Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Trojaner der Websites von Antivirussoftware blockiert

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 30.04.2014, 07:37   #1
profrolfwolf
 
Trojaner der Websites von Antivirussoftware blockiert - Standard

Trojaner der Websites von Antivirussoftware blockiert



Erstmal ein nettes Hallöchen

Ich bin neu hier, und stehe gleich mal mit einen für mich riesigen Problem da.

Folgendes ist aufgetreten, meine Frau rief Ihre Internetbanking Webseite auf, und wurde aufgefordert, Ihre TAN Liste anzugeben.
Natürlich hat sie das nicht gemacht, sondern bei der Bank angerufen. Diese meinten das es sich um einen neuen Trojaner handelt, von dem sie noch nicht mal dem Namen kennen.

Nun habe ich mein System gescannt, aber bis auf einige Kleinigkeiten hat AVG Free nichts gefunden. Das Problem hat aber weiter Bestand.

Danach wollte ich andere Antivirus Software installieren, was aber nicht geklappt hat, weil diese Seiten ständig down sind. Erst nach Suche in den Foren, kam ich auf den Hinweis das dies der Virus selbst veranlasst.

Ich habe mich dann hier angemeldet, und wie gewünscht, auch nichts weiteres unternommen.

Mir ist noch aufgefallen, das (vor 2 Tagen) plötzlich das komplette Web down war, LAN kann ich es immer noch nicht betreiben, WLAN habe ich dann von IP auf automatisch suchen in den Optionen umgestellt, seitdem bin ich wieder online.

Noch vorweg, bitte um Nachsicht, da ich ziemlicher Laie bin.

Schon jetzt vorweg, vielen Dank für Eure Mühe.
Liebe Grüsse
Wolfgang

Alt 30.04.2014, 09:15   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Trojaner der Websites von Antivirussoftware blockiert - Standard

Trojaner der Websites von Antivirussoftware blockiert



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 30.04.2014, 09:29   #3
profrolfwolf
 
Trojaner der Websites von Antivirussoftware blockiert - Standard

Trojaner der Websites von Antivirussoftware blockiert



Vielen Dank für deine schnelle Hilfe.

Hier die Logs:


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-04-2014
Ran by Wolfang & Angela (administrator) on PC_WEINGUT on 30-04-2014 09:25:38
Running from C:\Users\Wolfang & Angela\Downloads
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
() C:\Users\Wolfang & Angela\AppData\Roaming\BupSystem\bup.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
(MICRO-STAR INTERNATIONAL CO., LTD.) C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Oracle Corporation) C:\Program Files (x86)\Java\jre7\bin\javaw.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Macrovision Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
() C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\TWCU.exe
(Dropbox, Inc.) C:\Users\Wolfang & Angela\AppData\Roaming\Dropbox\bin\Dropbox.exe
(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\ToolbarUpdater.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
() C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\loggingserver.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
() C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(Macrovision Corporation) c:\program files (x86)\common files\installshield\updateservice\isuspm.exe
(Macrovision Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\agent.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Nico Mak Computing) C:\Program Files (x86)\WinZip Malware Protector\WinZipMalwareProtector.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) E:\Program Files (x86)\Microsoft Office\Office10\EXCEL.EXE
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(PortableApps.com) E:\Programme\FirefoxPortable\FirefoxPortable.exe
(Mozilla Corporation) E:\Programme\FirefoxPortable\App\firefox\firefox.exe
(Mozilla Corporation) E:\Programme\FirefoxPortable\App\firefox\plugin-container.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7199448 2013-09-05] (Realtek Semiconductor)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [4971024 2014-03-19] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-08-11] (Macrovision Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Microsoft Default Manager] => C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [439568 2010-05-10] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [Super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [490480 2013-09-09] (MSI)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [189480 2014-02-06] (Geek Software GmbH)
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe [2544664 2014-04-20] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\S-1-5-21-3143228131-458128331-2849034095-1000\...\Run: [ISUSPM Startup] => c:\Program Files (x86)\Common Files\InstallShield\UpdateService\isuspm.exe [249856 2005-08-11] (Macrovision Corporation)
HKU\S-1-5-21-3143228131-458128331-2849034095-1000\...\Run: [Rank Tracker] => C:\Program Files (x86)\Link-AssistantCom\Rank Tracker\bin\ranktracker.exe [178806 2014-03-26] ()
HKU\S-1-5-21-3143228131-458128331-2849034095-1000\...\Run: [AVG-Secure-Search-Update_0214c] => C:\Users\Wolfang & Angela\AppData\Roaming\AVG 0214c Campaign\AVG-Secure-Search-Update-0214c.exe /PROMPT /mid=e35b03a6ea6247d2a2e85ad811b3d023-f0e08d809a7217c4efd0672f1b2b949401b1d96d /CMPID=0214c
HKU\S-1-5-21-3143228131-458128331-2849034095-1000\...\Run: [36ASbctz] => C:\ProgramData\36ASbctz.exe
HKU\S-1-5-21-3143228131-458128331-2849034095-1000\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-3143228131-458128331-2849034095-1000\...\MountPoints2: {8c5d86c5-b480-11e3-bbd0-806e6f6e6963} - D:\DVDSetup.exe
HKU\S-1-5-21-3143228131-458128331-2849034095-1001\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [249856 2005-08-11] (Macrovision Corporation)
HKU\S-1-5-21-3143228131-458128331-2849034095-1001\...\MountPoints2: {8c5d86c5-b480-11e3-bbd0-806e6f6e6963} - D:\DVDSetup.exe
HKU\S-1-5-21-3143228131-458128331-2849034095-1001\...\MountPoints2: {bdf8e81d-b44f-11e3-9825-806e6f6e6963} - D:\DVDSetup.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
ShortcutTarget: Microsoft Office.lnk -> E:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK-Konfigurationstool.lnk
ShortcutTarget: TP-LINK-Konfigurationstool.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\TWCU.exe ()
Startup: C:\Users\Wolfang & Angela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Wolfang & Angela\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.startfenster.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/foto/
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=securitascout
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=securitascout
SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://mysearch.avg.com/search?cid={978E99C4-9DFA-4EED-AA4E-E9B8DF16A8A7}&mid=e35b03a6ea6247d2a2e85ad811b3d023-f0e08d809a7217c4efd0672f1b2b949401b1d96d&lang=de&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-03-27 09:56:14&v=18.0.5.292&pid=safeguard&sg=&sap=dsp&q={searchTerms}
BHO-x32: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.0.5.292\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
BHO-x32: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\18.0.5.292\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} -  No File
Handler-x32: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.0.5\ViProtocol.dll (AVG Secure Search)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138 10.0.0.138 213.33.99.70
Tcpip\..\Interfaces\{50C6DB0E-F20B-43C0-BEF0-28C4A3010ABA}: [NameServer]5.39.219.212

FireFox:
========
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.0.5\\npsitesafety.dll (AVG Technologies)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{27182e60-b5f3-411c-b545-b44205977502}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\
FF Extension: Search Helper Extension - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ []
FF HKLM-x32\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\
FF Extension: Default Manager - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ []
FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\17.3.1.91
FF Extension: AVG SafeGuard toolbar - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\17.3.1.91 [2014-03-27]

Chrome: 
=======
CHR HomePage: hxxp://search.conduit.com/?ctid=CT3319434&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP8791A5E2-20A0-4694-84C8-A4D312E3EA32&SSPV=
CHR RestoreOnStartup: "sync"
CHR StartupUrls: "hxxp://www.google.at/", "hxxp://commodities.euronext.if5.com/CommodityFutures.aspx?targ=YEBM/F.LI", "hxxp://mysearch.avg.com?cid={978E99C4-9DFA-4EED-AA4E-E9B8DF16A8A7}&mid=e35b03a6ea6247d2a2e85ad811b3d023-f0e08d809a7217c4efd0672f1b2b949401b1d96d&lang=de&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-03-27 09:56:14&v=18.0.5.292&pid=safeguard&sg=&sap=hp", "hxxp://www.google.at/|hxxp://commodities.euronext.if5.com/CommodityFutures.aspx?targ=YEBM/F.LI|hxxp://mysearch.avg.com?cid={978E99C4-9DFA-4EED-AA4E-E9B8DF16A8A7}&mid=e35b03a6ea6247d2a2e85ad811b3d023-f0e08d809a7217c4efd0672f1b2b949401b1d96d&lang=de&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-03-27 09:56:14&v=18.0.5.292&pid=safeguard&sg=&sap=hp", "hxxp://translate.google.at/"
CHR Extension: (Amazon-Icon) - C:\Users\Wolfang & Angela\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkcedibhemacmilmkpndpkoidlnmgngg [2014-03-30]
CHR Extension: (Google Wallet) - C:\Users\Wolfang & Angela\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-25]
CHR HKLM-x32\...\Chrome\Extension: [mkcedibhemacmilmkpndpkoidlnmgngg] - C:\Users\Wolfang & Angela\ChromeExtensions\mkcedibhemacmilmkpndpkoidlnmgngg\amazon.crx [2014-03-30]

==================== Services (Whitelisted) =================

R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3782672 2014-02-23] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-24] (AVG Technologies CZ, s.r.o.)
R2 bupService; C:\Users\Wolfang & Angela\AppData\Roaming\BupSystem\bup.exe [1005056 2014-03-30] ()
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [161776 2013-09-09] (MSI)
R2 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [30240 2013-09-26] (MICRO-STAR INTERNATIONAL CO., LTD.)
R2 vToolbarUpdater18.0.5; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\ToolbarUpdater.exe [1771032 2014-03-28] (AVG Secure Search)

==================== Drivers (Whitelisted) ====================

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Corporation)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [150808 2013-11-25] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [243480 2013-11-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [196376 2013-11-25] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [212280 2013-11-01] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [294712 2013-10-31] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123704 2013-10-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31544 2013-09-10] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [251192 2013-08-01] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [49952 2014-03-28] (AVG Technologies)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
R3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [1528976 2013-03-05] (Realtek Semiconductor Corporation                           )
R3 StnPport; C:\Windows\System32\DRIVERS\StnPport.sys [98304 2012-09-28] (ASIX Electronics Corp.)
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-30 00:01 - 2014-04-30 09:25 - 00018944 _____ () C:\Users\Wolfang & Angela\Downloads\FRST.txt
2014-04-30 00:01 - 2014-04-30 00:01 - 00000000 ____D () C:\FRST
2014-04-30 00:00 - 2014-04-30 00:00 - 02061824 _____ (Farbar) C:\Users\Wolfang & Angela\Downloads\FRST64.exe
2014-04-29 23:15 - 2014-04-29 23:15 - 04892480 _____ (WinZip International LLC ) C:\Users\Wolfang & Angela\Downloads\wzmp_8.exe
2014-04-29 23:15 - 2014-04-29 23:15 - 00003116 _____ () C:\Windows\System32\Tasks\WinZip Malware Protector_startup
2014-04-29 23:15 - 2014-04-29 23:15 - 00001189 _____ () C:\Users\Public\Desktop\WinZip Malware Protector.lnk
2014-04-29 23:15 - 2014-04-29 23:15 - 00000000 ____D () C:\Users\Wolfang & Angela\AppData\Roaming\Nico Mak Computing
2014-04-29 23:15 - 2014-04-29 23:15 - 00000000 ____D () C:\ProgramData\Nico Mak Computing
2014-04-29 23:15 - 2014-04-29 23:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Malware Protector
2014-04-29 23:15 - 2014-04-29 23:15 - 00000000 ____D () C:\Program Files (x86)\WinZip Malware Protector
2014-04-29 23:15 - 2013-03-15 17:10 - 00020480 _____ () C:\Windows\system32\wsusnative64.exe
2014-04-29 22:53 - 2014-04-29 22:53 - 04485528 _____ (AVG Technologies) C:\Users\Wolfang & Angela\Downloads\avg_free_stb_all_2014_4577_cnet.exe
2014-04-29 22:52 - 2014-04-29 22:52 - 05046368 _____ (Systweak Inc ) C:\Users\Wolfang & Angela\Downloads\rcp_dcomnew_sec_300.exe
2014-04-29 08:13 - 2014-04-29 09:29 - 00000000 ____D () C:\Users\Wolfang & Angela\Desktop\Druckfreigaben
2014-04-28 13:30 - 2014-04-28 13:42 - 00000433 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-04-28 09:21 - 2014-04-28 09:22 - 00001908 _____ () C:\Windows\diagwrn.xml
2014-04-28 09:21 - 2014-04-28 09:22 - 00001908 _____ () C:\Windows\diagerr.xml
2014-04-24 11:41 - 2014-04-24 11:44 - 00000000 ____D () C:\Users\Wolfang & Angela\Downloads\cab_Windows_Driver (3)
2014-04-24 11:39 - 2014-04-24 11:39 - 06544043 _____ () C:\Users\Wolfang & Angela\Downloads\cab_Windows_Driver (3).zip
2014-04-24 11:37 - 2014-04-24 11:37 - 00000000 ____D () C:\Users\Wolfang & Angela\Downloads\Firmware_A3_29999
2014-04-24 11:36 - 2014-04-24 11:36 - 01215148 _____ () C:\Users\Wolfang & Angela\Downloads\Firmware_A3_29999.zip
2014-04-23 16:39 - 2014-04-23 16:39 - 00150016 _____ (Indentix, Inc.) C:\Users\Wolfang & Angela\AppData\Local\etvdc.exe
2014-04-21 22:45 - 2014-04-21 22:45 - 00000000 ____D () C:\Users\Wolfang & Angela\Documents\Pinnacle
2014-04-20 20:12 - 2014-04-20 20:17 - 00000000 ____D () C:\Users\Wolfang & Angela\AppData\Local\Deshaker
2014-04-20 20:10 - 2014-04-20 20:10 - 00000000 ____D () C:\Users\Wolfang & Angela\Downloads\VirtualDub-1.10.4
2014-04-20 20:07 - 2014-04-20 20:11 - 00000000 ____D () C:\Users\Wolfang & Angela\Downloads\Deshaker30
2014-04-20 20:06 - 2014-04-20 20:06 - 00181721 _____ () C:\Users\Wolfang & Angela\Downloads\Deshaker30.zip
2014-04-20 18:35 - 2014-04-14 20:13 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-20 18:35 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-20 18:35 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-20 18:35 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-20 18:34 - 2014-04-20 18:35 - 00004253 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-20 18:33 - 2014-04-20 18:33 - 00921512 _____ (Oracle Corporation) C:\Users\Wolfang & Angela\Downloads\chromeinstall-7u55.exe
2014-04-20 09:14 - 2014-04-20 09:16 - 94061993 _____ () C:\Users\Wolfang & Angela\Downloads\Wolfmaster.mp4
2014-04-20 03:00 - 2014-03-06 12:21 - 23549440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-20 03:00 - 2014-03-06 11:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-20 03:00 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-20 03:00 - 2014-03-06 11:19 - 17387008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-20 03:00 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-20 03:00 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-20 03:00 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-20 03:00 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-20 03:00 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-20 03:00 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-20 03:00 - 2014-03-06 10:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-20 03:00 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-20 03:00 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-20 03:00 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-20 03:00 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-20 03:00 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-20 03:00 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-20 03:00 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-20 03:00 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-20 03:00 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-20 03:00 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-20 03:00 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-20 03:00 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-20 03:00 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-20 03:00 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-20 03:00 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-20 03:00 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-20 03:00 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-20 03:00 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-20 03:00 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-20 03:00 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-20 03:00 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-20 03:00 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-20 03:00 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-20 03:00 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-20 03:00 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-20 03:00 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-20 03:00 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-20 03:00 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-20 03:00 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-20 03:00 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-20 03:00 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-20 03:00 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-20 03:00 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-20 03:00 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-20 03:00 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-20 03:00 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-20 03:00 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-16 23:01 - 2014-04-16 23:01 - 01908225 _____ () C:\Users\Wolfang & Angela\Downloads\VirtualDub-1.10.4.zip
2014-04-16 22:51 - 2014-04-16 22:51 - 00001330 _____ () C:\Users\Public\Desktop\Acrok HD Video Converter.lnk
2014-04-16 22:51 - 2014-04-16 22:51 - 00000000 ____D () C:\Users\Wolfang & Angela\AppData\Roaming\Acrok
2014-04-16 22:51 - 2014-04-16 22:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrok
2014-04-16 22:51 - 2014-04-16 22:51 - 00000000 ____D () C:\Program Files (x86)\Acrok
2014-04-16 22:46 - 2014-04-16 22:47 - 34248850 _____ (Acrok Studio. ) C:\Users\Wolfang & Angela\Downloads\hdvideoconverter_setup.exe
2014-04-16 10:28 - 2014-04-30 06:59 - 00018944 _____ () C:\Users\Wolfang & Angela\Desktop\Skijump.xls
2014-04-15 14:34 - 2014-04-15 16:50 - 00000456 _____ () C:\Users\Wolfang & Angela\Downloads\Italien Paramotor 2014_Robert (1).zip
2014-04-15 09:24 - 2013-06-26 08:00 - 00292864 _____ (Tools & Components) C:\Windows\SysWOW64\sevEin20.ocx
2014-04-15 09:24 - 2011-09-19 07:55 - 00154624 _____ (Tools & Components) C:\Windows\SysWOW64\sevTab.ocx
2014-04-15 07:43 - 2014-04-15 08:05 - 1150995817 _____ () C:\Users\Wolfang & Angela\Downloads\Italien Paramotor 2014_Robert.zip
2014-04-14 16:13 - 2014-04-14 16:45 - 00000000 ____D () C:\Users\Wolfang & Angela\Desktop\Rudi USB
2014-04-14 15:15 - 2014-04-14 15:15 - 00000000 ____D () C:\Users\Wolfang & Angela\AppData\Local\ChanSort
2014-04-14 15:13 - 2014-04-14 15:13 - 00000000 ____D () C:\Users\Wolfang & Angela\Downloads\ChanSort_2014-01-27
2014-04-14 15:12 - 2014-04-14 15:13 - 11266331 _____ () C:\Users\Wolfang & Angela\Downloads\ChanSort_2014-01-27.zip
2014-04-14 11:44 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-14 11:44 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-14 11:44 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-14 11:44 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-14 11:44 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-14 11:44 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-14 11:44 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-14 11:44 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-14 11:44 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-14 11:44 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-14 11:44 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-14 11:44 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-14 11:44 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-14 11:44 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-14 11:44 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-14 11:44 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-14 11:44 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-03 00:44 - 2014-04-03 13:07 - 00205312 _____ () C:\Users\Wolfang & Angela\Desktop\Abrechnung Motorschirmreise.xls
2014-04-01 23:39 - 2014-04-01 23:39 - 00000000 ____D () C:\Program Files\MOSCHIP
2014-04-01 23:39 - 2012-10-16 14:42 - 00021504 _____ () C:\Windows\system32\StnCoInst.dll
2014-04-01 23:39 - 2012-09-28 08:56 - 00098304 _____ (ASIX Electronics Corp.) C:\Windows\system32\Drivers\StnPport.sys
2014-04-01 23:39 - 2012-09-28 08:53 - 00128000 _____ (ASIX Electronics Corp.) C:\Windows\system32\Drivers\StnSport.sys
2014-04-01 23:39 - 2012-09-27 05:29 - 00000001 _____ () C:\Windows\system32\StnCoInst.ini
2014-04-01 23:39 - 2010-08-25 14:37 - 00081408 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\system32\StnPorts.dll
2014-04-01 23:39 - 2010-07-22 23:43 - 00022774 _____ () C:\Windows\system32\StnLang.ini
2014-04-01 23:37 - 2009-08-19 10:00 - 00359424 ____N () C:\Windows\system32\CmiInstallResAll64.dll
2014-04-01 23:37 - 2006-10-05 23:45 - 00524768 ____R (Microsoft Corporation) C:\Windows\difxapi.dll
2014-04-01 08:16 - 2014-04-01 08:16 - 00000000 ____D () C:\Users\Default\AppData\Roaming\TuneUp Software
2014-04-01 08:16 - 2014-04-01 08:16 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\TuneUp Software
2014-04-01 08:16 - 2014-04-01 08:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

==================== One Month Modified Files and Folders =======

2014-04-30 09:25 - 2014-04-30 00:01 - 00018944 _____ () C:\Users\Wolfang & Angela\Downloads\FRST.txt
2014-04-30 09:14 - 2014-03-25 22:58 - 00001130 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-30 09:09 - 2014-03-26 11:36 - 00000000 ____D () C:\Users\Wolfang & Angela\AppData\Roaming\Mozilla
2014-04-30 09:01 - 2014-03-25 22:54 - 00000000 ____D () C:\ProgramData\MFAData
2014-04-30 08:05 - 2014-03-25 20:01 - 01142820 _____ () C:\Windows\WindowsUpdate.log
2014-04-30 06:59 - 2014-04-16 10:28 - 00018944 _____ () C:\Users\Wolfang & Angela\Desktop\Skijump.xls
2014-04-30 00:26 - 2014-03-25 23:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-04-30 00:26 - 2014-03-25 23:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-30 00:01 - 2014-04-30 00:01 - 00000000 ____D () C:\FRST
2014-04-30 00:00 - 2014-04-30 00:00 - 02061824 _____ (Farbar) C:\Users\Wolfang & Angela\Downloads\FRST64.exe
2014-04-29 23:26 - 2014-03-25 23:18 - 00000000 ____D () C:\Users\Wolfang & Angela\AppData\Local\Thunderbird
2014-04-29 23:15 - 2014-04-29 23:15 - 04892480 _____ (WinZip International LLC ) C:\Users\Wolfang & Angela\Downloads\wzmp_8.exe
2014-04-29 23:15 - 2014-04-29 23:15 - 00003116 _____ () C:\Windows\System32\Tasks\WinZip Malware Protector_startup
2014-04-29 23:15 - 2014-04-29 23:15 - 00001189 _____ () C:\Users\Public\Desktop\WinZip Malware Protector.lnk
2014-04-29 23:15 - 2014-04-29 23:15 - 00000000 ____D () C:\Users\Wolfang & Angela\AppData\Roaming\Nico Mak Computing
2014-04-29 23:15 - 2014-04-29 23:15 - 00000000 ____D () C:\ProgramData\Nico Mak Computing
2014-04-29 23:15 - 2014-04-29 23:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Malware Protector
2014-04-29 23:15 - 2014-04-29 23:15 - 00000000 ____D () C:\Program Files (x86)\WinZip Malware Protector
2014-04-29 23:01 - 2014-03-26 00:05 - 00000000 ____D () C:\LBGPLAN
2014-04-29 22:53 - 2014-04-29 22:53 - 04485528 _____ (AVG Technologies) C:\Users\Wolfang & Angela\Downloads\avg_free_stb_all_2014_4577_cnet.exe
2014-04-29 22:52 - 2014-04-29 22:52 - 05046368 _____ (Systweak Inc ) C:\Users\Wolfang & Angela\Downloads\rcp_dcomnew_sec_300.exe
2014-04-29 19:38 - 2014-03-25 22:46 - 00000000 ____D () C:\Users\Wolfang & Angela\Desktop\Systemprogramme
2014-04-29 16:53 - 2014-03-25 22:54 - 00000000 ____D () C:\Users\Wolfang & Angela\AppData\Local\Avg2014
2014-04-29 10:14 - 2014-03-25 22:58 - 00001126 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-29 09:29 - 2014-04-29 08:13 - 00000000 ____D () C:\Users\Wolfang & Angela\Desktop\Druckfreigaben
2014-04-28 20:33 - 2009-07-14 06:45 - 00026928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-28 20:33 - 2009-07-14 06:45 - 00026928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-28 17:44 - 2013-09-05 18:11 - 00000000 ____D () C:\Users\Wolfang & Angela\Desktop\etti fotodatein
2014-04-28 16:21 - 2014-03-25 23:41 - 00000000 ____D () C:\LBG Kellerbuch
2014-04-28 13:42 - 2014-04-28 13:30 - 00000433 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-04-28 13:40 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-04-28 13:36 - 2014-03-27 15:52 - 00000000 ____D () C:\Users\Wolfang & Angela\AppData\Roaming\DropboxMaster
2014-04-28 13:36 - 2014-03-25 23:03 - 00000000 ____D () C:\Users\Wolfang & Angela\AppData\Roaming\Dropbox
2014-04-28 13:32 - 2014-03-26 11:48 - 00699416 _____ () C:\Windows\system32\perfh007.dat
2014-04-28 13:32 - 2014-03-26 11:48 - 00149556 _____ () C:\Windows\system32\perfc007.dat
2014-04-28 13:32 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-28 13:08 - 2009-07-14 06:51 - 00001501 _____ () C:\Windows\setupact.log
2014-04-28 11:46 - 2014-03-25 20:10 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-04-28 11:46 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-28 10:55 - 2014-03-27 22:03 - 00000000 ____D () C:\Users\Wolfang & Angela\AppData\Roaming\vlc
2014-04-28 09:22 - 2014-04-28 09:21 - 00001908 _____ () C:\Windows\diagwrn.xml
2014-04-28 09:22 - 2014-04-28 09:21 - 00001908 _____ () C:\Windows\diagerr.xml
2014-04-28 09:21 - 2009-07-14 06:51 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-27 17:16 - 2014-03-25 22:59 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-04-27 11:08 - 2014-01-29 22:06 - 00000000 ____D () C:\Users\Wolfang & Angela\Desktop\Auftrage u Rechnungen 2014
2014-04-26 21:16 - 2014-03-26 00:44 - 00000898 _____ () C:\Users\Wolfang & Angela\AppData\Roaming\__AvidCloudManager.log
2014-04-26 21:15 - 2014-03-26 00:44 - 00001235 _____ () C:\Users\Wolfang & Angela\AppData\Roaming\PC_WEINGUT.MTBF.txt
2014-04-26 21:15 - 2014-03-26 00:44 - 00000000 ____D () C:\Users\Wolfang & Angela\AppData\Local\Avid
2014-04-26 21:15 - 2014-03-26 00:36 - 00000349 _____ () C:\Users\Public\Documents\PCLECHAL.INI
2014-04-24 11:44 - 2014-04-24 11:41 - 00000000 ____D () C:\Users\Wolfang & Angela\Downloads\cab_Windows_Driver (3)
2014-04-24 11:39 - 2014-04-24 11:39 - 06544043 _____ () C:\Users\Wolfang & Angela\Downloads\cab_Windows_Driver (3).zip
2014-04-24 11:37 - 2014-04-24 11:37 - 00000000 ____D () C:\Users\Wolfang & Angela\Downloads\Firmware_A3_29999
2014-04-24 11:36 - 2014-04-24 11:36 - 01215148 _____ () C:\Users\Wolfang & Angela\Downloads\Firmware_A3_29999.zip
2014-04-24 10:53 - 2009-07-14 06:45 - 02510312 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-23 22:49 - 2010-11-21 05:47 - 00091806 _____ () C:\Windows\PFRO.log
2014-04-23 16:39 - 2014-04-23 16:39 - 00150016 _____ (Indentix, Inc.) C:\Users\Wolfang & Angela\AppData\Local\etvdc.exe
2014-04-23 02:15 - 2014-03-27 15:53 - 00001012 _____ () C:\Users\Wolfang & Angela\Desktop\Dropbox.lnk
2014-04-23 02:15 - 2014-03-27 15:52 - 00000000 ____D () C:\Users\Wolfang & Angela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-04-23 02:15 - 2014-03-25 20:01 - 00000000 ___RD () C:\Users\Wolfang & Angela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-22 17:55 - 2014-03-26 00:44 - 00000700 _____ () C:\Users\Wolfang & Angela\AppData\Roaming\__AvidCloudManagerPrevious.log
2014-04-21 22:45 - 2014-04-21 22:45 - 00000000 ____D () C:\Users\Wolfang & Angela\Documents\Pinnacle
2014-04-21 10:04 - 2014-03-26 18:46 - 00000000 ____D () C:\Users\Wolfang & Angela\.ranktracker
2014-04-20 20:17 - 2014-04-20 20:12 - 00000000 ____D () C:\Users\Wolfang & Angela\AppData\Local\Deshaker
2014-04-20 20:11 - 2014-04-20 20:07 - 00000000 ____D () C:\Users\Wolfang & Angela\Downloads\Deshaker30
2014-04-20 20:10 - 2014-04-20 20:10 - 00000000 ____D () C:\Users\Wolfang & Angela\Downloads\VirtualDub-1.10.4
2014-04-20 20:06 - 2014-04-20 20:06 - 00181721 _____ () C:\Users\Wolfang & Angela\Downloads\Deshaker30.zip
2014-04-20 18:35 - 2014-04-20 18:34 - 00004253 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-20 18:35 - 2014-03-27 13:58 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-20 18:35 - 2014-03-26 18:44 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-20 18:33 - 2014-04-20 18:33 - 00921512 _____ (Oracle Corporation) C:\Users\Wolfang & Angela\Downloads\chromeinstall-7u55.exe
2014-04-20 18:21 - 2014-03-27 10:55 - 00000000 ____D () C:\Program Files (x86)\AVG SafeGuard toolbar
2014-04-20 09:16 - 2014-04-20 09:14 - 94061993 _____ () C:\Users\Wolfang & Angela\Downloads\Wolfmaster.mp4
2014-04-20 09:03 - 2014-03-26 18:50 - 00135180 _____ () C:\Users\Wolfang & Angela\.ranktracker.properties
2014-04-20 09:03 - 2014-03-25 20:01 - 00000000 ____D () C:\Users\Wolfang & Angela
2014-04-20 03:44 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-04-20 03:16 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-16 23:01 - 2014-04-16 23:01 - 01908225 _____ () C:\Users\Wolfang & Angela\Downloads\VirtualDub-1.10.4.zip
2014-04-16 22:51 - 2014-04-16 22:51 - 00001330 _____ () C:\Users\Public\Desktop\Acrok HD Video Converter.lnk
2014-04-16 22:51 - 2014-04-16 22:51 - 00000000 ____D () C:\Users\Wolfang & Angela\AppData\Roaming\Acrok
2014-04-16 22:51 - 2014-04-16 22:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrok
2014-04-16 22:51 - 2014-04-16 22:51 - 00000000 ____D () C:\Program Files (x86)\Acrok
2014-04-16 22:47 - 2014-04-16 22:46 - 34248850 _____ (Acrok Studio. ) C:\Users\Wolfang & Angela\Downloads\hdvideoconverter_setup.exe
2014-04-16 22:40 - 2014-03-26 00:58 - 00000000 ____D () C:\Users\Wolfang & Angela\AppData\Local\LooksBuilder
2014-04-15 16:50 - 2014-04-15 14:34 - 00000456 _____ () C:\Users\Wolfang & Angela\Downloads\Italien Paramotor 2014_Robert (1).zip
2014-04-15 13:46 - 2014-03-25 23:39 - 00000000 ____D () C:\LBG Daten
2014-04-15 13:46 - 2014-03-25 23:38 - 00000000 ____D () C:\LBG Programme
2014-04-15 08:05 - 2014-04-15 07:43 - 1150995817 _____ () C:\Users\Wolfang & Angela\Downloads\Italien Paramotor 2014_Robert.zip
2014-04-15 03:01 - 2014-03-26 17:04 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-15 03:00 - 2014-03-26 17:04 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-14 20:13 - 2014-04-20 18:35 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-14 20:05 - 2014-04-20 18:35 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-14 20:05 - 2014-04-20 18:35 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-14 20:04 - 2014-04-20 18:35 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-14 16:45 - 2014-04-14 16:13 - 00000000 ____D () C:\Users\Wolfang & Angela\Desktop\Rudi USB
2014-04-14 15:15 - 2014-04-14 15:15 - 00000000 ____D () C:\Users\Wolfang & Angela\AppData\Local\ChanSort
2014-04-14 15:13 - 2014-04-14 15:13 - 00000000 ____D () C:\Users\Wolfang & Angela\Downloads\ChanSort_2014-01-27
2014-04-14 15:13 - 2014-04-14 15:12 - 11266331 _____ () C:\Users\Wolfang & Angela\Downloads\ChanSort_2014-01-27.zip
2014-04-06 20:31 - 2014-03-25 20:30 - 00823688 _____ () C:\Users\Wolfang & Angela\AppData\Local\GDIPFONTCACHEV1.DAT
2014-04-03 23:33 - 2014-03-25 20:01 - 00000000 ____D () C:\Users\Wolfang & Angela\AppData\Local\VirtualStore
2014-04-03 23:32 - 2014-03-26 00:24 - 00000000 ____D () C:\Users\Wolfang & Angela\AppData\Local\Pinnacle
2014-04-03 13:07 - 2014-04-03 00:44 - 00205312 _____ () C:\Users\Wolfang & Angela\Desktop\Abrechnung Motorschirmreise.xls
2014-04-03 00:15 - 2014-03-26 07:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\A1-Faktura
2014-04-01 23:49 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-04-01 23:39 - 2014-04-01 23:39 - 00000000 ____D () C:\Program Files\MOSCHIP
2014-04-01 23:37 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system
2014-04-01 23:37 - 2007-10-19 06:01 - 00000110 _____ () C:\Windows\system\Cmicnfg3.ini
2014-04-01 08:16 - 2014-04-01 08:16 - 00000000 ____D () C:\Users\Default\AppData\Roaming\TuneUp Software
2014-04-01 08:16 - 2014-04-01 08:16 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\TuneUp Software
2014-04-01 08:16 - 2014-04-01 08:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

Some content of TEMP:
====================
C:\Users\Wolfang & Angela\AppData\Local\Temp\amazonicon_v4.exe
C:\Users\Wolfang & Angela\AppData\Local\Temp\amazoninstallernircmdc.exe
C:\Users\Wolfang & Angela\AppData\Local\Temp\devcon64.exe
C:\Users\Wolfang & Angela\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp0tcyeh.dll
C:\Users\Wolfang & Angela\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpjccafx.dll
C:\Users\Wolfang & Angela\AppData\Local\Temp\sdanircmdc.exe
C:\Users\Wolfang & Angela\AppData\Local\Temp\sdapskill.exe
C:\Users\Wolfang & Angela\AppData\Local\Temp\sdaspwn.exe
C:\Users\Wolfang & Angela\AppData\Local\Temp\securitascout_3.exe
C:\Users\Wolfang & Angela\AppData\Local\Temp\update_biller.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-29 22:06

==================== End Of Log ============================
         
--- --- ---




und der 2te:



Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-04-2014
Ran by Wolfang & Angela at 2014-04-30 09:25:49
Running from C:\Users\Wolfang & Angela\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: AVG AntiVirus Free Edition 2014 (Enabled - Out of date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Enabled - Out of date) {B5F5C120-2089-702E-0001-553BB0D5A664}

==================== Installed Programs ======================

3clickBudget 1.4.2 (HKLM-x32\...\{EFEE0F81-C8FF-4197-9BA5-53A0E95129C0}) (Version: 1.4.2 - biu software)
A1-Faktura 1.429 (HKLM-x32\...\A1-Faktura_is1) (Version:  - A1-Faktura)
Acrok HD Video Converter Ver 2.2.9.383 (HKLM-x32\...\{C5338CAA-5760-4A1C-9E8D-DA4D63085177}_is1) (Version:  - )
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4355 - AVG Technologies)
AVG 2014 (Version: 14.0.3920 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4355 - AVG Technologies) Hidden
AVG SafeGuard toolbar (HKLM-x32\...\AVG SafeGuard toolbar) (Version: 18.0.5.292 - AVG Technologies)
Biller (HKLM\...\Biller) (Version: 1.49 - )
Bing Bar (HKLM-x32\...\{08234a0d-cf39-4dca-99f0-0c5cb496da81}) (Version: 6.3.2291.0 - Microsoft Corporation)
Bing Bar Platform (x32 Version: 6.3.2291.0 - Microsoft Corporation) Hidden
CorelDRAW Graphics Suite X3 (HKLM-x32\...\{7C5123A9-30A8-4C44-89CA-A8C87A1FCC91}) (Version: 13.0 - Corel Corporation)
Creative Pack Volume 1 (HKLM-x32\...\{05181A78-3BA6-4B63-BCE8-888A4BCAACFA}) (Version: 3.0.0 - Avid Technology, Inc.)
DE (x32 Version: 13.0 - Corel Corporation) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 2.7.53 - Dropbox, Inc.)
Filmmaker's Toolkit for Studio (HKLM-x32\...\InstallShield_{4CF172C5-F121-41FA-B0B0-0D49840BF003}) (Version: 1.00.0000 - Red Giant)
Filmmaker's Toolkit for Studio (x32 Version: 1.00.0000 - Red Giant) Hidden
FontNav (x32 Version: 5.0 - Corel Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.131 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Hollywood FX Volumes 1-3 (HKLM-x32\...\{E3D181F8-246B-497F-945E-6DB98CBA6677}) (Version: 2.0.0 - Avid Technology, Inc.)
HP Officejet 7500 E910 - Grundlegende Software für das Gerät (HKLM\...\{45760D0E-6D20-48AE-A531-9E3FA4960FDB}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP Officejet 7500 E910 Hilfe (HKLM-x32\...\{24DC9885-E759-4BD2-8A20-D4AC509A7FDE}) (Version: 140.0.93.93 - Hewlett Packard)
HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 32 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216032FF}) (Version: 6.0.320 - Oracle)
LBG - System (HKLM-x32\...\LBG - System2011.04.11) (Version: 2011.04.11 - LBG - Computerdienst GesmbH)
Marketsplash Schnellzugriffe (HKLM-x32\...\{7A108EBC-C9DF-4E14-93A8-42CF316F1ECF}) (Version: 1.0.1.7 - Hewlett-Packard)
MaxPunkte Ver. 6.5.x (HKLM-x32\...\MaxPunkte_is1) (Version:  - )
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Default Manager (x32 Version: 2.2.114.0 - Microsoft Corporation) Hidden
Microsoft Office XP Professional mit FrontPage (HKLM-x32\...\{90280407-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2701.01 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{2C303EE0-A595-3543-A71A-931C7AC40EDE}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Search Enhancement Pack (x32 Version: 3.0.131.0 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.50401.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Motion Graphics Toolkit for Studio (HKLM-x32\...\InstallShield_{178D71F4-DFB1-40EC-9D95-326FD8A3E7A0}) (Version: 1.00.0000 - Red Giant)
Motion Graphics Toolkit for Studio (x32 Version: 1.00.0000 - Red Giant) Hidden
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.4.0 - Mozilla)
Mozilla Thunderbird 24.4.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.4.0 (x86 de)) (Version: 24.4.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA 3D Vision Controller-Treiber 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 320.49 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 320.63 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 320.63 - NVIDIA Corporation)
NVIDIA Grafiktreiber 320.63 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 320.63 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.24.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.24.2 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.124.810 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.0604 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0604 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2063 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 320.63 (Version: 320.63 - NVIDIA Corporation) Hidden
NVIDIA Update 4.11.9 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 4.11.9 - NVIDIA Corporation)
NVIDIA Update Components (Version: 4.11.9 - NVIDIA Corporation) Hidden
PCIe to Peripheral Adaptor (HKLM\...\ASIX Electronics Corporation) (Version:  - )
PDF24 Creator 6.3.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Pinnacle Studio 16 - Install Manager (HKLM-x32\...\{F1886CD7-9F73-417A-92E9-7E0AB0F0E099}) (Version: 16.0.75 - Avid Technology, Inc.)
Pinnacle Studio 16 - Standard Content Pack (HKLM-x32\...\{7D0F4ACC-698A-41B9-B1E2-17594988FBEF}) (Version: 16.0.0 - Avid Technology, Inc.)
Pinnacle Studio 16 (HKLM-x32\...\{284BFDBC-DAC6-43EC-85A8-E1CEC0D3A114}) (Version: 16.1.0.115 - Corel Corporation)
Pinnacle Video Treiber (HKLM\...\{6DE721A5-5E89-4D74-994C-652BB3C0672E}) (Version: 12.1.0.030 - Pinnacle Systems)
Premium Pack Volumes 1-2 (HKLM-x32\...\{88C4D8A6-9954-46A0-965D-92E55DAB8734}) (Version: 2.0.0 - Avid Technology, Inc.)
Pro Cycling Manager 2013 (HKLM-x32\...\Steam App 219800) (Version:  - Cyanide)
Rank Tracker (HKLM-x32\...\seopowersuite) (Version:  - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.72.410.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7037 - Realtek Semiconductor Corp.)
rolX Flight-Log III (HKLM-x32\...\rolX Flight-Log_is1) (Version:  - rolX)
ScoreFitter Volumes 1-2 (HKLM-x32\...\{0FDA9ECA-6DA3-480E-B7A9-76F353AF6B6C}) (Version: 2.0.0 - Avid Technology, Inc.)
Securita Scout (HKLM-x32\...\Securita Scout) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Studie zur Verbesserung von HP Officejet 7500 E910 Produkten (HKLM\...\{C2F19E83-EE44-4BB7-B875-F3677F0034A0}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
Super-Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.020 - MSI)
SyncBackFree (HKLM-x32\...\SyncBackFree_is1) (Version: 6.5.30.0 - 2BrightSparks)
Title Extreme (HKLM-x32\...\{F7214014-27EE-4237-9978-2F9D1551559B}) (Version: 2.0.0 - Avid Technology, Inc.)
TP-LINK TL-WN725N_TL-WN723N Treiber (HKLM-x32\...\{3C3F9CEB-2C5A-4A47-8EAA-DA76037546BA}) (Version: 1.3.1 - TP-LINK)
TP-LINK-Konfigurationstool (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK)
Update Manager (x32 Version: 4.60 - Corel Corporation) Hidden
VBA (x32 Version: 6.2 - Corel Corporation) Hidden
VGA Boost (HKLM-x32\...\{809ACFAE-9A4D-4C60-9223-D8B615CD8CBA}}_is1) (Version: 1.0.0.7 - MSI)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.0.7 (HKLM\...\VLC media player) (Version: 2.0.7 - VideoLAN)
WinZip Malware Protector (HKLM-x32\...\WinZip Malware Protector_is1) (Version: 2.1.1000.10798 - WinZip International LLC)

==================== Restore Points  =========================

02-03-2014 18:00:42 Windows-Sicherung
02-03-2014 19:38:40 1: 1717 2: Marketsplash Schnellzugriffe 
02-03-2014 19:40:52 Removed Naviextras Toolbox Prerequesities
09-03-2014 18:00:42 Windows-Sicherung
14-03-2014 02:00:20 Windows Update
16-03-2014 18:00:41 Windows-Sicherung
29-03-2014 23:00:30 3clickBudget 1.4.2 wird entfernt
29-03-2014 23:01:16 3clickBudget 1.4.2 wird installiert
06-04-2014 22:00:00 Geplanter Prüfpunkt
14-04-2014 10:21:34 Geplanter Prüfpunkt
15-04-2014 01:00:19 Windows Update
20-04-2014 01:00:10 Windows Update
20-04-2014 16:34:39 Installed Java 7 Update 55
26-04-2014 17:44:35 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {26AD3EFD-DC12-4814-91EF-37A08AF08638} - System32\Tasks\WinZip Malware Protector_startup => C:\Program Files (x86)\WinZip Malware Protector\WinZipMalwareProtector.exe [2013-07-15] (Nico Mak Computing)
Task: {3F3F7C7A-A1B1-4FE5-A8C2-AA7584330794} - System32\Tasks\2BrightSparks\SyncBackFree\PC_Weingut-Wolfang & Angela\Betrieb Win7 => C:\Program Files (x86)\2BrightSparks\SyncBackFree\SyncBackFree.exe [2014-02-24] (2BrightSparks Pte Ltd)
Task: {49F54416-CEA2-410B-8AB5-73599BD96B0B} - System32\Tasks\HPCustParticipation HP Officejet 7500 E910 => C:\Program Files\HP\HP Officejet 7500 E910\Bin\HPCustPartic.exe [2010-11-16] (Hewlett-Packard Co.)
Task: {998F0216-4E41-4366-BBBD-AF9D06F4E37D} - System32\Tasks\2BrightSparks\SyncBackFree\PC_Weingut-Wolfang & Angela\Betrieb Datenstation => C:\Program Files (x86)\2BrightSparks\SyncBackFree\SyncBackFree.exe [2014-02-24] (2BrightSparks Pte Ltd)
Task: {9FEFF734-6D1F-48C0-A127-6C434AA24FCC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-25] (Google Inc.)
Task: {A8FC8B6E-C4C1-4EC9-8C9C-C4B5E93C8C07} - System32\Tasks\2BrightSparks\SyncBackFree\PC_Weingut-Wolfang & Angela\E DDropbox => C:\Program Files (x86)\2BrightSparks\SyncBackFree\SyncBackFree.exe [2014-02-24] (2BrightSparks Pte Ltd)
Task: {BE18B992-2525-48EF-88AF-BF4342AC4F47} - System32\Tasks\2BrightSparks\SyncBackFree\PC_Weingut-Wolfang & Angela\SyncBackFree Video => C:\Program Files (x86)\2BrightSparks\SyncBackFree\SyncBackFree.exe [2014-02-24] (2BrightSparks Pte Ltd)
Task: {D7C8DE13-2C74-42A6-8D0E-A79633C26B48} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-25] (Google Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-03-25 20:10 - 2013-07-10 14:05 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-03-30 00:59 - 2014-03-30 00:59 - 01005056 _____ () C:\Users\Wolfang & Angela\AppData\Roaming\BupSystem\bup.exe
2014-03-25 22:33 - 2013-01-10 20:09 - 00848384 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\TWCU.exe
2014-03-28 11:35 - 2014-03-28 11:35 - 00159768 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\loggingserver.exe
2014-03-27 10:55 - 2014-04-20 18:21 - 02544664 _____ () C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe
2014-03-30 00:59 - 2014-03-30 00:59 - 00374272 _____ () C:\Users\Wolfang & Angela\AppData\Roaming\BupSystem\sub\default.dll
2013-05-21 17:56 - 2013-05-21 17:56 - 00065536 _____ () C:\Program Files (x86)\Link-AssistantCom\Rank Tracker\libs\ICE_JNIRegistry.dll
2014-03-25 22:33 - 2012-12-14 11:52 - 01401856 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\nicLan.dll
2014-03-25 22:33 - 2013-01-10 20:16 - 00193024 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\DC_WFF.dll
2014-03-25 22:33 - 2013-01-07 17:03 - 00297472 _____ () C:\Program Files (x86)\TP-LINK\TP-LINK-Konfigurationstool\WJRtl.dll
2014-04-28 11:46 - 2014-04-28 11:46 - 00043008 _____ () C:\Users\Wolfang & Angela\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp0tcyeh.dll
2013-10-19 01:55 - 2013-10-19 01:55 - 25100288 _____ () C:\Users\Wolfang & Angela\AppData\Roaming\Dropbox\bin\libcef.dll
2014-03-28 11:35 - 2014-03-28 11:35 - 00519704 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\log4cplusU.dll
2014-03-25 23:18 - 2014-03-16 23:41 - 03018864 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2014-03-25 23:18 - 2014-03-16 23:41 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2014-03-25 23:18 - 2014-03-16 23:41 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2014-04-29 23:15 - 2013-02-28 16:53 - 00886272 _____ () C:\Program Files (x86)\WinZip Malware Protector\System.Data.SQLite.dll
2014-04-29 23:15 - 2013-07-15 16:53 - 01717936 _____ () C:\Program Files (x86)\WinZip Malware Protector\aspsys.dll
2014-04-29 23:15 - 2013-02-28 16:53 - 00168448 _____ () C:\Program Files (x86)\WinZip Malware Protector\UNRAR.DLL
2014-03-27 10:55 - 2014-03-27 10:55 - 01559064 ____N () C:\Program Files (x86)\AVG SafeGuard toolbar\TBAPI.dll
2014-04-27 17:16 - 2014-04-24 02:33 - 00065352 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\chrome_elf.dll
2014-04-27 17:16 - 2014-04-24 02:33 - 00674632 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\libglesv2.dll
2014-04-27 17:16 - 2014-04-24 02:33 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\libegl.dll
2012-09-23 21:43 - 2012-09-23 21:43 - 00313992 _____ () C:\Program Files (x86)\Adobe\Reader 11.0\Reader\sqlite.dll
2014-04-27 17:16 - 2014-04-24 02:33 - 04081480 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\pdf.dll
2014-04-27 17:16 - 2014-04-24 02:33 - 00390472 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll
2014-04-27 17:16 - 2014-04-24 02:33 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ffmpegsumo.dll
2014-04-27 17:16 - 2014-04-24 02:33 - 13692232 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\PepperFlash\pepflashplayer.dll
2014-04-30 09:09 - 2014-04-30 09:09 - 00029696 _____ () C:\Users\Wolfang & Angela\AppData\Local\Temp\nsnC3B1.tmp\registry.dll
2014-04-30 09:09 - 2014-04-30 09:09 - 00008704 _____ () C:\Users\Wolfang & Angela\AppData\Local\Temp\nsnC3B1.tmp\newadvsplash.dll
2014-04-30 09:09 - 2014-04-30 09:09 - 00011264 _____ () C:\Users\Wolfang & Angela\AppData\Local\Temp\nsnC3B1.tmp\System.dll
2011-03-18 19:53 - 2011-03-18 19:53 - 01874904 _____ () E:\Programme\FirefoxPortable\App\firefox\mozjs.dll
2014-03-26 11:33 - 2011-08-24 19:04 - 00602112 _____ () E:\Programme\FirefoxPortable\Data\profile\extensions\gipsy@pgweb.cz\platform\WINNT_x86-msvc\components\gipsy.dll
2014-03-28 11:35 - 2014-03-28 11:35 - 00688664 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\NativeBrowserApi\18.0.5\NativeBrowserApi.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Videocontroller für Multimedia
Description: Videocontroller für Multimedia
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Multimediacontroller
Description: Multimediacontroller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Multimediacontroller
Description: Multimediacontroller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Multimediacontroller
Description: Multimediacontroller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/30/2014 09:25:24 AM) (Source: Application Hang) (User: )
Description: Programm FRST64.exe, Version 3.3.10.2 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 48d8

Startzeit: 01cf644535b57761

Endzeit: 31504

Anwendungspfad: C:\Users\Wolfang & Angela\Downloads\FRST64.exe

Berichts-ID: 7cb809ca-d038-11e3-b357-448a5b2ac794

Error: (04/30/2014 00:02:45 AM) (Source: Application Hang) (User: )
Description: Programm FRST64.exe, Version 3.3.10.2 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 37f8

Startzeit: 01cf63f690d7f442

Endzeit: 17970

Anwendungspfad: C:\Users\Wolfang & Angela\Downloads\FRST64.exe

Berichts-ID: eaac2765-cfe9-11e3-b357-448a5b2ac794

Error: (04/28/2014 11:46:37 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/26/2014 10:15:57 PM) (Source: Software Protection Platform Service) (User: )
Description: Fehler beim Erwerb der Endbenutzerlizenz. hr=0xC004C008
SKU-ID=da22eadd-46dc-4056-a287-f5041c852470

Error: (04/26/2014 10:15:57 PM) (Source: Software Protection Platform Service) (User: )
Description: Lizenzerwerb-Fehlerdetails. 
hr=0xC004C008

Error: (04/26/2014 10:07:54 PM) (Source: Software Protection Platform Service) (User: )
Description: Fehler beim Erwerb der Endbenutzerlizenz. hr=0xC004C008
SKU-ID=da22eadd-46dc-4056-a287-f5041c852470

Error: (04/26/2014 10:07:54 PM) (Source: Software Protection Platform Service) (User: )
Description: Lizenzerwerb-Fehlerdetails. 
hr=0xC004C008

Error: (04/26/2014 09:54:28 PM) (Source: Software Protection Platform Service) (User: )
Description: Fehler beim Erwerb der Endbenutzerlizenz. hr=0xC004C008
SKU-ID=da22eadd-46dc-4056-a287-f5041c852470

Error: (04/26/2014 09:54:28 PM) (Source: Software Protection Platform Service) (User: )
Description: Lizenzerwerb-Fehlerdetails. 
hr=0xC004C008

Error: (04/26/2014 09:51:55 PM) (Source: Software Protection Platform Service) (User: )
Description: Fehler beim Erwerb der Endbenutzerlizenz. hr=0xC004C008
SKU-ID=da22eadd-46dc-4056-a287-f5041c852470


System errors:
=============
Error: (04/30/2014 09:18:15 AM) (Source: ipnathlp) (User: )
Description: 0

Error: (04/30/2014 09:08:12 AM) (Source: ipnathlp) (User: )
Description: 0

Error: (04/30/2014 08:58:09 AM) (Source: ipnathlp) (User: )
Description: 0

Error: (04/30/2014 08:48:07 AM) (Source: ipnathlp) (User: )
Description: 0

Error: (04/30/2014 08:46:47 AM) (Source: ipnathlp) (User: )
Description: 0

Error: (04/30/2014 08:18:15 AM) (Source: ipnathlp) (User: )
Description: 0

Error: (04/30/2014 08:08:13 AM) (Source: ipnathlp) (User: )
Description: 0

Error: (04/30/2014 08:04:32 AM) (Source: ipnathlp) (User: )
Description: 0

Error: (04/30/2014 07:58:10 AM) (Source: ipnathlp) (User: )
Description: 0

Error: (04/30/2014 07:48:07 AM) (Source: ipnathlp) (User: )
Description: 0


Microsoft Office Sessions:
=========================
Error: (04/30/2014 09:25:24 AM) (Source: Application Hang)(User: )
Description: FRST64.exe3.3.10.248d801cf644535b5776131504C:\Users\Wolfang & Angela\Downloads\FRST64.exe7cb809ca-d038-11e3-b357-448a5b2ac794

Error: (04/30/2014 00:02:45 AM) (Source: Application Hang)(User: )
Description: FRST64.exe3.3.10.237f801cf63f690d7f44217970C:\Users\Wolfang & Angela\Downloads\FRST64.exeeaac2765-cfe9-11e3-b357-448a5b2ac794

Error: (04/28/2014 11:46:37 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (04/26/2014 10:15:57 PM) (Source: Software Protection Platform Service)(User: )
Description: hr=0xC004C008da22eadd-46dc-4056-a287-f5041c852470

Error: (04/26/2014 10:15:57 PM) (Source: Software Protection Platform Service)(User: )
Description: hr=0xC004C00800010001(0x00000000, 22:15:56:695 - hxxp://go.microsoft.com/fwlink/?LinkID=88341)
00020001(0x00000000, 22:15:56:695)
00030001(0x00000000, 22:15:56:695 - hxxp://go.microsoft.com)
00030002(0x00000000, 22:15:56:695 - 1)
00020005(0x00000000, 22:15:56:695 - 0)
0002000C(0x00000000, 22:15:57:137 - 302)
0002000E(0x00000000, 22:15:57:137 - https://activation.sls.microsoft.com/sllicensing/SLLicense.asmx)
00020001(0x00000000, 22:15:57:137)
00030001(0x00000000, 22:15:57:138 - https://activation.sls.microsoft.com)
00030002(0x00000000, 22:15:57:138 - 1)
00020005(0x00000000, 22:15:57:138 - 0)
0002000C(0x00000000, 22:15:57:843 - 500)
00010002(0x8004FC01, 22:15:57:843 - <?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:soap="hxxp://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="hxxp://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="hxxp://www.w3.org/2001/XMLSchema"><soap:Body><soap:Fault><faultcode>soap:Server</faultcode><faultstring>SoapException</faultstring><detail><HRESULT>0xC004C008</HRESULT><Messages><Message>113 (Activation) - [PA Maximum unlock exceeded.  ---&gt; Maximum unlock exceeded]</Message></Messages></detail></soap:Fault></soap:Body></soap:Envelope>)
00010003(0x8004FC01, 22:15:57:845)

Error: (04/26/2014 10:07:54 PM) (Source: Software Protection Platform Service)(User: )
Description: hr=0xC004C008da22eadd-46dc-4056-a287-f5041c852470

Error: (04/26/2014 10:07:54 PM) (Source: Software Protection Platform Service)(User: )
Description: hr=0xC004C00800010001(0x00000000, 22:07:53:240 - hxxp://go.microsoft.com/fwlink/?LinkID=88341)
00020001(0x00000000, 22:07:53:240)
00030001(0x00000000, 22:07:53:241 - hxxp://go.microsoft.com)
00030002(0x00000000, 22:07:53:241 - 1)
00020005(0x00000000, 22:07:53:241 - 0)
0002000C(0x00000000, 22:07:53:724 - 302)
0002000E(0x00000000, 22:07:53:724 - https://activation.sls.microsoft.com/sllicensing/SLLicense.asmx)
00020001(0x00000000, 22:07:53:724)
00030001(0x00000000, 22:07:53:724 - https://activation.sls.microsoft.com)
00030002(0x00000000, 22:07:53:724 - 1)
00020005(0x00000000, 22:07:53:724 - 0)
0002000C(0x00000000, 22:07:54:483 - 500)
00010002(0x8004FC01, 22:07:54:483 - <?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:soap="hxxp://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="hxxp://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="hxxp://www.w3.org/2001/XMLSchema"><soap:Body><soap:Fault><faultcode>soap:Server</faultcode><faultstring>SoapException</faultstring><detail><HRESULT>0xC004C008</HRESULT><Messages><Message>113 (Activation) - [PA Maximum unlock exceeded.  ---&gt; Maximum unlock exceeded]</Message></Messages></detail></soap:Fault></soap:Body></soap:Envelope>)
00010003(0x8004FC01, 22:07:54:484)

Error: (04/26/2014 09:54:28 PM) (Source: Software Protection Platform Service)(User: )
Description: hr=0xC004C008da22eadd-46dc-4056-a287-f5041c852470

Error: (04/26/2014 09:54:28 PM) (Source: Software Protection Platform Service)(User: )
Description: hr=0xC004C00800010001(0x00000000, 21:54:27:583 - hxxp://go.microsoft.com/fwlink/?LinkID=88341)
00020001(0x00000000, 21:54:27:584)
00030001(0x00000000, 21:54:27:584 - hxxp://go.microsoft.com)
00030002(0x00000000, 21:54:27:584 - 1)
00020005(0x00000000, 21:54:27:584 - 0)
0002000C(0x00000000, 21:54:28:023 - 302)
0002000E(0x00000000, 21:54:28:023 - https://activation.sls.microsoft.com/sllicensing/SLLicense.asmx)
00020001(0x00000000, 21:54:28:023)
00030001(0x00000000, 21:54:28:023 - https://activation.sls.microsoft.com)
00030002(0x00000000, 21:54:28:023 - 1)
00020005(0x00000000, 21:54:28:023 - 0)
0002000C(0x00000000, 21:54:28:861 - 500)
00010002(0x8004FC01, 21:54:28:861 - <?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:soap="hxxp://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="hxxp://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="hxxp://www.w3.org/2001/XMLSchema"><soap:Body><soap:Fault><faultcode>soap:Server</faultcode><faultstring>SoapException</faultstring><detail><HRESULT>0xC004C008</HRESULT><Messages><Message>113 (Activation) - [PA Maximum unlock exceeded.  ---&gt; Maximum unlock exceeded]</Message></Messages></detail></soap:Fault></soap:Body></soap:Envelope>)
00010003(0x8004FC01, 21:54:28:862)

Error: (04/26/2014 09:51:55 PM) (Source: Software Protection Platform Service)(User: )
Description: hr=0xC004C008da22eadd-46dc-4056-a287-f5041c852470


==================== Memory info =========================== 

Percentage of memory in use: 42%
Total physical RAM: 16312.05 MB
Available physical RAM: 9396.04 MB
Total Pagefile: 32622.28 MB
Available Pagefile: 26166.45 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:238.46 GB) (Free:80.94 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (IOCARD13A) (CDROM) (Total:0.21 GB) (Free:0 GB) CDFS
Drive e: (Dropbox Programme) (Fixed) (Total:465.75 GB) (Free:296.4 GB) NTFS
Drive k: (BETRIEB) (Fixed) (Total:931.28 GB) (Free:737.61 GB) FAT32
Drive l: (SICHERUNG B) (Fixed) (Total:931.28 GB) (Free:508.02 GB) FAT32
Drive m: (COMBO HDD) (Fixed) (Total:297.94 GB) (Free:46.36 GB) FAT32
Drive n: (Video ) (Fixed) (Total:1863.01 GB) (Free:557.96 GB) NTFS
Drive o: (Sicherung Video) (Fixed) (Total:1863.01 GB) (Free:413.9 GB) NTFS
Drive y: (Altes Win7 Daten) (Fixed) (Total:111.69 GB) (Free:17.41 GB) NTFS
Drive z: (Win 7 Sys Partition) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238 GB) (Disk ID: C0E4C0E4)
Partition 1: (Active) - (Size=238 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 112 GB) (Disk ID: 0C29B953)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=112 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 466 GB) (Disk ID: 05C505C5)
Partition 1: (Not Active) - (Size=466 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 2F798643)
Partition 1: (Not Active) - (Size=-198626508800) - (Type=07 NTFS)

========================================================
Disk: 4 (Size: 932 GB) (Disk ID: E8900690)
Partition 1: (Not Active) - (Size=932 GB) - (Type=0C)

========================================================
Disk: 5 (Size: 932 GB) (Disk ID: 8F988BB1)
Partition 1: (Not Active) - (Size=932 GB) - (Type=0C)

========================================================
Disk: 7 (MBR Code: Windows XP) (Size: 298 GB) (Disk ID: 0CB9C806)
Partition 1: (Not Active) - (Size=298 GB) - (Type=0C)

========================================================
Disk: 8 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 00273BB2)
Partition 1: (Not Active) - (Size=-198627557376) - (Type=07 NTFS)

==================== End Of Log ============================
         
Vielen Dank Wolfgang
__________________

Alt 01.05.2014, 07:13   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Trojaner der Websites von Antivirussoftware blockiert - Standard

Trojaner der Websites von Antivirussoftware blockiert



hi,

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 02.05.2014, 10:13   #5
profrolfwolf
 
Trojaner der Websites von Antivirussoftware blockiert - Standard

Trojaner der Websites von Antivirussoftware blockiert



Hallo

Hier mal der Comfix Log:


Code:
ATTFilter
ComboFix 14-04-30.01 - Wolfang & Angela 02.05.2014   9:58.1.8 - x64
Microsoft Windows 7 Professional   6.1.7601.1.1252.43.1031.18.16312.11803 [GMT 2:00]
ausgeführt von:: c:\users\Wolfang & Angela\Desktop\ComboFix.exe
AV: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: AVG AntiVirus Free Edition 2014 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Neuer Wiederherstellungspunkt wurde erstellt
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Link-AssistantCom\Rank Tracker\bin\ranktracker.exe
c:\program files (x86)\TP-LINK\TP-LINK-Konfigurationstool\TWCU.exe
c:\users\WOLFAN~1\AppData\Local\Temp\nsnC3B1.tmp\newadvsplash.dll
c:\users\WOLFAN~1\AppData\Local\Temp\nsnC3B1.tmp\registry.dll
c:\users\WOLFAN~1\AppData\Local\Temp\nsnC3B1.tmp\System.dll
c:\users\Wolfang & Angela\AppData\Local\etvdc.exe
c:\users\Wolfang & Angela\AppData\Local\Temp\nsnC3B1.tmp\newadvsplash.dll
c:\users\Wolfang & Angela\AppData\Local\Temp\nsnC3B1.tmp\registry.dll
c:\users\Wolfang & Angela\AppData\Local\Temp\nsnC3B1.tmp\System.dll
c:\windows\regsvr32.exe
c:\windows\SysWow64\Config.ini
c:\windows\SysWow64\suf1CD7.tmp
c:\windows\SysWow64\suf909A.tmp
c:\windows\SysWow64\suf911A.tmp
c:\windows\SysWow64\suf9530.tmp
c:\windows\SysWow64\sufE25.tmp
c:\windows\SysWow64\sufF00.tmp
K:\Autorun.inf
L:\AUTORUN.INF
N:\autorun.inf
O:\autorun.inf
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-04-02 bis 2014-05-02  ))))))))))))))))))))))))))))))
.
.
2014-05-02 08:02 . 2014-05-02 08:02	--------	d-----w-	c:\users\UpdatusUser\AppData\Local\temp
2014-05-02 08:02 . 2014-05-02 08:02	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-05-02 04:47 . 2014-05-02 04:47	--------	d-----w-	c:\programdata\AVG Secure Search
2014-04-29 22:01 . 2014-04-30 07:26	--------	d-----w-	C:\FRST
2014-04-29 21:15 . 2014-04-29 21:15	--------	d-----w-	c:\users\Wolfang & Angela\AppData\Roaming\Nico Mak Computing
2014-04-29 21:15 . 2014-04-29 21:15	--------	d-----w-	c:\program files (x86)\WinZip Malware Protector
2014-04-29 21:15 . 2014-04-29 21:15	--------	d-----w-	c:\programdata\Nico Mak Computing
2014-04-29 21:15 . 2013-03-15 15:10	20480	----a-w-	c:\windows\system32\wsusnative64.exe
2014-04-24 09:50 . 2014-04-28 09:42	--------	d-----w-	c:\users\Wolfang & Angela\AppData\Local\Diagnostics
2014-04-20 18:12 . 2014-04-20 18:17	--------	d-----w-	c:\users\Wolfang & Angela\AppData\Local\Deshaker
2014-04-20 16:35 . 2014-04-14 18:13	96168	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-04-18 13:01 . 2014-04-18 13:01	237336	----a-w-	c:\windows\system32\drivers\avgidsdrivera.sys
2014-04-16 20:51 . 2014-04-16 20:51	--------	d-----w-	c:\users\Wolfang & Angela\AppData\Roaming\Acrok
2014-04-16 20:51 . 2014-04-16 20:51	--------	d-----w-	c:\program files (x86)\Acrok
2014-04-15 07:24 . 2011-09-19 05:55	154624	----a-w-	c:\windows\SysWow64\sevTab.ocx
2014-04-15 07:24 . 2013-06-26 06:00	292864	----a-w-	c:\windows\SysWow64\sevEin20.ocx
2014-04-14 13:15 . 2014-04-14 13:15	--------	d-----w-	c:\users\Wolfang & Angela\AppData\Local\ChanSort
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-05-02 04:47 . 2014-03-27 08:56	50464	----a-w-	c:\windows\system32\drivers\avgtpx64.sys
2014-04-15 01:00 . 2014-03-26 15:04	90655440	----a-w-	c:\windows\system32\MRT.exe
2014-03-31 14:20 . 2014-03-31 14:20	274200	----a-w-	c:\windows\system32\drivers\avgtdia.sys
2014-03-31 14:06 . 2014-03-31 14:06	130840	----a-w-	c:\windows\system32\drivers\avgmfx64.sys
2014-03-28 02:06 . 2014-03-28 02:06	194048	----a-w-	c:\windows\SysWow64\elshyph.dll
2014-03-28 02:06 . 2014-03-28 02:06	71680	----a-w-	c:\windows\SysWow64\RegisterIEPKEYs.exe
2014-03-28 02:06 . 2014-03-28 02:06	645120	----a-w-	c:\windows\SysWow64\jsIntl.dll
2014-03-28 02:06 . 2014-03-28 02:06	62464	----a-w-	c:\windows\SysWow64\tdc.ocx
2014-03-28 02:06 . 2014-03-28 02:06	61952	----a-w-	c:\windows\SysWow64\MshtmlDac.dll
2014-03-28 02:06 . 2014-03-28 02:06	36352	----a-w-	c:\windows\SysWow64\imgutil.dll
2014-03-28 02:06 . 2014-03-28 02:06	337408	----a-w-	c:\windows\SysWow64\html.iec
2014-03-28 02:06 . 2014-03-28 02:06	24576	----a-w-	c:\windows\SysWow64\licmgr10.dll
2014-03-28 02:06 . 2014-03-28 02:06	235008	----a-w-	c:\windows\system32\elshyph.dll
2014-03-28 02:06 . 2014-03-28 02:06	182272	----a-w-	c:\windows\SysWow64\msls31.dll
2014-03-28 02:06 . 2014-03-28 02:06	151552	----a-w-	c:\windows\SysWow64\iexpress.exe
2014-03-28 02:06 . 2014-03-28 02:06	139264	----a-w-	c:\windows\SysWow64\wextract.exe
2014-03-28 02:06 . 2014-03-28 02:06	13312	----a-w-	c:\windows\SysWow64\mshta.exe
2014-03-28 02:06 . 2014-03-28 02:06	1051136	----a-w-	c:\windows\SysWow64\mshtmlmedia.dll
2014-03-28 02:06 . 2014-03-28 02:06	942592	----a-w-	c:\windows\system32\jsIntl.dll
2014-03-28 02:06 . 2014-03-28 02:06	90112	----a-w-	c:\windows\system32\SetIEInstalledDate.exe
2014-03-28 02:06 . 2014-03-28 02:06	86016	----a-w-	c:\windows\SysWow64\iesysprep.dll
2014-03-28 02:06 . 2014-03-28 02:06	86016	----a-w-	c:\windows\system32\RegisterIEPKEYs.exe
2014-03-28 02:06 . 2014-03-28 02:06	84992	----a-w-	c:\windows\system32\mshtmled.dll
2014-03-28 02:06 . 2014-03-28 02:06	81408	----a-w-	c:\windows\system32\icardie.dll
2014-03-28 02:06 . 2014-03-28 02:06	77312	----a-w-	c:\windows\system32\tdc.ocx
2014-03-28 02:06 . 2014-03-28 02:06	74240	----a-w-	c:\windows\SysWow64\SetIEInstalledDate.exe
2014-03-28 02:06 . 2014-03-28 02:06	616104	----a-w-	c:\windows\system32\ieapfltr.dat
2014-03-28 02:06 . 2014-03-28 02:06	52224	----a-w-	c:\windows\system32\msfeedsbs.dll
2014-03-28 02:06 . 2014-03-28 02:06	48640	----a-w-	c:\windows\SysWow64\mshtmler.dll
2014-03-28 02:06 . 2014-03-28 02:06	48640	----a-w-	c:\windows\system32\mshtmler.dll
2014-03-28 02:06 . 2014-03-28 02:06	413696	----a-w-	c:\windows\system32\html.iec
2014-03-28 02:06 . 2014-03-28 02:06	30208	----a-w-	c:\windows\system32\licmgr10.dll
2014-03-28 02:06 . 2014-03-28 02:06	263376	----a-w-	c:\windows\system32\iedkcs32.dll
2014-03-28 02:06 . 2014-03-28 02:06	247808	----a-w-	c:\windows\system32\msls31.dll
2014-03-28 02:06 . 2014-03-28 02:06	243200	----a-w-	c:\windows\system32\webcheck.dll
2014-03-28 02:06 . 2014-03-28 02:06	235520	----a-w-	c:\windows\system32\url.dll
2014-03-28 02:06 . 2014-03-28 02:06	167424	----a-w-	c:\windows\system32\iexpress.exe
2014-03-28 02:06 . 2014-03-28 02:06	143872	----a-w-	c:\windows\system32\wextract.exe
2014-03-28 02:06 . 2014-03-28 02:06	13312	----a-w-	c:\windows\system32\msfeedssync.exe
2014-03-28 02:06 . 2014-03-28 02:06	131072	----a-w-	c:\windows\system32\IEAdvpack.dll
2014-03-28 02:06 . 2014-03-28 02:06	1228800	----a-w-	c:\windows\system32\mshtmlmedia.dll
2014-03-28 02:06 . 2014-03-28 02:06	111616	----a-w-	c:\windows\SysWow64\IEAdvpack.dll
2014-03-28 02:06 . 2014-03-28 02:06	105984	----a-w-	c:\windows\system32\iesysprep.dll
2014-03-28 02:06 . 2014-03-28 02:06	101376	----a-w-	c:\windows\system32\inseng.dll
2014-03-28 02:06 . 2014-03-28 02:06	83968	----a-w-	c:\windows\system32\MshtmlDac.dll
2014-03-28 02:06 . 2014-03-28 02:06	774144	----a-w-	c:\windows\system32\jscript.dll
2014-03-28 02:06 . 2014-03-28 02:06	62464	----a-w-	c:\windows\system32\pngfilt.dll
2014-03-28 02:06 . 2014-03-28 02:06	48128	----a-w-	c:\windows\system32\imgutil.dll
2014-03-28 02:06 . 2014-03-28 02:06	147968	----a-w-	c:\windows\system32\occache.dll
2014-03-28 02:06 . 2014-03-28 02:06	13824	----a-w-	c:\windows\system32\mshta.exe
2014-03-28 02:06 . 2014-03-28 02:06	135680	----a-w-	c:\windows\system32\iepeers.dll
2014-03-27 20:14 . 2014-03-27 20:14	192792	----a-w-	c:\windows\system32\drivers\avgidsha.sys
2014-03-27 20:14 . 2014-03-27 20:14	153368	----a-w-	c:\windows\system32\drivers\avgdiska.sys
2014-03-27 20:07 . 2014-03-27 20:07	236824	----a-w-	c:\windows\system32\drivers\avgldx64.sys
2014-03-27 20:05 . 2014-03-27 20:05	324376	----a-w-	c:\windows\system32\drivers\avgloga.sys
2014-03-27 20:03 . 2014-03-27 20:03	32536	----a-w-	c:\windows\system32\drivers\avgrkx64.sys
2014-03-27 13:34 . 2014-03-27 13:34	9068888	----a-w-	C:\LBG - Bodenwächter_Betriebe_Jahre.zip
2014-03-26 15:26 . 2014-03-26 15:26	9728	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-03-26 15:26 . 2014-03-26 15:26	9728	---ha-w-	c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-03-26 15:26 . 2014-03-26 15:26	648192	----a-w-	c:\windows\system32\d3d10level9.dll
2014-03-26 15:26 . 2014-03-26 15:26	604160	----a-w-	c:\windows\SysWow64\d3d10level9.dll
2014-03-26 15:26 . 2014-03-26 15:26	5632	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-03-26 15:26 . 2014-03-26 15:26	5632	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-03-26 15:26 . 2014-03-26 15:26	5632	---ha-w-	c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-03-26 15:26 . 2014-03-26 15:26	5632	---ha-w-	c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-03-26 15:26 . 2014-03-26 15:26	522752	----a-w-	c:\windows\system32\XpsGdiConverter.dll
2014-03-26 15:26 . 2014-03-26 15:26	4096	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-03-26 15:26 . 2014-03-26 15:26	4096	---ha-w-	c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-03-26 15:26 . 2014-03-26 15:26	364544	----a-w-	c:\windows\SysWow64\XpsGdiConverter.dll
2014-03-26 15:26 . 2014-03-26 15:26	363008	----a-w-	c:\windows\system32\dxgi.dll
2014-03-26 15:26 . 2014-03-26 15:26	3584	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-03-26 15:26 . 2014-03-26 15:26	3584	---ha-w-	c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-03-26 15:26 . 2014-03-26 15:26	333312	----a-w-	c:\windows\system32\d3d10_1core.dll
2014-03-26 15:26 . 2014-03-26 15:26	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2014-03-26 15:26 . 2014-03-26 15:26	3072	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-03-26 15:26 . 2014-03-26 15:26	3072	---ha-w-	c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-03-26 15:26 . 2014-03-26 15:26	3072	---ha-w-	c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-03-26 15:26 . 2014-03-26 15:26	296960	----a-w-	c:\windows\system32\d3d10core.dll
2014-03-26 15:26 . 2014-03-26 15:26	293376	----a-w-	c:\windows\SysWow64\dxgi.dll
2014-03-26 15:26 . 2014-03-26 15:26	2776576	----a-w-	c:\windows\system32\msmpeg2vdec.dll
2014-03-26 15:26 . 2014-03-26 15:26	2560	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-03-26 15:26 . 2014-03-26 15:26	2560	---ha-w-	c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-03-26 15:26 . 2014-03-26 15:26	249856	----a-w-	c:\windows\SysWow64\d3d10_1core.dll
2014-03-26 15:26 . 2014-03-26 15:26	245248	----a-w-	c:\windows\system32\WindowsCodecsExt.dll
2014-03-26 15:26 . 2014-03-26 15:26	2284544	----a-w-	c:\windows\SysWow64\msmpeg2vdec.dll
2014-03-26 15:26 . 2014-03-26 15:26	221184	----a-w-	c:\windows\system32\UIAnimation.dll
2014-03-26 15:26 . 2014-03-26 15:26	220160	----a-w-	c:\windows\SysWow64\d3d10core.dll
2014-03-26 15:26 . 2014-03-26 15:26	207872	----a-w-	c:\windows\SysWow64\WindowsCodecsExt.dll
2014-03-26 15:26 . 2014-03-26 15:26	194560	----a-w-	c:\windows\system32\d3d10_1.dll
2014-03-26 15:26 . 2014-03-26 15:26	187392	----a-w-	c:\windows\SysWow64\UIAnimation.dll
2014-03-26 15:26 . 2014-03-26 15:26	1682432	----a-w-	c:\windows\system32\XpsPrint.dll
2014-03-26 15:26 . 2014-03-26 15:26	1643520	----a-w-	c:\windows\system32\DWrite.dll
2014-03-26 15:26 . 2014-03-26 15:26	161792	----a-w-	c:\windows\SysWow64\d3d10_1.dll
2014-03-26 15:26 . 2014-03-26 15:26	1247744	----a-w-	c:\windows\SysWow64\DWrite.dll
2014-03-26 15:26 . 2014-03-26 15:26	1238528	----a-w-	c:\windows\system32\d3d10.dll
2014-03-26 15:26 . 2014-03-26 15:26	1175552	----a-w-	c:\windows\system32\FntCache.dll
2014-03-26 15:26 . 2014-03-26 15:26	1158144	----a-w-	c:\windows\SysWow64\XpsPrint.dll
2014-03-26 15:26 . 2014-03-26 15:26	1080832	----a-w-	c:\windows\SysWow64\d3d10.dll
2014-03-26 15:26 . 2014-03-26 15:26	10752	---ha-w-	c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-03-26 15:26 . 2014-03-26 15:26	10752	---ha-w-	c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]
2014-05-02 04:47	3559448	----a-w-	c:\program files (x86)\AVG SafeGuard toolbar\18.1.0.443\AVG SafeGuard toolbar_toolbar.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files (x86)\AVG SafeGuard toolbar\18.1.0.443\AVG SafeGuard toolbar_toolbar.dll" [2014-05-02 3559448]
.
[HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}]
[HKEY_CLASSES_ROOT\AVG SafeGuard toolbar.PugiObj.1]
[HKEY_CLASSES_ROOT\AVG SafeGuard toolbar.PugiObj]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	131248	----a-w-	c:\users\Wolfang & Angela\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	131248	----a-w-	c:\users\Wolfang & Angela\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	131248	----a-w-	c:\users\Wolfang & Angela\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"="c:\program files (x86)\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-08-11 249856]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AVG_UI"="c:\program files (x86)\AVG\AVG2014\avgui.exe" [2014-04-06 5180432]
"ISUSScheduler"="c:\program files (x86)\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 81920]
"HP Software Update"="c:\program files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [2010-06-09 49208]
"Microsoft Default Manager"="c:\program files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-12-21 959904]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2013-04-26 292848]
"Super-Charger"="c:\program files (x86)\MSI\Super-Charger\Super-Charger.exe" [2013-09-09 490480]
"PDFPrint"="c:\program files (x86)\PDF24\pdf24.exe" [2014-02-06 189480]
"vProt"="c:\program files (x86)\AVG SafeGuard toolbar\vprot.exe" [2014-05-02 2557976]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
c:\users\Wolfang & Angela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Wolfang & Angela\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-4-23 34236200]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Microsoft Office.lnk - e:\program files (x86)\Microsoft Office\Office10\OSA.EXE -b -l [2001-2-13 83360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MSICDSetup;MSICDSetup;d:\cdriver64.sys;d:\CDriver64.sys [x]
R3 NTIOLib_1_0_C;NTIOLib_1_0_C;d:\ntiolib_x64.sys;d:\NTIOLib_X64.sys [x]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys;c:\windows\SYSNATIVE\drivers\nusb3hub.sys [x]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys;c:\windows\SYSNATIVE\drivers\nusb3xhc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsha.sys [x]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys;c:\windows\SYSNATIVE\DRIVERS\avgloga.sys [x]
S0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgmfx64.sys [x]
S0 Avgrkx64;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgrkx64.sys [x]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S1 Avgdiska;AVG Disk Driver;c:\windows\system32\DRIVERS\avgdiska.sys;c:\windows\SYSNATIVE\DRIVERS\avgdiska.sys [x]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys;c:\windows\SYSNATIVE\DRIVERS\avgidsdrivera.sys [x]
S1 Avgldx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys;c:\windows\SYSNATIVE\DRIVERS\avgldx64.sys [x]
S1 Avgtdia;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys;c:\windows\SYSNATIVE\DRIVERS\avgtdia.sys [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]
S2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2014\avgidsagent.exe;c:\program files (x86)\AVG\AVG2014\avgidsagent.exe [x]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2014\avgwdsvc.exe;c:\program files (x86)\AVG\AVG2014\avgwdsvc.exe [x]
S2 bupService;BUP Service;c:\users\Wolfang & Angela\AppData\Roaming\BupSystem\bup.exe;c:\users\Wolfang & Angela\AppData\Roaming\BupSystem\bup.exe [x]
S2 MSI_SuperCharger;MSI_SuperCharger;c:\program files (x86)\MSI\Super-Charger\ChargeService.exe;c:\program files (x86)\MSI\Super-Charger\ChargeService.exe [x]
S2 MSI_Trigger_Service;MSI_Trigger_Service;c:\program files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe;c:\program files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 vToolbarUpdater18.1.0;vToolbarUpdater18.1.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe [x]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
S3 NTIOLib_1_0_3;NTIOLib_1_0_3;c:\program files (x86)\MSI\Super-Charger\NTIOLib_X64.sys;c:\program files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 RtlWlanu;Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\rtwlanu.sys;c:\windows\SYSNATIVE\DRIVERS\rtwlanu.sys [x]
S3 StnPport;PCIe to Multi Mode Parallel Port;c:\windows\system32\DRIVERS\StnPport.sys;c:\windows\SYSNATIVE\DRIVERS\StnPport.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-04-27 15:15	1078088	----a-w-	c:\program files (x86)\Google\Chrome\Application\34.0.1847.131\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-05-02 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-03-25 20:58]
.
2014-05-02 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-03-25 20:58]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	164016	----a-w-	c:\users\Wolfang & Angela\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	164016	----a-w-	c:\users\Wolfang & Angela\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	164016	----a-w-	c:\users\Wolfang & Angela\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-11 02:09	164016	----a-w-	c:\users\Wolfang & Angela\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2013-09-05 7199448]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.startfenster.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Nach Microsoft &Excel exportieren - e:\progra~2\MICROS~1\Office10\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.0.0.138 10.0.0.138 213.33.99.70
TCP: Interfaces\{50C6DB0E-F20B-43C0-BEF0-28C4A3010ABA}: NameServer = 5.39.219.212
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.0\ViProtocol.dll
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-Rank Tracker - c:\program files (x86)\Link-AssistantCom\Rank Tracker\bin\ranktracker.exe
Wow6432Node-HKCU-Run-AVG-Secure-Search-Update_0214c - c:\users\Wolfang & Angela\AppData\Roaming\AVG 0214c Campaign\AVG-Secure-Search-Update-0214c.exe
Wow6432Node-HKCU-Run-36ASbctz - c:\programdata\36ASbctz.exe
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK-Konfigurationstool.lnk - c:\program files (x86)\TP-LINK\TP-LINK-Konfigurationstool\TWCU.exe -nogui
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Microsoft Shared\VS7Debug\mdm.exe
c:\program files (x86)\WinZip Malware Protector\WinZipMalwareProtector.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\program files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\loggingserver.exe
c:\program files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-05-02  10:09:33 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2014-05-02 08:09
.
Vor Suchlauf: 17 Verzeichnis(se), 89.827.098.624 Bytes frei
Nach Suchlauf: 25 Verzeichnis(se), 90.319.847.424 Bytes frei
.
- - End Of File - - 72E6D7ADB96BB940B4F52464E8E35E1A
A36C5E4F47E84449FF07ED3517B43A31
         
Streß hat combofix keinen gemacht.



Bitte mal um einen Komentar wie schlimm es um mein System bestellt ist.

Und natürlich vielen Dank für eure Mühen.

Wolfgang


Alt 03.05.2014, 08:16   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Trojaner der Websites von Antivirussoftware blockiert - Standard

Trojaner der Websites von Antivirussoftware blockiert



gab schon schlimmere


Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
--> Trojaner der Websites von Antivirussoftware blockiert

Alt 04.05.2014, 21:39   #7
profrolfwolf
 
Trojaner der Websites von Antivirussoftware blockiert - Standard

Trojaner der Websites von Antivirussoftware blockiert



Hallo

Bereits beim Download von Malwarebytes Anti-Malware machte der PC Mucken, weil scheinbar auch dieses Program blockiert ist.

Ich habe es dann über meinen Laptop runtergeladen und auf den PC gebracht. Leider kann es die neueste Viren Datenbank nicht runterladen.

Was kann ich tun?

Mfg Wolfgang#

Hallo

Folgendes Szenario

MBAM lies sich nicht aktualisieren, da die Website vom Trojaner scheinbar blockiert wird.
Ich habe einen Suchlauf mit der alen Virusdatenbank gemacht, und auch was gefunden.

Zum LOG: wenn man diesen ansieht, wird nichts angezeigt. exportieren als txt geht auch nicht, da stürtzt mbam ab. Ich habe das nun als XML exportiert, und im Editor geöffnet. Ich hoffe Ihr könnt damit was anfangen.

Der Rest ist gut gegangen.

Code:
ATTFilter
<?xml version="1.0" encoding="UTF-8" ?>
<mbam-log>
<header>
<date>2014/05/04 20:37:01 +0200</date>
<log>mbam.Xml</log>
<isadmin>yes</isadmin>
</header>
<engine>
<version>2.00.1.1004</version>
<rules-database>v2014.03.04.09</rules-database>
<swissarmy-database>v2014.02.20.01</swissarmy-database>
<license>trial</license>
<file-protection>enabled</file-protection>
<web-protection>enabled</web-protection>
<self-protection>disabled</self-protection>
</engine>
<system>
<osversion>Windows 7 Service Pack 1</osversion>
<arch>x64</arch>
<username>Wolfang & Angela</username>
<filesys>NTFS</filesys>
</system>
<summary>
<type>threat</type>
<result>completed</result>
<objects>272330</objects>
<time>478</time>
<processes>0</processes>
<modules>0</modules>
<keys>0</keys>
<values>0</values>
<datas>0</datas>
<folders>0</folders>
<files>1</files>
<sectors>0</sectors>
</summary>
<options>
<memory>enabled</memory>
<startup>enabled</startup>
<filesystem>enabled</filesystem>
<archives>enabled</archives>
<rootkits>enabled</rootkits>
<deeprootkit>disabled</deeprootkit>
<shuriken>enabled</shuriken>
<pup>enabled</pup>
<pum>enabled</pum>
</options>
<items>
<file><path>C:\Windows\SysWOW64\D3DX8ab.dll</path><vendor>Trojan.FakeAlert</vendor><action>success</action><hash>bebf449a681237ff55076975d82aee12</hash></file>
</items>
</mbam-log>
         
Nun der ADW Cleaner LOG:

Code:
ATTFilter
# AdwCleaner v3.206 - Bericht erstellt am 04/05/2014 um 21:03:18
# Aktualisiert 04/05/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : Wolfang & Angela - PC_WEINGUT
# Gestartet von : C:\Users\Wolfang & Angela\Downloads\adwcleaner (1).exe
# Option : Löschen

***** [ Dienste ] *****

[#] Dienst Gelöscht : bupService

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\AVG SafeGuard toolbar
Ordner Gelöscht : C:\ProgramData\AVG Secure Search
Ordner Gelöscht : C:\ProgramData\AVG Security Toolbar
Ordner Gelöscht : C:\Program Files (x86)\AVG SafeGuard toolbar
Ordner Gelöscht : C:\Program Files (x86)\Common Files\AVG Secure Search
[!] Ordner Gelöscht : C:\Users\Wolfang & Angela\AppData\Local\AVG SafeGuard toolbar
Ordner Gelöscht : C:\Users\Wolfang & Angela\AppData\LocalLow\AVG SafeGuard toolbar
Ordner Gelöscht : C:\Users\Wolfang & Angela\AppData\Roaming\BupSystem
Ordner Gelöscht : C:\Users\Wolfang & Angela\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkcedibhemacmilmkpndpkoidlnmgngg
Datei Gelöscht : C:\Users\Wolfang & Angela\AppData\Roaming\Microsoft\Windows\Start Menu\Startfenster.lnk

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\mkcedibhemacmilmkpndpkoidlnmgngg
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKCU\Software\AVG SafeGuard toolbar
Schlüssel Gelöscht : HKLM\Software\AVG SafeGuard toolbar
Schlüssel Gelöscht : HKLM\Software\AVG Security Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17041

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

-\\ Google Chrome v34.0.1847.131

*************************

AdwCleaner[R0].txt - [6567 octets] - [04/05/2014 20:58:40]
AdwCleaner[R1].txt - [6686 octets] - [04/05/2014 21:03:04]
AdwCleaner[S0].txt - [343 octets] - [04/05/2014 21:02:18]
AdwCleaner[S1].txt - [6068 octets] - [04/05/2014 21:03:18]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [6128 octets] ##########
         

Und zum Abschluß der JRT LOG:


Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Professional x64
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 04.05.2014 at 21:16:05,11
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

Danke Wolfgang

Alt 05.05.2014, 17:36   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Trojaner der Websites von Antivirussoftware blockiert - Standard

Trojaner der Websites von Antivirussoftware blockiert



das frische FRST log fehlt noch
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 05.05.2014, 17:57   #9
profrolfwolf
 
Trojaner der Websites von Antivirussoftware blockiert - Standard

Trojaner der Websites von Antivirussoftware blockiert



Sorry, hab ich übersehen.

Übrigens ist jetzt auch mein Facebook befallen.



FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-05-2014
Ran by Wolfang & Angela (administrator) on PC_WEINGUT on 05-05-2014 17:55:43
Running from C:\Users\Wolfang & Angela\Downloads
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7Debug\mdm.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
(MICRO-STAR INTERNATIONAL CO., LTD.) C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 7500 E910\Bin\ScanToPCActivationApp.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Macrovision Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
(Dropbox, Inc.) C:\Users\Wolfang & Angela\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 7500 E910\Bin\HPNetworkCommunicator.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Pinnacle) C:\Program Files (x86)\Pinnacle\Studio 16\programs\NGStudio.exe
(Pinnacle) C:\Program Files (x86)\Pinnacle\Studio 16\programs\UMI.exe
(Pinnacle) C:\Program Files (x86)\Pinnacle\Studio 16\programs\RM.exe
(Pinnacle) C:\Program Files (x86)\Pinnacle\Studio 16\programs\BGRnd.exe
(Avid) C:\Program Files (x86)\Pinnacle\Studio 16\programs\Avid.CloudConnector\AvidCloudManager.exe
(2BrightSparks Pte Ltd) C:\Program Files (x86)\2BrightSparks\SyncBackFree\SyncBackFree.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) E:\Program Files (x86)\Microsoft Office\Office10\EXCEL.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7199448 2013-09-05] (Realtek Semiconductor)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5180432 2014-04-06] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-08-11] (Macrovision Corporation)
HKLM-x32\...\Run: [Microsoft Default Manager] => C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [439568 2010-05-10] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [Super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [490480 2013-09-09] (MSI)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [189480 2014-02-06] (Geek Software GmbH)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3143228131-458128331-2849034095-1000\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [249856 2005-08-11] (Macrovision Corporation)
HKU\S-1-5-21-3143228131-458128331-2849034095-1000\...\Run: [HP Officejet 7500 E910 (NET)] => C:\Program Files\HP\HP Officejet 7500 E910\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-3143228131-458128331-2849034095-1001\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [249856 2005-08-11] (Macrovision Corporation)
HKU\S-1-5-21-3143228131-458128331-2849034095-1001\...\MountPoints2: {8c5d86c5-b480-11e3-bbd0-806e6f6e6963} - D:\DVDSetup.exe
HKU\S-1-5-21-3143228131-458128331-2849034095-1001\...\MountPoints2: {bdf8e81d-b44f-11e3-9825-806e6f6e6963} - D:\DVDSetup.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
ShortcutTarget: Microsoft Office.lnk -> E:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
Startup: C:\Users\Wolfang & Angela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Wolfang & Angela\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=securitascout
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=securitascout
BHO-x32: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll (Microsoft Corporation)
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} -  No File
Handler-x32: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138 10.0.0.138 213.33.99.70
Tcpip\..\Interfaces\{50C6DB0E-F20B-43C0-BEF0-28C4A3010ABA}: [NameServer]5.39.219.212

FireFox:
========
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{27182e60-b5f3-411c-b545-b44205977502}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\
FF Extension: Search Helper Extension - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ []
FF HKLM-x32\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\
FF Extension: Default Manager - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ []

Chrome: 
=======
CHR Extension: (Google Docs) - C:\Users\Wolfang & Angela\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-04]
CHR Extension: (Google Drive) - C:\Users\Wolfang & Angela\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-04]
CHR Extension: (YouTube) - C:\Users\Wolfang & Angela\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-04]
CHR Extension: (Google-Suche) - C:\Users\Wolfang & Angela\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-04]
CHR Extension: (Google Wallet) - C:\Users\Wolfang & Angela\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-25]
CHR Extension: (Google Mail) - C:\Users\Wolfang & Angela\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-04]

==================== Services (Whitelisted) =================

S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3645456 2014-04-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [291912 2014-03-27] (AVG Technologies CZ, s.r.o.)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [161776 2013-09-09] (MSI)
R2 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [30240 2013-09-26] (MICRO-STAR INTERNATIONAL CO., LTD.)
S2 vToolbarUpdater18.1.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe [X]

==================== Drivers (Whitelisted) ====================

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Corporation)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-03-27] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [237336 2014-04-18] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [192792 2014-03-27] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [236824 2014-03-27] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [324376 2014-03-27] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [130840 2014-03-31] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [32536 2014-03-27] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [274200 2014-03-31] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50464 2014-05-02] (AVG Technologies)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-05-05] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
R3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [1528976 2013-03-05] (Realtek Semiconductor Corporation                           )
R3 StnPport; C:\Windows\System32\DRIVERS\StnPport.sys [98304 2012-09-28] (ASIX Electronics Corp.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-05 17:55 - 2014-05-05 17:55 - 00000000 ____D () C:\Users\Wolfang & Angela\Downloads\FRST-OlderVersion
2014-05-04 21:31 - 2014-05-04 21:31 - 00001379 _____ () C:\Users\Wolfang & Angela\Desktop\mbam.Xml
2014-05-04 21:31 - 2014-05-04 21:31 - 00000000 __SHD () C:\Users\Wolfang & Angela\AppData\Local\EmieUserList
2014-05-04 21:31 - 2014-05-04 21:31 - 00000000 __SHD () C:\Users\Wolfang & Angela\AppData\Local\EmieSiteList
2014-05-04 21:30 - 2014-05-04 21:30 - 00000000 _____ () C:\Users\Wolfang & Angela\Desktop\Neues Textdokument.txt
2014-05-04 21:16 - 2014-05-04 21:16 - 00000582 _____ () C:\Users\Wolfang & Angela\Desktop\JRT.txt
2014-05-04 21:11 - 2014-05-04 21:11 - 00000000 ____D () C:\Windows\ERUNT
2014-05-04 21:09 - 2014-05-04 21:09 - 00006228 _____ () C:\Users\Wolfang & Angela\Desktop\AdwCleaner[S1].txt
2014-05-04 20:58 - 2014-05-04 21:03 - 00000000 ____D () C:\AdwCleaner
2014-05-04 20:58 - 2014-05-04 20:58 - 01313617 _____ () C:\Users\Wolfang & Angela\Downloads\adwcleaner (1).exe
2014-05-04 20:58 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-04 16:05 - 2014-05-05 03:10 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-04 16:05 - 2014-05-04 16:05 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-04 16:05 - 2014-05-04 16:05 - 00000000 ____D () C:\Users\Wolfang & Angela\Desktop\Antivirus
2014-05-04 16:05 - 2014-05-04 16:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-04 16:05 - 2014-05-04 16:05 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-04 16:05 - 2014-05-04 16:05 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-05-04 16:05 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-04 16:05 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-04 16:05 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-04 16:04 - 2014-05-04 15:09 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Wolfang & Angela\Desktop\mbam-setup-2.0.1.1004.exe
2014-05-04 15:09 - 2014-05-04 15:09 - 01310621 _____ () C:\Users\Wolfang & Angela\Downloads\adwcleaner.exe
2014-05-04 15:09 - 2014-05-04 15:09 - 01016261 _____ (Thisisu) C:\Users\Wolfang & Angela\Desktop\JRT.exe
2014-05-02 22:18 - 2014-05-02 23:29 - 00000549 _____ () C:\Users\Wolfang & Angela\Desktop\A1-Faktura.lnk
2014-05-02 15:34 - 2014-05-02 15:34 - 00000057 _____ () C:\ProgramData\Ament.ini
2014-05-02 15:26 - 2014-05-02 15:30 - 121650616 _____ () C:\Users\Wolfang & Angela\Downloads\OJ7500_E910_1315.exe
2014-05-02 10:09 - 2014-05-04 20:39 - 00000000 ____D () C:\Windows\Sun
2014-05-02 10:09 - 2014-05-02 10:09 - 00025674 _____ () C:\ComboFix.txt
2014-05-02 09:56 - 2014-05-02 10:09 - 00000000 ____D () C:\Qoobox
2014-05-02 09:56 - 2014-05-02 10:08 - 00000000 ____D () C:\Windows\erdnt
2014-05-02 09:56 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-05-02 09:56 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-05-02 09:56 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-05-02 09:56 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-05-02 09:56 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-05-02 09:56 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-05-02 09:56 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-05-02 09:56 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-04-30 09:25 - 2014-04-30 09:26 - 00030543 _____ () C:\Users\Wolfang & Angela\Downloads\Addition.txt
2014-04-30 00:26 - 2014-05-02 10:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-04-30 00:01 - 2014-05-05 17:55 - 00015951 _____ () C:\Users\Wolfang & Angela\Downloads\FRST.txt
2014-04-30 00:01 - 2014-05-05 17:55 - 00000000 ____D () C:\FRST
2014-04-30 00:00 - 2014-05-05 17:55 - 02063872 _____ (Farbar) C:\Users\Wolfang & Angela\Downloads\FRST64.exe
2014-04-29 23:15 - 2014-05-04 20:46 - 00000000 ____D () C:\Users\Wolfang & Angela\AppData\Roaming\Nico Mak Computing
2014-04-29 23:15 - 2014-04-29 23:15 - 04892480 _____ (WinZip International LLC ) C:\Users\Wolfang & Angela\Downloads\wzmp_8.exe
2014-04-29 22:53 - 2014-04-29 22:53 - 04485528 _____ (AVG Technologies) C:\Users\Wolfang & Angela\Downloads\avg_free_stb_all_2014_4577_cnet.exe
2014-04-29 22:52 - 2014-04-29 22:52 - 05046368 _____ (Systweak Inc ) C:\Users\Wolfang & Angela\Downloads\rcp_dcomnew_sec_300.exe
2014-04-29 08:13 - 2014-04-29 09:29 - 00000000 ____D () C:\Users\Wolfang & Angela\Desktop\Druckfreigaben
2014-04-28 13:30 - 2014-05-04 21:07 - 00000431 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-04-28 09:21 - 2014-04-28 09:22 - 00001908 _____ () C:\Windows\diagwrn.xml
2014-04-28 09:21 - 2014-04-28 09:22 - 00001908 _____ () C:\Windows\diagerr.xml
2014-04-24 11:41 - 2014-04-24 11:44 - 00000000 ____D () C:\Users\Wolfang & Angela\Downloads\cab_Windows_Driver (3)
2014-04-24 11:39 - 2014-04-24 11:39 - 06544043 _____ () C:\Users\Wolfang & Angela\Downloads\cab_Windows_Driver (3).zip
2014-04-24 11:37 - 2014-04-24 11:37 - 00000000 ____D () C:\Users\Wolfang & Angela\Downloads\Firmware_A3_29999
2014-04-24 11:36 - 2014-04-24 11:36 - 01215148 _____ () C:\Users\Wolfang & Angela\Downloads\Firmware_A3_29999.zip
2014-04-21 22:45 - 2014-04-21 22:45 - 00000000 ____D () C:\Users\Wolfang & Angela\Documents\Pinnacle
2014-04-20 20:12 - 2014-04-20 20:17 - 00000000 ____D () C:\Users\Wolfang & Angela\AppData\Local\Deshaker
2014-04-20 20:10 - 2014-04-20 20:10 - 00000000 ____D () C:\Users\Wolfang & Angela\Downloads\VirtualDub-1.10.4
2014-04-20 20:07 - 2014-04-20 20:11 - 00000000 ____D () C:\Users\Wolfang & Angela\Downloads\Deshaker30
2014-04-20 20:06 - 2014-04-20 20:06 - 00181721 _____ () C:\Users\Wolfang & Angela\Downloads\Deshaker30.zip
2014-04-20 18:35 - 2014-04-14 20:13 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-20 18:35 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-20 18:35 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-20 18:35 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-20 18:34 - 2014-04-20 18:35 - 00004253 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-20 18:33 - 2014-04-20 18:33 - 00921512 _____ (Oracle Corporation) C:\Users\Wolfang & Angela\Downloads\chromeinstall-7u55.exe
2014-04-20 09:14 - 2014-04-20 09:16 - 94061993 _____ () C:\Users\Wolfang & Angela\Downloads\Wolfmaster.mp4
2014-04-20 03:00 - 2014-03-06 12:21 - 23549440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-20 03:00 - 2014-03-06 11:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-20 03:00 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-20 03:00 - 2014-03-06 11:19 - 17387008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-20 03:00 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-20 03:00 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-20 03:00 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-20 03:00 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-20 03:00 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-20 03:00 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-20 03:00 - 2014-03-06 10:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-20 03:00 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-20 03:00 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-20 03:00 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-20 03:00 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-20 03:00 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-20 03:00 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-20 03:00 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-20 03:00 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-20 03:00 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-20 03:00 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-20 03:00 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-20 03:00 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-20 03:00 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-20 03:00 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-20 03:00 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-20 03:00 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-20 03:00 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-20 03:00 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-20 03:00 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-20 03:00 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-20 03:00 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-20 03:00 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-20 03:00 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-20 03:00 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-20 03:00 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-20 03:00 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-20 03:00 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-20 03:00 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-20 03:00 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-20 03:00 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-20 03:00 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-20 03:00 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-20 03:00 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-20 03:00 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-20 03:00 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-20 03:00 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-20 03:00 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-18 15:01 - 2014-04-18 15:01 - 00237336 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2014-04-16 23:01 - 2014-04-16 23:01 - 01908225 _____ () C:\Users\Wolfang & Angela\Downloads\VirtualDub-1.10.4.zip
2014-04-16 22:51 - 2014-04-16 22:51 - 00001330 _____ () C:\Users\Public\Desktop\Acrok HD Video Converter.lnk
2014-04-16 22:51 - 2014-04-16 22:51 - 00000000 ____D () C:\Users\Wolfang & Angela\AppData\Roaming\Acrok
2014-04-16 22:51 - 2014-04-16 22:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrok
2014-04-16 22:51 - 2014-04-16 22:51 - 00000000 ____D () C:\Program Files (x86)\Acrok
2014-04-16 22:46 - 2014-04-16 22:47 - 34248850 _____ (Acrok Studio. ) C:\Users\Wolfang & Angela\Downloads\hdvideoconverter_setup.exe
2014-04-16 10:28 - 2014-05-05 11:55 - 00019456 _____ () C:\Users\Wolfang & Angela\Desktop\Skijump.xls
2014-04-15 14:34 - 2014-04-15 16:50 - 00000456 _____ () C:\Users\Wolfang & Angela\Downloads\Italien Paramotor 2014_Robert (1).zip
2014-04-15 09:24 - 2013-06-26 08:00 - 00292864 _____ (Tools & Components) C:\Windows\SysWOW64\sevEin20.ocx
2014-04-15 09:24 - 2011-09-19 07:55 - 00154624 _____ (Tools & Components) C:\Windows\SysWOW64\sevTab.ocx
2014-04-15 07:43 - 2014-04-15 08:05 - 1150995817 _____ () C:\Users\Wolfang & Angela\Downloads\Italien Paramotor 2014_Robert.zip
2014-04-14 16:13 - 2014-04-14 16:45 - 00000000 ____D () C:\Users\Wolfang & Angela\Desktop\Rudi USB
2014-04-14 15:15 - 2014-04-14 15:15 - 00000000 ____D () C:\Users\Wolfang & Angela\AppData\Local\ChanSort
2014-04-14 15:13 - 2014-04-14 15:13 - 00000000 ____D () C:\Users\Wolfang & Angela\Downloads\ChanSort_2014-01-27
2014-04-14 15:12 - 2014-04-14 15:13 - 11266331 _____ () C:\Users\Wolfang & Angela\Downloads\ChanSort_2014-01-27.zip
2014-04-14 11:44 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-14 11:44 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-14 11:44 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-14 11:44 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-14 11:44 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-14 11:44 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-14 11:44 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-14 11:44 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-14 11:44 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-14 11:44 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-14 11:44 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-14 11:44 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-14 11:44 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-14 11:44 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-14 11:44 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-14 11:44 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-14 11:44 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys

==================== One Month Modified Files and Folders =======

2014-05-05 17:55 - 2014-05-05 17:55 - 00000000 ____D () C:\Users\Wolfang & Angela\Downloads\FRST-OlderVersion
2014-05-05 17:55 - 2014-04-30 00:01 - 00015951 _____ () C:\Users\Wolfang & Angela\Downloads\FRST.txt
2014-05-05 17:55 - 2014-04-30 00:01 - 00000000 ____D () C:\FRST
2014-05-05 17:55 - 2014-04-30 00:00 - 02063872 _____ (Farbar) C:\Users\Wolfang & Angela\Downloads\FRST64.exe
2014-05-05 17:14 - 2014-03-25 22:58 - 00001130 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-05 11:55 - 2014-04-16 10:28 - 00019456 _____ () C:\Users\Wolfang & Angela\Desktop\Skijump.xls
2014-05-05 10:14 - 2014-03-25 22:58 - 00001126 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-05 09:34 - 2014-03-26 11:36 - 00000000 ____D () C:\Users\Wolfang & Angela\AppData\Roaming\Mozilla
2014-05-05 09:06 - 2014-03-25 23:39 - 00000000 ____D () C:\LBG Daten
2014-05-05 09:02 - 2014-03-25 23:38 - 00000000 ____D () C:\LBG Programme
2014-05-05 03:10 - 2014-05-04 16:05 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-05 03:00 - 2014-03-25 20:01 - 01757800 _____ () C:\Windows\WindowsUpdate.log
2014-05-04 21:58 - 2014-03-26 00:44 - 00001439 _____ () C:\Users\Wolfang & Angela\AppData\Roaming\PC_WEINGUT.MTBF.txt
2014-05-04 21:58 - 2014-03-26 00:44 - 00000549 _____ () C:\Users\Wolfang & Angela\AppData\Roaming\__AvidCloudManager.log
2014-05-04 21:58 - 2014-03-26 00:44 - 00000000 ____D () C:\Users\Wolfang & Angela\AppData\Local\Avid
2014-05-04 21:58 - 2014-03-26 00:36 - 00000349 _____ () C:\Users\Public\Documents\PCLECHAL.INI
2014-05-04 21:31 - 2014-05-04 21:31 - 00001379 _____ () C:\Users\Wolfang & Angela\Desktop\mbam.Xml
2014-05-04 21:31 - 2014-05-04 21:31 - 00000000 __SHD () C:\Users\Wolfang & Angela\AppData\Local\EmieUserList
2014-05-04 21:31 - 2014-05-04 21:31 - 00000000 __SHD () C:\Users\Wolfang & Angela\AppData\Local\EmieSiteList
2014-05-04 21:30 - 2014-05-04 21:30 - 00000000 _____ () C:\Users\Wolfang & Angela\Desktop\Neues Textdokument.txt
2014-05-04 21:16 - 2014-05-04 21:16 - 00000582 _____ () C:\Users\Wolfang & Angela\Desktop\JRT.txt
2014-05-04 21:14 - 2009-07-14 06:45 - 00026928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-04 21:14 - 2009-07-14 06:45 - 00026928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-04 21:11 - 2014-05-04 21:11 - 00000000 ____D () C:\Windows\ERUNT
2014-05-04 21:11 - 2014-03-26 11:48 - 00699416 _____ () C:\Windows\system32\perfh007.dat
2014-05-04 21:11 - 2014-03-26 11:48 - 00149556 _____ () C:\Windows\system32\perfc007.dat
2014-05-04 21:11 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-04 21:09 - 2014-05-04 21:09 - 00006228 _____ () C:\Users\Wolfang & Angela\Desktop\AdwCleaner[S1].txt
2014-05-04 21:07 - 2014-04-28 13:30 - 00000431 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-05-04 21:07 - 2014-03-27 15:52 - 00000000 ____D () C:\Users\Wolfang & Angela\AppData\Roaming\DropboxMaster
2014-05-04 21:07 - 2014-03-25 23:03 - 00000000 ____D () C:\Users\Wolfang & Angela\AppData\Roaming\Dropbox
2014-05-04 21:07 - 2014-03-25 20:10 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-05-04 21:07 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-04 21:07 - 2009-07-14 06:51 - 00001725 _____ () C:\Windows\setupact.log
2014-05-04 21:06 - 2010-11-21 05:47 - 00097918 _____ () C:\Windows\PFRO.log
2014-05-04 21:03 - 2014-05-04 20:58 - 00000000 ____D () C:\AdwCleaner
2014-05-04 20:58 - 2014-05-04 20:58 - 01313617 _____ () C:\Users\Wolfang & Angela\Downloads\adwcleaner (1).exe
2014-05-04 20:46 - 2014-04-29 23:15 - 00000000 ____D () C:\Users\Wolfang & Angela\AppData\Roaming\Nico Mak Computing
2014-05-04 20:39 - 2014-05-02 10:09 - 00000000 ____D () C:\Windows\Sun
2014-05-04 17:17 - 2014-03-25 22:54 - 00000000 ____D () C:\ProgramData\MFAData
2014-05-04 16:05 - 2014-05-04 16:05 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-04 16:05 - 2014-05-04 16:05 - 00000000 ____D () C:\Users\Wolfang & Angela\Desktop\Antivirus
2014-05-04 16:05 - 2014-05-04 16:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-04 16:05 - 2014-05-04 16:05 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-04 16:05 - 2014-05-04 16:05 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-05-04 15:09 - 2014-05-04 16:04 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Wolfang & Angela\Desktop\mbam-setup-2.0.1.1004.exe
2014-05-04 15:09 - 2014-05-04 15:09 - 01310621 _____ () C:\Users\Wolfang & Angela\Downloads\adwcleaner.exe
2014-05-04 15:09 - 2014-05-04 15:09 - 01016261 _____ (Thisisu) C:\Users\Wolfang & Angela\Desktop\JRT.exe
2014-05-02 23:29 - 2014-05-02 22:18 - 00000549 _____ () C:\Users\Wolfang & Angela\Desktop\A1-Faktura.lnk
2014-05-02 23:29 - 2014-03-26 07:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\A1-Faktura
2014-05-02 22:20 - 2014-03-27 15:53 - 00001012 _____ () C:\Users\Wolfang & Angela\Desktop\Dropbox.lnk
2014-05-02 22:20 - 2014-03-27 15:52 - 00000000 ____D () C:\Users\Wolfang & Angela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-05-02 22:20 - 2014-03-25 20:01 - 00000000 ___RD () C:\Users\Wolfang & Angela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-02 22:17 - 2014-03-25 22:46 - 00000000 ____D () C:\Users\Wolfang & Angela\Desktop\Systemprogramme
2014-05-02 21:47 - 2014-03-25 23:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-02 18:49 - 2014-03-25 23:41 - 00000000 ____D () C:\LBG Kellerbuch
2014-05-02 18:39 - 2014-01-29 22:06 - 00000000 ____D () C:\Users\Wolfang & Angela\Desktop\Auftrage u Rechnungen 2014
2014-05-02 17:15 - 2014-03-26 00:05 - 00000000 ____D () C:\LBGPLAN
2014-05-02 15:37 - 2014-03-26 08:12 - 00000000 ____D () C:\Users\Wolfang & Angela\AppData\Local\HP
2014-05-02 15:36 - 2014-03-26 08:16 - 00003676 _____ () C:\Windows\System32\Tasks\HPCustParticipation HP Officejet 7500 E910
2014-05-02 15:36 - 2014-03-26 08:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-05-02 15:36 - 2014-03-26 08:16 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-05-02 15:36 - 2014-03-26 08:15 - 00000000 ____D () C:\ProgramData\HP
2014-05-02 15:36 - 2014-03-26 08:15 - 00000000 ____D () C:\Program Files (x86)\HP
2014-05-02 15:34 - 2014-05-02 15:34 - 00000057 _____ () C:\ProgramData\Ament.ini
2014-05-02 15:30 - 2014-05-02 15:26 - 121650616 _____ () C:\Users\Wolfang & Angela\Downloads\OJ7500_E910_1315.exe
2014-05-02 10:10 - 2014-04-30 00:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-05-02 10:09 - 2014-05-02 10:09 - 00025674 _____ () C:\ComboFix.txt
2014-05-02 10:09 - 2014-05-02 09:56 - 00000000 ____D () C:\Qoobox
2014-05-02 10:09 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-05-02 10:09 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-02 10:08 - 2014-05-02 09:56 - 00000000 ____D () C:\Windows\erdnt
2014-05-02 10:08 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-05-02 09:54 - 2014-03-27 22:03 - 00000000 ____D () C:\Users\Wolfang & Angela\AppData\Roaming\vlc
2014-05-02 06:47 - 2014-03-27 10:56 - 00050464 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2014-05-01 13:04 - 2014-04-01 08:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-04-30 09:26 - 2014-04-30 09:25 - 00030543 _____ () C:\Users\Wolfang & Angela\Downloads\Addition.txt
2014-04-29 23:26 - 2014-03-25 23:18 - 00000000 ____D () C:\Users\Wolfang & Angela\AppData\Local\Thunderbird
2014-04-29 23:15 - 2014-04-29 23:15 - 04892480 _____ (WinZip International LLC ) C:\Users\Wolfang & Angela\Downloads\wzmp_8.exe
2014-04-29 22:53 - 2014-04-29 22:53 - 04485528 _____ (AVG Technologies) C:\Users\Wolfang & Angela\Downloads\avg_free_stb_all_2014_4577_cnet.exe
2014-04-29 22:52 - 2014-04-29 22:52 - 05046368 _____ (Systweak Inc ) C:\Users\Wolfang & Angela\Downloads\rcp_dcomnew_sec_300.exe
2014-04-29 16:53 - 2014-03-25 22:54 - 00000000 ____D () C:\Users\Wolfang & Angela\AppData\Local\Avg2014
2014-04-29 09:29 - 2014-04-29 08:13 - 00000000 ____D () C:\Users\Wolfang & Angela\Desktop\Druckfreigaben
2014-04-28 17:44 - 2013-09-05 18:11 - 00000000 ____D () C:\Users\Wolfang & Angela\Desktop\etti fotodatein
2014-04-28 13:40 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-04-28 09:22 - 2014-04-28 09:21 - 00001908 _____ () C:\Windows\diagwrn.xml
2014-04-28 09:22 - 2014-04-28 09:21 - 00001908 _____ () C:\Windows\diagerr.xml
2014-04-28 09:21 - 2009-07-14 06:51 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-27 17:16 - 2014-03-25 22:59 - 00002175 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-04-26 21:16 - 2014-03-26 00:44 - 00000898 _____ () C:\Users\Wolfang & Angela\AppData\Roaming\__AvidCloudManagerPrevious.log
2014-04-24 11:44 - 2014-04-24 11:41 - 00000000 ____D () C:\Users\Wolfang & Angela\Downloads\cab_Windows_Driver (3)
2014-04-24 11:39 - 2014-04-24 11:39 - 06544043 _____ () C:\Users\Wolfang & Angela\Downloads\cab_Windows_Driver (3).zip
2014-04-24 11:37 - 2014-04-24 11:37 - 00000000 ____D () C:\Users\Wolfang & Angela\Downloads\Firmware_A3_29999
2014-04-24 11:36 - 2014-04-24 11:36 - 01215148 _____ () C:\Users\Wolfang & Angela\Downloads\Firmware_A3_29999.zip
2014-04-24 10:53 - 2009-07-14 06:45 - 02510312 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-21 22:45 - 2014-04-21 22:45 - 00000000 ____D () C:\Users\Wolfang & Angela\Documents\Pinnacle
2014-04-21 10:04 - 2014-03-26 18:46 - 00000000 ____D () C:\Users\Wolfang & Angela\.ranktracker
2014-04-20 20:17 - 2014-04-20 20:12 - 00000000 ____D () C:\Users\Wolfang & Angela\AppData\Local\Deshaker
2014-04-20 20:11 - 2014-04-20 20:07 - 00000000 ____D () C:\Users\Wolfang & Angela\Downloads\Deshaker30
2014-04-20 20:10 - 2014-04-20 20:10 - 00000000 ____D () C:\Users\Wolfang & Angela\Downloads\VirtualDub-1.10.4
2014-04-20 20:06 - 2014-04-20 20:06 - 00181721 _____ () C:\Users\Wolfang & Angela\Downloads\Deshaker30.zip
2014-04-20 18:35 - 2014-04-20 18:34 - 00004253 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-20 18:35 - 2014-03-27 13:58 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-20 18:35 - 2014-03-26 18:44 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-20 18:33 - 2014-04-20 18:33 - 00921512 _____ (Oracle Corporation) C:\Users\Wolfang & Angela\Downloads\chromeinstall-7u55.exe
2014-04-20 09:16 - 2014-04-20 09:14 - 94061993 _____ () C:\Users\Wolfang & Angela\Downloads\Wolfmaster.mp4
2014-04-20 09:03 - 2014-03-26 18:50 - 00135180 _____ () C:\Users\Wolfang & Angela\.ranktracker.properties
2014-04-20 09:03 - 2014-03-25 20:01 - 00000000 ____D () C:\Users\Wolfang & Angela
2014-04-20 03:44 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-04-20 03:16 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-18 15:01 - 2014-04-18 15:01 - 00237336 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2014-04-16 23:01 - 2014-04-16 23:01 - 01908225 _____ () C:\Users\Wolfang & Angela\Downloads\VirtualDub-1.10.4.zip
2014-04-16 22:51 - 2014-04-16 22:51 - 00001330 _____ () C:\Users\Public\Desktop\Acrok HD Video Converter.lnk
2014-04-16 22:51 - 2014-04-16 22:51 - 00000000 ____D () C:\Users\Wolfang & Angela\AppData\Roaming\Acrok
2014-04-16 22:51 - 2014-04-16 22:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrok
2014-04-16 22:51 - 2014-04-16 22:51 - 00000000 ____D () C:\Program Files (x86)\Acrok
2014-04-16 22:47 - 2014-04-16 22:46 - 34248850 _____ (Acrok Studio. ) C:\Users\Wolfang & Angela\Downloads\hdvideoconverter_setup.exe
2014-04-16 22:40 - 2014-03-26 00:58 - 00000000 ____D () C:\Users\Wolfang & Angela\AppData\Local\LooksBuilder
2014-04-15 16:50 - 2014-04-15 14:34 - 00000456 _____ () C:\Users\Wolfang & Angela\Downloads\Italien Paramotor 2014_Robert (1).zip
2014-04-15 08:05 - 2014-04-15 07:43 - 1150995817 _____ () C:\Users\Wolfang & Angela\Downloads\Italien Paramotor 2014_Robert.zip
2014-04-15 03:01 - 2014-03-26 17:04 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-15 03:00 - 2014-03-26 17:04 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-14 20:13 - 2014-04-20 18:35 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-14 20:05 - 2014-04-20 18:35 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-14 20:05 - 2014-04-20 18:35 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-14 20:04 - 2014-04-20 18:35 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-14 16:45 - 2014-04-14 16:13 - 00000000 ____D () C:\Users\Wolfang & Angela\Desktop\Rudi USB
2014-04-14 15:15 - 2014-04-14 15:15 - 00000000 ____D () C:\Users\Wolfang & Angela\AppData\Local\ChanSort
2014-04-14 15:13 - 2014-04-14 15:13 - 00000000 ____D () C:\Users\Wolfang & Angela\Downloads\ChanSort_2014-01-27
2014-04-14 15:13 - 2014-04-14 15:12 - 11266331 _____ () C:\Users\Wolfang & Angela\Downloads\ChanSort_2014-01-27.zip
2014-04-06 20:31 - 2014-03-25 20:30 - 00823688 _____ () C:\Users\Wolfang & Angela\AppData\Local\GDIPFONTCACHEV1.DAT

Some content of TEMP:
====================
C:\Users\Wolfang & Angela\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpcsoxo0.dll
C:\Users\Wolfang & Angela\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpdvdmll.dll
C:\Users\Wolfang & Angela\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-29 22:06

==================== End Of Log ============================
         
--- --- ---



Danke

Alt 06.05.2014, 12:24   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Trojaner der Websites von Antivirussoftware blockiert - Standard

Trojaner der Websites von Antivirussoftware blockiert



In welchem Browser?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 06.05.2014, 12:40   #11
profrolfwolf
 
Trojaner der Websites von Antivirussoftware blockiert - Standard

Trojaner der Websites von Antivirussoftware blockiert



Hallo

Facebook funkt weder in Google Chrome noch im Firefox portable.




Nach dem Einloogen kommt eine 3 min Zeitleiste, das ganze springt aber nach wenigen Sekunden auf Google um.


Mfg Wolfgang

Alt 07.05.2014, 08:12   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Trojaner der Websites von Antivirussoftware blockiert - Standard

Trojaner der Websites von Antivirussoftware blockiert



Revo Uninstaller - Download - Filepony
damit Chrome deinstallieren, keine Daten behalten, Reste entfernen lassen, neu installieren.

Dann:
https://support.google.com/chrome/answer/3296214?hl=de



Öffne mal bitte FRST, setz nen Haken bei Addition und scanne, poste beide Logfiles.


Downloade dir bitte Farbar's MiniToolBox auf deinen Desktop und starte das Tool

Setze einen Haken bei folgenden Einträgen
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset IE Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size
  • List Minidump Files
Klicke Go und poste den Inhalt der Result.txt.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 07.05.2014, 09:12   #13
profrolfwolf
 
Trojaner der Websites von Antivirussoftware blockiert - Standard

Trojaner der Websites von Antivirussoftware blockiert



Hi


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-05-2014
Ran by Wolfang & Angela (administrator) on PC_WEINGUT on 07-05-2014 09:04:43
Running from C:\Users\Wolfang & Angela\Downloads
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7Debug\mdm.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
(MICRO-STAR INTERNATIONAL CO., LTD.) C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 7500 E910\Bin\ScanToPCActivationApp.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Macrovision Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
(Dropbox, Inc.) C:\Users\Wolfang & Angela\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 7500 E910\Bin\HPNetworkCommunicator.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Pinnacle) C:\Program Files (x86)\Pinnacle\Studio 16\programs\NGStudio.exe
(Pinnacle) C:\Program Files (x86)\Pinnacle\Studio 16\programs\UMI.exe
(Pinnacle) C:\Program Files (x86)\Pinnacle\Studio 16\programs\RM.exe
(Pinnacle) C:\Program Files (x86)\Pinnacle\Studio 16\programs\BGRnd.exe
(Avid) C:\Program Files (x86)\Pinnacle\Studio 16\programs\Avid.CloudConnector\AvidCloudManager.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
(Corel Corporation) C:\Program Files (x86)\Corel\CorelDRAW Graphics Suite 13\Programs\CorelDRW.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(PortableApps.com) E:\Programme\FirefoxPortable\FirefoxPortable.exe
(Mozilla Corporation) E:\Programme\FirefoxPortable\App\Firefox\firefox.exe
(Mozilla Corporation) E:\Programme\FirefoxPortable\App\Firefox\plugin-container.exe
(Microsoft Corporation) C:\Windows\System32\calc.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7199448 2013-09-05] (Realtek Semiconductor)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5180432 2014-04-06] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-08-11] (Macrovision Corporation)
HKLM-x32\...\Run: [Microsoft Default Manager] => C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [439568 2010-05-10] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
HKLM-x32\...\Run: [Super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [490480 2013-09-09] (MSI)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [189480 2014-02-06] (Geek Software GmbH)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3143228131-458128331-2849034095-1000\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [249856 2005-08-11] (Macrovision Corporation)
HKU\S-1-5-21-3143228131-458128331-2849034095-1000\...\Run: [HP Officejet 7500 E910 (NET)] => C:\Program Files\HP\HP Officejet 7500 E910\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-3143228131-458128331-2849034095-1001\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [249856 2005-08-11] (Macrovision Corporation)
HKU\S-1-5-21-3143228131-458128331-2849034095-1001\...\MountPoints2: {8c5d86c5-b480-11e3-bbd0-806e6f6e6963} - D:\DVDSetup.exe
HKU\S-1-5-21-3143228131-458128331-2849034095-1001\...\MountPoints2: {bdf8e81d-b44f-11e3-9825-806e6f6e6963} - D:\DVDSetup.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
ShortcutTarget: Microsoft Office.lnk -> E:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation)
Startup: C:\Users\Wolfang & Angela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Wolfang & Angela\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=securitascout
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=securitascout
BHO-x32: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Bing Bar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - @C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll,-100 - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.3.2291.0\npwinext.dll (Microsoft Corporation)
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} -  No File
Handler-x32: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation)
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138 10.0.0.138 213.33.99.70
Tcpip\..\Interfaces\{50C6DB0E-F20B-43C0-BEF0-28C4A3010ABA}: [NameServer]5.39.219.212

FireFox:
========
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{27182e60-b5f3-411c-b545-b44205977502}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\
FF Extension: Search Helper Extension - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ []
FF HKLM-x32\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\
FF Extension: Default Manager - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\ []

Chrome: 
=======
CHR HomePage: hxxp://search.conduit.com/?ctid=CT3319434&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP328B3C83-231B-4A07-8D2A-18EF1BC7690A&SSPV=
CHR StartupUrls: "hxxp://www.google.at/", "hxxp://commodities.euronext.if5.com/CommodityFutures.aspx?targ=YEBM/F.LI", "hxxp://translate.google.at/", "hxxp://s1.skijumpmania.com/news/profile?id=81214"
CHR Extension: (Google Docs) - C:\Users\Wolfang & Angela\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-07]
CHR Extension: (Google Drive) - C:\Users\Wolfang & Angela\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-07]
CHR Extension: (YouTube) - C:\Users\Wolfang & Angela\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-07]
CHR Extension: (Google-Suche) - C:\Users\Wolfang & Angela\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-07]
CHR Extension: (Google Wallet) - C:\Users\Wolfang & Angela\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-07]
CHR Extension: (Google Mail) - C:\Users\Wolfang & Angela\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-07]

==================== Services (Whitelisted) =================

S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3645456 2014-04-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [291912 2014-03-27] (AVG Technologies CZ, s.r.o.)
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [161776 2013-09-09] (MSI)
R2 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [30240 2013-09-26] (MICRO-STAR INTERNATIONAL CO., LTD.)
S2 vToolbarUpdater18.1.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.0\ToolbarUpdater.exe [X]

==================== Drivers (Whitelisted) ====================

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-14] (Microsoft Corporation)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-03-27] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [237336 2014-04-18] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [192792 2014-03-27] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [236824 2014-03-27] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [324376 2014-03-27] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [130840 2014-03-31] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [32536 2014-03-27] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [274200 2014-03-31] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50464 2014-05-02] (AVG Technologies)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-05-05] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
R3 RtlWlanu; C:\Windows\System32\DRIVERS\rtwlanu.sys [1528976 2013-03-05] (Realtek Semiconductor Corporation                           )
R3 StnPport; C:\Windows\System32\DRIVERS\StnPport.sys [98304 2012-09-28] (ASIX Electronics Corp.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-07 08:59 - 2014-05-07 08:59 - 00002247 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-07 08:59 - 2014-05-07 08:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-05-07 08:57 - 2014-05-07 08:57 - 00884712 _____ (Google Inc.) C:\Users\Wolfang & Angela\Downloads\ChromeSetup.exe
2014-05-07 08:45 - 2014-05-07 08:45 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Wolfang & Angela\Downloads\revosetup95.exe
2014-05-07 08:45 - 2014-05-07 08:45 - 00001264 _____ () C:\Users\Wolfang & Angela\Desktop\Revo Uninstaller.lnk
2014-05-07 08:45 - 2014-05-07 08:45 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-06 20:39 - 2014-05-06 20:39 - 00046356 _____ () C:\Users\Wolfang & Angela\Desktop\Sicherungskopie_von_Sportplatz logo.cdr
2014-05-06 20:34 - 2014-05-06 20:54 - 00046066 _____ () C:\Users\Wolfang & Angela\Desktop\Sportplatz logo.cdr
2014-05-06 15:06 - 2014-05-06 15:06 - 00416438 _____ () C:\Windows\FontData.fdb
2014-05-06 13:34 - 2014-05-06 13:34 - 00001056 ___SH () C:\Windows\SysWOW64\KGyGaAvL.sys
2014-05-05 17:55 - 2014-05-05 17:55 - 00000000 ____D () C:\Users\Wolfang & Angela\Downloads\FRST-OlderVersion
2014-05-04 21:31 - 2014-05-04 21:31 - 00001379 _____ () C:\Users\Wolfang & Angela\Desktop\mbam.Xml
2014-05-04 21:31 - 2014-05-04 21:31 - 00000000 __SHD () C:\Users\Wolfang & Angela\AppData\Local\EmieUserList
2014-05-04 21:31 - 2014-05-04 21:31 - 00000000 __SHD () C:\Users\Wolfang & Angela\AppData\Local\EmieSiteList
2014-05-04 21:30 - 2014-05-04 21:30 - 00000000 _____ () C:\Users\Wolfang & Angela\Desktop\Neues Textdokument.txt
2014-05-04 21:16 - 2014-05-04 21:16 - 00000582 _____ () C:\Users\Wolfang & Angela\Desktop\JRT.txt
2014-05-04 21:11 - 2014-05-04 21:11 - 00000000 ____D () C:\Windows\ERUNT
2014-05-04 21:09 - 2014-05-04 21:09 - 00006228 _____ () C:\Users\Wolfang & Angela\Desktop\AdwCleaner[S1].txt
2014-05-04 20:58 - 2014-05-04 21:03 - 00000000 ____D () C:\AdwCleaner
2014-05-04 20:58 - 2014-05-04 20:58 - 01313617 _____ () C:\Users\Wolfang & Angela\Downloads\adwcleaner (1).exe
2014-05-04 20:58 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-04 16:05 - 2014-05-05 03:10 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-04 16:05 - 2014-05-04 16:05 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-04 16:05 - 2014-05-04 16:05 - 00000000 ____D () C:\Users\Wolfang & Angela\Desktop\Antivirus
2014-05-04 16:05 - 2014-05-04 16:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-04 16:05 - 2014-05-04 16:05 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-04 16:05 - 2014-05-04 16:05 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-05-04 16:05 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-04 16:05 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-04 16:05 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-04 16:04 - 2014-05-04 15:09 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Wolfang & Angela\Desktop\mbam-setup-2.0.1.1004.exe
2014-05-04 15:09 - 2014-05-04 15:09 - 01310621 _____ () C:\Users\Wolfang & Angela\Downloads\adwcleaner.exe
2014-05-04 15:09 - 2014-05-04 15:09 - 01016261 _____ (Thisisu) C:\Users\Wolfang & Angela\Desktop\JRT.exe
2014-05-02 22:18 - 2014-05-02 23:29 - 00000549 _____ () C:\Users\Wolfang & Angela\Desktop\A1-Faktura.lnk
2014-05-02 15:34 - 2014-05-02 15:34 - 00000057 _____ () C:\ProgramData\Ament.ini
2014-05-02 15:26 - 2014-05-02 15:30 - 121650616 _____ () C:\Users\Wolfang & Angela\Downloads\OJ7500_E910_1315.exe
2014-05-02 10:09 - 2014-05-04 20:39 - 00000000 ____D () C:\Windows\Sun
2014-05-02 10:09 - 2014-05-02 10:09 - 00025674 _____ () C:\ComboFix.txt
2014-05-02 09:56 - 2014-05-02 10:09 - 00000000 ____D () C:\Qoobox
2014-05-02 09:56 - 2014-05-02 10:08 - 00000000 ____D () C:\Windows\erdnt
2014-05-02 09:56 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-05-02 09:56 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-05-02 09:56 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-05-02 09:56 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-05-02 09:56 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-05-02 09:56 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-05-02 09:56 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-05-02 09:56 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-04-30 09:25 - 2014-04-30 09:26 - 00030543 _____ () C:\Users\Wolfang & Angela\Downloads\Addition.txt
2014-04-30 00:26 - 2014-05-02 10:10 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-04-30 00:01 - 2014-05-07 09:04 - 00016379 _____ () C:\Users\Wolfang & Angela\Downloads\FRST.txt
2014-04-30 00:01 - 2014-05-07 09:04 - 00000000 ____D () C:\FRST
2014-04-30 00:00 - 2014-05-05 17:55 - 02063872 _____ (Farbar) C:\Users\Wolfang & Angela\Downloads\FRST64.exe
2014-04-29 23:15 - 2014-05-04 20:46 - 00000000 ____D () C:\Users\Wolfang & Angela\AppData\Roaming\Nico Mak Computing
2014-04-29 23:15 - 2014-04-29 23:15 - 04892480 _____ (WinZip International LLC ) C:\Users\Wolfang & Angela\Downloads\wzmp_8.exe
2014-04-29 22:53 - 2014-04-29 22:53 - 04485528 _____ (AVG Technologies) C:\Users\Wolfang & Angela\Downloads\avg_free_stb_all_2014_4577_cnet.exe
2014-04-29 22:52 - 2014-04-29 22:52 - 05046368 _____ (Systweak Inc ) C:\Users\Wolfang & Angela\Downloads\rcp_dcomnew_sec_300.exe
2014-04-29 08:13 - 2014-04-29 09:29 - 00000000 ____D () C:\Users\Wolfang & Angela\Desktop\Druckfreigaben
2014-04-28 13:30 - 2014-05-04 21:07 - 00000431 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-04-28 09:21 - 2014-04-28 09:22 - 00001908 _____ () C:\Windows\diagwrn.xml
2014-04-28 09:21 - 2014-04-28 09:22 - 00001908 _____ () C:\Windows\diagerr.xml
2014-04-24 11:41 - 2014-04-24 11:44 - 00000000 ____D () C:\Users\Wolfang & Angela\Downloads\cab_Windows_Driver (3)
2014-04-24 11:39 - 2014-04-24 11:39 - 06544043 _____ () C:\Users\Wolfang & Angela\Downloads\cab_Windows_Driver (3).zip
2014-04-24 11:37 - 2014-04-24 11:37 - 00000000 ____D () C:\Users\Wolfang & Angela\Downloads\Firmware_A3_29999
2014-04-24 11:36 - 2014-04-24 11:36 - 01215148 _____ () C:\Users\Wolfang & Angela\Downloads\Firmware_A3_29999.zip
2014-04-21 22:45 - 2014-04-21 22:45 - 00000000 ____D () C:\Users\Wolfang & Angela\Documents\Pinnacle
2014-04-20 20:12 - 2014-04-20 20:17 - 00000000 ____D () C:\Users\Wolfang & Angela\AppData\Local\Deshaker
2014-04-20 20:10 - 2014-04-20 20:10 - 00000000 ____D () C:\Users\Wolfang & Angela\Downloads\VirtualDub-1.10.4
2014-04-20 20:07 - 2014-04-20 20:11 - 00000000 ____D () C:\Users\Wolfang & Angela\Downloads\Deshaker30
2014-04-20 20:06 - 2014-04-20 20:06 - 00181721 _____ () C:\Users\Wolfang & Angela\Downloads\Deshaker30.zip
2014-04-20 18:35 - 2014-04-14 20:13 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-20 18:35 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-20 18:35 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-20 18:35 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-20 18:34 - 2014-04-20 18:35 - 00004253 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-20 18:33 - 2014-04-20 18:33 - 00921512 _____ (Oracle Corporation) C:\Users\Wolfang & Angela\Downloads\chromeinstall-7u55.exe
2014-04-20 09:14 - 2014-04-20 09:16 - 94061993 _____ () C:\Users\Wolfang & Angela\Downloads\Wolfmaster.mp4
2014-04-20 03:00 - 2014-03-06 12:21 - 23549440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-20 03:00 - 2014-03-06 11:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-20 03:00 - 2014-03-06 11:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-20 03:00 - 2014-03-06 11:19 - 17387008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-20 03:00 - 2014-03-06 10:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-20 03:00 - 2014-03-06 10:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-20 03:00 - 2014-03-06 10:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-20 03:00 - 2014-03-06 10:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-20 03:00 - 2014-03-06 10:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-20 03:00 - 2014-03-06 10:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-20 03:00 - 2014-03-06 10:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-20 03:00 - 2014-03-06 10:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-20 03:00 - 2014-03-06 10:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-20 03:00 - 2014-03-06 10:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-20 03:00 - 2014-03-06 10:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-20 03:00 - 2014-03-06 10:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-20 03:00 - 2014-03-06 10:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-20 03:00 - 2014-03-06 10:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-20 03:00 - 2014-03-06 10:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-20 03:00 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-04-20 03:00 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-20 03:00 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-20 03:00 - 2014-03-06 09:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-20 03:00 - 2014-03-06 09:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-20 03:00 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-20 03:00 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-20 03:00 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-20 03:00 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-20 03:00 - 2014-03-06 09:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-20 03:00 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-04-20 03:00 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-04-20 03:00 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-04-20 03:00 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-04-20 03:00 - 2014-03-06 09:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-20 03:00 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-20 03:00 - 2014-03-06 09:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-20 03:00 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-20 03:00 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-04-20 03:00 - 2014-03-06 08:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-20 03:00 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-20 03:00 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-04-20 03:00 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-20 03:00 - 2014-03-06 08:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-20 03:00 - 2014-03-06 07:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-20 03:00 - 2014-03-06 07:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-20 03:00 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-04-20 03:00 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-20 03:00 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-18 15:01 - 2014-04-18 15:01 - 00237336 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2014-04-16 23:01 - 2014-04-16 23:01 - 01908225 _____ () C:\Users\Wolfang & Angela\Downloads\VirtualDub-1.10.4.zip
2014-04-16 22:51 - 2014-04-16 22:51 - 00001330 _____ () C:\Users\Public\Desktop\Acrok HD Video Converter.lnk
2014-04-16 22:51 - 2014-04-16 22:51 - 00000000 ____D () C:\Users\Wolfang & Angela\AppData\Roaming\Acrok
2014-04-16 22:51 - 2014-04-16 22:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrok
2014-04-16 22:51 - 2014-04-16 22:51 - 00000000 ____D () C:\Program Files (x86)\Acrok
2014-04-16 22:46 - 2014-04-16 22:47 - 34248850 _____ (Acrok Studio. ) C:\Users\Wolfang & Angela\Downloads\hdvideoconverter_setup.exe
2014-04-16 10:28 - 2014-05-05 09:42 - 00019456 _____ () C:\Users\Wolfang & Angela\Desktop\Skijump.xls
2014-04-15 14:34 - 2014-04-15 16:50 - 00000456 _____ () C:\Users\Wolfang & Angela\Downloads\Italien Paramotor 2014_Robert (1).zip
2014-04-15 09:24 - 2013-06-26 08:00 - 00292864 _____ (Tools & Components) C:\Windows\SysWOW64\sevEin20.ocx
2014-04-15 09:24 - 2011-09-19 07:55 - 00154624 _____ (Tools & Components) C:\Windows\SysWOW64\sevTab.ocx
2014-04-15 07:43 - 2014-04-15 08:05 - 1150995817 _____ () C:\Users\Wolfang & Angela\Downloads\Italien Paramotor 2014_Robert.zip
2014-04-14 16:13 - 2014-04-14 16:45 - 00000000 ____D () C:\Users\Wolfang & Angela\Desktop\Rudi USB
2014-04-14 15:15 - 2014-04-14 15:15 - 00000000 ____D () C:\Users\Wolfang & Angela\AppData\Local\ChanSort
2014-04-14 15:13 - 2014-04-14 15:13 - 00000000 ____D () C:\Users\Wolfang & Angela\Downloads\ChanSort_2014-01-27
2014-04-14 15:12 - 2014-04-14 15:13 - 11266331 _____ () C:\Users\Wolfang & Angela\Downloads\ChanSort_2014-01-27.zip
2014-04-14 11:44 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-14 11:44 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-14 11:44 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-14 11:44 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-14 11:44 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-14 11:44 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-14 11:44 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-14 11:44 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-14 11:44 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-14 11:44 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-14 11:44 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-14 11:44 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-14 11:44 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-14 11:44 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-14 11:44 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-14 11:44 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-14 11:44 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys

==================== One Month Modified Files and Folders =======

2014-05-07 09:04 - 2014-04-30 00:01 - 00016379 _____ () C:\Users\Wolfang & Angela\Downloads\FRST.txt
2014-05-07 09:04 - 2014-04-30 00:01 - 00000000 ____D () C:\FRST
2014-05-07 08:59 - 2014-05-07 08:59 - 00002247 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-07 08:59 - 2014-05-07 08:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-05-07 08:59 - 2014-03-25 22:58 - 00000000 ____D () C:\Users\Wolfang & Angela\AppData\Local\Google
2014-05-07 08:59 - 2014-03-25 22:58 - 00000000 ____D () C:\Program Files (x86)\Google
2014-05-07 08:57 - 2014-05-07 08:57 - 00884712 _____ (Google Inc.) C:\Users\Wolfang & Angela\Downloads\ChromeSetup.exe
2014-05-07 08:57 - 2014-03-26 11:36 - 00000000 ____D () C:\Users\Wolfang & Angela\AppData\Roaming\Mozilla
2014-05-07 08:52 - 2014-03-25 20:01 - 01949399 _____ () C:\Windows\WindowsUpdate.log
2014-05-07 08:45 - 2014-05-07 08:45 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Wolfang & Angela\Downloads\revosetup95.exe
2014-05-07 08:45 - 2014-05-07 08:45 - 00001264 _____ () C:\Users\Wolfang & Angela\Desktop\Revo Uninstaller.lnk
2014-05-07 08:45 - 2014-05-07 08:45 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-07 08:14 - 2014-03-25 22:58 - 00001130 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-06 23:20 - 2014-03-26 00:44 - 00000700 _____ () C:\Users\Wolfang & Angela\AppData\Roaming\__AvidCloudManager.log
2014-05-06 20:55 - 2009-07-14 04:34 - 00000569 _____ () C:\Windows\win.ini
2014-05-06 20:54 - 2014-05-06 20:34 - 00046066 _____ () C:\Users\Wolfang & Angela\Desktop\Sportplatz logo.cdr
2014-05-06 20:39 - 2014-05-06 20:39 - 00046356 _____ () C:\Users\Wolfang & Angela\Desktop\Sicherungskopie_von_Sportplatz logo.cdr
2014-05-06 18:34 - 2014-03-25 23:41 - 00000000 ____D () C:\LBG Kellerbuch
2014-05-06 15:06 - 2014-05-06 15:06 - 00416438 _____ () C:\Windows\FontData.fdb
2014-05-06 13:34 - 2014-05-06 13:34 - 00001056 ___SH () C:\Windows\SysWOW64\KGyGaAvL.sys
2014-05-06 10:14 - 2014-03-25 22:58 - 00001126 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-06 08:46 - 2014-03-27 22:03 - 00000000 ____D () C:\Users\Wolfang & Angela\AppData\Roaming\vlc
2014-05-05 23:41 - 2014-03-26 00:44 - 00001644 _____ () C:\Users\Wolfang & Angela\AppData\Roaming\PC_WEINGUT.MTBF.txt
2014-05-05 23:41 - 2014-03-26 00:44 - 00000944 _____ () C:\Users\Wolfang & Angela\AppData\Roaming\__AvidCloudManagerPrevious.log
2014-05-05 23:41 - 2014-03-26 00:44 - 00000000 ____D () C:\Users\Wolfang & Angela\AppData\Local\Avid
2014-05-05 23:41 - 2014-03-26 00:36 - 00000349 _____ () C:\Users\Public\Documents\PCLECHAL.INI
2014-05-05 17:55 - 2014-05-05 17:55 - 00000000 ____D () C:\Users\Wolfang & Angela\Downloads\FRST-OlderVersion
2014-05-05 17:55 - 2014-04-30 00:00 - 02063872 _____ (Farbar) C:\Users\Wolfang & Angela\Downloads\FRST64.exe
2014-05-05 09:42 - 2014-04-16 10:28 - 00019456 _____ () C:\Users\Wolfang & Angela\Desktop\Skijump.xls
2014-05-05 09:06 - 2014-03-25 23:39 - 00000000 ____D () C:\LBG Daten
2014-05-05 09:02 - 2014-03-25 23:38 - 00000000 ____D () C:\LBG Programme
2014-05-05 03:10 - 2014-05-04 16:05 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-04 21:31 - 2014-05-04 21:31 - 00001379 _____ () C:\Users\Wolfang & Angela\Desktop\mbam.Xml
2014-05-04 21:31 - 2014-05-04 21:31 - 00000000 __SHD () C:\Users\Wolfang & Angela\AppData\Local\EmieUserList
2014-05-04 21:31 - 2014-05-04 21:31 - 00000000 __SHD () C:\Users\Wolfang & Angela\AppData\Local\EmieSiteList
2014-05-04 21:30 - 2014-05-04 21:30 - 00000000 _____ () C:\Users\Wolfang & Angela\Desktop\Neues Textdokument.txt
2014-05-04 21:16 - 2014-05-04 21:16 - 00000582 _____ () C:\Users\Wolfang & Angela\Desktop\JRT.txt
2014-05-04 21:14 - 2009-07-14 06:45 - 00026928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-04 21:14 - 2009-07-14 06:45 - 00026928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-04 21:11 - 2014-05-04 21:11 - 00000000 ____D () C:\Windows\ERUNT
2014-05-04 21:11 - 2014-03-26 11:48 - 00699416 _____ () C:\Windows\system32\perfh007.dat
2014-05-04 21:11 - 2014-03-26 11:48 - 00149556 _____ () C:\Windows\system32\perfc007.dat
2014-05-04 21:11 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-04 21:09 - 2014-05-04 21:09 - 00006228 _____ () C:\Users\Wolfang & Angela\Desktop\AdwCleaner[S1].txt
2014-05-04 21:07 - 2014-04-28 13:30 - 00000431 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-05-04 21:07 - 2014-03-27 15:52 - 00000000 ____D () C:\Users\Wolfang & Angela\AppData\Roaming\DropboxMaster
2014-05-04 21:07 - 2014-03-25 23:03 - 00000000 ____D () C:\Users\Wolfang & Angela\AppData\Roaming\Dropbox
2014-05-04 21:07 - 2014-03-25 20:10 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-05-04 21:07 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-04 21:07 - 2009-07-14 06:51 - 00001725 _____ () C:\Windows\setupact.log
2014-05-04 21:06 - 2010-11-21 05:47 - 00097918 _____ () C:\Windows\PFRO.log
2014-05-04 21:03 - 2014-05-04 20:58 - 00000000 ____D () C:\AdwCleaner
2014-05-04 20:58 - 2014-05-04 20:58 - 01313617 _____ () C:\Users\Wolfang & Angela\Downloads\adwcleaner (1).exe
2014-05-04 20:46 - 2014-04-29 23:15 - 00000000 ____D () C:\Users\Wolfang & Angela\AppData\Roaming\Nico Mak Computing
2014-05-04 20:39 - 2014-05-02 10:09 - 00000000 ____D () C:\Windows\Sun
2014-05-04 17:17 - 2014-03-25 22:54 - 00000000 ____D () C:\ProgramData\MFAData
2014-05-04 16:05 - 2014-05-04 16:05 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-04 16:05 - 2014-05-04 16:05 - 00000000 ____D () C:\Users\Wolfang & Angela\Desktop\Antivirus
2014-05-04 16:05 - 2014-05-04 16:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-04 16:05 - 2014-05-04 16:05 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-04 16:05 - 2014-05-04 16:05 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-05-04 15:09 - 2014-05-04 16:04 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Wolfang & Angela\Desktop\mbam-setup-2.0.1.1004.exe
2014-05-04 15:09 - 2014-05-04 15:09 - 01310621 _____ () C:\Users\Wolfang & Angela\Downloads\adwcleaner.exe
2014-05-04 15:09 - 2014-05-04 15:09 - 01016261 _____ (Thisisu) C:\Users\Wolfang & Angela\Desktop\JRT.exe
2014-05-02 23:29 - 2014-05-02 22:18 - 00000549 _____ () C:\Users\Wolfang & Angela\Desktop\A1-Faktura.lnk
2014-05-02 23:29 - 2014-03-26 07:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\A1-Faktura
2014-05-02 22:20 - 2014-03-27 15:53 - 00001012 _____ () C:\Users\Wolfang & Angela\Desktop\Dropbox.lnk
2014-05-02 22:20 - 2014-03-27 15:52 - 00000000 ____D () C:\Users\Wolfang & Angela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-05-02 22:20 - 2014-03-25 20:01 - 00000000 ___RD () C:\Users\Wolfang & Angela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-02 22:17 - 2014-03-25 22:46 - 00000000 ____D () C:\Users\Wolfang & Angela\Desktop\Systemprogramme
2014-05-02 21:47 - 2014-03-25 23:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-02 18:39 - 2014-01-29 22:06 - 00000000 ____D () C:\Users\Wolfang & Angela\Desktop\Auftrage u Rechnungen 2014
2014-05-02 17:15 - 2014-03-26 00:05 - 00000000 ____D () C:\LBGPLAN
2014-05-02 15:37 - 2014-03-26 08:12 - 00000000 ____D () C:\Users\Wolfang & Angela\AppData\Local\HP
2014-05-02 15:36 - 2014-03-26 08:16 - 00003676 _____ () C:\Windows\System32\Tasks\HPCustParticipation HP Officejet 7500 E910
2014-05-02 15:36 - 2014-03-26 08:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-05-02 15:36 - 2014-03-26 08:16 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-05-02 15:36 - 2014-03-26 08:15 - 00000000 ____D () C:\ProgramData\HP
2014-05-02 15:36 - 2014-03-26 08:15 - 00000000 ____D () C:\Program Files (x86)\HP
2014-05-02 15:34 - 2014-05-02 15:34 - 00000057 _____ () C:\ProgramData\Ament.ini
2014-05-02 15:30 - 2014-05-02 15:26 - 121650616 _____ () C:\Users\Wolfang & Angela\Downloads\OJ7500_E910_1315.exe
2014-05-02 10:10 - 2014-04-30 00:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Thunderbird
2014-05-02 10:09 - 2014-05-02 10:09 - 00025674 _____ () C:\ComboFix.txt
2014-05-02 10:09 - 2014-05-02 09:56 - 00000000 ____D () C:\Qoobox
2014-05-02 10:09 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-05-02 10:09 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-02 10:08 - 2014-05-02 09:56 - 00000000 ____D () C:\Windows\erdnt
2014-05-02 10:08 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-05-02 06:47 - 2014-03-27 10:56 - 00050464 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys
2014-05-01 13:04 - 2014-04-01 08:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-04-30 09:26 - 2014-04-30 09:25 - 00030543 _____ () C:\Users\Wolfang & Angela\Downloads\Addition.txt
2014-04-29 23:26 - 2014-03-25 23:18 - 00000000 ____D () C:\Users\Wolfang & Angela\AppData\Local\Thunderbird
2014-04-29 23:15 - 2014-04-29 23:15 - 04892480 _____ (WinZip International LLC ) C:\Users\Wolfang & Angela\Downloads\wzmp_8.exe
2014-04-29 22:53 - 2014-04-29 22:53 - 04485528 _____ (AVG Technologies) C:\Users\Wolfang & Angela\Downloads\avg_free_stb_all_2014_4577_cnet.exe
2014-04-29 22:52 - 2014-04-29 22:52 - 05046368 _____ (Systweak Inc ) C:\Users\Wolfang & Angela\Downloads\rcp_dcomnew_sec_300.exe
2014-04-29 16:53 - 2014-03-25 22:54 - 00000000 ____D () C:\Users\Wolfang & Angela\AppData\Local\Avg2014
2014-04-29 09:29 - 2014-04-29 08:13 - 00000000 ____D () C:\Users\Wolfang & Angela\Desktop\Druckfreigaben
2014-04-28 17:44 - 2013-09-05 18:11 - 00000000 ____D () C:\Users\Wolfang & Angela\Desktop\etti fotodatein
2014-04-28 13:40 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-04-28 09:22 - 2014-04-28 09:21 - 00001908 _____ () C:\Windows\diagwrn.xml
2014-04-28 09:22 - 2014-04-28 09:21 - 00001908 _____ () C:\Windows\diagerr.xml
2014-04-28 09:21 - 2009-07-14 06:51 - 00000000 _____ () C:\Windows\setuperr.log
2014-04-24 11:44 - 2014-04-24 11:41 - 00000000 ____D () C:\Users\Wolfang & Angela\Downloads\cab_Windows_Driver (3)
2014-04-24 11:39 - 2014-04-24 11:39 - 06544043 _____ () C:\Users\Wolfang & Angela\Downloads\cab_Windows_Driver (3).zip
2014-04-24 11:37 - 2014-04-24 11:37 - 00000000 ____D () C:\Users\Wolfang & Angela\Downloads\Firmware_A3_29999
2014-04-24 11:36 - 2014-04-24 11:36 - 01215148 _____ () C:\Users\Wolfang & Angela\Downloads\Firmware_A3_29999.zip
2014-04-24 10:53 - 2009-07-14 06:45 - 02510312 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-04-21 22:45 - 2014-04-21 22:45 - 00000000 ____D () C:\Users\Wolfang & Angela\Documents\Pinnacle
2014-04-21 10:04 - 2014-03-26 18:46 - 00000000 ____D () C:\Users\Wolfang & Angela\.ranktracker
2014-04-20 20:17 - 2014-04-20 20:12 - 00000000 ____D () C:\Users\Wolfang & Angela\AppData\Local\Deshaker
2014-04-20 20:11 - 2014-04-20 20:07 - 00000000 ____D () C:\Users\Wolfang & Angela\Downloads\Deshaker30
2014-04-20 20:10 - 2014-04-20 20:10 - 00000000 ____D () C:\Users\Wolfang & Angela\Downloads\VirtualDub-1.10.4
2014-04-20 20:06 - 2014-04-20 20:06 - 00181721 _____ () C:\Users\Wolfang & Angela\Downloads\Deshaker30.zip
2014-04-20 18:35 - 2014-04-20 18:34 - 00004253 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log
2014-04-20 18:35 - 2014-03-27 13:58 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-20 18:35 - 2014-03-26 18:44 - 00000000 ____D () C:\Program Files (x86)\Java
2014-04-20 18:33 - 2014-04-20 18:33 - 00921512 _____ (Oracle Corporation) C:\Users\Wolfang & Angela\Downloads\chromeinstall-7u55.exe
2014-04-20 09:16 - 2014-04-20 09:14 - 94061993 _____ () C:\Users\Wolfang & Angela\Downloads\Wolfmaster.mp4
2014-04-20 09:03 - 2014-03-26 18:50 - 00135180 _____ () C:\Users\Wolfang & Angela\.ranktracker.properties
2014-04-20 09:03 - 2014-03-25 20:01 - 00000000 ____D () C:\Users\Wolfang & Angela
2014-04-20 03:44 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-04-20 03:16 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-04-18 15:01 - 2014-04-18 15:01 - 00237336 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2014-04-16 23:01 - 2014-04-16 23:01 - 01908225 _____ () C:\Users\Wolfang & Angela\Downloads\VirtualDub-1.10.4.zip
2014-04-16 22:51 - 2014-04-16 22:51 - 00001330 _____ () C:\Users\Public\Desktop\Acrok HD Video Converter.lnk
2014-04-16 22:51 - 2014-04-16 22:51 - 00000000 ____D () C:\Users\Wolfang & Angela\AppData\Roaming\Acrok
2014-04-16 22:51 - 2014-04-16 22:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrok
2014-04-16 22:51 - 2014-04-16 22:51 - 00000000 ____D () C:\Program Files (x86)\Acrok
2014-04-16 22:47 - 2014-04-16 22:46 - 34248850 _____ (Acrok Studio. ) C:\Users\Wolfang & Angela\Downloads\hdvideoconverter_setup.exe
2014-04-16 22:40 - 2014-03-26 00:58 - 00000000 ____D () C:\Users\Wolfang & Angela\AppData\Local\LooksBuilder
2014-04-15 16:50 - 2014-04-15 14:34 - 00000456 _____ () C:\Users\Wolfang & Angela\Downloads\Italien Paramotor 2014_Robert (1).zip
2014-04-15 08:05 - 2014-04-15 07:43 - 1150995817 _____ () C:\Users\Wolfang & Angela\Downloads\Italien Paramotor 2014_Robert.zip
2014-04-15 03:01 - 2014-03-26 17:04 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-15 03:00 - 2014-03-26 17:04 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-14 20:13 - 2014-04-20 18:35 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-04-14 20:05 - 2014-04-20 18:35 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-04-14 20:05 - 2014-04-20 18:35 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-04-14 20:04 - 2014-04-20 18:35 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-04-14 16:45 - 2014-04-14 16:13 - 00000000 ____D () C:\Users\Wolfang & Angela\Desktop\Rudi USB
2014-04-14 15:15 - 2014-04-14 15:15 - 00000000 ____D () C:\Users\Wolfang & Angela\AppData\Local\ChanSort
2014-04-14 15:13 - 2014-04-14 15:13 - 00000000 ____D () C:\Users\Wolfang & Angela\Downloads\ChanSort_2014-01-27
2014-04-14 15:13 - 2014-04-14 15:12 - 11266331 _____ () C:\Users\Wolfang & Angela\Downloads\ChanSort_2014-01-27.zip

Some content of TEMP:
====================
C:\Users\Wolfang & Angela\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpcsoxo0.dll
C:\Users\Wolfang & Angela\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpxwxqvu.dll
C:\Users\Wolfang & Angela\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-29 22:06

==================== End Of Log ============================
         
--- --- ---





Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-05-2014
Ran by Wolfang & Angela at 2014-05-07 09:04:54
Running from C:\Users\Wolfang & Angela\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: AVG AntiVirus Free Edition 2014 (Disabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Disabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

==================== Installed Programs ======================

3clickBudget 1.4.2 (HKLM-x32\...\{EFEE0F81-C8FF-4197-9BA5-53A0E95129C0}) (Version: 1.4.2 - biu software)
A1-Faktura 1.429 (HKLM-x32\...\A1-Faktura_is1) (Version:  - A1-Faktura)
Acrok HD Video Converter Ver 2.2.9.383 (HKLM-x32\...\{C5338CAA-5760-4A1C-9E8D-DA4D63085177}_is1) (Version:  - )
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4570 - AVG Technologies)
AVG 2014 (Version: 14.0.3931 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4570 - AVG Technologies) Hidden
Biller (HKLM\...\Biller) (Version: 1.49 - )
Bing Bar (HKLM-x32\...\{08234a0d-cf39-4dca-99f0-0c5cb496da81}) (Version: 6.3.2291.0 - Microsoft Corporation)
Bing Bar Platform (x32 Version: 6.3.2291.0 - Microsoft Corporation) Hidden
CorelDRAW Graphics Suite X3 (HKLM-x32\...\{7C5123A9-30A8-4C44-89CA-A8C87A1FCC91}) (Version: 13.0 - Corel Corporation)
Creative Pack Volume 1 (HKLM-x32\...\{05181A78-3BA6-4B63-BCE8-888A4BCAACFA}) (Version: 3.0.0 - Avid Technology, Inc.)
DE (x32 Version: 13.0 - Corel Corporation) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 2.7.54 - Dropbox, Inc.)
Filmmaker's Toolkit for Studio (HKLM-x32\...\InstallShield_{4CF172C5-F121-41FA-B0B0-0D49840BF003}) (Version: 1.00.0000 - Red Giant)
Filmmaker's Toolkit for Studio (x32 Version: 1.00.0000 - Red Giant) Hidden
FontNav (x32 Version: 5.0 - Corel Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.131 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
Hollywood FX Volumes 1-3 (HKLM-x32\...\{E3D181F8-246B-497F-945E-6DB98CBA6677}) (Version: 2.0.0 - Avid Technology, Inc.)
HP Officejet 7500 E910 - Grundlegende Software für das Gerät (HKLM\...\{6B3982D8-8E88-4A42-B1C4-66B4E9B34CFB}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet 7500 E910 Hilfe (HKLM-x32\...\{24DC9885-E759-4BD2-8A20-D4AC509A7FDE}) (Version: 140.0.93.93 - Hewlett Packard)
HP Update (HKLM-x32\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 32 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216032FF}) (Version: 6.0.320 - Oracle)
LBG - System (HKLM-x32\...\LBG - System2011.04.11) (Version: 2011.04.11 - LBG - Computerdienst GesmbH)
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Marketsplash Schnellzugriffe (HKLM-x32\...\{7A108EBC-C9DF-4E14-93A8-42CF316F1ECF}) (Version: 1.0.1.7 - Hewlett-Packard)
MaxPunkte Ver. 6.5.x (HKLM-x32\...\MaxPunkte_is1) (Version:  - )
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Default Manager (x32 Version: 2.2.114.0 - Microsoft Corporation) Hidden
Microsoft Office XP Professional mit FrontPage (HKLM-x32\...\{90280407-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2701.01 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{2C303EE0-A595-3543-A71A-931C7AC40EDE}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Search Enhancement Pack (x32 Version: 3.0.131.0 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.50401.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Motion Graphics Toolkit for Studio (HKLM-x32\...\InstallShield_{178D71F4-DFB1-40EC-9D95-326FD8A3E7A0}) (Version: 1.00.0000 - Red Giant)
Motion Graphics Toolkit for Studio (x32 Version: 1.00.0000 - Red Giant) Hidden
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 24.5.0 - Mozilla)
Mozilla Thunderbird 24.5.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 24.5.0 (x86 de)) (Version: 24.5.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA 3D Vision Controller-Treiber 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 320.49 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 320.63 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 320.63 - NVIDIA Corporation)
NVIDIA Grafiktreiber 320.63 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 320.63 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.24.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.24.2 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.124.810 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.0604 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0604 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2063 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 320.63 (Version: 320.63 - NVIDIA Corporation) Hidden
NVIDIA Update 4.11.9 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 4.11.9 - NVIDIA Corporation)
NVIDIA Update Components (Version: 4.11.9 - NVIDIA Corporation) Hidden
PCIe to Peripheral Adaptor (HKLM\...\ASIX Electronics Corporation) (Version:  - )
PDF24 Creator 6.3.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Pinnacle Studio 16 - Install Manager (HKLM-x32\...\{F1886CD7-9F73-417A-92E9-7E0AB0F0E099}) (Version: 16.0.75 - Avid Technology, Inc.)
Pinnacle Studio 16 - Standard Content Pack (HKLM-x32\...\{7D0F4ACC-698A-41B9-B1E2-17594988FBEF}) (Version: 16.0.0 - Avid Technology, Inc.)
Pinnacle Studio 16 (HKLM-x32\...\{284BFDBC-DAC6-43EC-85A8-E1CEC0D3A114}) (Version: 16.1.0.115 - Corel Corporation)
Pinnacle Video Treiber (HKLM\...\{6DE721A5-5E89-4D74-994C-652BB3C0672E}) (Version: 12.1.0.030 - Pinnacle Systems)
Premium Pack Volumes 1-2 (HKLM-x32\...\{88C4D8A6-9954-46A0-965D-92E55DAB8734}) (Version: 2.0.0 - Avid Technology, Inc.)
Pro Cycling Manager 2013 (HKLM-x32\...\Steam App 219800) (Version:  - Cyanide)
Rank Tracker (HKLM-x32\...\seopowersuite) (Version:  - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.72.410.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7037 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
rolX Flight-Log III (HKLM-x32\...\rolX Flight-Log_is1) (Version:  - rolX)
ScoreFitter Volumes 1-2 (HKLM-x32\...\{0FDA9ECA-6DA3-480E-B7A9-76F353AF6B6C}) (Version: 2.0.0 - Avid Technology, Inc.)
Securita Scout (HKLM-x32\...\Securita Scout) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Studie zur Verbesserung von HP Officejet 7500 E910 Produkten (HKLM\...\{DD52EE0D-3F63-4203-8AC3-7804D32B44EA}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
Super-Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.020 - MSI)
SyncBackFree (HKLM-x32\...\SyncBackFree_is1) (Version: 6.5.30.0 - 2BrightSparks)
Title Extreme (HKLM-x32\...\{F7214014-27EE-4237-9978-2F9D1551559B}) (Version: 2.0.0 - Avid Technology, Inc.)
TP-LINK TL-WN725N_TL-WN723N Treiber (HKLM-x32\...\{3C3F9CEB-2C5A-4A47-8EAA-DA76037546BA}) (Version: 1.3.1 - TP-LINK)
TP-LINK-Konfigurationstool (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK)
Update Manager (x32 Version: 4.60 - Corel Corporation) Hidden
VBA (x32 Version: 6.2 - Corel Corporation) Hidden
VGA Boost (HKLM-x32\...\{809ACFAE-9A4D-4C60-9223-D8B615CD8CBA}}_is1) (Version: 1.0.0.7 - MSI)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.0.7 (HKLM\...\VLC media player) (Version: 2.0.7 - VideoLAN)

==================== Restore Points  =========================

02-03-2014 18:00:42 Windows-Sicherung
02-03-2014 19:38:40 1: 1717 2: Marketsplash Schnellzugriffe 
02-03-2014 19:40:52 Removed Naviextras Toolbox Prerequesities
09-03-2014 18:00:42 Windows-Sicherung
14-03-2014 02:00:20 Windows Update
16-03-2014 18:00:41 Windows-Sicherung
20-04-2014 01:00:10 Windows Update
20-04-2014 16:34:39 Installed Java 7 Update 55
26-04-2014 17:44:35 Windows Update
02-05-2014 07:56:59 ComboFix created restore point
07-05-2014 06:47:00 Revo Uninstaller's restore point - Google Chrome

==================== Hosts content: ==========================

2009-07-14 04:34 - 2014-05-02 10:08 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {3F3F7C7A-A1B1-4FE5-A8C2-AA7584330794} - System32\Tasks\2BrightSparks\SyncBackFree\PC_Weingut-Wolfang & Angela\Betrieb Win7 => C:\Program Files (x86)\2BrightSparks\SyncBackFree\SyncBackFree.exe [2014-02-24] (2BrightSparks Pte Ltd)
Task: {593A7E92-9CAF-47B9-8E2C-F46D552CB24C} - System32\Tasks\HPCustParticipation HP Officejet 7500 E910 => C:\Program Files\HP\HP Officejet 7500 E910\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {998F0216-4E41-4366-BBBD-AF9D06F4E37D} - System32\Tasks\2BrightSparks\SyncBackFree\PC_Weingut-Wolfang & Angela\Betrieb Datenstation => C:\Program Files (x86)\2BrightSparks\SyncBackFree\SyncBackFree.exe [2014-02-24] (2BrightSparks Pte Ltd)
Task: {9FEFF734-6D1F-48C0-A127-6C434AA24FCC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-25] (Google Inc.)
Task: {A8FC8B6E-C4C1-4EC9-8C9C-C4B5E93C8C07} - System32\Tasks\2BrightSparks\SyncBackFree\PC_Weingut-Wolfang & Angela\E DDropbox => C:\Program Files (x86)\2BrightSparks\SyncBackFree\SyncBackFree.exe [2014-02-24] (2BrightSparks Pte Ltd)
Task: {BE18B992-2525-48EF-88AF-BF4342AC4F47} - System32\Tasks\2BrightSparks\SyncBackFree\PC_Weingut-Wolfang & Angela\SyncBackFree Video => C:\Program Files (x86)\2BrightSparks\SyncBackFree\SyncBackFree.exe [2014-02-24] (2BrightSparks Pte Ltd)
Task: {D7C8DE13-2C74-42A6-8D0E-A79633C26B48} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-25] (Google Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-03-25 20:10 - 2013-07-10 14:05 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-05-04 21:07 - 2014-05-04 21:07 - 00043008 _____ () C:\Users\Wolfang & Angela\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpcsoxo0.dll
2013-08-23 21:01 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\Wolfang & Angela\AppData\Roaming\Dropbox\bin\libcef.dll
2014-04-30 00:26 - 2014-04-30 00:26 - 03019888 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2014-04-30 00:26 - 2014-04-30 00:26 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2014-04-30 00:26 - 2014-04-30 00:26 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
2012-11-28 15:01 - 2012-11-28 15:01 - 00440184 _____ () C:\Program Files (x86)\Pinnacle\Studio 16\programs\FastResize2.dll
2013-03-06 19:05 - 2013-03-06 19:05 - 00135496 _____ () C:\Program Files (x86)\Pinnacle\Studio 16\programs\S_VFParamWrapper.dll
2013-03-06 18:57 - 2013-03-06 18:57 - 00315208 _____ () C:\Program Files (x86)\Pinnacle\Studio 16\programs\DSAudioExtract.dll
2013-03-06 18:57 - 2013-03-06 18:57 - 00019272 _____ () C:\Program Files (x86)\Pinnacle\Studio 16\programs\avi_fp.fio
2013-03-06 18:57 - 2013-03-06 18:57 - 00015176 _____ () C:\Program Files (x86)\Pinnacle\Studio 16\programs\bsi_fp.fio
2013-03-06 18:57 - 2013-03-06 18:57 - 00152392 _____ () C:\Program Files (x86)\Pinnacle\Studio 16\programs\CDC2_fp.fio
2010-06-14 17:51 - 2010-06-14 17:51 - 01154896 _____ () C:\Program Files (x86)\Pinnacle\Studio 16\programs\DialogsU.dll
2010-06-14 17:51 - 2010-06-14 17:51 - 00039760 _____ () C:\Program Files (x86)\Pinnacle\Studio 16\programs\GlobalCmdLayerU.dll
2013-03-06 18:57 - 2013-03-06 18:57 - 00014152 _____ () C:\Program Files (x86)\Pinnacle\Studio 16\programs\fioshare.fio
2013-03-06 18:57 - 2013-03-06 18:57 - 00191816 _____ () C:\Program Files (x86)\Pinnacle\Studio 16\programs\pcleimport_fp.fio
2013-02-18 17:55 - 2013-02-18 17:55 - 01609008 _____ () C:\Program Files (x86)\Pinnacle\Studio 16\programs\Avid.CDC2\vorbis_decoder.dll
2012-11-29 09:27 - 2012-11-29 09:27 - 00018296 _____ () C:\Program Files (x86)\Pinnacle\Studio 16\programs\Avid.CDC2\CSCUtil.dll
2012-03-06 17:09 - 2012-03-06 17:09 - 00021328 _____ () C:\Program Files (x86)\Pinnacle\Studio 16\programs\Avid.CDC2\AudioEncoderMgr.dll
2012-03-06 17:09 - 2012-03-06 17:09 - 00096080 _____ () C:\Program Files (x86)\Pinnacle\Studio 16\programs\Avid.CDC2\mpaencoder.dll
2013-03-06 18:57 - 2013-03-06 18:57 - 00049480 _____ () C:\Program Files (x86)\Pinnacle\Studio 16\programs\DSDVCODEC.dll
2013-03-06 18:57 - 2013-03-06 18:57 - 00115016 _____ () C:\Program Files (x86)\Pinnacle\Studio 16\programs\mpgcodec.CDC
2012-06-23 12:15 - 2012-06-23 12:15 - 00382464 _____ () C:\Program Files (x86)\Pinnacle\Studio 16\programs\PCLE.RAPID\pcledial.dll
2007-11-22 18:21 - 2007-11-22 18:21 - 00195856 _____ () C:\Program Files (x86)\Pinnacle\Studio 16\programs\aac.dll
2013-03-06 18:57 - 2013-03-06 18:57 - 00015688 _____ () C:\Program Files (x86)\Pinnacle\Studio 16\programs\mmtimer.irq
2013-03-06 18:35 - 2013-03-06 18:35 - 00016384 _____ () C:\Program Files (x86)\Pinnacle\Studio 16\programs\VFRT.ISR
2010-06-14 17:51 - 2010-06-14 17:51 - 01154896 _____ () C:\Program Files (x86)\Pinnacle\Studio 16\programs\DIALOGSU.dll
2014-05-07 08:57 - 2014-05-07 08:57 - 00029696 _____ () C:\Users\Wolfang & Angela\AppData\Local\Temp\nsi6904.tmp\registry.dll
2014-05-07 08:57 - 2014-05-07 08:57 - 00008704 _____ () C:\Users\Wolfang & Angela\AppData\Local\Temp\nsi6904.tmp\newadvsplash.dll
2014-05-07 08:57 - 2014-05-07 08:57 - 00011264 _____ () C:\Users\Wolfang & Angela\AppData\Local\Temp\nsi6904.tmp\System.dll
2011-03-18 19:53 - 2011-03-18 19:53 - 01874904 _____ () E:\Programme\FirefoxPortable\App\firefox\mozjs.dll
2014-03-26 11:33 - 2011-08-24 19:04 - 00602112 _____ () E:\Programme\FirefoxPortable\Data\profile\extensions\gipsy@pgweb.cz\platform\WINNT_x86-msvc\components\gipsy.dll
2014-05-07 08:59 - 2014-04-24 02:33 - 00065352 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\chrome_elf.dll
2014-05-07 08:59 - 2014-04-24 02:33 - 00674632 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\libglesv2.dll
2014-05-07 08:59 - 2014-04-24 02:33 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\libegl.dll
2014-05-07 08:59 - 2014-04-24 02:33 - 04081480 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\pdf.dll
2014-05-07 08:59 - 2014-04-24 02:33 - 00390472 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ppGoogleNaClPluginChrome.dll
2014-05-07 08:59 - 2014-04-24 02:33 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.131\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Videocontroller für Multimedia
Description: Videocontroller für Multimedia
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Multimediacontroller
Description: Multimediacontroller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Multimediacontroller
Description: Multimediacontroller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Multimediacontroller
Description: Multimediacontroller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/06/2014 02:32:47 PM) (Source: Application Hang) (User: )
Description: Programm CORELDRW.EXE, Version 13.0.0.576 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: df4

Startzeit: 01cf69269105beb9

Endzeit: 10

Anwendungspfad: C:\Program Files (x86)\Corel\CorelDRAW Graphics Suite 13\PROGRAMS\CORELDRW.EXE

Berichts-ID: 85e564b9-d51a-11e3-a1d2-448a5b2ac794

Error: (05/06/2014 02:27:35 PM) (Source: Application Hang) (User: )
Description: Programm CORELDRW.EXE, Version 13.0.0.576 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1ae4

Startzeit: 01cf69234d8b1ea9

Endzeit: 13

Anwendungspfad: C:\Program Files (x86)\Corel\CorelDRAW Graphics Suite 13\PROGRAMS\CORELDRW.EXE

Berichts-ID: cb1e9dca-d519-11e3-a1d2-448a5b2ac794

Error: (05/04/2014 09:32:22 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 1.0.0.500, Zeitstempel: 0x533d8de2
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e
Ausnahmecode: 0x40000015
Fehleroffset: 0x0008d6fd
ID des fehlerhaften Prozesses: 0xc78
Startzeit der fehlerhaften Anwendung: 0xmbam.exe0
Pfad der fehlerhaften Anwendung: mbam.exe1
Pfad des fehlerhaften Moduls: mbam.exe2
Berichtskennung: mbam.exe3

Error: (05/04/2014 09:30:01 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 1.0.0.500, Zeitstempel: 0x533d8de2
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e
Ausnahmecode: 0x40000015
Fehleroffset: 0x0008d6fd
ID des fehlerhaften Prozesses: 0x1430
Startzeit der fehlerhaften Anwendung: 0xmbam.exe0
Pfad der fehlerhaften Anwendung: mbam.exe1
Pfad des fehlerhaften Moduls: mbam.exe2
Berichtskennung: mbam.exe3

Error: (05/04/2014 09:29:40 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 1.0.0.500, Zeitstempel: 0x533d8de2
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e
Ausnahmecode: 0x40000015
Fehleroffset: 0x0008d6fd
ID des fehlerhaften Prozesses: 0xd44
Startzeit der fehlerhaften Anwendung: 0xmbam.exe0
Pfad der fehlerhaften Anwendung: mbam.exe1
Pfad des fehlerhaften Moduls: mbam.exe2
Berichtskennung: mbam.exe3

Error: (05/04/2014 09:29:03 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 1.0.0.500, Zeitstempel: 0x533d8de2
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e
Ausnahmecode: 0x40000015
Fehleroffset: 0x0008d6fd
ID des fehlerhaften Prozesses: 0xbc0
Startzeit der fehlerhaften Anwendung: 0xmbam.exe0
Pfad der fehlerhaften Anwendung: mbam.exe1
Pfad des fehlerhaften Moduls: mbam.exe2
Berichtskennung: mbam.exe3


System errors:
=============
Error: (05/07/2014 08:59:08 AM) (Source: ipnathlp) (User: )
Description: 0

Error: (05/07/2014 08:58:34 AM) (Source: ipnathlp) (User: )
Description: 

Error: (05/07/2014 08:52:01 AM) (Source: ipnathlp) (User: )
Description: 0

Error: (05/07/2014 08:20:52 AM) (Source: ipnathlp) (User: )
Description: 

Error: (05/07/2014 08:08:45 AM) (Source: ipnathlp) (User: )
Description: 

Error: (05/07/2014 07:31:03 AM) (Source: ipnathlp) (User: )
Description: 

Error: (05/07/2014 07:18:56 AM) (Source: ipnathlp) (User: )
Description: 

Error: (05/07/2014 07:03:37 AM) (Source: ipnathlp) (User: )
Description: 0

Error: (05/07/2014 06:41:14 AM) (Source: ipnathlp) (User: )
Description: 

Error: (05/07/2014 06:29:07 AM) (Source: ipnathlp) (User: )
Description: 


Microsoft Office Sessions:
=========================
Error: (05/06/2014 02:32:47 PM) (Source: Application Hang)(User: )
Description: CORELDRW.EXE13.0.0.576df401cf69269105beb910C:\Program Files (x86)\Corel\CorelDRAW Graphics Suite 13\PROGRAMS\CORELDRW.EXE85e564b9-d51a-11e3-a1d2-448a5b2ac794

Error: (05/06/2014 02:27:35 PM) (Source: Application Hang)(User: )
Description: CORELDRW.EXE13.0.0.5761ae401cf69234d8b1ea913C:\Program Files (x86)\Corel\CorelDRAW Graphics Suite 13\PROGRAMS\CORELDRW.EXEcb1e9dca-d519-11e3-a1d2-448a5b2ac794

Error: (05/04/2014 09:32:22 PM) (Source: Application Error)(User: )
Description: mbam.exe1.0.0.500533d8de2MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fdc7801cf67cf5acaa10aC:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exeC:\Program Files (x86)\ Malwarebytes Anti-Malware \MSVCR100.dllcf9ce3db-d3c2-11e3-a1d2-448a5b2ac794

Error: (05/04/2014 09:30:01 PM) (Source: Application Error)(User: )
Description: mbam.exe1.0.0.500533d8de2MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd143001cf67cf35a2abe3C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exeC:\Program Files (x86)\ Malwarebytes Anti-Malware \MSVCR100.dll7bb164d9-d3c2-11e3-a1d2-448a5b2ac794

Error: (05/04/2014 09:29:40 PM) (Source: Application Error)(User: )
Description: mbam.exe1.0.0.500533d8de2MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fdd4401cf67cf26c5378bC:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exeC:\Program Files (x86)\ Malwarebytes Anti-Malware \MSVCR100.dll6f5aa4d8-d3c2-11e3-a1d2-448a5b2ac794

Error: (05/04/2014 09:29:03 PM) (Source: Application Error)(User: )
Description: mbam.exe1.0.0.500533d8de2MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fdbc001cf67cc11480d5eC:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exeC:\Program Files (x86)\ Malwarebytes Anti-Malware \MSVCR100.dll58ff33da-d3c2-11e3-a1d2-448a5b2ac794


CodeIntegrity Errors:
===================================
  Date: 2014-05-02 10:02:17.581
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-05-02 10:02:17.561
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Percentage of memory in use: 23%
Total physical RAM: 16312.05 MB
Available physical RAM: 12423.68 MB
Total Pagefile: 32622.28 MB
Available Pagefile: 27963.77 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:238.46 GB) (Free:74.11 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (IOCARD13A) (CDROM) (Total:0.21 GB) (Free:0 GB) CDFS
Drive e: (Dropbox Programme) (Fixed) (Total:465.75 GB) (Free:314.06 GB) NTFS
Drive k: (BETRIEB) (Fixed) (Total:931.28 GB) (Free:738.75 GB) FAT32
Drive l: (SICHERUNG B) (Fixed) (Total:931.28 GB) (Free:506.28 GB) FAT32
Drive m: (COMBO HDD) (Fixed) (Total:297.94 GB) (Free:43.51 GB) FAT32
Drive n: (Video ) (Fixed) (Total:1863.01 GB) (Free:619.7 GB) NTFS
Drive o: (Sicherung Video) (Fixed) (Total:1863.01 GB) (Free:408.26 GB) NTFS
Drive y: (Altes Win7 Daten) (Fixed) (Total:111.69 GB) (Free:17.63 GB) NTFS
Drive z: (Win 7 Sys Partition) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238 GB) (Disk ID: C0E4C0E4)
Partition 1: (Active) - (Size=238 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 112 GB) (Disk ID: 0C29B953)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=112 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 466 GB) (Disk ID: 05C505C5)
Partition 1: (Not Active) - (Size=466 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 2F798643)
Partition 1: (Not Active) - (Size=-198626508800) - (Type=07 NTFS)

========================================================
Disk: 4 (Size: 932 GB) (Disk ID: E8900690)
Partition 1: (Not Active) - (Size=932 GB) - (Type=0C)

========================================================
Disk: 5 (Size: 932 GB) (Disk ID: 8F988BB1)
Partition 1: (Not Active) - (Size=932 GB) - (Type=0C)

========================================================
Disk: 7 (MBR Code: Windows XP) (Size: 298 GB) (Disk ID: 0CB9C806)
Partition 1: (Not Active) - (Size=298 GB) - (Type=0C)

========================================================
Disk: 8 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 00273BB2)
Partition 1: (Not Active) - (Size=-198627557376) - (Type=07 NTFS)

==================== End Of Log ============================
         


Code:
ATTFilter
MiniToolBox by Farbar  Version: 23-01-2014
Ran by Wolfang & Angela (administrator) on 07-05-2014 at 09:11:09
Running from "C:\Users\Wolfang & Angela\Downloads"
Microsoft Windows 7 Professional  Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows-IP-Konfiguration

Der DNS-Aufl”sungscache wurde geleert.

========================= IE Proxy Settings: ============================== 

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================

127.0.0.1       localhost

========================= IP Configuration: ================================

TP-LINK Wireless USB Adapter = Drahtlosnetzwerkverbindung (Connected)
Realtek PCIe GBE Family Controller = LAN-Verbindung (Connected)


# ----------------------------------
# IPv4-Konfiguration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# Ende der IPv4-Konfiguration



Windows-IP-Konfiguration

   Hostname  . . . . . . . . . . . . : PC_Weingut
   Prim„res DNS-Suffix . . . . . . . : 
   Knotentyp . . . . . . . . . . . . : Hybrid
   IP-Routing aktiviert  . . . . . . : Nein
   WINS-Proxy aktiviert  . . . . . . : Nein
   DNS-Suffixsuchliste . . . . . . . : lan

Ethernet-Adapter LAN-Verbindung:

   Verbindungsspezifisches DNS-Suffix: lan
   Beschreibung. . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physikalische Adresse . . . . . . : 44-8A-5B-2A-C7-94
   DHCP aktiviert. . . . . . . . . . : Ja
   Autokonfiguration aktiviert . . . : Ja
   Verbindungslokale IPv6-Adresse  . : fe80::20f3:e370:913b:67b%14(Bevorzugt) 
   IPv4-Adresse  . . . . . . . . . . : 10.0.0.5(Bevorzugt) 
   Subnetzmaske  . . . . . . . . . . : 255.255.255.0
   Lease erhalten. . . . . . . . . . : Sonntag, 04. Mai 2014 21:07:16
   Lease l„uft ab. . . . . . . . . . : Mittwoch, 07. Mai 2014 23:47:15
   Standardgateway . . . . . . . . . : 10.0.0.138
   DHCP-Server . . . . . . . . . . . : 10.0.0.138
   DHCPv6-IAID . . . . . . . . . . . : 356813403
   DHCPv6-Client-DUID. . . . . . . . : 00-01-00-01-1A-C3-A0-69-C0-4A-00-16-53-06
   DNS-Server  . . . . . . . . . . . : 5.39.219.212
   NetBIOS ber TCP/IP . . . . . . . : Aktiviert

Drahtlos-LAN-Adapter Drahtlosnetzwerkverbindung:

   Verbindungsspezifisches DNS-Suffix: lan
   Beschreibung. . . . . . . . . . . : TP-LINK Wireless USB Adapter
   Physikalische Adresse . . . . . . : C0-4A-00-16-53-06
   DHCP aktiviert. . . . . . . . . . : Ja
   Autokonfiguration aktiviert . . . : Ja
   Verbindungslokale IPv6-Adresse  . : fe80::5dca:6c62:7cdf:9822%11(Bevorzugt) 
   IPv4-Adresse  . . . . . . . . . . : 10.0.0.6(Bevorzugt) 
   Subnetzmaske  . . . . . . . . . . : 255.255.255.0
   Lease erhalten. . . . . . . . . . : Sonntag, 04. Mai 2014 21:07:18
   Lease l„uft ab. . . . . . . . . . : Mittwoch, 07. Mai 2014 23:47:21
   Standardgateway . . . . . . . . . : 10.0.0.138
   DHCP-Server . . . . . . . . . . . : 10.0.0.138
   DHCPv6-IAID . . . . . . . . . . . : 247482880
   DHCPv6-Client-DUID. . . . . . . . : 00-01-00-01-1A-C3-A0-69-C0-4A-00-16-53-06
   DNS-Server  . . . . . . . . . . . : 10.0.0.138
                                       10.0.0.138
                                       213.33.99.70
   NetBIOS ber TCP/IP . . . . . . . : Aktiviert

Tunneladapter isatap.lan:

   Medienstatus. . . . . . . . . . . : Medium getrennt
   Verbindungsspezifisches DNS-Suffix: lan
   Beschreibung. . . . . . . . . . . : Microsoft-ISATAP-Adapter
   Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP aktiviert. . . . . . . . . . : Nein
   Autokonfiguration aktiviert . . . : Ja

Tunneladapter Teredo Tunneling Pseudo-Interface:

   Verbindungsspezifisches DNS-Suffix: 
   Beschreibung. . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP aktiviert. . . . . . . . . . : Nein
   Autokonfiguration aktiviert . . . : Ja
   IPv6-Adresse. . . . . . . . . . . : 2001:0:5ef5:79fb:d3:16e5:f5ff:fffa(Bevorzugt) 
   Verbindungslokale IPv6-Adresse  . : fe80::d3:16e5:f5ff:fffa%12(Bevorzugt) 
   Standardgateway . . . . . . . . . : ::
   NetBIOS ber TCP/IP . . . . . . . : Deaktiviert
Server:  UnKnown
Address:  5.39.219.212

Name:    google.com
Addresses:  2a00:1450:4001:c02::64
	  173.194.70.101
	  173.194.70.102
	  173.194.70.113
	  173.194.70.138
	  173.194.70.139
	  173.194.70.100


Ping wird ausgefhrt fr google.com [173.194.70.100] mit 32 Bytes Daten:
Antwort von 173.194.70.100: Bytes=32 Zeit=39ms TTL=49
Antwort von 173.194.70.100: Bytes=32 Zeit=39ms TTL=49

Ping-Statistik fr 173.194.70.100:
    Pakete: Gesendet = 2, Empfangen = 2, Verloren = 0
    (0% Verlust),
Ca. Zeitangaben in Millisek.:
    Minimum = 39ms, Maximum = 39ms, Mittelwert = 39ms
Server:  UnKnown
Address:  5.39.219.212

Name:    yahoo.com
Addresses:  98.139.183.24
	  206.190.36.45
	  98.138.253.109


Ping wird ausgefhrt fr yahoo.com [98.138.253.109] mit 32 Bytes Daten:
Antwort von 98.138.253.109: Bytes=32 Zeit=190ms TTL=49
Antwort von 98.138.253.109: Bytes=32 Zeit=175ms TTL=49

Ping-Statistik fr 98.138.253.109:
    Pakete: Gesendet = 2, Empfangen = 2, Verloren = 0
    (0% Verlust),
Ca. Zeitangaben in Millisek.:
    Minimum = 175ms, Maximum = 190ms, Mittelwert = 182ms

Ping wird ausgefhrt fr 127.0.0.1 mit 32 Bytes Daten:
Zeitberschreitung der Anforderung.
Zeitberschreitung der Anforderung.

Ping-Statistik fr 127.0.0.1:
    Pakete: Gesendet = 2, Empfangen = 0, Verloren = 2
    (100% Verlust),
===========================================================================
Schnittstellenliste
 14...44 8a 5b 2a c7 94 ......Realtek PCIe GBE Family Controller
 11...c0 4a 00 16 53 06 ......TP-LINK Wireless USB Adapter
  1...........................Software Loopback Interface 1
 13...00 00 00 00 00 00 00 e0 Microsoft-ISATAP-Adapter
 12...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4-Routentabelle
===========================================================================
Aktive Routen:
     Netzwerkziel    Netzwerkmaske          Gateway    Schnittstelle Metrik
          0.0.0.0          0.0.0.0       10.0.0.138         10.0.0.5     20
          0.0.0.0          0.0.0.0       10.0.0.138         10.0.0.6     25
         10.0.0.0    255.255.255.0   Auf Verbindung          10.0.0.5    276
         10.0.0.0    255.255.255.0   Auf Verbindung          10.0.0.6    281
         10.0.0.5  255.255.255.255   Auf Verbindung          10.0.0.5    276
         10.0.0.6  255.255.255.255   Auf Verbindung          10.0.0.6    281
       10.0.0.255  255.255.255.255   Auf Verbindung          10.0.0.5    276
       10.0.0.255  255.255.255.255   Auf Verbindung          10.0.0.6    281
        127.0.0.0        255.0.0.0   Auf Verbindung         127.0.0.1    306
        127.0.0.1  255.255.255.255   Auf Verbindung         127.0.0.1    306
  127.255.255.255  255.255.255.255   Auf Verbindung         127.0.0.1    306
        224.0.0.0        240.0.0.0   Auf Verbindung         127.0.0.1    306
        224.0.0.0        240.0.0.0   Auf Verbindung          10.0.0.5    276
        224.0.0.0        240.0.0.0   Auf Verbindung          10.0.0.6    281
  255.255.255.255  255.255.255.255   Auf Verbindung         127.0.0.1    306
  255.255.255.255  255.255.255.255   Auf Verbindung          10.0.0.5    276
  255.255.255.255  255.255.255.255   Auf Verbindung          10.0.0.6    281
===========================================================================
St„ndige Routen:
  Keine

IPv6-Routentabelle
===========================================================================
Aktive Routen:
 If Metrik Netzwerkziel             Gateway
 12     58 ::/0                     Auf Verbindung
  1    306 ::1/128                  Auf Verbindung
 12     58 2001::/32                Auf Verbindung
 12    306 2001:0:5ef5:79fb:d3:16e5:f5ff:fffa/128
                                    Auf Verbindung
 14    276 fe80::/64                Auf Verbindung
 11    281 fe80::/64                Auf Verbindung
 12    306 fe80::/64                Auf Verbindung
 12    306 fe80::d3:16e5:f5ff:fffa/128
                                    Auf Verbindung
 14    276 fe80::20f3:e370:913b:67b/128
                                    Auf Verbindung
 11    281 fe80::5dca:6c62:7cdf:9822/128
                                    Auf Verbindung
  1    306 ff00::/8                 Auf Verbindung
 12    306 ff00::/8                 Auf Verbindung
 14    276 ff00::/8                 Auf Verbindung
 11    281 ff00::/8                 Auf Verbindung
===========================================================================
St„ndige Routen:
  Keine
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/06/2014 02:32:47 PM) (Source: Application Hang) (User: )
Description: Programm CORELDRW.EXE, Version 13.0.0.576 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: df4

Startzeit: 01cf69269105beb9

Endzeit: 10

Anwendungspfad: C:\Program Files (x86)\Corel\CorelDRAW Graphics Suite 13\PROGRAMS\CORELDRW.EXE

Berichts-ID: 85e564b9-d51a-11e3-a1d2-448a5b2ac794

Error: (05/06/2014 02:27:35 PM) (Source: Application Hang) (User: )
Description: Programm CORELDRW.EXE, Version 13.0.0.576 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1ae4

Startzeit: 01cf69234d8b1ea9

Endzeit: 13

Anwendungspfad: C:\Program Files (x86)\Corel\CorelDRAW Graphics Suite 13\PROGRAMS\CORELDRW.EXE

Berichts-ID: cb1e9dca-d519-11e3-a1d2-448a5b2ac794

Error: (05/04/2014 09:32:22 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 1.0.0.500, Zeitstempel: 0x533d8de2
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e
Ausnahmecode: 0x40000015
Fehleroffset: 0x0008d6fd
ID des fehlerhaften Prozesses: 0xc78
Startzeit der fehlerhaften Anwendung: 0xmbam.exe0
Pfad der fehlerhaften Anwendung: mbam.exe1
Pfad des fehlerhaften Moduls: mbam.exe2
Berichtskennung: mbam.exe3

Error: (05/04/2014 09:30:01 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 1.0.0.500, Zeitstempel: 0x533d8de2
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e
Ausnahmecode: 0x40000015
Fehleroffset: 0x0008d6fd
ID des fehlerhaften Prozesses: 0x1430
Startzeit der fehlerhaften Anwendung: 0xmbam.exe0
Pfad der fehlerhaften Anwendung: mbam.exe1
Pfad des fehlerhaften Moduls: mbam.exe2
Berichtskennung: mbam.exe3

Error: (05/04/2014 09:29:40 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 1.0.0.500, Zeitstempel: 0x533d8de2
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e
Ausnahmecode: 0x40000015
Fehleroffset: 0x0008d6fd
ID des fehlerhaften Prozesses: 0xd44
Startzeit der fehlerhaften Anwendung: 0xmbam.exe0
Pfad der fehlerhaften Anwendung: mbam.exe1
Pfad des fehlerhaften Moduls: mbam.exe2
Berichtskennung: mbam.exe3

Error: (05/04/2014 09:29:03 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 1.0.0.500, Zeitstempel: 0x533d8de2
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e
Ausnahmecode: 0x40000015
Fehleroffset: 0x0008d6fd
ID des fehlerhaften Prozesses: 0xbc0
Startzeit der fehlerhaften Anwendung: 0xmbam.exe0
Pfad der fehlerhaften Anwendung: mbam.exe1
Pfad des fehlerhaften Moduls: mbam.exe2
Berichtskennung: mbam.exe3


System errors:
=============
Error: (05/07/2014 09:10:41 AM) (Source: ipnathlp) (User: )
Description: 

Error: (05/07/2014 08:59:08 AM) (Source: ipnathlp) (User: )
Description: 0

Error: (05/07/2014 08:58:34 AM) (Source: ipnathlp) (User: )
Description: 

Error: (05/07/2014 08:52:01 AM) (Source: ipnathlp) (User: )
Description: 0

Error: (05/07/2014 08:20:52 AM) (Source: ipnathlp) (User: )
Description: 

Error: (05/07/2014 08:08:45 AM) (Source: ipnathlp) (User: )
Description: 

Error: (05/07/2014 07:31:03 AM) (Source: ipnathlp) (User: )
Description: 

Error: (05/07/2014 07:18:56 AM) (Source: ipnathlp) (User: )
Description: 

Error: (05/07/2014 07:03:37 AM) (Source: ipnathlp) (User: )
Description: 0

Error: (05/07/2014 06:41:14 AM) (Source: ipnathlp) (User: )
Description: 


Microsoft Office Sessions:
=========================
Error: (05/06/2014 02:32:47 PM) (Source: Application Hang)(User: )
Description: CORELDRW.EXE13.0.0.576df401cf69269105beb910C:\Program Files (x86)\Corel\CorelDRAW Graphics Suite 13\PROGRAMS\CORELDRW.EXE85e564b9-d51a-11e3-a1d2-448a5b2ac794

Error: (05/06/2014 02:27:35 PM) (Source: Application Hang)(User: )
Description: CORELDRW.EXE13.0.0.5761ae401cf69234d8b1ea913C:\Program Files (x86)\Corel\CorelDRAW Graphics Suite 13\PROGRAMS\CORELDRW.EXEcb1e9dca-d519-11e3-a1d2-448a5b2ac794

Error: (05/04/2014 09:32:22 PM) (Source: Application Error)(User: )
Description: mbam.exe1.0.0.500533d8de2MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fdc7801cf67cf5acaa10aC:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exeC:\Program Files (x86)\ Malwarebytes Anti-Malware \MSVCR100.dllcf9ce3db-d3c2-11e3-a1d2-448a5b2ac794

Error: (05/04/2014 09:30:01 PM) (Source: Application Error)(User: )
Description: mbam.exe1.0.0.500533d8de2MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd143001cf67cf35a2abe3C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exeC:\Program Files (x86)\ Malwarebytes Anti-Malware \MSVCR100.dll7bb164d9-d3c2-11e3-a1d2-448a5b2ac794

Error: (05/04/2014 09:29:40 PM) (Source: Application Error)(User: )
Description: mbam.exe1.0.0.500533d8de2MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fdd4401cf67cf26c5378bC:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exeC:\Program Files (x86)\ Malwarebytes Anti-Malware \MSVCR100.dll6f5aa4d8-d3c2-11e3-a1d2-448a5b2ac794

Error: (05/04/2014 09:29:03 PM) (Source: Application Error)(User: )
Description: mbam.exe1.0.0.500533d8de2MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fdbc001cf67cc11480d5eC:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exeC:\Program Files (x86)\ Malwarebytes Anti-Malware \MSVCR100.dll58ff33da-d3c2-11e3-a1d2-448a5b2ac794


CodeIntegrity Errors:
===================================
  Date: 2014-05-02 10:02:17.581
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-05-02 10:02:17.561
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume1\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


=========================== Installed Programs ============================

3clickBudget 1.4.2 (Version: 1.4.2)
A1-Faktura 1.429
Acrok HD Video Converter Ver 2.2.9.383
Adobe Reader XI (11.0.06) - Deutsch (Version: 11.0.06)
AVG 2014 (Version: 14.0.3931)
AVG 2014 (Version: 14.0.4570)
AVG 2014 (Version: 2014.0.4570)
Biller (Version: 1.49)
Bing Bar (Version: 6.3.2291.0)
Bing Bar Platform (Version: 6.3.2291.0)
CorelDRAW Graphics Suite X3 (Version: 13.0)
Creative Pack Volume 1 (Version: 3.0.0)
DE (Version: 13.0)
Dropbox (Version: 2.7.54)
Filmmaker's Toolkit for Studio (Version: 1.00.0000)
FontNav (Version: 5.0)
Google Chrome (Version: 34.0.1847.131)
Google Earth (Version: 7.1.2.2041)
Google Update Helper (Version: 1.3.23.9)
Hollywood FX Volumes 1-3 (Version: 2.0.0)
HP Officejet 7500 E910 - Grundlegende Software für das Gerät (Version: 28.0.1315.0)
HP Officejet 7500 E910 Hilfe (Version: 140.0.93.93)
HP Update (Version: 5.003.003.001)
I.R.I.S. OCR (Version: 12.3.4.0)
Intel(R) USB 3.0 eXtensible Host Controller Driver (Version: 2.5.0.19)
Java 7 Update 55 (Version: 7.0.550)
Java Auto Updater (Version: 2.1.9.8)
Java(TM) 6 Update 32 (Version: 6.0.320)
LBG - System (Version: 2011.04.11)
Malwarebytes Anti-Malware Version 2.0.1.1004 (Version: 2.0.1.1004)
Marketsplash Schnellzugriffe (Version: 1.0.1.7)
MaxPunkte Ver. 6.5.x
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938)
Microsoft Default Manager (Version: 2.2.114.0)
Microsoft Office XP Professional mit FrontPage (Version: 10.0.2701.01)
Microsoft Primary Interoperability Assemblies 2005 (Version: 9.0.21022)
Microsoft Search Enhancement Pack (Version: 3.0.131.0)
Microsoft Silverlight (Version: 4.0.50401.0)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Motion Graphics Toolkit for Studio (Version: 1.00.0000)
Mozilla Maintenance Service (Version: 24.5.0)
Mozilla Thunderbird 24.5.0 (x86 de) (Version: 24.5.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NVIDIA 3D Vision Controller-Treiber 320.49 (Version: 320.49)
NVIDIA 3D Vision Treiber 320.63 (Version: 320.63)
NVIDIA Grafiktreiber 320.63 (Version: 320.63)
NVIDIA HD-Audiotreiber 1.3.24.2 (Version: 1.3.24.2)
NVIDIA Install Application (Version: 2.1002.124.810)
NVIDIA PhysX (Version: 9.13.0604)
NVIDIA PhysX-Systemsoftware 9.13.0604 (Version: 9.13.0604)
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.2063)
NVIDIA Systemsteuerung 320.63 (Version: 320.63)
NVIDIA Update 4.11.9 (Version: 4.11.9)
NVIDIA Update Components (Version: 4.11.9)
PCIe to Peripheral Adaptor
PDF24 Creator 6.3.2
Pinnacle Studio 16 - Install Manager (Version: 16.0.75)
Pinnacle Studio 16 - Standard Content Pack (Version: 16.0.0)
Pinnacle Studio 16 (Version: 16.1.0.115)
Pinnacle Video Treiber (Version: 12.1.0.030)
Premium Pack Volumes 1-2 (Version: 2.0.0)
Pro Cycling Manager 2013
Rank Tracker
Realtek Ethernet Controller Driver (Version: 7.72.410.2013)
Realtek High Definition Audio Driver (Version: 6.0.1.7037)
Revo Uninstaller 1.95 (Version: 1.95)
rolX Flight-Log III
ScoreFitter Volumes 1-2 (Version: 2.0.0)
Securita Scout
Steam
Studie zur Verbesserung von HP Officejet 7500 E910 Produkten (Version: 28.0.1315.0)
Super-Charger (Version: 1.2.020)
SyncBackFree (Version: 6.5.30.0)
Title Extreme (Version: 2.0.0)
TP-LINK TL-WN725N_TL-WN723N Treiber (Version: 1.3.1)
TP-LINK-Konfigurationstool (Version: 1.3.1)
Update Manager (Version: 4.60)
VBA (Version: 6.2)
VGA Boost (Version: 1.0.0.7)
Visual Studio 2012 x64 Redistributables (Version: 14.0.0.1)
Visual Studio 2012 x86 Redistributables (Version: 14.0.0.1)
VLC media player 2.0.7 (Version: 2.0.7)

========================= Memory info: ===================================

Percentage of memory in use: 22%
Total physical RAM: 16312.05 MB
Available physical RAM: 12660.29 MB
Total Pagefile: 32622.28 MB
Available Pagefile: 28348.44 MB
Total Virtual: 4095.88 MB
Available Virtual: 3966.4 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:238.46 GB) (Free:74.1 GB) NTFS
2 Drive d: (IOCARD13A) (CDROM) (Total:0.21 GB) (Free:0 GB) CDFS
3 Drive e: (Dropbox Programme) (Fixed) (Total:465.75 GB) (Free:314.06 GB) NTFS
6 Drive k: (BETRIEB) (Fixed) (Total:931.28 GB) (Free:738.75 GB) FAT32
7 Drive l: (SICHERUNG B) (Fixed) (Total:931.28 GB) (Free:506.28 GB) FAT32
8 Drive m: (COMBO HDD) (Fixed) (Total:297.94 GB) (Free:43.51 GB) FAT32
9 Drive n: (Video ) (Fixed) (Total:1863.01 GB) (Free:619.7 GB) NTFS
10 Drive o: (Sicherung Video) (Fixed) (Total:1863.01 GB) (Free:408.26 GB) NTFS
11 Drive y: (Altes Win7 Daten) (Fixed) (Total:111.69 GB) (Free:17.63 GB) NTFS
12 Drive z: (Win 7 Sys Partition) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS

========================= Users: ========================================

Benutzerkonten fr \\PC_WEINGUT

Administrator            Gast                     UpdatusUser              
Wolfang & Angela         
Der Befehl wurde erfolgreich ausgefhrt.

========================= Minidump Files ==================================

No minidump file found


**** End of log ****
         


Danke Wolfgang

Alt 07.05.2014, 19:23   #14
schrauber
/// the machine
/// TB-Ausbilder
 

Trojaner der Websites von Antivirussoftware blockiert - Standard

Trojaner der Websites von Antivirussoftware blockiert



Noch Probleme? Wenn ja:

Ändern der TCP/IP-Einstellungen - Hilfe zu Microsoft*Windows

DNS Einstellungen checken, ob der Haken bei automatisch ist. Laut Log gehst du über eine Adresse in Holland.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 07.05.2014, 21:48   #15
profrolfwolf
 
Trojaner der Websites von Antivirussoftware blockiert - Standard

Trojaner der Websites von Antivirussoftware blockiert



Hallo

Erstmal vielen Dank, für die absolut tolle und professionelle Hilfe.

Soweit sind noch keine Probleme aufgetaucht.


Allerdings funktionierte zwischenzeitlich nach diesen ganzen Scans mein Plug & Play nicht, so können z.b. USB oder Speicherkarten nicht erkannt werden.

Warum auch immer, jetzt gehts wieder.

Also nochmals recht herzlichen Dank.
Wolfgnag

Sorry, aber es ist doch noch nicht erledigt.

Der Internetbanking Virus ist immer noch da, so das die gefäschte Seite aufgerufen wird, bei der man aufgefordert wirdn den TAN einzugeben.

Die Antivirus Software Webseiten sind ebenfalls noch nicht erreichbar.


Mfg Wolfgnag

Antwort

Themen zu Trojaner der Websites von Antivirussoftware blockiert
antivirus, automatisch, avg, blockiert, down, foren, free, internetbanking, lan, namen, neu, neue, neuen, nichts, plötzlich, problem, seiten, software, suche, system, tan, trojaner, webseite, websites, wlan



Ähnliche Themen: Trojaner der Websites von Antivirussoftware blockiert


  1. Windows7: Beim herunterfahren poppen Websites auf, Avira findet Trojaner
    Log-Analyse und Auswertung - 24.07.2015 (19)
  2. avast blockiert Websites auf Win 7
    Plagegeister aller Art und deren Bekämpfung - 08.05.2015 (19)
  3. Windows 7: Möglicher Virenbefall, Rechner lange Zeit ohne Antivirussoftware benutzt
    Plagegeister aller Art und deren Bekämpfung - 07.02.2015 (9)
  4. Antivirussoftware - freeware - gesucht
    Antiviren-, Firewall- und andere Schutzprogramme - 05.01.2015 (43)
  5. Hijack / Trojaner in Firefox - Werbe-Websites werden aufgerufen
    Log-Analyse und Auswertung - 24.04.2014 (9)
  6. Antivirussoftware und Malwarebytes?
    Antiviren-, Firewall- und andere Schutzprogramme - 24.03.2013 (3)
  7. Auf welchen Websites befindet sich der GVU-Trojaner ?
    Log-Analyse und Auswertung - 07.08.2012 (1)
  8. Darstellung bei diversen Websites gestört - Trojaner?
    Plagegeister aller Art und deren Bekämpfung - 21.09.2011 (9)
  9. Avast blockiert mir bekannte ( z.b. Neckermann.de, Bild.de u.s.w ) Websites wegen ang. Malw. u. Troj
    Plagegeister aller Art und deren Bekämpfung - 13.04.2011 (5)
  10. Unbekannte Websites werden blockiert
    Log-Analyse und Auswertung - 08.04.2011 (1)
  11. Virus blockiert Microsoft update und alle Viren-WebSites
    Log-Analyse und Auswertung - 28.09.2010 (1)
  12. Falsche Antivirussoftware gefixed - prüfen ob alles bereinig ist - ask Seite öffnet sich auf browser
    Log-Analyse und Auswertung - 21.09.2010 (17)
  13. Gefakedte Virus Warnungen und lahmlegen der Antivirussoftware
    Plagegeister aller Art und deren Bekämpfung - 03.01.2010 (4)
  14. Diverse Websites nicht aufrufbar // dns trojaner ?
    Alles rund um Windows - 25.11.2009 (1)
  15. Werde dauernd zum Download von Antivirussoftware aufgefordert
    Plagegeister aller Art und deren Bekämpfung - 29.01.2008 (24)
  16. Antivirussoftware lässt sich nicht installieren
    Plagegeister aller Art und deren Bekämpfung - 12.02.2007 (10)

Zum Thema Trojaner der Websites von Antivirussoftware blockiert - Erstmal ein nettes Hallöchen Ich bin neu hier, und stehe gleich mal mit einen für mich riesigen Problem da. Folgendes ist aufgetreten, meine Frau rief Ihre Internetbanking Webseite auf, und - Trojaner der Websites von Antivirussoftware blockiert...
Archiv
Du betrachtest: Trojaner der Websites von Antivirussoftware blockiert auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.