Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Laptop ist infiziert.( Glaube ich zumindest)

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 24.05.2014, 12:30   #1
mko75b
 
Laptop ist infiziert.( Glaube ich zumindest) - Standard

Laptop ist infiziert.( Glaube ich zumindest)



Ein Hallo an alle PC- Cracks . Ich bin seit geraumer Zeit echt am verzweifeln. An meinem Laptop gehen selbständig Fenster auf. Wie zum Beispiel beim schreiben, da öffnet sich von selbst das Fenster als wenn man die rechte Maustaste drückt. Es hört von alleine auf, der Courser ist im Text auf einmal wo anders. Könnte echt kotzen. Fenster gehen von alleine auf. z. B. drucken oder auch andere Fenster hintereinander. Was kann man tun. Bin voll am verzweifeln. . Für Tipps und Hilfestellung bin ich dankbar. Und bitte in der Sprache eines Normalos. So das ich es auch verstehe. MFG Mko75b

Alt 24.05.2014, 13:39   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Laptop ist infiziert.( Glaube ich zumindest) - Standard

Laptop ist infiziert.( Glaube ich zumindest)



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 24.05.2014, 15:44   #3
mko75b
 
Laptop ist infiziert.( Glaube ich zumindest) - Standard

Laptop ist infiziert.( Glaube ich zumindest)



FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-05-2014
Ran by Marco & Allyn at 2014-05-24 15:38:42
Running from C:\Users\Marco & Allyn\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E78GCLAO
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: AVG Internet Security 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: AVG Internet Security 2014 (Enabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}

==================== Installed Programs ======================

64 Bit HP CIO Components Installer (Version: 7.2.4 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.38 - Adobe Systems Incorporated)
Ashampoo Core Tuner 2 v.2.0.1 (HKLM-x32\...\{4209F371-2541-6C11-55DB-6103A83FCB9B}_is1) (Version: 2.01 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Commander Free v.1.0.0 (HKLM-x32\...\{C92AB6F1-F748-583A-0027-34A9E0C643B4}_is1) (Version: 1.0.0 - Ashampoo GmbH & Co. KG)
Ashampoo UnInstaller 5 v.5.0.4 (HKLM-x32\...\{4209F371-ABC8-B772-DB8E-93F4772F58FA}_is1) (Version: 5.04.00 - Ashampoo GmbH & Co. KG)
Ashampoo WinOptimizer 10 v.10.3.0 (HKLM-x32\...\{4209F371-88D4-AB00-ED2B-D6520C84D9D5}_is1) (Version: 10.03.00 - Ashampoo GmbH & Co. KG)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4592 - AVG Technologies)
AVG 2014 (Version: 14.0.3950 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4592 - AVG Technologies) Hidden
AVG PC TuneUp 2014 (de-DE) (x32 Version: 14.0.1001.423 - AVG) Hidden
AVG PC TuneUp 2014 (HKLM-x32\...\AVG PC TuneUp) (Version: 14.0.1001.423 - AVG)
AVG PC TuneUp 2014 (x32 Version: 14.0.1001.423 - AVG) Hidden
B110 (x32 Version: 140.0.283.000 - Hewlett-Packard) Hidden
BEWERBUNGSMASTER (HKLM-x32\...\ST6UNST #1) (Version:  - )
Browser Utility (HKLM-x32\...\Browser Utility) (Version:  - )
BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{25881143-7B3A-46FA-B093-85C24957D08E}) (Version:  - Microsoft)
Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Driver Booster (HKLM-x32\...\Driver Booster_is1) (Version: 1.2 - IObit)
Easy Display Manager (HKLM-x32\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 3.0 - Samsung Electronics Co., Ltd.)
EasyBatteryManager (HKLM-x32\...\{178EE5F4-0F86-4BF0-A0D1-9790AFF409D1}) (Version: 4.0.0.3 - Samsung)
Free Pdf Perfect Prereq (HKLM-x32\...\{70011644-840f-4df5-9565-c61cab2b3c32}) (Version: 1.0.0.0 - Covus Freemium GmbH)
Free Pdf Perfect Prereq (x32 Version: 1.0.0.0 - Covus Freemium GmbH) Hidden
Freemium Free PDF Perfect (HKLM-x32\...\{88265079-D6F4-4292-86BE-D2053E80BFE4}) (Version: 1.0 - Freemium)
GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart Wireless B110 All-In-One Driver Software 14.0 Rel. 7 (HKLM\...\{59C83C08-63F4-4AEC-81D6-392C5E23B843}) (Version: 14.0 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{74DC0593-6BC6-4001-AD5F-D810AFB68D86}) (Version: 5.002.002.002 - Hewlett-Packard)
HPAppStudio (x32 Version: 140.0.95.000 - Hewlett-Packard) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
Intel PROSet Wireless (Version:  - ) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2622 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) 3.0 + High Speed (HKLM\...\{2C0E6BD4-65B1-4E82-B2AC-43EFFC8F100C}) (Version: 15.0.0.0059 - Intel Corporation)
Intel® PROSet/Wireless WiFi-Software (HKLM\...\{DF7756DD-656A-45C3-BA71-74673E8259A9}) (Version: 15.00.0000.0642 - Intel Corporation)
loadtbs-3.0 (HKLM-x32\...\loadtbs-3.0) (Version:  - )
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Access MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft DCF MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Default Manager (x32 Version: 2.1.54.0 - Microsoft Corporation) Hidden
Microsoft Excel MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Groove MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Lync MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Italiano (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Search Enhancement Pack (x32 Version: 2.0.269.0 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 3.0.40818.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Word MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
MSN Toolbar (HKLM-x32\...\{08234a0d-cf39-4dca-99f0-0c5cb496da81}) (Version: 4.0.0357.1 - Microsoft Corporation)
MSN Toolbar Platform (x32 Version: 4.0.0357.1 - Microsoft Corporation) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Network64 (Version: 140.0.215.000 - Hewlett-Packard) Hidden
Nitro Reader 3 (HKLM\...\{4756C731-B54E-451A-9AF1-86E8AB1BEBBB}) (Version: 3.5.6.5 - Nitro)
NVIDIA Grafiktreiber 306.97 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 306.97 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.85.551 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.10.8 (Version: 1.10.8 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 306.97 (Version: 306.97 - NVIDIA Corporation) Hidden
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.10.8 - NVIDIA Corporation) Hidden
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
PS_AIO_07_B110_SW_Min (x32 Version: 140.0.142.000 - Hewlett-Packard) Hidden
QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.44.421.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7183 - Realtek Semiconductor Corp.)
Samsung Recovery Solution 5 (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 5.0.0.9 - Samsung)
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.11.11.7 - Conduit) <==== ATTENTION
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 140.0.214.000 - Hewlett-Packard) Hidden
Status (x32 Version: 140.0.256.000 - Hewlett-Packard) Hidden
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Update for Microsoft Access 2013 (KB2760350) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{A784BEFA-1BAB-4285-9F90-7D1A40A72DF8}) (Version:  - Microsoft)
Update for Microsoft Access 2013 (KB2760350) 64-Bit Edition (HKLM\...\{90150000-0015-0407-1000-0000000FF1CE}_Office15.PROPLUS_{DC1388CF-85F3-4276-8169-87E34BC80F39}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2760339) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C5241E8F-37A5-40EC-90DD-FF1400818C4B}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2760339) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.PROPLUS_{68AA5A19-24D6-4D70-BB5B-D2E1662B3C5A}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2760339) 64-Bit Edition (HKLM\...\{90150000-0018-0407-1000-0000000FF1CE}_Office15.PROPLUS_{68AA5A19-24D6-4D70-BB5B-D2E1662B3C5A}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2760339) 64-Bit Edition (HKLM\...\{90150000-001B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{68AA5A19-24D6-4D70-BB5B-D2E1662B3C5A}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2760339) 64-Bit Edition (HKLM\...\{90150000-00C1-0407-1000-0000000FF1CE}_Office15.PROPLUS_{68AA5A19-24D6-4D70-BB5B-D2E1662B3C5A}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2768004) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D3F417A4-0DC5-489E-8196-90D9D9BC3B4B}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2768004) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D3F417A4-0DC5-489E-8196-90D9D9BC3B4B}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2768004) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{3B91A205-64CA-4394-8D93-BDEAF3583088}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{43EB1F58-DAA0-4F61-A4EE-C5651F85A047}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{43EB1F58-DAA0-4F61-A4EE-C5651F85A047}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726961) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F0316FE0-38FC-4F3E-81FA-8B51BB649901}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{76CACE05-7A19-4EAC-87D7-5BFF63AF7CDF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{76CACE05-7A19-4EAC-87D7-5BFF63AF7CDF}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition (HKLM\...\{90150000-00C1-0407-1000-0000000FF1CE}_Office15.PROPLUS_{79469196-F138-4CF0-8681-F1889D53B56B}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2737954) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUS_{07CA3FA9-FF78-4FF9-96FF-CDCC4CE18196}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2752025) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{068372FB-7EAF-463F-8074-77AB35BB13E6}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2752094) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{E911A320-7B4A-4383-82D2-007375B27EC2}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2752101) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8449754F-577E-4EC3-B9D4-108395B1680E}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760224) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{3FF4EA9F-3505-4726-A974-6593A968FFCC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760343) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{6215502A-6412-47AA-86D6-37DA058BC55B}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760343) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{6215502A-6412-47AA-86D6-37DA058BC55B}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2767845) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8587E5B1-6279-4396-B9AC-20B334F4FF88}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2767860) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{0C0A2F4A-757C-4F10-935F-508E1A2D4719}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768016) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUS_{30C13416-B124-46AB-9E44-96CEFFA893F9}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768333) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{FA9970D1-FB2A-44C4-B99B-FD31CA9DD0FA}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768333) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{FA9970D1-FB2A-44C4-B99B-FD31CA9DD0FA}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768349) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{53810164-C8E4-4AB7-9692-B69105E26997}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768349) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUS_{105E6927-6518-4EAD-AC4C-631AD9648A20}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768349) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{53810164-C8E4-4AB7-9692-B69105E26997}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768355) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{58C3F796-13EF-4BB7-90C8-44AC58061294}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768355) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{58C3F796-13EF-4BB7-90C8-44AC58061294}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2810010) 64-Bit Edition (HKLM\...\{90150000-001F-0407-1000-0000000FF1CE}_Office15.PROPLUS_{BFFD2D29-347B-4E0F-8F5D-89395E458570}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2810010) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.PROPLUS_{377DC0D5-A062-496A-ADE2-6D204B498DD8}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2810010) 64-Bit Edition (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}_Office15.PROPLUS_{CA55F6DA-492F-434B-9B65-9A42C35F3FDC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2810010) 64-Bit Edition (HKLM\...\{90150000-001F-0410-1000-0000000FF1CE}_Office15.PROPLUS_{E04EF619-4EBF-4D84-BCD1-8ADB01AFF160}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2760334) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D9F8079D-BA75-47BC-ABAB-018F64771EA1}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2760334) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D9F8079D-BA75-47BC-ABAB-018F64771EA1}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2768011) 64-Bit Edition (HKLM\...\{90150000-00A1-0407-1000-0000000FF1CE}_Office15.PROPLUS_{D1EF1A3F-D621-482C-978D-E04E00CC7481}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2810015) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{87043757-94A9-4E24-9E4E-3E3F8BAFFDBA}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2810015) 64-Bit Edition (HKLM\...\{90150000-001A-0407-1000-0000000FF1CE}_Office15.PROPLUS_{C8F0C17C-FD27-4752-8627-D7E1A77E2C06}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2726947) 64-Bit Edition (HKLM\...\{90150000-0018-0407-1000-0000000FF1CE}_Office15.PROPLUS_{ECC41633-387D-4BA9-A47B-9E112DD85474}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2727013) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D6543BBD-68C5-4EF7-A8EF-A87E6602B063}) (Version:  - Microsoft)
Update for Microsoft SkyDrive Pro (KB2810019) 64-Bit Edition (HKLM\...\{90150000-00BA-0407-1000-0000000FF1CE}_Office15.PROPLUS_{943FD02E-FCF9-4F86-996D-85363B0D165B}) (Version:  - Microsoft)
Update for Microsoft SkyDrive Pro (KB2810019) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{87D820B2-64E3-492D-A617-122A8ABEAB20}) (Version:  - Microsoft)
Update for Microsoft SkyDrive Pro (KB2810019) 64-Bit Edition (HKLM\...\{90150000-00C1-0407-1000-0000000FF1CE}_Office15.PROPLUS_{943FD02E-FCF9-4F86-996D-85363B0D165B}) (Version:  - Microsoft)
Update for Microsoft Visio 2013 (KB2810008) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{54960E56-266C-417A-85F5-4769614C2694}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2768338) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D1F1940B-94DF-4DCB-BF82-9530D7FBB1BF}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2752073) 64-Bit Edition (HKLM\...\{90150000-001A-0407-1000-0000000FF1CE}_Office15.PROPLUS_{61A51BD0-52A2-4A78-831C-DBB839432C7B}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2752073) 64-Bit Edition (HKLM\...\{90150000-001B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{61A51BD0-52A2-4A78-831C-DBB839432C7B}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2752073) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{61A51BD0-52A2-4A78-831C-DBB839432C7B}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2768007) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BEF4A15A-E1CC-41A1-AAA8-23E0711219F0}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2768337) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{1E137370-60AB-48D4-9871-F2E789A17D92}) (Version:  - Microsoft)
VIS (HKLM-x32\...\VIS) (Version:  - ) <==== ATTENTION
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinZip Malware Protector (HKLM-x32\...\WinZip Malware Protector_is1) (Version: 2.1.1000.10798 - WinZip International LLC)

==================== Restore Points  =========================

09-04-2014 11:40:48 Windows Update
15-04-2014 11:14:52 Driver Booster : Intel(R) 6 Series/C200 Series Chipset Family 6 Port SATA AHCI Controller - 1C03
23-04-2014 10:36:15 Geplanter Prüfpunkt
03-05-2014 14:01:59 AVG PC TuneUp 2014 wird installiert
20-05-2014 16:45:01 Driver Booster : Intel(R) Display-Audio
21-05-2014 10:45:51 Windows Update
23-05-2014 07:36:09 Installed AVG 2014

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0585C2F3-DF9C-4148-930F-27ADFF0DBF63} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2009-11-18] (Hewlett-Packard)
Task: {0CE3B888-F198-40ED-A590-F4068D61CBAE} - System32\Tasks\advSRS5 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [2010-11-17] (SEC)
Task: {0D8D8B29-27DB-4744-A1AB-D7166B2760DA} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2014-01-07] (IObit)
Task: {18A90EA3-2BE5-4A69-95B8-5FD1735810FB} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {416A86BE-23B4-4838-A71D-B0FA728501A2} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2014-03-27] ()
Task: {4B008AD9-989C-455C-9FB9-FC281AEEF874} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {5896D17E-4206-47AE-A0C8-A1C8565CA3CE} - System32\Tasks\WinZip Malware Protector_startup => C:\Program Files (x86)\WinZip Malware Protector\WinZipMalwareProtector.exe [2013-07-15] (Nico Mak Computing)
Task: {86FCA73D-08B3-46FF-BF9A-A769B10B6B95} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {9F3A3F52-5B57-486C-BCB0-20D27268CDCC} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2014-01-10] (IObit)
Task: {AAA27A5D-8459-43FF-A472-A5A08D3557B0} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe [2009-11-04] (Samsung Electronics Co., Ltd.)
Task: {D295F8E1-25B4-4E4C-8424-CC8753AE462A} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [2009-10-16] (SAMSUNG Electronics co., LTD.)
Task: {E667E753-7570-4D20-BB7D-AEA9FCE79AAF} - System32\Tasks\One-Click Optimizer => C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 10\WO10.exe [2013-11-19] (Ashampoo Development GmbH & Co. KG)
Task: {FC83FC09-FEB2-49B0-8889-60846FF14EE8} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe [2014-04-15] (AVG)
Task: C:\Windows\Tasks\Driver Booster Update.job => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
Task: C:\Windows\Tasks\One-Click Optimizer.job => C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 10\WO10.exe

==================== Loaded Modules (whitelisted) =============

2014-01-26 21:29 - 2012-10-02 21:51 - 00086888 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-01-27 08:52 - 2011-08-22 13:44 - 01421216 _____ () C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2Service.exe
2014-04-15 16:23 - 2014-04-15 16:23 - 00675640 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\avgrepliba.dll
2014-01-27 08:58 - 2013-11-19 10:11 - 00885096 _____ () C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 10\LiveTunerService.exe
2014-01-26 17:09 - 2012-01-10 06:12 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-01-26 16:43 - 2006-08-12 13:48 - 00049152 _____ () C:\Program Files (x86)\Samsung\Easy Display Manager\HookDllPS2.dll
2014-01-26 17:56 - 2010-05-08 00:22 - 01636864 _____ () C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\Resdll.dll
2014-05-24 15:13 - 2013-02-28 16:53 - 00886272 _____ () C:\Program Files (x86)\WinZip Malware Protector\System.Data.SQLite.dll
2014-05-24 15:13 - 2013-07-15 16:53 - 01717936 _____ () C:\Program Files (x86)\WinZip Malware Protector\aspsys.dll
2014-05-24 15:13 - 2013-02-28 16:53 - 00168448 _____ () C:\Program Files (x86)\WinZip Malware Protector\UNRAR.DLL

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: Photosmart B110 series
Description: Photosmart B110 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Photosmart B110 series
Description: Photosmart B110 series
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: HP
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (05/24/2014 11:21:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.9600.17041, Zeitstempel: 0x531807e4
Name des fehlerhaften Moduls: Flash32_12_0_0_38.ocx, Version: 12.0.0.38, Zeitstempel: 0x52abb62d
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00228128
ID des fehlerhaften Prozesses: 0x11b8
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3

Error: (05/19/2014 09:41:38 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Der Index kann nicht initialisiert werden.


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (05/19/2014 09:41:38 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Die Anwendung kann nicht initialisiert werden.

Kontext: Windows Anwendung


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (05/19/2014 09:41:38 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Das Gatherer-Objekt kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (05/19/2014 09:41:38 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Plug-In in <Search.TripoliIndexer> kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Element nicht gefunden.  (HRESULT : 0x80070490) (0x80070490)

Error: (05/19/2014 09:41:36 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Plug-In in <Search.JetPropStore> kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (05/19/2014 09:41:35 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Die Eigenschaftenspeicherdaten können von Windows Search nicht geladen werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Die Inhaltsindexdatenbank ist fehlerhaft.  (HRESULT : 0xc0041800) (0xc0041800)

Error: (05/19/2014 09:41:35 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Windows Search wird aufgrund eines Problems bei der Indizierung The catalog is corrupt beendet.


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (05/19/2014 09:41:35 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Vom Suchdienst wurden beschädigte Datendateien im Index {id=4700} erkannt. Vom Dienst wird versucht, dieses Problem durch Neuerstellung des Indexes automatisch zu beheben.


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (05/19/2014 09:41:35 PM) (Source: Windows Search Service) (EventID: 9000) (User: )
Description: Der Jet-Eigenschaftenspeicher kann von Windows Search nicht geöffnet werden.


Details:
	0x%08x (0xc0041800 - Die Inhaltsindexdatenbank ist fehlerhaft.  (HRESULT : 0xc0041800))


System errors:
=============
Error: (05/24/2014 11:08:09 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (05/24/2014 11:08:09 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (05/24/2014 11:06:06 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Search Protect by Conduit Service" wurde nicht richtig gestartet.

Error: (05/24/2014 09:28:38 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (05/24/2014 09:28:38 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (05/24/2014 09:26:18 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Search Protect by Conduit Service" wurde nicht richtig gestartet.

Error: (05/23/2014 02:59:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (05/23/2014 02:59:14 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (05/23/2014 02:56:59 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Search Protect by Conduit Service" wurde nicht richtig gestartet.

Error: (05/23/2014 02:55:40 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Intel(R) PROSet/Wireless Zero Configuration Service" wurde mit folgendem Fehler beendet: 
%%-2147196306


Microsoft Office Sessions:
=========================
Error: (05/24/2014 11:21:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: IEXPLORE.EXE11.0.9600.17041531807e4Flash32_12_0_0_38.ocx12.0.0.3852abb62dc00000050022812811b801cf7730ec5aed5bC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SysWOW64\Macromed\Flash\Flash32_12_0_0_38.ocxc344276b-e324-11e3-9cec-e811329b6edd

Error: (05/19/2014 09:41:38 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: 
Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (05/19/2014 09:41:38 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Kontext: Windows Anwendung


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (05/19/2014 09:41:38 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (05/19/2014 09:41:38 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Element nicht gefunden.  (HRESULT : 0x80070490) (0x80070490)
Search.TripoliIndexer

Error: (05/19/2014 09:41:36 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)
Search.JetPropStore

Error: (05/19/2014 09:41:35 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Die Inhaltsindexdatenbank ist fehlerhaft.  (HRESULT : 0xc0041800) (0xc0041800)

Error: (05/19/2014 09:41:35 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: 
Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)
The catalog is corrupt

Error: (05/19/2014 09:41:35 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: 
Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)
4700

Error: (05/19/2014 09:41:35 PM) (Source: Windows Search Service) (EventID: 9000) (User: )
Description: 
Details:
	0x%08x (0xc0041800 - Die Inhaltsindexdatenbank ist fehlerhaft.  (HRESULT : 0xc0041800))


==================== Memory info =========================== 

Percentage of memory in use: 56%
Total physical RAM: 4008.19 MB
Available physical RAM: 1728.7 MB
Total Pagefile: 8014.56 MB
Available Pagefile: 5579.78 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:230 GB) (Free:178.59 GB) NTFS
Drive d: () (Fixed) (Total:343.24 GB) (Free:328.8 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596 GB) (Disk ID: 1F8D46A3)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=230 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=343 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=23 GB) - (Type=27)

==================== End Of Log ============================
         
--- --- ---


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-05-2014
Ran by Marco & Allyn (administrator) on MAPC on 24-05-2014 15:37:14
Running from C:\Users\Marco & Allyn\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\E78GCLAO
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool 
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2Service.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(mst software GmbH, Germany) C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 10\DfSdkS64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(AVG) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 10\LiveTunerService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Conduit) C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(AVG) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Ashampoo Development GmbH & Co. KG) C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2.exe
(Ashampoo Development GmbH & Co. KG) C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 10\LiveTuner.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Microsoft Corp.) C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\mswinext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Nico Mak Computing) C:\Program Files (x86)\WinZip Malware Protector\WinZipMalwareProtector.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_12_0_0_38_ActiveX.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-05-20] (Realtek Semiconductor)
HKLM\...\Run: [Ashampoo Core Tuner 2] => C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2.exe [5220768 2011-08-22] (Ashampoo Development GmbH & Co. KG)
HKLM\...\Run: [Ashampoo WinOptimizer Live-Tuner] => C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 10\LiveTuner.exe [2949480 2013-11-19] (Ashampoo Development GmbH & Co. KG)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5181456 2014-05-13] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [MSN Toolbar] => C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\mswinext.exe [240992 2009-11-16] (Microsoft Corp.)
HKLM-x32\...\Run: [Microsoft Default Manager] => C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [288080 2009-07-17] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2014-01-26] (Microsoft Corporation)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [247144 2012-10-08] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [202600 2012-10-08] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x500A65A7AD1ACF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
SearchScopes: HKLM - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = 
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3320326&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP66F4CB88-8F8F-4E2A-AC47-E3E986D03B91&q={searchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3320326&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP66F4CB88-8F8F-4E2A-AC47-E3E986D03B91&q={searchTerms}&SSPV=
SearchScopes: HKCU - {25CBE200-DC32-4866-9214-5463D9CF4616} URL = https://www.google.com/search?q={searchTerms}
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: MSN Toolbar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll (Microsoft Corporation)
BHO-x32: Browser Utility - {d9f8ec5f-18a3-4f95-b7a9-0cc9b9c87a44} - C:\Program Files (x86)\Browser Utility\browserutility.dll (Browser Utility)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Free PDF Perfect - {EFC2B9BE-AB2B-47F1-A47D-9EB28E58C917} - C:\Program Files (x86)\Freemium\Free PDF Perfect\ieagent64.dll (soft Xpansion)
Toolbar: HKLM-x32 - MSN Toolbar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - loadtbs - {DFEFCDEE-CF1A-4FC8-88AD-129872198372} - C:\Users\Marco & Allyn\AppData\Roaming\loadtbs\toolbar.dll (InfiniAd GmbH)
Toolbar: HKLM-x32 - Free PDF Perfect - {EFC2B9BE-AB2B-47F1-A47D-9EB28E58C917} - C:\Program Files (x86)\Freemium\Free PDF Perfect\ieagent32.dll (soft Xpansion)
Toolbar: HKCU - No Name - {DFEFCDEE-CF1A-4FC8-88AD-129872198372} -  No File
DPF: HKLM-x32 {85C86CCC-2158-4123-9C7D-785190CED875} https://lernboerse.arbeitsagentur.de/exklusiv/ilias/data/balihob/lm_data/httppath/dpLaunchPlugin.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Marco & Allyn\AppData\Roaming\Mozilla\Firefox\Profiles\eywkiaw0.default
FF user.js: detected! => C:\Users\Marco & Allyn\AppData\Roaming\Mozilla\Firefox\Profiles\eywkiaw0.default\user.js
FF Homepage: hxxp://www.google.de/
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\3.0.40818.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpWinExt,version=4.0 - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF - C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll (Nitro PDF)
FF Plugin-x32: @soft-xpansion/npsxpdf - C:\Program Files (x86)\Common Files\Freemium\np-sxpdf.dll (soft-Xpansion)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npmieze.dll (InfiniAd GmbH)
FF Extension: No Name - C:\Users\Marco & Allyn\AppData\Roaming\Mozilla\Firefox\Profiles\eywkiaw0.default\Extensions\staged [2014-02-17]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-01-27]
FF HKLM-x32\...\Firefox\Extensions: [msntoolbar@msn.com] - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\Firefox
FF Extension: MSN Toolbar - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\Firefox [2014-01-27]
FF HKLM-x32\...\Firefox\Extensions: [{27182e60-b5f3-411c-b545-b44205977502}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\
FF Extension: Search Helper Extension - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ []
FF HKLM-x32\...\Firefox\Extensions: [{51c77233-c0ad-4220-8388-47c11c18b355}] - C:\Program Files (x86)\Browser Utility\browserutility.xpi
FF Extension: Browser Utility - C:\Program Files (x86)\Browser Utility\browserutility.xpi [2013-08-27]
FF HKLM-x32\...\Firefox\Extensions: [{B45418F9-6406-4828-9D1A-35313FB1E2D6}] - C:\ProgramData\Freemium\Free PDF Perfect\Data\fftb
FF Extension: Free PDF Perfect - C:\ProgramData\Freemium\Free PDF Perfect\Data\fftb [2014-02-17]
FF HKLM-x32\...\Thunderbird\Extensions: [{B45418F9-6406-4828-9D1A-35313FB1E2D6}] - C:\ProgramData\Freemium\Free PDF Perfect\Data\fftb
FF Extension: Free PDF Perfect - C:\ProgramData\Freemium\Free PDF Perfect\Data\fftb [2014-02-17]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-01-27]

Chrome: 
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (No Name) - C:\Users\Marco & Allyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmlgoencnlndpglbocajlimaikjohmab [2014-02-17]

==================== Services (Whitelisted) =================

R2 ACT2_Service; C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2Service.exe [1421216 2011-08-22] ()
R2 avgfws; C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [1473792 2014-05-13] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3644432 2014-05-13] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [292424 2014-05-13] (AVG Technologies CZ, s.r.o.)
U2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2454816 2014-03-03] (Conduit)
R2 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 10\DfsdkS64.exe [544768 2009-08-24] (mst software GmbH, Germany)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] ()
R2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-07-26] (Nitro PDF Software)
S3 SXDS10; C:\Program Files (x86)\Common Files\soft Xpansion\sxds10.exe [234096 2014-02-17] (soft Xpansion)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2185528 2014-04-15] (AVG)
R2 WO_LiveService; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 10\LiveTunerService.exe [885096 2013-11-19] ()
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

R2 ACT2PM; C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2ProcessMonitor64.sys [15160 2011-06-10] ()
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-05-13] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [57144 2013-09-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [236312 2014-05-13] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [191768 2014-05-13] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-05-13] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [323352 2014-05-13] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [130328 2014-05-13] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-05-13] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [273176 2014-05-13] (AVG Technologies CZ, s.r.o.)
R2 LiveTunerPM; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 10\LiveTunerProcessMonitor64.sys [12824 2011-03-08] ()
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [100312 2014-05-20] (Intel Corporation)
S3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33008 2014-04-15] (Synaptics Incorporated)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [14112 2014-03-26] (TuneUp Software)
R2 UI5IFS; C:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller 5\IFS64.sys [37216 2013-05-08] ()

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-24 15:37 - 2014-05-24 15:37 - 00000000 ____D () C:\FRST
2014-05-24 15:24 - 2014-05-24 15:24 - 00015341 _____ () C:\Users\Marco & Allyn\Desktop\log.xml
2014-05-24 15:13 - 2014-05-24 15:13 - 00003116 _____ () C:\Windows\System32\Tasks\WinZip Malware Protector_startup
2014-05-24 15:13 - 2014-05-24 15:13 - 00001189 _____ () C:\Users\Public\Desktop\WinZip Malware Protector.lnk
2014-05-24 15:13 - 2014-05-24 15:13 - 00000000 ____D () C:\Users\Marco & Allyn\AppData\Roaming\Nico Mak Computing
2014-05-24 15:13 - 2014-05-24 15:13 - 00000000 ____D () C:\ProgramData\Nico Mak Computing
2014-05-24 15:13 - 2014-05-24 15:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Malware Protector
2014-05-24 15:13 - 2014-05-24 15:13 - 00000000 ____D () C:\Program Files (x86)\WinZip Malware Protector
2014-05-24 15:13 - 2013-03-15 17:10 - 00020480 _____ () C:\Windows\system32\wsusnative64.exe
2014-05-23 09:38 - 2014-05-23 09:38 - 00000981 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-05-21 12:49 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-21 12:49 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-21 12:49 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-21 12:49 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-21 12:49 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-21 12:49 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-21 12:45 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-21 12:45 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-21 12:45 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-21 12:45 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-21 12:45 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-21 12:45 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-21 12:45 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-21 12:45 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-21 12:45 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-21 12:45 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-21 12:45 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-21 12:45 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-21 12:45 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-21 12:45 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-21 12:45 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-21 12:45 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-21 12:45 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-21 12:45 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-21 12:45 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-21 12:45 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-21 12:45 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-21 12:45 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-21 12:45 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-21 12:45 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-21 12:45 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-21 12:45 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-21 12:45 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-21 12:45 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-21 12:45 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-21 12:45 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-21 12:45 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-21 12:45 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-21 12:45 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-21 12:45 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-21 12:45 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-21 12:45 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-21 12:45 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-21 12:45 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-21 12:45 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-21 12:45 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-21 12:45 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-21 12:45 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-21 12:45 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-20 18:49 - 2014-05-20 18:49 - 00901848 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2014-05-20 18:49 - 2014-05-20 18:49 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2014-05-20 18:48 - 2014-05-20 18:48 - 00342528 _____ (Intel(R) Corporation) C:\Windows\system32\Drivers\IntcDAud.sys
2014-05-20 18:48 - 2014-05-20 18:48 - 00100312 _____ (Intel Corporation) C:\Windows\system32\Drivers\TeeDriverx64.sys
2014-05-20 18:48 - 2014-05-20 18:48 - 00016896 _____ (Intel(R) Corporation) C:\Windows\system32\IntcDAuC.dll
2014-05-20 18:47 - 2014-05-20 18:47 - 11527888 _____ (Intel Corporation) C:\Windows\system32\Drivers\NETwsw00.sys
2014-05-20 18:45 - 2014-05-20 18:45 - 56270848 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2014-05-20 18:45 - 2014-05-20 18:45 - 03872984 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-05-20 18:45 - 2014-05-20 18:45 - 02792152 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2014-05-20 18:45 - 2014-05-20 18:45 - 02770976 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2014-05-20 18:45 - 2014-05-20 18:45 - 01024216 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2014-05-20 18:45 - 2014-05-20 18:45 - 00947760 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2014-05-20 18:45 - 2014-05-20 18:45 - 00946392 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2014-05-20 18:45 - 2014-05-20 18:45 - 00757301 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-05-20 18:45 - 2014-05-20 18:45 - 00624344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2014-05-13 14:20 - 2014-05-13 14:20 - 00273176 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgtdia.sys
2014-05-13 14:20 - 2014-05-13 14:20 - 00235800 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgldx64.sys
2014-05-13 14:06 - 2014-05-13 14:06 - 00323352 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgloga.sys
2014-05-13 14:05 - 2014-05-13 14:05 - 00191768 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsha.sys
2014-05-13 14:05 - 2014-05-13 14:05 - 00152344 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgdiska.sys
2014-05-13 14:05 - 2014-05-13 14:05 - 00130328 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys
2014-05-13 14:04 - 2014-05-13 14:04 - 00236312 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2014-05-13 14:04 - 2014-05-13 14:04 - 00031512 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgrkx64.sys
2014-05-07 15:31 - 2014-05-07 15:32 - 00000000 ____D () C:\Users\Marco & Allyn\Desktop\Anwendungen
2014-05-07 14:44 - 2014-05-07 14:44 - 00002762 _____ () C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2014-05-07 14:39 - 2014-05-20 18:35 - 00000000 ____D () C:\Users\Marco & Allyn\Documents\Allyn Unterlagen
2014-05-03 16:10 - 2014-05-03 16:10 - 00003676 _____ () C:\Windows\System32\Tasks\HP-Online-Aktualisierungsprogramm
2014-05-03 16:04 - 2014-05-03 16:04 - 00002213 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2014.lnk
2014-05-03 16:04 - 2014-05-03 16:04 - 00000000 ____D () C:\Users\Marco & Allyn\AppData\Roaming\AVG
2014-05-03 16:04 - 2014-05-03 16:04 - 00000000 ____D () C:\Users\Marco & Allyn\AppData\Local\AVG
2014-05-03 16:04 - 2014-04-15 16:23 - 00040248 _____ (AVG) C:\Windows\system32\TURegOpt.exe
2014-05-03 16:04 - 2014-04-15 16:23 - 00029496 _____ (AVG) C:\Windows\system32\authuitu.dll
2014-05-03 16:04 - 2014-04-15 16:23 - 00025400 _____ (AVG) C:\Windows\SysWOW64\authuitu.dll
2014-05-03 16:01 - 2014-05-03 16:07 - 00000000 ____D () C:\ProgramData\AVG
2014-05-03 16:00 - 2014-05-03 16:00 - 70431144 _____ (AVG) C:\Users\Marco & Allyn\Downloads\avg_tuh_stf_all_2014_423_24c28.exe

==================== One Month Modified Files and Folders =======

2014-05-24 15:37 - 2014-05-24 15:37 - 00000000 ____D () C:\FRST
2014-05-24 15:36 - 2014-01-26 17:58 - 00000000 ____D () C:\ProgramData\MFAData
2014-05-24 15:24 - 2014-05-24 15:24 - 00015341 _____ () C:\Users\Marco & Allyn\Desktop\log.xml
2014-05-24 15:13 - 2014-05-24 15:13 - 00003116 _____ () C:\Windows\System32\Tasks\WinZip Malware Protector_startup
2014-05-24 15:13 - 2014-05-24 15:13 - 00001189 _____ () C:\Users\Public\Desktop\WinZip Malware Protector.lnk
2014-05-24 15:13 - 2014-05-24 15:13 - 00000000 ____D () C:\Users\Marco & Allyn\AppData\Roaming\Nico Mak Computing
2014-05-24 15:13 - 2014-05-24 15:13 - 00000000 ____D () C:\ProgramData\Nico Mak Computing
2014-05-24 15:13 - 2014-05-24 15:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Malware Protector
2014-05-24 15:13 - 2014-05-24 15:13 - 00000000 ____D () C:\Program Files (x86)\WinZip Malware Protector
2014-05-24 15:06 - 2014-01-26 15:54 - 01065563 _____ () C:\Windows\WindowsUpdate.log
2014-05-24 11:11 - 2009-07-14 06:45 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-24 11:11 - 2009-07-14 06:45 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-24 11:06 - 2014-03-27 21:18 - 00003490 _____ () C:\Windows\System32\Tasks\AutoKMS
2014-05-24 11:04 - 2014-01-27 09:29 - 00000300 _____ () C:\Windows\Tasks\Driver Booster Update.job
2014-05-24 11:04 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-23 09:48 - 2009-07-14 19:58 - 00698926 _____ () C:\Windows\system32\perfh007.dat
2014-05-23 09:48 - 2009-07-14 19:58 - 00149034 _____ () C:\Windows\system32\perfc007.dat
2014-05-23 09:48 - 2009-07-14 07:13 - 01618320 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-23 09:38 - 2014-05-23 09:38 - 00000981 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-05-23 09:38 - 2014-04-02 11:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-05-22 14:02 - 2014-01-26 16:05 - 00000000 ___RD () C:\Users\Marco & Allyn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-22 14:02 - 2014-01-26 16:05 - 00000000 ___RD () C:\Users\Marco & Allyn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-21 12:53 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-05-21 12:49 - 2014-01-26 19:07 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-21 12:47 - 2009-10-14 07:12 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-21 12:11 - 2014-01-30 13:51 - 00000000 ____D () C:\Users\Marco & Allyn\AppData\Roaming\Nitro PDF
2014-05-20 18:49 - 2014-05-20 18:49 - 00901848 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2014-05-20 18:49 - 2014-05-20 18:49 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2014-05-20 18:49 - 2014-01-26 17:16 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2014-05-20 18:48 - 2014-05-20 18:48 - 00342528 _____ (Intel(R) Corporation) C:\Windows\system32\Drivers\IntcDAud.sys
2014-05-20 18:48 - 2014-05-20 18:48 - 00100312 _____ (Intel Corporation) C:\Windows\system32\Drivers\TeeDriverx64.sys
2014-05-20 18:48 - 2014-05-20 18:48 - 00016896 _____ (Intel(R) Corporation) C:\Windows\system32\IntcDAuC.dll
2014-05-20 18:47 - 2014-05-20 18:47 - 11527888 _____ (Intel Corporation) C:\Windows\system32\Drivers\NETwsw00.sys
2014-05-20 18:46 - 2014-01-26 16:54 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-05-20 18:45 - 2014-05-20 18:45 - 56270848 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2014-05-20 18:45 - 2014-05-20 18:45 - 03872984 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-05-20 18:45 - 2014-05-20 18:45 - 02792152 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2014-05-20 18:45 - 2014-05-20 18:45 - 02770976 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2014-05-20 18:45 - 2014-05-20 18:45 - 01024216 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2014-05-20 18:45 - 2014-05-20 18:45 - 00947760 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2014-05-20 18:45 - 2014-05-20 18:45 - 00946392 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2014-05-20 18:45 - 2014-05-20 18:45 - 00757301 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-05-20 18:45 - 2014-05-20 18:45 - 00624344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2014-05-20 18:35 - 2014-05-07 14:39 - 00000000 ____D () C:\Users\Marco & Allyn\Documents\Allyn Unterlagen
2014-05-16 12:38 - 2014-02-03 11:10 - 00000000 ____D () C:\Users\Marco & Allyn\Documents\Eigene Scans
2014-05-13 14:20 - 2014-05-13 14:20 - 00273176 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgtdia.sys
2014-05-13 14:20 - 2014-05-13 14:20 - 00235800 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgldx64.sys
2014-05-13 14:06 - 2014-05-13 14:06 - 00323352 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgloga.sys
2014-05-13 14:05 - 2014-05-13 14:05 - 00191768 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsha.sys
2014-05-13 14:05 - 2014-05-13 14:05 - 00152344 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgdiska.sys
2014-05-13 14:05 - 2014-05-13 14:05 - 00130328 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys
2014-05-13 14:04 - 2014-05-13 14:04 - 00236312 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2014-05-13 14:04 - 2014-05-13 14:04 - 00031512 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgrkx64.sys
2014-05-08 10:01 - 2014-01-26 16:05 - 00000000 ____D () C:\Users\Marco & Allyn\AppData\Local\VirtualStore
2014-05-07 15:32 - 2014-05-07 15:31 - 00000000 ____D () C:\Users\Marco & Allyn\Desktop\Anwendungen
2014-05-07 15:30 - 2014-01-26 16:05 - 00000000 ____D () C:\Users\Marco & Allyn
2014-05-07 14:44 - 2014-05-07 14:44 - 00002762 _____ () C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2014-05-06 06:40 - 2014-05-21 12:49 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 06:17 - 2014-05-21 12:49 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 05:25 - 2014-05-21 12:49 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 05:07 - 2014-05-21 12:49 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 05:00 - 2014-05-21 12:49 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 04:10 - 2014-05-21 12:49 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-03 16:10 - 2014-05-03 16:10 - 00003676 _____ () C:\Windows\System32\Tasks\HP-Online-Aktualisierungsprogramm
2014-05-03 16:10 - 2014-01-27 14:10 - 00000000 ____D () C:\Users\Marco & Allyn\AppData\Roaming\HpUpdate
2014-05-03 16:10 - 2014-01-26 18:10 - 00000000 ____D () C:\Users\Marco & Allyn\AppData\Local\Microsoft Help
2014-05-03 16:07 - 2014-05-03 16:01 - 00000000 ____D () C:\ProgramData\AVG
2014-05-03 16:04 - 2014-05-03 16:04 - 00002213 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2014.lnk
2014-05-03 16:04 - 2014-05-03 16:04 - 00000000 ____D () C:\Users\Marco & Allyn\AppData\Roaming\AVG
2014-05-03 16:04 - 2014-05-03 16:04 - 00000000 ____D () C:\Users\Marco & Allyn\AppData\Local\AVG
2014-05-03 16:03 - 2014-01-26 18:02 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-05-03 16:00 - 2014-05-03 16:00 - 70431144 _____ (AVG) C:\Users\Marco & Allyn\Downloads\avg_tuh_stf_all_2014_423_24c28.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-30 11:13

==================== End Of Log ============================
         
--- --- ---

--- --- ---
__________________

Alt 25.05.2014, 08:07   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Laptop ist infiziert.( Glaube ich zumindest) - Standard

Laptop ist infiziert.( Glaube ich zumindest)



Adware & Co. deinstallieren
  • Lade Dir bitte von hier Revo Uninstaller herunter.
  • Installiere und starte das Programm.
  • Suche im Uninstallerfeld nach den Programmen, die unter:

    diesen Zusatz haben:
  • Wähle die Programme nacheinander aus und klicke jedesmal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

Solltest Du ein Programm nicht finden oder nicht deinstallieren können, mache bitte mit dem nächsten Schritt weiter:




Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 27.05.2014, 10:34   #5
mko75b
 
Laptop ist infiziert.( Glaube ich zumindest) - Standard

Laptop ist infiziert.( Glaube ich zumindest)



Hallo Schrauber. Habe alles so gemacht wie du es geschrieben hast. Ich kann aber CombiFix.txt auf meinem Rechner nicht finden. Was kann ich tun? Soll ich den Vorgang wiederholen? MFG Marco


Alt 28.05.2014, 10:26   #6
schrauber
/// the machine
/// TB-Ausbilder
 

Laptop ist infiziert.( Glaube ich zumindest) - Standard

Laptop ist infiziert.( Glaube ich zumindest)



Schau mal unter C:\Combofix.txt, oder poste ein frisches FRST log.
__________________
--> Laptop ist infiziert.( Glaube ich zumindest)

Alt 28.05.2014, 11:55   #7
mko75b
 
Laptop ist infiziert.( Glaube ich zumindest) - Standard

Laptop ist infiziert.( Glaube ich zumindest)




FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-05-2014 02
Ran by Marco & Allyn (administrator) on MAPC on 28-05-2014 11:54:24
Running from C:\Users\Marco & Allyn\Downloads
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2Service.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(mst software GmbH, Germany) C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 10\DfSdkS64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(AVG) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 10\LiveTunerService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(AVG) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Ashampoo Development GmbH & Co. KG) C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2.exe
(Ashampoo Development GmbH & Co. KG) C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 10\LiveTuner.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Microsoft Corp.) C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\mswinext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(soft Xpansion) C:\Program Files (x86)\Common Files\soft Xpansion\sxds10.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_12_0_0_38_ActiveX.exe
(SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-05-20] (Realtek Semiconductor)
HKLM\...\Run: [Ashampoo Core Tuner 2] => C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2.exe [5220768 2011-08-22] (Ashampoo Development GmbH & Co. KG)
HKLM\...\Run: [Ashampoo WinOptimizer Live-Tuner] => C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 10\LiveTuner.exe [2949480 2013-11-19] (Ashampoo Development GmbH & Co. KG)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5181456 2014-05-13] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [MSN Toolbar] => C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\mswinext.exe [240992 2009-11-16] (Microsoft Corp.)
HKLM-x32\...\Run: [Microsoft Default Manager] => C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [288080 2009-07-17] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [247144 2012-10-08] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [202600 2012-10-08] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x500A65A7AD1ACF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = 
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3320326&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP66F4CB88-8F8F-4E2A-AC47-E3E986D03B91&q={searchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/Results.aspx?ctid=CT3320326&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP66F4CB88-8F8F-4E2A-AC47-E3E986D03B91&q={searchTerms}&SSPV=
SearchScopes: HKCU - {25CBE200-DC32-4866-9214-5463D9CF4616} URL = https://www.google.com/search?q={searchTerms}
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: MSN Toolbar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll (Microsoft Corporation)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM-x32 - MSN Toolbar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - loadtbs - {DFEFCDEE-CF1A-4FC8-88AD-129872198372} - C:\Users\Marco & Allyn\AppData\Roaming\loadtbs\toolbar.dll (InfiniAd GmbH)
Toolbar: HKLM-x32 - Free PDF Perfect - {EFC2B9BE-AB2B-47F1-A47D-9EB28E58C917} - C:\Program Files (x86)\Freemium\Free PDF Perfect\ieagent32.dll (soft Xpansion)
Toolbar: HKCU - No Name - {DFEFCDEE-CF1A-4FC8-88AD-129872198372} -  No File
DPF: HKLM-x32 {85C86CCC-2158-4123-9C7D-785190CED875} https://lernboerse.arbeitsagentur.de/exklusiv/ilias/data/balihob/lm_data/httppath/dpLaunchPlugin.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Marco & Allyn\AppData\Roaming\Mozilla\Firefox\Profiles\eywkiaw0.default
FF Homepage: hxxp://www.google.de/
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\3.0.40818.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpWinExt,version=4.0 - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF - C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll (Nitro PDF)
FF Plugin-x32: @soft-xpansion/npsxpdf - C:\Program Files (x86)\Common Files\Freemium\np-sxpdf.dll (soft-Xpansion)
FF user.js: detected! => C:\Users\Marco & Allyn\AppData\Roaming\Mozilla\Firefox\Profiles\eywkiaw0.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npmieze.dll (InfiniAd GmbH)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: vis - C:\Users\Marco & Allyn\AppData\Roaming\Mozilla\Firefox\Profiles\eywkiaw0.default\Extensions\EFGLQA@78ETGYN-0W7FN789T87.COM [2014-05-28]
FF Extension: Yahoo! Toolbar - C:\Users\Marco & Allyn\AppData\Roaming\Mozilla\Firefox\Profiles\eywkiaw0.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2014-05-28]
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-01-27]
FF HKLM-x32\...\Firefox\Extensions: [msntoolbar@msn.com] - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\Firefox
FF Extension: MSN Toolbar - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\Firefox [2014-01-27]
FF HKLM-x32\...\Firefox\Extensions: [{27182e60-b5f3-411c-b545-b44205977502}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\
FF Extension: Search Helper Extension - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ []
FF HKLM-x32\...\Firefox\Extensions: [{B45418F9-6406-4828-9D1A-35313FB1E2D6}] - C:\ProgramData\Freemium\Free PDF Perfect\Data\fftb
FF Extension: Free PDF Perfect - C:\ProgramData\Freemium\Free PDF Perfect\Data\fftb [2014-02-17]
FF HKLM-x32\...\Thunderbird\Extensions: [{B45418F9-6406-4828-9D1A-35313FB1E2D6}] - C:\ProgramData\Freemium\Free PDF Perfect\Data\fftb
FF Extension: Free PDF Perfect - C:\ProgramData\Freemium\Free PDF Perfect\Data\fftb [2014-02-17]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-01-27]

Chrome: 
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (No Name) - C:\Users\Marco & Allyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmlgoencnlndpglbocajlimaikjohmab [2014-02-17]

==================== Services (Whitelisted) =================

R2 ACT2_Service; C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2Service.exe [1421216 2011-08-22] ()
R2 avgfws; C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [1473792 2014-05-13] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3644432 2014-05-13] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [292424 2014-05-13] (AVG Technologies CZ, s.r.o.)
R2 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 10\DfsdkS64.exe [544768 2009-08-24] (mst software GmbH, Germany)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] ()
R2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-07-26] (Nitro PDF Software)
R3 SXDS10; C:\Program Files (x86)\Common Files\soft Xpansion\sxds10.exe [234096 2014-02-17] (soft Xpansion)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2185528 2014-04-15] (AVG)
R2 WO_LiveService; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 10\LiveTunerService.exe [885096 2013-11-19] ()
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

R2 ACT2PM; C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2ProcessMonitor64.sys [15160 2011-06-10] ()
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-05-13] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [57144 2013-09-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [236312 2014-05-13] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [191768 2014-05-13] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-05-13] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [323352 2014-05-13] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [130328 2014-05-13] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-05-13] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [273176 2014-05-13] (AVG Technologies CZ, s.r.o.)
R2 LiveTunerPM; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 10\LiveTunerProcessMonitor64.sys [12824 2011-03-08] ()
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [100312 2014-05-20] (Intel Corporation)
S3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33008 2014-04-15] (Synaptics Incorporated)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [14112 2014-03-26] (TuneUp Software)
R2 UI5IFS; C:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller 5\IFS64.sys [37216 2013-05-08] ()

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-28 11:54 - 2014-05-28 11:54 - 00017182 _____ () C:\Users\Marco & Allyn\Downloads\FRST.txt
2014-05-28 11:53 - 2014-05-28 11:53 - 02066944 _____ (Farbar) C:\Users\Marco & Allyn\Downloads\FRST64.exe
2014-05-28 11:43 - 2014-05-28 11:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-28 10:20 - 2014-05-28 11:49 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-28 10:20 - 2014-05-28 10:20 - 00688552 _____ (Yahoo! Inc.) C:\Users\Marco & Allyn\Downloads\yahoo_firefox_de_wrap_2014.04.14.11.22.23.exe
2014-05-28 10:20 - 2014-05-28 10:20 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-27 08:21 - 2014-05-27 08:21 - 00000000 ___SD () C:\ComboFix
2014-05-26 23:14 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-05-26 23:14 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-05-26 23:14 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-05-26 23:14 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-05-26 23:14 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-05-26 23:14 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-05-26 23:14 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-05-26 23:14 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-05-26 23:11 - 2014-05-27 08:21 - 00000000 ____D () C:\Qoobox
2014-05-26 23:11 - 2014-05-26 23:27 - 00000000 ____D () C:\Windows\erdnt
2014-05-26 23:10 - 2014-05-26 23:11 - 05200919 ____R (Swearware) C:\Users\Marco & Allyn\Desktop\ComboFix.exe
2014-05-26 22:37 - 2014-05-26 22:37 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-24 15:37 - 2014-05-28 11:54 - 00000000 ____D () C:\FRST
2014-05-24 15:13 - 2014-05-24 15:51 - 00000000 ____D () C:\Users\Marco & Allyn\AppData\Roaming\Nico Mak Computing
2014-05-21 12:49 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-21 12:49 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-21 12:49 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-21 12:49 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-21 12:49 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-21 12:49 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-21 12:45 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-21 12:45 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-21 12:45 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-21 12:45 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-21 12:45 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-21 12:45 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-21 12:45 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-21 12:45 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-21 12:45 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-21 12:45 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-21 12:45 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-21 12:45 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-21 12:45 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-21 12:45 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-21 12:45 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-21 12:45 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-21 12:45 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-21 12:45 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-21 12:45 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-21 12:45 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-21 12:45 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-21 12:45 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-21 12:45 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-21 12:45 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-21 12:45 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-21 12:45 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-21 12:45 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-21 12:45 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-21 12:45 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-21 12:45 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-21 12:45 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-21 12:45 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-21 12:45 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-21 12:45 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-21 12:45 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-21 12:45 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-21 12:45 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-21 12:45 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-21 12:45 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-21 12:45 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-21 12:45 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-21 12:45 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-21 12:45 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-20 18:49 - 2014-05-20 18:49 - 00901848 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2014-05-20 18:49 - 2014-05-20 18:49 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2014-05-20 18:48 - 2014-05-20 18:48 - 00342528 _____ (Intel(R) Corporation) C:\Windows\system32\Drivers\IntcDAud.sys
2014-05-20 18:48 - 2014-05-20 18:48 - 00100312 _____ (Intel Corporation) C:\Windows\system32\Drivers\TeeDriverx64.sys
2014-05-20 18:48 - 2014-05-20 18:48 - 00016896 _____ (Intel(R) Corporation) C:\Windows\system32\IntcDAuC.dll
2014-05-20 18:47 - 2014-05-20 18:47 - 11527888 _____ (Intel Corporation) C:\Windows\system32\Drivers\NETwsw00.sys
2014-05-20 18:45 - 2014-05-20 18:45 - 56270848 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2014-05-20 18:45 - 2014-05-20 18:45 - 03872984 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-05-20 18:45 - 2014-05-20 18:45 - 02792152 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2014-05-20 18:45 - 2014-05-20 18:45 - 02770976 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2014-05-20 18:45 - 2014-05-20 18:45 - 01024216 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2014-05-20 18:45 - 2014-05-20 18:45 - 00947760 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2014-05-20 18:45 - 2014-05-20 18:45 - 00946392 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2014-05-20 18:45 - 2014-05-20 18:45 - 00757301 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-05-20 18:45 - 2014-05-20 18:45 - 00624344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2014-05-13 14:20 - 2014-05-13 14:20 - 00273176 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgtdia.sys
2014-05-13 14:20 - 2014-05-13 14:20 - 00235800 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgldx64.sys
2014-05-13 14:06 - 2014-05-13 14:06 - 00323352 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgloga.sys
2014-05-13 14:05 - 2014-05-13 14:05 - 00191768 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsha.sys
2014-05-13 14:05 - 2014-05-13 14:05 - 00152344 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgdiska.sys
2014-05-13 14:05 - 2014-05-13 14:05 - 00130328 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys
2014-05-13 14:04 - 2014-05-13 14:04 - 00236312 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2014-05-13 14:04 - 2014-05-13 14:04 - 00031512 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgrkx64.sys
2014-05-07 15:31 - 2014-05-27 09:18 - 00000000 ____D () C:\Users\Marco & Allyn\Desktop\Anwendungen
2014-05-07 14:44 - 2014-05-07 14:44 - 00002762 _____ () C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2014-05-07 14:39 - 2014-05-20 18:35 - 00000000 ____D () C:\Users\Marco & Allyn\Documents\Allyn Unterlagen
2014-05-03 16:10 - 2014-05-03 16:10 - 00003676 _____ () C:\Windows\System32\Tasks\HP-Online-Aktualisierungsprogramm
2014-05-03 16:04 - 2014-05-03 16:04 - 00002213 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2014.lnk
2014-05-03 16:04 - 2014-05-03 16:04 - 00000000 ____D () C:\Users\Marco & Allyn\AppData\Roaming\AVG
2014-05-03 16:04 - 2014-05-03 16:04 - 00000000 ____D () C:\Users\Marco & Allyn\AppData\Local\AVG
2014-05-03 16:04 - 2014-04-15 16:23 - 00040248 _____ (AVG) C:\Windows\system32\TURegOpt.exe
2014-05-03 16:04 - 2014-04-15 16:23 - 00029496 _____ (AVG) C:\Windows\system32\authuitu.dll
2014-05-03 16:04 - 2014-04-15 16:23 - 00025400 _____ (AVG) C:\Windows\SysWOW64\authuitu.dll
2014-05-03 16:01 - 2014-05-03 16:07 - 00000000 ____D () C:\ProgramData\AVG
2014-05-03 16:00 - 2014-05-03 16:00 - 70431144 _____ (AVG) C:\Users\Marco & Allyn\Downloads\avg_tuh_stf_all_2014_423_24c28.exe

==================== One Month Modified Files and Folders =======

2014-05-28 11:54 - 2014-05-28 11:54 - 00017182 _____ () C:\Users\Marco & Allyn\Downloads\FRST.txt
2014-05-28 11:54 - 2014-05-24 15:37 - 00000000 ____D () C:\FRST
2014-05-28 11:53 - 2014-05-28 11:53 - 02066944 _____ (Farbar) C:\Users\Marco & Allyn\Downloads\FRST64.exe
2014-05-28 11:49 - 2014-05-28 10:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-28 11:43 - 2014-05-28 11:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-28 11:36 - 2014-01-26 17:58 - 00000000 ____D () C:\ProgramData\MFAData
2014-05-28 11:32 - 2014-01-27 11:15 - 00000000 ____D () C:\Users\Marco & Allyn\Documents\Bewerbung Marco
2014-05-28 11:18 - 2014-01-30 13:51 - 00000000 ____D () C:\Users\Marco & Allyn\AppData\Roaming\Nitro PDF
2014-05-28 10:20 - 2014-05-28 10:20 - 00688552 _____ (Yahoo! Inc.) C:\Users\Marco & Allyn\Downloads\yahoo_firefox_de_wrap_2014.04.14.11.22.23.exe
2014-05-28 10:20 - 2014-05-28 10:20 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-28 02:31 - 2014-01-26 15:54 - 01129105 _____ () C:\Windows\WindowsUpdate.log
2014-05-27 09:56 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-05-27 09:18 - 2014-05-07 15:31 - 00000000 ____D () C:\Users\Marco & Allyn\Desktop\Anwendungen
2014-05-27 08:47 - 2009-07-14 06:45 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-27 08:47 - 2009-07-14 06:45 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-27 08:42 - 2014-03-27 21:18 - 00003490 _____ () C:\Windows\System32\Tasks\AutoKMS
2014-05-27 08:42 - 2014-01-27 09:29 - 00000300 _____ () C:\Windows\Tasks\Driver Booster Update.job
2014-05-27 08:41 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-27 08:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-27 08:25 - 2009-07-14 19:58 - 00702564 _____ () C:\Windows\system32\perfh007.dat
2014-05-27 08:25 - 2009-07-14 19:58 - 00150116 _____ () C:\Windows\system32\perfc007.dat
2014-05-27 08:25 - 2009-07-14 07:13 - 01646762 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-27 08:21 - 2014-05-27 08:21 - 00000000 ___SD () C:\ComboFix
2014-05-27 08:21 - 2014-05-26 23:11 - 00000000 ____D () C:\Qoobox
2014-05-27 08:18 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-05-26 23:30 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-05-26 23:27 - 2014-05-26 23:11 - 00000000 ____D () C:\Windows\erdnt
2014-05-26 23:11 - 2014-05-26 23:10 - 05200919 ____R (Swearware) C:\Users\Marco & Allyn\Desktop\ComboFix.exe
2014-05-26 22:37 - 2014-05-26 22:37 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-24 15:51 - 2014-05-24 15:13 - 00000000 ____D () C:\Users\Marco & Allyn\AppData\Roaming\Nico Mak Computing
2014-05-23 09:38 - 2014-04-02 11:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-05-22 14:02 - 2014-01-26 16:05 - 00000000 ___RD () C:\Users\Marco & Allyn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-22 14:02 - 2014-01-26 16:05 - 00000000 ___RD () C:\Users\Marco & Allyn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-21 12:53 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-05-21 12:49 - 2014-01-26 19:07 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-21 12:47 - 2009-10-14 07:12 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-20 18:49 - 2014-05-20 18:49 - 00901848 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2014-05-20 18:49 - 2014-05-20 18:49 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2014-05-20 18:49 - 2014-01-26 17:16 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2014-05-20 18:48 - 2014-05-20 18:48 - 00342528 _____ (Intel(R) Corporation) C:\Windows\system32\Drivers\IntcDAud.sys
2014-05-20 18:48 - 2014-05-20 18:48 - 00100312 _____ (Intel Corporation) C:\Windows\system32\Drivers\TeeDriverx64.sys
2014-05-20 18:48 - 2014-05-20 18:48 - 00016896 _____ (Intel(R) Corporation) C:\Windows\system32\IntcDAuC.dll
2014-05-20 18:47 - 2014-05-20 18:47 - 11527888 _____ (Intel Corporation) C:\Windows\system32\Drivers\NETwsw00.sys
2014-05-20 18:46 - 2014-01-26 16:54 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-05-20 18:45 - 2014-05-20 18:45 - 56270848 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2014-05-20 18:45 - 2014-05-20 18:45 - 03872984 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-05-20 18:45 - 2014-05-20 18:45 - 02792152 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2014-05-20 18:45 - 2014-05-20 18:45 - 02770976 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2014-05-20 18:45 - 2014-05-20 18:45 - 01024216 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2014-05-20 18:45 - 2014-05-20 18:45 - 00947760 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2014-05-20 18:45 - 2014-05-20 18:45 - 00946392 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2014-05-20 18:45 - 2014-05-20 18:45 - 00757301 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-05-20 18:45 - 2014-05-20 18:45 - 00624344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2014-05-20 18:35 - 2014-05-07 14:39 - 00000000 ____D () C:\Users\Marco & Allyn\Documents\Allyn Unterlagen
2014-05-16 12:38 - 2014-02-03 11:10 - 00000000 ____D () C:\Users\Marco & Allyn\Documents\Eigene Scans
2014-05-13 14:20 - 2014-05-13 14:20 - 00273176 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgtdia.sys
2014-05-13 14:20 - 2014-05-13 14:20 - 00235800 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgldx64.sys
2014-05-13 14:06 - 2014-05-13 14:06 - 00323352 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgloga.sys
2014-05-13 14:05 - 2014-05-13 14:05 - 00191768 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsha.sys
2014-05-13 14:05 - 2014-05-13 14:05 - 00152344 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgdiska.sys
2014-05-13 14:05 - 2014-05-13 14:05 - 00130328 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys
2014-05-13 14:04 - 2014-05-13 14:04 - 00236312 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2014-05-13 14:04 - 2014-05-13 14:04 - 00031512 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgrkx64.sys
2014-05-08 10:01 - 2014-01-26 16:05 - 00000000 ____D () C:\Users\Marco & Allyn\AppData\Local\VirtualStore
2014-05-07 15:30 - 2014-01-26 16:05 - 00000000 ____D () C:\Users\Marco & Allyn
2014-05-07 14:44 - 2014-05-07 14:44 - 00002762 _____ () C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2014-05-06 06:40 - 2014-05-21 12:49 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 06:17 - 2014-05-21 12:49 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 05:25 - 2014-05-21 12:49 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 05:07 - 2014-05-21 12:49 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 05:00 - 2014-05-21 12:49 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 04:10 - 2014-05-21 12:49 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-03 16:10 - 2014-05-03 16:10 - 00003676 _____ () C:\Windows\System32\Tasks\HP-Online-Aktualisierungsprogramm
2014-05-03 16:10 - 2014-01-27 14:10 - 00000000 ____D () C:\Users\Marco & Allyn\AppData\Roaming\HpUpdate
2014-05-03 16:10 - 2014-01-26 18:10 - 00000000 ____D () C:\Users\Marco & Allyn\AppData\Local\Microsoft Help
2014-05-03 16:07 - 2014-05-03 16:01 - 00000000 ____D () C:\ProgramData\AVG
2014-05-03 16:04 - 2014-05-03 16:04 - 00002213 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2014.lnk
2014-05-03 16:04 - 2014-05-03 16:04 - 00000000 ____D () C:\Users\Marco & Allyn\AppData\Roaming\AVG
2014-05-03 16:04 - 2014-05-03 16:04 - 00000000 ____D () C:\Users\Marco & Allyn\AppData\Local\AVG
2014-05-03 16:03 - 2014-01-26 18:02 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-05-03 16:00 - 2014-05-03 16:00 - 70431144 _____ (AVG) C:\Users\Marco & Allyn\Downloads\avg_tuh_stf_all_2014_423_24c28.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-27 09:49

==================== End Of Log ============================
         
--- --- ---

Alt 29.05.2014, 06:58   #8
schrauber
/// the machine
/// TB-Ausbilder
 

Laptop ist infiziert.( Glaube ich zumindest) - Standard

Laptop ist infiziert.( Glaube ich zumindest)



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 29.05.2014, 12:07   #9
mko75b
 
Laptop ist infiziert.( Glaube ich zumindest) - Standard

Laptop ist infiziert.( Glaube ich zumindest)



[CODE][/COD2014/05/29 10:06:48 +0200 mbam-log-2014-05-29 (10-06-47).xml yes 2.00.2.1012 v2014.05.29.05 v2014.05.21.01 free disabled disabled disabled Windows 7 Service Pack 1 x64 Marco & Allyn NTFS threat completed 300547 673 0 0 4 2 0 3 22 0 enabled enabled enabled enabled disabled disabled enabled enabled enabled HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{DFEFCDEE-CF1A-4FC8-88AD-129872198372}PUP.LoadTubessuccess2702d1866714e84ee17ab158dd237c84 HKU\S-1-5-21-2670273376-682371760-3267579283-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{DFEFCDEE-CF1A-4FC8-88AD-129872198372}PUP.LoadTubessuccess2702d1866714e84ee17ab158dd237c84 HKU\S-1-5-21-2670273376-682371760-3267579283-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{DFEFCDEE-CF1A-4FC8-88AD-129872198372}PUP.LoadTubessuccess2702d1866714e84ee17ab158dd237c84 HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\loadtbs-3.0PUP.Optional.LoadTubessuccessc465e4732b50ef471b5ea3ef25deb749 HKU\S-1-5-21-2670273376-682371760-3267579283-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER{DFEFCDEE-CF1A-4FC8-88AD-129872198372}PUP.LoadTubessuccessE]

Hallo Schrauber. wenn ich versuche die Ansicht im mbam Verlauf zu speichern, passiert nix und sagt das es Fehler bzw. mbam nicht richtig funktioniert. Habe aber unter Suchlauf das Protokoll auf der Festplatte gefunden. Deswegen sieht es so aus. :-) s.o.

AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v3.211 - Bericht erstellt am 29/05/2014 um 10:52:29
# Aktualisiert 26/05/2014 von Xplode
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (64 bits)
# Benutzername : Marco & Allyn - MAPC
# Gestartet von : C:\Users\Marco & Allyn\Downloads\adwcleaner_3.211.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Program Files (x86)\iMesh Applications
Ordner Gelöscht : C:\Windows\SysWOW64\SearchProtect
Ordner Gelöscht : C:\Users\Marco & Allyn\AppData\Roaming\Windows Net Data
Ordner Gelöscht : C:\Users\Marco & Allyn\AppData\Roaming\Mozilla\Firefox\Profiles\eywkiaw0.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
Ordner Gelöscht : C:\Users\Marco & Allyn\AppData\Roaming\Mozilla\Firefox\Profiles\eywkiaw0.default\Extensions\EFGLQA@78ETGYN-0W7FN789T87.COM
Ordner Gelöscht : C:\Users\Marco & Allyn\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmlgoencnlndpglbocajlimaikjohmab
Datei Gelöscht : C:\END
Datei Gelöscht : C:\Users\Marco & Allyn\AppData\Roaming\Mozilla\Firefox\Profiles\eywkiaw0.default\user.js
Datei Gelöscht : C:\Windows\Tasks\Driver Booster Update.job
Datei Gelöscht : C:\Windows\System32\Tasks\Driver Booster Update

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Schlüssel Gelöscht : HKCU\Software\AVG Secure Search
Schlüssel Gelöscht : HKCU\Software\ilivid
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software
Schlüssel Gelöscht : HKLM\Software\covus freemium gmbh
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VIS

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17041


-\\ Mozilla Firefox v29.0.1 (de)

[ Datei : C:\Users\Marco & Allyn\AppData\Roaming\Mozilla\Firefox\Profiles\eywkiaw0.default\prefs.js ]


-\\ Google Chrome v

*************************

AdwCleaner[R0].txt - [2487 octets] - [29/05/2014 10:49:00]
AdwCleaner[S0].txt - [2173 octets] - [29/05/2014 10:52:29]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2233 octets] ##########
         
--- --- ---

Beim JRT gibt es mehrere Probleme. Das System findet nirgends einen Pfad. Habe den Vorgang schon wiederholt ,aber immer das gleiche Problem. Was kann ich tun?

Alt 30.05.2014, 10:50   #10
schrauber
/// the machine
/// TB-Ausbilder
 

Laptop ist infiziert.( Glaube ich zumindest) - Standard

Laptop ist infiziert.( Glaube ich zumindest)



JRT ignorieren.


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 30.05.2014, 13:21   #11
mko75b
 
Laptop ist infiziert.( Glaube ich zumindest) - Standard

Laptop ist infiziert.( Glaube ich zumindest)



ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7587
# api_version=3.0.2
# EOSSerial=c6616b3f6b169c4489ffaf6ec88ef349
# engine=18474
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-05-30 11:06:40
# local_time=2014-05-30 01:06:40 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='AVG Internet Security 2014'
# compatibility_mode=1049 16777213 100 100 2911 88581984 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 8811598 153077850 0 0
# scanned=128045
# found=1
# cleaned=0
# scan_time=2519
sh=0722A569B2D88C617FC9D6A51561D3E9C9588E06 ft=1 fh=31688d330a2d4e0c vn="Win32/OpenCandy potenziell unsichere Anwendung" ac=I fn="C:\Users\Marco & Allyn\AppData\Local\BewerbungsMaster\Temp\PDF-Setup.exe"

Hallo Schrauber. Beim Security check kann ich nichts machen. Es zeigt mir folgendes an:UNSUPPORTED OPERATING SYSTEM! ABORTED! ???????

Alt 31.05.2014, 11:33   #12
schrauber
/// the machine
/// TB-Ausbilder
 

Laptop ist infiziert.( Glaube ich zumindest) - Standard

Laptop ist infiziert.( Glaube ich zumindest)



Dann bitte das frische FRST log und die Antwort auf meine Frage.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 31.05.2014, 13:06   #13
mko75b
 
Laptop ist infiziert.( Glaube ich zumindest) - Standard

Laptop ist infiziert.( Glaube ich zumindest)



FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-05-2014
Ran by Marco & Allyn (administrator) on MAPC on 31-05-2014 12:36:04
Running from C:\Users\Marco & Allyn\Downloads
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool 
Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool 
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
() C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2Service.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
(mst software GmbH, Germany) C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 10\DfSdkS64.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Haufe-Lexware GmbH & Co. KG) C:\Program Files (x86)\Lexware\Installer Service\LxInstallerService.exe
(iAnywhere Solutions, Inc.) C:\Program Files (x86)\SQL Anywhere 12\Bin32\dbsrv12.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Ashampoo Development GmbH & Co. KG) C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2.exe
(Ashampoo Development GmbH & Co. KG) C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 10\LiveTuner.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Microsoft Corp.) C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\mswinext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Haufe-Lexware GmbH & Co. KG) C:\Program Files (x86)\Lexware\Update Manager\LxUpdateManager.exe
(Haufe-Lexware GmbH & Co. KG) C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(AVG) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(AVG) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 10\LiveTunerService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgfws.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
(Farbar) C:\Users\Marco & Allyn\Downloads\FRST64(1).exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13667032 2014-05-20] (Realtek Semiconductor)
HKLM\...\Run: [Ashampoo Core Tuner 2] => C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2.exe [5220768 2011-08-22] (Ashampoo Development GmbH & Co. KG)
HKLM\...\Run: [Ashampoo WinOptimizer Live-Tuner] => C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 10\LiveTuner.exe [2949480 2013-11-19] (Ashampoo Development GmbH & Co. KG)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5181456 2014-05-13] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [MSN Toolbar] => C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\mswinext.exe [240992 2009-11-16] (Microsoft Corp.)
HKLM-x32\...\Run: [Microsoft Default Manager] => C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [288080 2009-07-17] (Microsoft Corporation)
HKLM-x32\...\Run: [LexwareInfoService] => C:\Program Files (x86)\Lexware\Update Manager\LxUpdateManager.exe [208424 2013-10-17] (Haufe-Lexware GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [247144 2012-10-08] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [202600 2012-10-08] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Sign In
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x500A65A7AD1ACF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {25CBE200-DC32-4866-9214-5463D9CF4616} URL = https://www.google.com/search?q={searchTerms}
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: MSN Toolbar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll (Microsoft Corporation)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM-x32 - MSN Toolbar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll (Microsoft Corporation)
Toolbar: HKLM-x32 - Free PDF Perfect - {EFC2B9BE-AB2B-47F1-A47D-9EB28E58C917} - C:\Program Files (x86)\Freemium\Free PDF Perfect\ieagent32.dll (soft Xpansion)
DPF: HKLM-x32 {85C86CCC-2158-4123-9C7D-785190CED875} https://lernboerse.arbeitsagentur.de/exklusiv/ilias/data/balihob/lm_data/httppath/dpLaunchPlugin.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Marco & Allyn\AppData\Roaming\Mozilla\Firefox\Profiles\eywkiaw0.default
FF Homepage: hxxp://www.google.de/
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\3.0.40818.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpWinExt,version=4.0 - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF - C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll (Nitro PDF)
FF Plugin-x32: @soft-xpansion/npsxpdf - C:\Program Files (x86)\Common Files\Freemium\np-sxpdf.dll (soft-Xpansion)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-01-27]
FF HKLM-x32\...\Firefox\Extensions: [msntoolbar@msn.com] - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\Firefox
FF Extension: MSN Toolbar - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\Firefox [2014-01-27]
FF HKLM-x32\...\Firefox\Extensions: [{27182e60-b5f3-411c-b545-b44205977502}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\
FF Extension: Search Helper Extension - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\firefoxextension\SearchHelperExtension\ []
FF HKLM-x32\...\Firefox\Extensions: [{B45418F9-6406-4828-9D1A-35313FB1E2D6}] - C:\ProgramData\Freemium\Free PDF Perfect\Data\fftb
FF Extension: Free PDF Perfect - C:\ProgramData\Freemium\Free PDF Perfect\Data\fftb [2014-02-17]
FF HKLM-x32\...\Thunderbird\Extensions: [{B45418F9-6406-4828-9D1A-35313FB1E2D6}] - C:\ProgramData\Freemium\Free PDF Perfect\Data\fftb
FF Extension: Free PDF Perfect - C:\ProgramData\Freemium\Free PDF Perfect\Data\fftb [2014-02-17]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2014-01-27]

Chrome: 
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION

==================== Services (Whitelisted) =================

R2 ACT2_Service; C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2Service.exe [1421216 2011-08-22] ()
R2 avgfws; C:\Program Files (x86)\AVG\AVG2014\avgfws.exe [1473792 2014-05-13] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3644432 2014-05-13] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [292424 2014-05-13] (AVG Technologies CZ, s.r.o.)
R2 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 10\DfsdkS64.exe [544768 2009-08-24] (mst software GmbH, Germany)
R2 Lexware Installations Dienst; C:\Program Files (x86)\lexware\installer service\LxInstallerService.exe [24064 2012-10-07] (Haufe-Lexware GmbH & Co. KG)
R2 Lexware_Datenbank_Plus; C:\Program Files (x86)\SQL Anywhere 12\Bin32\dbsrv12.exe [141176 2012-06-01] (iAnywhere Solutions, Inc.)
R2 Lexware_Update_Service; C:\Program Files (x86)\Lexware\Update Service\Hmg.InstallationService.Service.exe [49664 2013-10-08] (Haufe-Lexware GmbH & Co. KG)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [273168 2011-12-08] ()
R2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-07-26] (Nitro PDF Software)
S3 SXDS10; C:\Program Files (x86)\Common Files\soft Xpansion\sxds10.exe [234096 2014-02-17] (soft Xpansion)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2185528 2014-04-15] (AVG)
R2 WO_LiveService; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 10\LiveTunerService.exe [885096 2013-11-19] ()
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [594704 2011-12-08] (Intel® Corporation)

==================== Drivers (Whitelisted) ====================

R2 ACT2PM; C:\Program Files (x86)\Ashampoo\Ashampoo Core Tuner 2\ACT2ProcessMonitor64.sys [15160 2011-06-10] ()
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [152344 2014-05-13] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\Windows\System32\DRIVERS\avgfwd6a.sys [57144 2013-09-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [236312 2014-05-13] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [191768 2014-05-13] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-05-13] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [323352 2014-05-13] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [130328 2014-05-13] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-05-13] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [273176 2014-05-13] (AVG Technologies CZ, s.r.o.)
R2 LiveTunerPM; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 10\LiveTunerProcessMonitor64.sys [12824 2011-03-08] ()
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [100312 2014-05-20] (Intel Corporation)
S3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [33008 2014-04-15] (Synaptics Incorporated)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [14112 2014-03-26] (TuneUp Software)
R2 UI5IFS; C:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller 5\IFS64.sys [37216 2013-05-08] ()

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-31 12:35 - 2014-05-31 12:35 - 02066944 _____ (Farbar) C:\Users\Marco & Allyn\Downloads\FRST64(1).exe
2014-05-31 12:21 - 2014-05-31 12:33 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-05-31 12:19 - 2014-05-31 12:19 - 02347384 _____ (ESET) C:\Users\Marco & Allyn\Downloads\esetsmartinstaller_deu.exe
2014-05-30 14:02 - 2014-05-30 14:02 - 00000135 _____ () C:\Windows\ODBC.INI
2014-05-30 14:00 - 2014-05-30 14:00 - 00000000 ____D () C:\ProgramData\SQL Anywhere 12
2014-05-30 14:00 - 2014-05-30 14:00 - 00000000 ____D () C:\Program Files (x86)\Sybase
2014-05-30 14:00 - 2014-05-30 14:00 - 00000000 ____D () C:\Program Files (x86)\SQL Anywhere 12
2014-05-30 13:59 - 2006-06-26 15:58 - 01929216 _____ (Amyuni Technologies Amyuni | Quality PDF Developer Tools for .NET, Silverlight, 64-bit SDK, Citrix Ready) C:\Windows\SysWOW64\cdintf250.dll
2014-05-30 13:57 - 2014-05-30 13:57 - 00000000 ____D () C:\Users\Marco & Allyn\AppData\Roaming\Lexware
2014-05-30 13:56 - 2014-05-30 13:56 - 00002669 _____ () C:\Users\Public\Desktop\TAXMAN 2014.lnk
2014-05-30 13:56 - 2014-05-30 13:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexware
2014-05-30 13:55 - 2014-05-31 12:29 - 00000000 ____D () C:\ProgramData\Lexware
2014-05-30 13:55 - 2014-05-30 14:08 - 00000000 ____D () C:\Program Files (x86)\Lexware
2014-05-30 13:54 - 2013-08-29 09:17 - 08946728 _____ (Amyuni Technologies Amyuni | Quality PDF Developer Tools for .NET, Silverlight, 64-bit SDK, Citrix Ready) C:\Windows\system32\cdintf500_64.dll
2014-05-30 13:54 - 2013-08-29 09:17 - 07181352 _____ (Amyuni Technologies Amyuni | Quality PDF Developer Tools for .NET, Silverlight, 64-bit SDK, Citrix Ready) C:\Windows\SysWOW64\cdintf500.dll
2014-05-30 13:51 - 2014-05-30 14:03 - 00000000 ____D () C:\Users\Marco & Allyn\AppData\Local\Lexware
2014-05-30 12:13 - 2014-05-30 12:13 - 00854367 _____ () C:\Users\Marco & Allyn\Downloads\SecurityCheck.exe
2014-05-29 10:59 - 2014-05-29 10:59 - 01016261 _____ (Thisisu) C:\Users\Marco & Allyn\Downloads\JRT.exe
2014-05-29 10:59 - 2014-05-29 10:59 - 00000000 ____D () C:\Windows\ERUNT
2014-05-29 10:49 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-05-29 10:48 - 2014-05-29 10:52 - 00000000 ____D () C:\AdwCleaner
2014-05-29 10:47 - 2014-05-29 10:47 - 01327971 _____ () C:\Users\Marco & Allyn\Downloads\adwcleaner_3.211.exe
2014-05-29 10:06 - 2014-05-29 10:35 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-29 10:06 - 2014-05-29 10:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-29 10:06 - 2014-05-29 10:06 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-29 10:06 - 2014-05-29 10:06 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-05-29 10:06 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-29 10:06 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-29 10:06 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-29 10:05 - 2014-05-29 10:05 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Marco & Allyn\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-29 09:51 - 2014-05-31 11:57 - 00009118 _____ () C:\Windows\PFRO.log
2014-05-29 09:51 - 2014-05-31 11:57 - 00000224 _____ () C:\Windows\setupact.log
2014-05-29 09:51 - 2014-05-29 09:51 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-28 11:54 - 2014-05-31 12:36 - 00016511 _____ () C:\Users\Marco & Allyn\Downloads\FRST.txt
2014-05-28 11:53 - 2014-05-28 11:53 - 02066944 _____ (Farbar) C:\Users\Marco & Allyn\Downloads\FRST64.exe
2014-05-28 11:43 - 2014-05-28 11:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-28 10:20 - 2014-05-29 09:51 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-28 10:20 - 2014-05-28 10:20 - 00688552 _____ (Yahoo! Inc.) C:\Users\Marco & Allyn\Downloads\yahoo_firefox_de_wrap_2014.04.14.11.22.23.exe
2014-05-28 10:20 - 2014-05-28 10:20 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-27 08:21 - 2014-05-27 08:21 - 00000000 ___SD () C:\ComboFix
2014-05-27 08:19 - 2014-05-27 08:19 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\temp
2014-05-27 08:19 - 2014-05-27 08:19 - 00000000 ____D () C:\Users\Public\AppData\Local\temp
2014-05-27 08:19 - 2014-05-27 08:19 - 00000000 ____D () C:\Users\Default\AppData\Local\temp
2014-05-27 08:19 - 2014-05-27 08:19 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp
2014-05-26 23:14 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-05-26 23:14 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-05-26 23:14 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-05-26 23:14 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-05-26 23:14 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-05-26 23:14 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-05-26 23:14 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-05-26 23:14 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-05-26 23:11 - 2014-05-27 08:21 - 00000000 ____D () C:\Qoobox
2014-05-26 23:11 - 2014-05-26 23:27 - 00000000 ____D () C:\Windows\erdnt
2014-05-26 23:10 - 2014-05-26 23:11 - 05200919 ____R (Swearware) C:\Users\Marco & Allyn\Desktop\ComboFix.exe
2014-05-26 22:37 - 2014-05-26 22:37 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-24 15:37 - 2014-05-31 12:36 - 00000000 ____D () C:\FRST
2014-05-24 15:13 - 2014-05-24 15:51 - 00000000 ____D () C:\Users\Marco & Allyn\AppData\Roaming\Nico Mak Computing
2014-05-21 12:49 - 2014-05-06 06:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-21 12:49 - 2014-05-06 06:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-21 12:49 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-21 12:49 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-21 12:49 - 2014-05-06 05:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-21 12:49 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-21 12:45 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-21 12:45 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-21 12:45 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-21 12:45 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-21 12:45 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-21 12:45 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-21 12:45 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-21 12:45 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-21 12:45 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-21 12:45 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-21 12:45 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-21 12:45 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-21 12:45 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-21 12:45 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-21 12:45 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-21 12:45 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-21 12:45 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-21 12:45 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-21 12:45 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-21 12:45 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-21 12:45 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-21 12:45 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-21 12:45 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-21 12:45 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-21 12:45 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-21 12:45 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-21 12:45 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-21 12:45 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-21 12:45 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-21 12:45 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-21 12:45 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-21 12:45 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-21 12:45 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-21 12:45 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-21 12:45 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-21 12:45 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-21 12:45 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-21 12:45 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-21 12:45 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-21 12:45 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-21 12:45 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-21 12:45 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-21 12:45 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-20 18:49 - 2014-05-20 18:49 - 00901848 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2014-05-20 18:49 - 2014-05-20 18:49 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2014-05-20 18:48 - 2014-05-20 18:48 - 00342528 _____ (Intel(R) Corporation) C:\Windows\system32\Drivers\IntcDAud.sys
2014-05-20 18:48 - 2014-05-20 18:48 - 00100312 _____ (Intel Corporation) C:\Windows\system32\Drivers\TeeDriverx64.sys
2014-05-20 18:48 - 2014-05-20 18:48 - 00016896 _____ (Intel(R) Corporation) C:\Windows\system32\IntcDAuC.dll
2014-05-20 18:47 - 2014-05-20 18:47 - 11527888 _____ (Intel Corporation) C:\Windows\system32\Drivers\NETwsw00.sys
2014-05-20 18:45 - 2014-05-20 18:45 - 56270848 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2014-05-20 18:45 - 2014-05-20 18:45 - 03872984 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-05-20 18:45 - 2014-05-20 18:45 - 02792152 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2014-05-20 18:45 - 2014-05-20 18:45 - 02770976 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2014-05-20 18:45 - 2014-05-20 18:45 - 01024216 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2014-05-20 18:45 - 2014-05-20 18:45 - 00947760 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2014-05-20 18:45 - 2014-05-20 18:45 - 00946392 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2014-05-20 18:45 - 2014-05-20 18:45 - 00757301 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-05-20 18:45 - 2014-05-20 18:45 - 00624344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2014-05-13 14:20 - 2014-05-13 14:20 - 00273176 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgtdia.sys
2014-05-13 14:20 - 2014-05-13 14:20 - 00235800 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgldx64.sys
2014-05-13 14:06 - 2014-05-13 14:06 - 00323352 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgloga.sys
2014-05-13 14:05 - 2014-05-13 14:05 - 00191768 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsha.sys
2014-05-13 14:05 - 2014-05-13 14:05 - 00152344 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgdiska.sys
2014-05-13 14:05 - 2014-05-13 14:05 - 00130328 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys
2014-05-13 14:04 - 2014-05-13 14:04 - 00236312 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2014-05-13 14:04 - 2014-05-13 14:04 - 00031512 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgrkx64.sys
2014-05-07 15:31 - 2014-05-27 09:18 - 00000000 ____D () C:\Users\Marco & Allyn\Desktop\Anwendungen
2014-05-07 14:44 - 2014-05-07 14:44 - 00002762 _____ () C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2014-05-07 14:39 - 2014-05-20 18:35 - 00000000 ____D () C:\Users\Marco & Allyn\Documents\Allyn Unterlagen
2014-05-03 16:10 - 2014-05-03 16:10 - 00003676 _____ () C:\Windows\System32\Tasks\HP-Online-Aktualisierungsprogramm
2014-05-03 16:04 - 2014-05-03 16:04 - 00002213 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2014.lnk
2014-05-03 16:04 - 2014-05-03 16:04 - 00000000 ____D () C:\Users\Marco & Allyn\AppData\Roaming\AVG
2014-05-03 16:04 - 2014-05-03 16:04 - 00000000 ____D () C:\Users\Marco & Allyn\AppData\Local\AVG
2014-05-03 16:04 - 2014-04-15 16:23 - 00040248 _____ (AVG) C:\Windows\system32\TURegOpt.exe
2014-05-03 16:04 - 2014-04-15 16:23 - 00029496 _____ (AVG) C:\Windows\system32\authuitu.dll
2014-05-03 16:04 - 2014-04-15 16:23 - 00025400 _____ (AVG) C:\Windows\SysWOW64\authuitu.dll
2014-05-03 16:01 - 2014-05-03 16:07 - 00000000 ____D () C:\ProgramData\AVG
2014-05-03 16:00 - 2014-05-03 16:00 - 70431144 _____ (AVG) C:\Users\Marco & Allyn\Downloads\avg_tuh_stf_all_2014_423_24c28.exe

==================== One Month Modified Files and Folders =======

2014-05-31 12:37 - 2014-05-28 11:54 - 00016511 _____ () C:\Users\Marco & Allyn\Downloads\FRST.txt
2014-05-31 12:36 - 2014-05-24 15:37 - 00000000 ____D () C:\FRST
2014-05-31 12:36 - 2014-01-26 16:05 - 00000000 ____D () C:\Users\Marco & Allyn\AppData\Local\Temp
2014-05-31 12:35 - 2014-05-31 12:35 - 02066944 _____ (Farbar) C:\Users\Marco & Allyn\Downloads\FRST64(1).exe
2014-05-31 12:33 - 2014-05-31 12:21 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-05-31 12:29 - 2014-05-30 13:55 - 00000000 ____D () C:\ProgramData\Lexware
2014-05-31 12:19 - 2014-05-31 12:19 - 02347384 _____ (ESET) C:\Users\Marco & Allyn\Downloads\esetsmartinstaller_deu.exe
2014-05-31 12:06 - 2009-07-14 06:45 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-31 12:06 - 2009-07-14 06:45 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-31 12:04 - 2014-01-26 17:58 - 00000000 ____D () C:\ProgramData\MFAData
2014-05-31 12:04 - 2009-07-14 19:58 - 00702564 _____ () C:\Windows\system32\perfh007.dat
2014-05-31 12:04 - 2009-07-14 19:58 - 00150116 _____ () C:\Windows\system32\perfc007.dat
2014-05-31 12:04 - 2009-07-14 07:13 - 01627120 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-31 12:02 - 2014-01-26 15:54 - 01274190 _____ () C:\Windows\WindowsUpdate.log
2014-05-31 12:00 - 2014-03-27 21:18 - 00003490 _____ () C:\Windows\System32\Tasks\AutoKMS
2014-05-31 11:58 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-31 11:58 - 2009-07-14 06:45 - 00380448 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-05-31 11:57 - 2014-05-29 09:51 - 00009118 _____ () C:\Windows\PFRO.log
2014-05-31 11:57 - 2014-05-29 09:51 - 00000224 _____ () C:\Windows\setupact.log
2014-05-30 14:09 - 2014-01-26 16:51 - 00091808 _____ () C:\Users\Marco & Allyn\AppData\Local\GDIPFONTCACHEV1.DAT
2014-05-30 14:08 - 2014-05-30 13:55 - 00000000 ____D () C:\Program Files (x86)\Lexware
2014-05-30 14:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\Help
2014-05-30 14:06 - 2014-02-17 13:58 - 00000000 ____D () C:\ProgramData\Package Cache
2014-05-30 14:03 - 2014-05-30 13:51 - 00000000 ____D () C:\Users\Marco & Allyn\AppData\Local\Lexware
2014-05-30 14:02 - 2014-05-30 14:02 - 00000135 _____ () C:\Windows\ODBC.INI
2014-05-30 14:00 - 2014-05-30 14:00 - 00000000 ____D () C:\ProgramData\SQL Anywhere 12
2014-05-30 14:00 - 2014-05-30 14:00 - 00000000 ____D () C:\Program Files (x86)\Sybase
2014-05-30 14:00 - 2014-05-30 14:00 - 00000000 ____D () C:\Program Files (x86)\SQL Anywhere 12
2014-05-30 13:57 - 2014-05-30 13:57 - 00000000 ____D () C:\Users\Marco & Allyn\AppData\Roaming\Lexware
2014-05-30 13:56 - 2014-05-30 13:56 - 00002669 _____ () C:\Users\Public\Desktop\TAXMAN 2014.lnk
2014-05-30 13:56 - 2014-05-30 13:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexware
2014-05-30 12:13 - 2014-05-30 12:13 - 00854367 _____ () C:\Users\Marco & Allyn\Downloads\SecurityCheck.exe
2014-05-29 10:59 - 2014-05-29 10:59 - 01016261 _____ (Thisisu) C:\Users\Marco & Allyn\Downloads\JRT.exe
2014-05-29 10:59 - 2014-05-29 10:59 - 00000000 ____D () C:\Windows\ERUNT
2014-05-29 10:52 - 2014-05-29 10:48 - 00000000 ____D () C:\AdwCleaner
2014-05-29 10:47 - 2014-05-29 10:47 - 01327971 _____ () C:\Users\Marco & Allyn\Downloads\adwcleaner_3.211.exe
2014-05-29 10:35 - 2014-05-29 10:06 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-29 10:19 - 2009-07-14 20:18 - 00000000 ____D () C:\Windows\ShellNew
2014-05-29 10:06 - 2014-05-29 10:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-29 10:06 - 2014-05-29 10:06 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-29 10:06 - 2014-05-29 10:06 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-05-29 10:05 - 2014-05-29 10:05 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Marco & Allyn\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-29 09:51 - 2014-05-29 09:51 - 00000000 _____ () C:\Windows\setuperr.log
2014-05-29 09:51 - 2014-05-28 10:20 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-05-28 11:53 - 2014-05-28 11:53 - 02066944 _____ (Farbar) C:\Users\Marco & Allyn\Downloads\FRST64.exe
2014-05-28 11:43 - 2014-05-28 11:43 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-28 11:32 - 2014-01-27 11:15 - 00000000 ____D () C:\Users\Marco & Allyn\Documents\Bewerbung Marco
2014-05-28 11:18 - 2014-01-30 13:51 - 00000000 ____D () C:\Users\Marco & Allyn\AppData\Roaming\Nitro PDF
2014-05-28 10:20 - 2014-05-28 10:20 - 00688552 _____ (Yahoo! Inc.) C:\Users\Marco & Allyn\Downloads\yahoo_firefox_de_wrap_2014.04.14.11.22.23.exe
2014-05-28 10:20 - 2014-05-28 10:20 - 00001159 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-27 09:56 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-05-27 09:18 - 2014-05-07 15:31 - 00000000 ____D () C:\Users\Marco & Allyn\Desktop\Anwendungen
2014-05-27 08:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-27 08:21 - 2014-05-27 08:21 - 00000000 ___SD () C:\ComboFix
2014-05-27 08:21 - 2014-05-26 23:11 - 00000000 ____D () C:\Qoobox
2014-05-27 08:19 - 2014-05-27 08:19 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\temp
2014-05-27 08:19 - 2014-05-27 08:19 - 00000000 ____D () C:\Users\Public\AppData\Local\temp
2014-05-27 08:19 - 2014-05-27 08:19 - 00000000 ____D () C:\Users\Default\AppData\Local\temp
2014-05-27 08:19 - 2014-05-27 08:19 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp
2014-05-27 08:18 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-05-26 23:30 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-05-26 23:27 - 2014-05-26 23:11 - 00000000 ____D () C:\Windows\erdnt
2014-05-26 23:11 - 2014-05-26 23:10 - 05200919 ____R (Swearware) C:\Users\Marco & Allyn\Desktop\ComboFix.exe
2014-05-26 22:37 - 2014-05-26 22:37 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-05-24 15:51 - 2014-05-24 15:13 - 00000000 ____D () C:\Users\Marco & Allyn\AppData\Roaming\Nico Mak Computing
2014-05-23 09:38 - 2014-04-02 11:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-05-22 14:02 - 2014-01-26 16:05 - 00000000 ___RD () C:\Users\Marco & Allyn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-22 14:02 - 2014-01-26 16:05 - 00000000 ___RD () C:\Users\Marco & Allyn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-21 12:53 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-05-21 12:49 - 2014-01-26 19:07 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-21 12:47 - 2009-10-14 07:12 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-20 18:49 - 2014-05-20 18:49 - 00901848 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2014-05-20 18:49 - 2014-05-20 18:49 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2014-05-20 18:49 - 2014-01-26 17:16 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2014-05-20 18:48 - 2014-05-20 18:48 - 00342528 _____ (Intel(R) Corporation) C:\Windows\system32\Drivers\IntcDAud.sys
2014-05-20 18:48 - 2014-05-20 18:48 - 00100312 _____ (Intel Corporation) C:\Windows\system32\Drivers\TeeDriverx64.sys
2014-05-20 18:48 - 2014-05-20 18:48 - 00016896 _____ (Intel(R) Corporation) C:\Windows\system32\IntcDAuC.dll
2014-05-20 18:47 - 2014-05-20 18:47 - 11527888 _____ (Intel Corporation) C:\Windows\system32\Drivers\NETwsw00.sys
2014-05-20 18:46 - 2014-01-26 16:54 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-05-20 18:45 - 2014-05-20 18:45 - 56270848 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2014-05-20 18:45 - 2014-05-20 18:45 - 03872984 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-05-20 18:45 - 2014-05-20 18:45 - 02792152 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkAPO64.dll
2014-05-20 18:45 - 2014-05-20 18:45 - 02770976 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2014-05-20 18:45 - 2014-05-20 18:45 - 01024216 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2014-05-20 18:45 - 2014-05-20 18:45 - 00947760 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2014-05-20 18:45 - 2014-05-20 18:45 - 00946392 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2014-05-20 18:45 - 2014-05-20 18:45 - 00757301 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-05-20 18:45 - 2014-05-20 18:45 - 00624344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2014-05-20 18:35 - 2014-05-07 14:39 - 00000000 ____D () C:\Users\Marco & Allyn\Documents\Allyn Unterlagen
2014-05-16 12:38 - 2014-02-03 11:10 - 00000000 ____D () C:\Users\Marco & Allyn\Documents\Eigene Scans
2014-05-13 14:20 - 2014-05-13 14:20 - 00273176 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgtdia.sys
2014-05-13 14:20 - 2014-05-13 14:20 - 00235800 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgldx64.sys
2014-05-13 14:06 - 2014-05-13 14:06 - 00323352 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgloga.sys
2014-05-13 14:05 - 2014-05-13 14:05 - 00191768 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsha.sys
2014-05-13 14:05 - 2014-05-13 14:05 - 00152344 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgdiska.sys
2014-05-13 14:05 - 2014-05-13 14:05 - 00130328 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys
2014-05-13 14:04 - 2014-05-13 14:04 - 00236312 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2014-05-13 14:04 - 2014-05-13 14:04 - 00031512 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgrkx64.sys
2014-05-12 07:26 - 2014-05-29 10:06 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-12 07:26 - 2014-05-29 10:06 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-05-29 10:06 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-08 10:01 - 2014-01-26 16:05 - 00000000 ____D () C:\Users\Marco & Allyn\AppData\Local\VirtualStore
2014-05-07 15:30 - 2014-01-26 16:05 - 00000000 ____D () C:\Users\Marco & Allyn
2014-05-07 14:44 - 2014-05-07 14:44 - 00002762 _____ () C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
2014-05-06 06:40 - 2014-05-21 12:49 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 06:17 - 2014-05-21 12:49 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 05:25 - 2014-05-21 12:49 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-06 05:07 - 2014-05-21 12:49 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-06 05:00 - 2014-05-21 12:49 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-06 04:10 - 2014-05-21 12:49 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-03 16:10 - 2014-05-03 16:10 - 00003676 _____ () C:\Windows\System32\Tasks\HP-Online-Aktualisierungsprogramm
2014-05-03 16:10 - 2014-01-27 14:10 - 00000000 ____D () C:\Users\Marco & Allyn\AppData\Roaming\HpUpdate
2014-05-03 16:10 - 2014-01-26 18:10 - 00000000 ____D () C:\Users\Marco & Allyn\AppData\Local\Microsoft Help
2014-05-03 16:07 - 2014-05-03 16:01 - 00000000 ____D () C:\ProgramData\AVG
2014-05-03 16:04 - 2014-05-03 16:04 - 00002213 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2014.lnk
2014-05-03 16:04 - 2014-05-03 16:04 - 00000000 ____D () C:\Users\Marco & Allyn\AppData\Roaming\AVG
2014-05-03 16:04 - 2014-05-03 16:04 - 00000000 ____D () C:\Users\Marco & Allyn\AppData\Local\AVG
2014-05-03 16:03 - 2014-01-26 18:02 - 00000000 ____D () C:\Program Files (x86)\AVG
2014-05-03 16:00 - 2014-05-03 16:00 - 70431144 _____ (AVG) C:\Users\Marco & Allyn\Downloads\avg_tuh_stf_all_2014_423_24c28.exe

Some content of TEMP:
====================
C:\Users\Marco & Allyn\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-29 12:25

==================== End Of Log ============================
         
--- --- ---

--- --- ---

--- --- ---


Hallo Schrauber. Bis jetzt funktioniert es wieder so wie ich es möchte. :-) Im FRST log ist jetzt nur noch dieser Text der mich etwas beunruhigt. Was hat dieser Satz zu bedeuten?. Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION Vielen Dank für deine Hilfe. MFG Mko75b

Jetzt geht nur noch selbstständig das Fenster auf als wenn ich den rechten Mausklick benutze.

Alt 01.06.2014, 14:59   #14
schrauber
/// the machine
/// TB-Ausbilder
 

Laptop ist infiziert.( Glaube ich zumindest) - Standard

Laptop ist infiziert.( Glaube ich zumindest)



Revo Uninstaller - Download - Filepony
damit Chrome deinstallieren, keine Daten behalten, Reste entfernen lassen, neu installieren.

Dann:
https://support.google.com/chrome/answer/3296214?hl=de

Zitat:
Jetzt geht nur noch selbstständig das Fenster auf als wenn ich den rechten Mausklick benutze.
Du meinst das Kontextmenü, welches bei Rechtsklick erscheint, kommt von alleine?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 01.06.2014, 23:25   #15
mko75b
 
Laptop ist infiziert.( Glaube ich zumindest) - Standard

Laptop ist infiziert.( Glaube ich zumindest)



Ja das habe ich damit gemeint.

Antwort

Themen zu Laptop ist infiziert.( Glaube ich zumindest)
andere, auf einmal, courser, drucken, ellung, fenster, glaube, hilfestellung, infiziert., laptop, maus, maustaste, rechte, selbständig, sprache, tipps, verzweifel, viren or trojanerbefall, voll, von selbst, öffnet



Ähnliche Themen: Laptop ist infiziert.( Glaube ich zumindest)


  1. Laptop mit Win 7 läuft nicht rund, ich glaube ich habe Tojaner
    Plagegeister aller Art und deren Bekämpfung - 16.11.2015 (30)
  2. Laptop infiziert?
    Plagegeister aller Art und deren Bekämpfung - 17.10.2015 (20)
  3. Laptop vom Trojaner infiziert
    Plagegeister aller Art und deren Bekämpfung - 06.08.2015 (3)
  4. Laptop infiziert mit CryptoWall 3.0...
    Plagegeister aller Art und deren Bekämpfung - 13.04.2015 (5)
  5. Wie stark infiziert ist der Laptop?
    Log-Analyse und Auswertung - 25.04.2014 (9)
  6. Windows 7: 2 Trojan.Dropper.Sp + E-mail und E-bay-Account geknackt + 2 Online-Banking-Accounts zumindest versucht
    Log-Analyse und Auswertung - 02.09.2013 (9)
  7. Laptop infiziert mit ihavenet.com
    Log-Analyse und Auswertung - 02.08.2013 (41)
  8. AW: Infiziert mit TR/Crypt.Xpack.Gen! Was nun tun? Glaube auch, hier den Übeltäter zu suchen.
    Log-Analyse und Auswertung - 26.05.2011 (16)
  9. Ich glaube ich bin Infiziert Spiele öffnen sich einfach
    Log-Analyse und Auswertung - 15.02.2011 (7)
  10. Ich glaube ich bin infiziert / Backdoorvirus
    Mülltonne - 14.02.2011 (0)
  11. Glaube wurde mit einem Trojaner infiziert :x
    Log-Analyse und Auswertung - 31.07.2010 (8)
  12. Mein Laptop ist infiziert
    Plagegeister aller Art und deren Bekämpfung - 22.07.2010 (1)
  13. Laptop infiziert?
    Log-Analyse und Auswertung - 26.01.2010 (4)
  14. Laptop mit Generic.Bot.H und Trojaner infiziert :(
    Plagegeister aller Art und deren Bekämpfung - 04.09.2009 (3)
  15. Ist mein Laptop infiziert???
    Mülltonne - 17.05.2008 (0)
  16. Laptop infiziert
    Plagegeister aller Art und deren Bekämpfung - 19.04.2008 (6)
  17. Laptop infiziert???
    Log-Analyse und Auswertung - 11.06.2007 (6)

Zum Thema Laptop ist infiziert.( Glaube ich zumindest) - Ein Hallo an alle PC- Cracks . Ich bin seit geraumer Zeit echt am verzweifeln. An meinem Laptop gehen selbständig Fenster auf. Wie zum Beispiel beim schreiben, da öffnet sich - Laptop ist infiziert.( Glaube ich zumindest)...
Archiv
Du betrachtest: Laptop ist infiziert.( Glaube ich zumindest) auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.