Assistant | 03/17/2014 20:46:05]
Gelöscht : RP #80 [Windows Modules Installer | 03/17/2014 20:48:58]
Gelöscht : RP #81 [Windows Modules Installer | 03/17/2014 20:49:59]
Gelöscht : RP #82 [Windows Modules Installer | 04/03/2014 14:31:25]
Gelöscht : RP #83 [Windows Modules Installer | 04/03/2014 14:32:08]
Gelöscht : RP #84 [Revo Uninstaller's restore point - Mozilla Firefox 27.0.1 (x86 de) | 04/03/2014 14:44:51]
Gelöscht : RP #85 [Revo Uninstaller's restore point - Mozilla Firefox 27.0.1 (x86 de) | 04/03/2014 14:46:22]
Gelöscht : RP #86 [Uniblue SpeedUpMyPC installation | 04/03/2014 14:51:35]
Gelöscht : RP #87 [Revo Uninstaller's restore point - VO Package | 04/03/2014 14:55:29]
Gelöscht : RP #88 [Revo Uninstaller's restore point - SpeedUpMyPC | 04/03/2014 14:56:24]
Gelöscht : RP #89 [Revo Uninstaller's restore point - WebEnhance | 04/03/2014 14:57:25]
Gelöscht : RP #90 [Revo Uninstaller's restore point - Windows Live Mesh ActiveX Control for Remote Connections | 04/03/2014 14:59:22]
Gelöscht : RP #91 [Revo Uninstaller's restore point - Adobe Reader X (10.1.9) MUI | 04/03/2014 15:00:47]
Gelöscht : RP #92 [Revo Uninstaller's restore point - Avira Free Antivirus | 04/03/2014 15:02:46]
Gelöscht : RP #93 [Removed Cisco AnyConnect Secure Mobility Client | 04/03/2014 17:37:50]
Gelöscht : RP #94 [Revo Uninstaller's restore point - Malwarebytes Anti-Malware Version 1.75.0.1300 | 04/04/2014 16:31:59]

Ein neuer Wiederherstellungspunkt wurde erstellt !

~ Stelle die Systemeinstellungen wieder her ... OK

########## - EOF - ##########

Alt 07.04.2014, 13:13   #14
schrauber
/// the machine
/// TB-Ausbilder
 

VIRUS Werbung bei lila unterstrichenen Wörtern - Standard

VIRUS Werbung bei lila unterstrichenen Wörtern



http://www.trojaner-board.de/126216-...epair-aio.html
Bitte mal das laufen lassen.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 07.04.2014, 15:22   #15
Sophie8492
 
VIRUS Werbung bei lila unterstrichenen Wörtern - Standard

VIRUS Werbung bei lila unterstrichenen Wörtern



Gleiches Problem immernoch da, jetzt hat er gerade sogar 30 sek gebraucht um vom schwarzen bildschirm zum normalen desktop zu wechseln..... das log finde ich leider unter dem angegebenen pfad nicht...

Habe nur das über die Suche gefunden:

System Variables
--------------------------------------------------------------------------------
OS: Windows 7 Home Premium
OS Architecture: 64-bit
OS Version: 6.1.7601
OS Service Pack: Service Pack 1
Computer Name: FREYA-SOPHIE-HP
Windows Drive: C:\
Windows Path: C:\Windows
Current Profile: C:\Users\Freya-Sophie
Current Profile SID: S-1-5-21-1595992211-3356558206-601454915-1000
Current Profile Classes: S-1-5-21-1595992211-3356558206-601454915-1000_Classes
Profiles Location: C:\Users
Profiles Location 2: C:\Windows\ServiceProfiles
Local Settings AppData: C:\Users\Freya-Sophie\AppData\Local
--------------------------------------------------------------------------------

System Information
--------------------------------------------------------------------------------
System Up Time: 0 Days 00:11:20

Process Count: 93
Commit Total: 1,95 GB
Commit Limit: 7,80 GB
Commit Peak: 2,13 GB
Handle Count: 24683
Kernel Total: 339,73 MB
Kernel Paged: 245,28 MB
Kernel Non Paged: 94,45 MB
System Cache: 1,99 GB
Thread Count: 999
--------------------------------------------------------------------------------

Memory Before Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 3,90 GB
Memory Used: 1,71 GB(43,7609%)
Memory Avail.: 2,19 GB
--------------------------------------------------------------------------------

Cleaning Memory Before Starting Repairs...

Memory After Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 3,90 GB
Memory Used: 1,37 GB(35,2189%)
Memory Avail.: 2,53 GB
--------------------------------------------------------------------------------

Starting Repairs...
Start (07.04.2014 14:42:42)

01 - Reset Registry Permissions 01/03
HKEY_CURRENT_USER & Sub Keys
Start (07.04.2014 14:42:42)
Running Repair Under Current User Account
Done (07.04.2014 14:42:47)

01 - Reset Registry Permissions 02/03
HKEY_LOCAL_MACHINE & Sub Keys
Start (07.04.2014 14:42:47)
Running Repair Under System Account
Done (07.04.2014 14:43:56)

01 - Reset Registry Permissions 03/03
HKEY_CLASSES_ROOT & Sub Keys
Start (07.04.2014 14:43:56)
Running Repair Under System Account
Done (07.04.2014 14:44:37)

02 - Reset File Permissions: C:
C: & Sub Folders
Start (07.04.2014 14:44:37)
Running Repair Under System Account
Done (07.04.2014 14:53:46)

02 - Reset File Permissions: D:
D: & Sub Folders
Start (07.04.2014 14:53:46)
Running Repair Under System Account
Done (07.04.2014 14:53:55)

02 - Reset File Permissions: Q:
Q: & Sub Folders
Start (07.04.2014 14:53:55)
Running Repair Under System Account
Done (07.04.2014 14:53:58)

02 - Reset File Permissions: All Profiles
C:\Users & Sub Folders
Start (07.04.2014 14:53:58)
Running Repair Under System Account
Done (07.04.2014 14:55:09)

02 - Reset File Permissions: Current Profile
C:\Users\Freya-Sophie & Sub Folders
Start (07.04.2014 14:55:09)
Running Repair Under System Account
Done (07.04.2014 14:55:24)

02 - Reset File Permissions: Cleanup
Repairing Restricted Folders Permissions To Avoid Infinite Loops
Start (07.04.2014 14:55:24)
Running Repair Under System Account
Processing ACL of: <\\?\C:\Documents and Settings>

SetACL finished successfully.
Processing ACL of: <\\?\C:\ProgramData\Application Data>

SetACL finished successfully.
Processing ACL of: <\\?\C:\ProgramData\Desktop>

SetACL finished successfully.
Processing ACL of: <\\?\C:\ProgramData\Documents>

SetACL finished successfully.
Processing ACL of: <\\?\C:\ProgramData\Favorites>

SetACL finished successfully.
Processing ACL of: <\\?\C:\ProgramData\Start Menu>

SetACL finished successfully.
Processing ACL of: <\\?\C:\ProgramData\Templates>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\All Users\Application Data>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\All Users\Desktop>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\All Users\Documents>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\All Users\Favorites>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\All Users\Start Menu>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\All Users\Templates>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default User>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Application Data>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Cookies>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Local Settings>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\My Documents>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\NetHood>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\PrintHood>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Recent>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\SendTo>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Start Menu>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Templates>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\AppData\Local\Application Data>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\AppData\Local\History>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\AppData\Local\Temporary Internet Files>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Documents\My Music>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Documents\My Pictures>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Documents\My Videos>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Public\Documents\My Music>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Public\Documents\My Pictures>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Public\Documents\My Videos>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Administrator\Application Data>
Reading the SD from <\\?\C:\Users\Administrator\Application Data> failed with: Das System kann die angegebene Datei nicht finden.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: Das System kann die angegebene Datei nicht finden.

Processing ACL of: <\\?\C:\Users\Administrator\Cookies>
Reading the SD from <\\?\C:\Users\Administrator\Cookies> failed with: Das System kann die angegebene Datei nicht finden.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: Das System kann die angegebene Datei nicht finden.

Processing ACL of: <\\?\C:\Users\Administrator\Local Settings>
Reading the SD from <\\?\C:\Users\Administrator\Local Settings> failed with: Das System kann die angegebene Datei nicht finden.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: Das System kann die angegebene Datei nicht finden.

Processing ACL of: <\\?\C:\Users\Administrator\My Documents>
Reading the SD from <\\?\C:\Users\Administrator\My Documents> failed with: Das System kann die angegebene Datei nicht finden.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: Das System kann die angegebene Datei nicht finden.

Processing ACL of: <\\?\C:\Users\Administrator\NetHood>
Reading the SD from <\\?\C:\Users\Administrator\NetHood> failed with: Das System kann die angegebene Datei nicht finden.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: Das System kann die angegebene Datei nicht finden.

Processing ACL of: <\\?\C:\Users\Administrator\PrintHood>
Reading the SD from <\\?\C:\Users\Administrator\PrintHood> failed with: Das System kann die angegebene Datei nicht finden.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: Das System kann die angegebene Datei nicht finden.

Processing ACL of: <\\?\C:\Users\Administrator\Recent>
Reading the SD from <\\?\C:\Users\Administrator\Recent> failed with: Das System kann die angegebene Datei nicht finden.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: Das System kann die angegebene Datei nicht finden.

Processing ACL of: <\\?\C:\Users\Administrator\SendTo>
Reading the SD from <\\?\C:\Users\Administrator\SendTo> failed with: Das System kann die angegebene Datei nicht finden.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: Das System kann die angegebene Datei nicht finden.

Processing ACL of: <\\?\C:\Users\Administrator\Start Menu>
Reading the SD from <\\?\C:\Users\Administrator\Start Menu> failed with: Das System kann die angegebene Datei nicht finden.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: Das System kann die angegebene Datei nicht finden.

Processing ACL of: <\\?\C:\Users\Administrator\Templates>
Reading the SD from <\\?\C:\Users\Administrator\Templates> failed with: Das System kann die angegebene Datei nicht finden.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: Das System kann die angegebene Datei nicht finden.

Processing ACL of: <\\?\C:\Users\Administrator\AppData\Local\Application Data>
Reading the SD from <\\?\C:\Users\Administrator\AppData\Local\Application Data> failed with: Das System kann den angegebenen Pfad nicht finden.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: Das System kann den angegebenen Pfad nicht finden.

Processing ACL of: <\\?\C:\Users\Administrator\AppData\Local\History>
Reading the SD from <\\?\C:\Users\Administrator\AppData\Local\History> failed with: Das System kann den angegebenen Pfad nicht finden.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: Das System kann den angegebenen Pfad nicht finden.

Processing ACL of: <\\?\C:\Users\Administrator\AppData\Local\Temporary Internet Files>
Reading the SD from <\\?\C:\Users\Administrator\AppData\Local\Temporary Internet Files> failed with: Das System kann den angegebenen Pfad nicht finden.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: Das System kann den angegebenen Pfad nicht finden.

Processing ACL of: <\\?\C:\Users\Administrator\Documents\My Music>
Reading the SD from <\\?\C:\Users\Administrator\Documents\My Music> failed with: Das System kann den angegebenen Pfad nicht finden.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: Das System kann den angegebenen Pfad nicht finden.

Processing ACL of: <\\?\C:\Users\Administrator\Documents\My Pictures>
Reading the SD from <\\?\C:\Users\Administrator\Documents\My Pictures> failed with: Das System kann den angegebenen Pfad nicht finden.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: Das System kann den angegebenen Pfad nicht finden.

Processing ACL of: <\\?\C:\Users\Administrator\Documents\My Videos>
Reading the SD from <\\?\C:\Users\Administrator\Documents\My Videos> failed with: Das System kann den angegebenen Pfad nicht finden.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: Das System kann den angegebenen Pfad nicht finden.

Processing ACL of: <\\?\C:\Users\Freya-Sophie\Application Data>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Freya-Sophie\Cookies>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Freya-Sophie\Local Settings>
Reading the SD from <\\?\C:\Users\Freya-Sophie\Local Settings> failed with: Das System kann die angegebene Datei nicht finden.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: Das System kann die angegebene Datei nicht finden.

Processing ACL of: <\\?\C:\Users\Freya-Sophie\My Documents>
Reading the SD from <\\?\C:\Users\Freya-Sophie\My Documents> failed with: Das System kann die angegebene Datei nicht finden.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: Das System kann die angegebene Datei nicht finden.

Processing ACL of: <\\?\C:\Users\Freya-Sophie\NetHood>
Reading the SD from <\\?\C:\Users\Freya-Sophie\NetHood> failed with: Das System kann die angegebene Datei nicht finden.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: Das System kann die angegebene Datei nicht finden.

Processing ACL of: <\\?\C:\Users\Freya-Sophie\PrintHood>
Reading the SD from <\\?\C:\Users\Freya-Sophie\PrintHood> failed with: Das System kann die angegebene Datei nicht finden.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: Das System kann die angegebene Datei nicht finden.

Processing ACL of: <\\?\C:\Users\Freya-Sophie\Recent>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Freya-Sophie\SendTo>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Freya-Sophie\Start Menu>
Reading the SD from <\\?\C:\Users\Freya-Sophie\Start Menu> failed with: Das System kann die angegebene Datei nicht finden.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: Das System kann die angegebene Datei nicht finden.

Processing ACL of: <\\?\C:\Users\Freya-Sophie\Templates>
Reading the SD from <\\?\C:\Users\Freya-Sophie\Templates> failed with: Das System kann die angegebene Datei nicht finden.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: Das System kann die angegebene Datei nicht finden.

Processing ACL of: <\\?\C:\Users\Freya-Sophie\AppData\Local\Application Data>
Reading the SD from <\\?\C:\Users\Freya-Sophie\AppData\Local\Application Data> failed with: Das System kann die angegebene Datei nicht finden.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: Das System kann die angegebene Datei nicht finden.

Processing ACL of: <\\?\C:\Users\Freya-Sophie\AppData\Local\History>
Reading the SD from <\\?\C:\Users\Freya-Sophie\AppData\Local\History> failed with: Das System kann die angegebene Datei nicht finden.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: Das System kann die angegebene Datei nicht finden.

Processing ACL of: <\\?\C:\Users\Freya-Sophie\AppData\Local\Temporary Internet Files>

SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Freya-Sophie\Documents\My Music>
Reading the SD from <\\?\C:\Users\Freya-Sophie\Documents\My Music> failed with: Das System kann die angegebene Datei nicht finden.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: Das System kann die angegebene Datei nicht finden.

Processing ACL of: <\\?\C:\Users\Freya-Sophie\Documents\My Pictures>
Reading the SD from <\\?\C:\Users\Freya-Sophie\Documents\My Pictures> failed with: Das System kann die angegebene Datei nicht finden.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: Das System kann die angegebene Datei nicht finden.

Processing ACL of: <\\?\C:\Users\Freya-Sophie\Documents\My Videos>
Reading the SD from <\\?\C:\Users\Freya-Sophie\Documents\My Videos> failed with: Das System kann die angegebene Datei nicht finden.


SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: Das System kann die angegebene Datei nicht finden.

Done (07.04.2014 14:55:31)

03 - Register System Files
Start (07.04.2014 14:55:43)
Running Repair Under Current User Account
Running Repair Under System Account
Done (07.04.2014 14:56:22)

04 - Repair WMI
Start (07.04.2014 14:56:22)
Running Repair Under Current User Account
Done (07.04.2014 14:58:47)

05 - Repair Windows Firewall
Start (07.04.2014 14:58:47)
Running Repair Under Current User Account
Running Repair Under System Account
Done (07.04.2014 14:59:27)

06 - Repair Internet Explorer
Start (07.04.2014 14:59:27)
Running Repair Under Current User Account
Running Repair Under System Account
Done (07.04.2014 15:00:24)

07 - Repair MDAC/MS Jet
Start (07.04.2014 15:00:24)
Running Repair Under Current User Account
Running Repair Under System Account
Done (07.04.2014 15:00:48)

08 - Repair Hosts File
Start (07.04.2014 15:00:48)
Running Repair Under System Account
Done (07.04.2014 15:00:50)

09 - Remove Policies Set By Infections
Start (07.04.2014 15:00:50)
Running Repair Under Current User Account
Running Repair Under System Account
Done (07.04.2014 15:00:55)

10 - Repair Missing Start Menu Icons Removed By Infections
Start (07.04.2014 15:00:55)
Running Repair Under System Account
Done (07.04.2014 15:00:57)

11 - Repair Icons
Start (07.04.2014 15:00:57)
Running Repair Under Current User Account
Done (07.04.2014 15:01:00)

12 - Repair Winsock & DNS Cache
Start (07.04.2014 15:01:00)
Running Repair Under Current User Account
Running Repair Under System Account
Done (07.04.2014 15:01:22)

13 - Remove Temp Files
Start (07.04.2014 15:01:22)
Running Repair Under System Account
Done (07.04.2014 15:01:29)

14 - Repair Proxy Settings
Start (07.04.2014 15:01:29)
Running Repair Under Current User Account
Running Repair Under System Account
Done (07.04.2014 15:01:34)

15 - Unhide Non System Files
Start (07.04.2014 15:01:34)
C:\ - Total Files Unhidden: 632 - Check Unhidden_Files.txt for list of files unhidden
D:\ - Total Files Unhidden: 0 - Check Unhidden_Files.txt for list of files unhidden
Q:\ - Total Files Unhidden: 0 - Check Unhidden_Files.txt for list of files unhidden
Done (07.04.2014 15:02:43)

16 - Repair Windows Updates
Start (07.04.2014 15:02:43)
Running Repair Under Current User Account
Running Repair Under System Account
Done (07.04.2014 15:03:14)

17 - Repair CD/DVD Missing/Not Working
Start (07.04.2014 15:03:14)
iTunes was found, adding UpperFilters for iTunes Reg Key
UpperFilters added?: True
Done (07.04.2014 15:03:14)

18 - Repair Volume Shadow Copy Service
Start (07.04.2014 15:03:14)
Running Repair Under Current User Account
Running Repair Under System Account
Done (07.04.2014 15:03:23)

19 - Repair Windows Sidebar/Gadgets
Start (07.04.2014 15:03:23)
Running Repair Under Current User Account
Running Repair Under System Account
Done (07.04.2014 15:03:28)

20 - Repair MSI (Windows Installer)
Start (07.04.2014 15:03:28)
Running Repair Under Current User Account
Running Repair Under System Account
Done (07.04.2014 15:03:43)

21 - Repair Windows Snipping Tool
Start (07.04.2014 15:03:43)
Running Repair Under Current User Account
Running Repair Under System Account
Done (07.04.2014 15:03:48)

22.01 - Repair bat Association
Start (07.04.2014 15:03:48)
Running Repair Under Current User Account
Running Repair Under System Account
Done (07.04.2014 15:03:52)

22.02 - Repair cmd Association
Start (07.04.2014 15:03:53)
Running Repair Under Current User Account
Running Repair Under System Account
Done (07.04.2014 15:03:57)

22.03 - Repair com Association
Start (07.04.2014 15:03:57)
Running Repair Under Current User Account
Running Repair Under System Account
Done (07.04.2014 15:04:02)

22.04 - Repair Directory Association
Start (07.04.2014 15:04:02)
Running Repair Under Current User Account
Running Repair Under System Account
Done (07.04.2014 15:04:07)

22.05 - Repair Drive Association
Start (07.04.2014 15:04:07)
Running Repair Under Current User Account
Running Repair Under System Account
Done (07.04.2014 15:04:11)

22.06 - Repair exe Association
Start (07.04.2014 15:04:12)
Running Repair Under Current User Account
Running Repair Under System Account
Done (07.04.2014 15:04:16)

22.07 - Repair Folder Association
Start (07.04.2014 15:04:16)
Running Repair Under Current User Account
Running Repair Under System Account
Done (07.04.2014 15:04:21)

22.08 - Repair inf Association
Start (07.04.2014 15:04:21)
Running Repair Under Current User Account
Running Repair Under System Account
Done (07.04.2014 15:04:26)

22.09 - Repair lnk (Shortcuts) Association
Start (07.04.2014 15:04:26)
Running Repair Under Current User Account
Running Repair Under System Account
Done (07.04.2014 15:04:31)

22.10 - Repair msc Association
Start (07.04.2014 15:04:31)
Running Repair Under Current User Account
Running Repair Under System Account
Done (07.04.2014 15:04:35)

22.11 - Repair reg Association
Start (07.04.2014 15:04:35)
Running Repair Under Current User Account
Running Repair Under System Account
Done (07.04.2014 15:04:40)

22.12 - Repair scr Association
Start (07.04.2014 15:04:40)
Running Repair Under Current User Account
Running Repair Under System Account
Done (07.04.2014 15:04:45)

23 - Repair Windows Safe Mode
Start (07.04.2014 15:04:45)
Running Repair Under Current User Account
Running Repair Under System Account
Done (07.04.2014 15:04:50)

24 - Repair Print Spooler
Start (07.04.2014 15:04:50)
Running Repair Under Current User Account
Running Repair Under System Account
Done (07.04.2014 15:05:05)

25 - Restore Important Windows Services
Start (07.04.2014 15:05:05)
Running Repair Under Current User Account
Running Repair Under System Account
Done (07.04.2014 15:05:36)

26 - Set Windows Services To Default Startup
Start (07.04.2014 15:05:36)
Running Repair Under Current User Account
Running Repair Under System Account
Done (07.04.2014 15:05:49)

Skipping Repair.
Repair is for Windows v6.2 (Windows 8 & Newer) or higher.
Current version: 6.1

Skipping Repair.
Repair is for Windows v6.2 (Windows 8 & Newer) or higher.
Current version: 6.1

Cleaning up empty logs...

All Selected Repairs Done.
Done (07.04.2014 15:05:49)
Total Repair Time: 00:23:09


...YOU MUST RESTART YOUR SYSTEM...
Running Repair Under Current User Account

Antwort

Themen zu VIRUS Werbung bei lila unterstrichenen Wörtern
browser, doppel, doppelt, doppelt unterstrichen, firefox, liebe, mobogenie, mobogenie entfernen, nervt, probleme, pup.optional.plurpush, pup.optional.snapdo.a, schnell, seite, seiten, tagen, unterstrichen, verweise, virus, werbung, wörter



Ähnliche Themen: VIRUS Werbung bei lila unterstrichenen Wörtern


  1. Überall Werbung! Ein Virus?
    Plagegeister aller Art und deren Bekämpfung - 10.04.2015 (13)
  2. Überall Werbung, Virus?
    Plagegeister aller Art und deren Bekämpfung - 01.03.2015 (17)
  3. Werbung-Virus, Virus, Trojaner?
    Plagegeister aller Art und deren Bekämpfung - 25.12.2014 (1)
  4. Virus Werbung Macbook
    Alles rund um Mac OSX & Linux - 22.11.2014 (2)
  5. Rvzr-a.akamaihd.net-Virus öffnet Pop-Ups zu 123srv[dot]com/..... etc., grüne Doppelbalken unter wahrlosen Wörtern
    Log-Analyse und Auswertung - 28.06.2014 (9)
  6. Windows 7 (64bit) Webseiten mit grün doppelt unterstrichenen Wörtern
    Log-Analyse und Auswertung - 14.03.2014 (13)
  7. massive werbung trotz adblocker und wahllose verlinkungen auf wörtern
    Log-Analyse und Auswertung - 23.02.2014 (5)
  8. Adware nervt mit popups und wahllos markierten Wörtern zu Links
    Log-Analyse und Auswertung - 07.01.2014 (8)
  9. das leidige Thema mit den doppelt grün unterstrichenen Wörtern auf diversen Websiten, bei Chrome und Opera
    Plagegeister aller Art und deren Bekämpfung - 10.11.2013 (13)
  10. Werbung auf allen Webseiten und Verlinkung von wahllos markierten Wörtern auf Werbeseiten
    Log-Analyse und Auswertung - 24.09.2013 (15)
  11. Virus bei klicken von Werbung
    Plagegeister aller Art und deren Bekämpfung - 05.07.2013 (3)
  12. Nerviger Werbung Virus
    Plagegeister aller Art und deren Bekämpfung - 09.11.2012 (6)
  13. Hintergrundmusik&Werbung Virus
    Plagegeister aller Art und deren Bekämpfung - 21.06.2012 (11)
  14. IE öffnet Werbung, Virus
    Log-Analyse und Auswertung - 19.05.2010 (29)
  15. IE öffnet werbung virus
    Log-Analyse und Auswertung - 09.04.2010 (4)
  16. Cid:Werbung ist das ein Virus?
    Log-Analyse und Auswertung - 12.01.2008 (0)
  17. plötzlich so viel lila!!
    Alles rund um Windows - 11.09.2006 (3)

Zum Thema VIRUS Werbung bei lila unterstrichenen Wörtern - Hallo! Ich habe seit ein paar Tagen Probleme mit meinem Browser (Firefox). Auf manchen Seiten werden Wörter lila doppelt unterstrichen, die auf Werbung für irgendwelche Handy-Flats verweisen. Kann mir bitte - VIRUS Werbung bei lila unterstrichenen Wörtern...
Archiv
Du betrachtest: VIRUS Werbung bei lila unterstrichenen Wörtern auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.