Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Alles rund um Windows (https://www.trojaner-board.de/alles-rund-um-windows/)
-   -   Win 7 - Regsvr32 - fehler beim laden des moduls (https://www.trojaner-board.de/155416-win-7-regsvr32-fehler-beim-laden-moduls.html)

Mucha 19.06.2014 06:31
Win 7 - Regsvr32 - fehler beim laden des moduls
 
Guten Morgen,

seit paar Tagen kommt bei mir die Meldung bei einschalten des Rechners: "Regsvr32 fehler beim laden des moduls...". Ich habe mich schon bischen schlau gemacht und gelesen, dass es nicht so gut ist. Die Windows Support war nicht hilfreich.
Wie kann den Fehler beheben?

Vilen dank vorab!
LG
Mucha

M-K-D-B 19.06.2014 10:34
:hallo:


Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.


Bitte beachte folgende Hinweise:
  • Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
  • Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
  • Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo.
    Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
  • Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
  • Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort zu starten!


Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

Danke für deine Mitarbeit!





Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


Mucha 19.06.2014 17:58
Hallo Matthias,

bin Kamila. Danke für so schnelle antwort :)
Ich lade jetzt den FRST 64-Bit runter und fuhre gleich den skan durch.

Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-06-2014
Ran by Kamila at 2014-06-19 18:45:44
Running from C:\Users\Kamila\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 4.0.0.1390 - Adobe Systems Incorporated) Hidden
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.5.1.369 - Adobe Systems Incorporated)
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Illustrator CC (HKLM-x32\...\{F2321021-08A2-44D6-B1DF-BDB415F23EC3}) (Version: 17.0 - Adobe Systems Incorporated)
Adobe InDesign CC (HKLM-x32\...\{BC448016-6F11-1014-B0EA-97CEE6E26CB6}) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Reader 9.3 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.3.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM-x32\...\{9ECF7817-DB11-4FBA-9DF1-296A578D513A}) (Version: 11.5.7.609 - Adobe Systems, Inc)
Adobe® Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 3.4.2 - Adobe Systems, Incorporated)
Adobe® Content Viewer (x32 Version: 3.4.2 - Adobe Systems, Incorporated) Hidden
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.95 - WildTangent) Hidden
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArchiCAD 17 GER (HKLM\...\001FFF2FFF17FF00FF0201F01F02F000-R1) (Version: 17.0 - GRAPHISOFT)
Artlantis Studio 5.0.2.3 (64 bit) (HKLM\...\Artlantis Studio 5 (64 bit)) (Version: 5.0.2.3 - Abvent R&D)
ATI Catalyst Install Manager (HKLM\...\{FB07515A-48AC-9996-16EE-3A3DC8CF8D8E}) (Version: 3.0.790.0 - ATI Technologies, Inc.)
Avira Internet Security Suite (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.4.672 - Avira)
Avira SearchFree Toolbar (HKLM-x32\...\{41564952-412D-5637-4300-A758B70C0A03}) (Version: 12.10.3.4691 - APN, LLC)
Avira System Speedup (HKLM-x32\...\AviraSpeedup) (Version: 1.2.1.9800 - Avira System Speedup)
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Bing Bar (HKLM-x32\...\{D6C3C9E7-D334-4918-BD57-5B1EF14C207D}) (Version: 7.1.361.0 - Microsoft Corporation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0909.1412.23625 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0909.1412.23625 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0909.1412.23625 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0909.1412.23625 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0909.1411.23625 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0909.1411.23625 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.0909.1411.23625 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0909.1411.23625 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0909.1411.23625 - ATI) Hidden
CCC Help English (x32 Version: 2010.0909.1411.23625 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0909.1411.23625 - ATI) Hidden
CCC Help French (x32 Version: 2010.0909.1411.23625 - ATI) Hidden
CCC Help German (x32 Version: 2010.0909.1411.23625 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0909.1411.23625 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0909.1411.23625 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0909.1411.23625 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0909.1411.23625 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0909.1411.23625 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0909.1411.23625 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0909.1411.23625 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0909.1411.23625 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0909.1411.23625 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0909.1411.23625 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0909.1411.23625 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0909.1411.23625 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0909.1411.23625 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0909.1412.23625 - Ihr Firmenname) Hidden
ccc-utility64 (Version: 2010.0909.1412.23625 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Contents (x32 Version: 1.6.0.286 - Corel Corporation) Hidden
Corel PaintShop Photo Pro X3 (HKLM-x32\...\_{D1AEB5DB-04FA-489D-94EF-8600898B93EE}) (Version: 1.6.1.116 - Corel Corporation)
Corel PaintShop Photo Pro X3 (x32 Version: 1.00.0000 - Corel Corporation) Hidden
Corel VideoStudio Pro X3 (HKLM-x32\...\_{F072CA07-A781-45E4-9975-C033A73019CF}) (Version: 1.6.0.286 - Corel Corporation)
CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.3003 - CyberLink Corp.)
CyberLink DVD Suite (x32 Version: 7.0.3003 - CyberLink Corp.) Hidden
DeviceIO (x32 Version: 1.6.0.286 - Corel Corporation) Hidden
Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.1.4121 - Hewlett-Packard)
DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.1.4121 - Hewlett-Packard) Hidden
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM\...\{7B4DEBE1-E3E3-45BD-88E6-6C3CA9EEED36}) (Version: 4.1.16.1 - Hewlett-Packard Company)
HP Advisor (HKLM-x32\...\{40FB8D7C-6FF8-4AF2-BC8B-0B1DB32AF04B}) (Version: 3.4.10262.3295 - Hewlett-Packard)
HP Customer Experience Enhancements (x32 Version: 6.0.1.4 - Hewlett-Packard) Hidden
HP Documentation (HKLM-x32\...\{7D4318AC-9560-46F0-910F-0B38D6CDC009}) (Version: 1.1.2.0 - Hewlett-Packard)
HP DVB-T TV Tuner 8.0.64.43 (HKLM-x32\...\HP DVB-T TV Tuner) (Version: 8.0.64.43 - )
HP Game Console (x32 Version:  - WildTangent) Hidden
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.1.3 - WildTangent)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 4.1.4229 - Hewlett-Packard)
HP MediaSmart DVD (x32 Version: 4.1.4229 - Hewlett-Packard) Hidden
HP MediaSmart Movies and TV (HKLM\...\{4B4E2FA2-3B1E-4147-99DB-5033981D8C2F}) (Version: 1.0.0.10 - Hewlett-Packard)
HP MediaSmart Music (HKLM-x32\...\InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}) (Version: 4.1.4215 - Hewlett-Packard)
HP MediaSmart Music (x32 Version: 4.1.4215 - Hewlett-Packard) Hidden
HP MediaSmart Photo (HKLM-x32\...\InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}) (Version: 4.1.4211 - Hewlett-Packard)
HP MediaSmart Photo (x32 Version: 4.1.4211 - Hewlett-Packard) Hidden
HP MediaSmart SmartMenu (HKLM\...\{731A1D36-BF17-4C76-B7E7-CC055AF8C54E}) (Version: 3.1.1.12 - Hewlett-Packard)
HP MediaSmart Video (HKLM-x32\...\InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}) (Version: 4.1.4214 - Hewlett-Packard)
HP MediaSmart Video (x32 Version: 4.1.4214 - Hewlett-Packard) Hidden
HP MediaSmart Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3024 - Hewlett-Packard)
HP MediaSmart Webcam (x32 Version: 4.1.3024 - Hewlett-Packard) Hidden
HP Power Manager (HKLM-x32\...\{D8BCE5B9-67CF-4F3F-93AE-3ACC754C72EB}) (Version: 1.4.7 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{53B17A98-5BF0-40BC-AAFF-850A357975AC}) (Version: 2.7.2 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{72D90DB3-A16A-4545-B555-868471101833}) (Version: 8.1.4186.3400 - Hewlett-Packard)
HP SimplePass Identity Protection (HKLM\...\{1F6B7CB0-66D8-4B31-BF1F-D2318E58080E}) (Version: 5.10.175 - DigitalPersona, Inc.)
HP Software Framework (HKLM-x32\...\{483539DB-FA71-4C45-8438-55D3DCFDECC8}) (Version: 4.5.10.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{86FD8326-909D-45F5-BB61-0619D0D31293}) (Version: 11.50.0011 - Hewlett-Packard Company)
HP Wireless Assistant (HKLM\...\{E342EC6B-5F25-47FE-B92C-DE616149B430}) (Version: 4.0.9.0 - Hewlett-Packard)
ICA (x32 Version: 1.6.0.286 - Corel Corporation) Hidden
ICA (x32 Version: 1.6.1.116 - Corel Corporation) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6289.0 - IDT)
Insaniquarium Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.2.1001 - Intel Corporation)
IPM_PSP_Pro (x32 Version: 1.00.0000 - Corel Corporation) Hidden
IPM_VS_Pro (x32 Version: 13.0 - Corel Corporation) Hidden
ISCOM (x32 Version: 1.6.0.286 - Corel Corporation) Hidden
ISCOM (x32 Version: 1.6.1.116 - Corel Corporation) Hidden
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 20 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416020FF}) (Version: 6.0.200 - Sun Microsystems, Inc.)
Java(TM) 6 Update 20 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216020FF}) (Version: 6.0.200 - Sun Microsystems, Inc.)
Jewel Quest II (x32 Version: 2.2.0.95 - WildTangent) Hidden
Jewel Quest Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2907 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.2907 - CyberLink Corp.) Hidden
LightScribe System Software (HKLM-x32\...\{07E49BC1-24FF-4D7A-AC74-727BE95801AF}) (Version: 1.18.16.1 - LightScribe)
Magic Desktop (HKLM-x32\...\EasyBits Magic Desktop) (Version:  - EasyBits Software AS)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Movie Theme Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{3023EBDA-BF1B-4831-B347-E5018555F26E}) (Version: 4.1.4030 - Hewlett-Packard)
Movie Theme Pack for HP MediaSmart Video (x32 Version: 4.1.4030 - Hewlett-Packard) Hidden
Mozilla Firefox 30.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mysearchdial (HKLM-x32\...\mysearchdial) (Version:  - Mysearchdial) <==== ATTENTION
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.2 - pdfforge)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.)
PhotoNow! (x32 Version: 1.1.6904 - CyberLink Corp.) Hidden
Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.4204 - CyberLink Corp.)
Power2Go (x32 Version: 6.1.4204 - CyberLink Corp.) Hidden
PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3003 - CyberLink Corp.)
PowerDirector (x32 Version: 8.0.3003 - CyberLink Corp.) Hidden
PSPPContent (x32 Version: 1.00.0000 - Corel Corporation) Hidden
PSPPRO_DCRAW (x32 Version: 13.0.0 - Corel Corporation) Hidden
PureHD (x32 Version: 1.6.0.286 - Corel Corporation) Hidden
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Ralink Motorola BC4 Bluetooth 3.0+HS Adapter (HKLM\...\Ralink Motorola BC4 Bluetooth 3.0+HS Adapter_is1) (Version: 3.0.41.258 - Motorola, Inc.)
Ralink RT3090 802.11b/g/n WiFi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309B0}) (Version: 1.2.0.27 - Ralink)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.17.304.2010 - Realtek)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30111 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.3023 - CyberLink Corp.) Hidden
Setup (x32 Version: 1.6.0.286 - Corel Corporation) Hidden
Setup (x32 Version: 1.6.1.116 - Corel Corporation) Hidden
Share (x32 Version: 1.6.0.286 - Corel Corporation) Hidden
Share64 (Version: 1.6.0.286 - Corel Corporation) Hidden
SketchUp 2014 (HKLM-x32\...\{9E620BD5-AEEC-492D-9065-D71FCD4C52F1}) (Version: 14.1.1282 - Trimble Navigation Limited)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
Validity Sensors DDK (HKLM\...\{426FAE9F-7373-496E-A215-9DB7EF4398CF}) (Version: 4.1.139.0 - Validity Sensors, Inc.)
VIO (x32 Version: 1.6.0.286 - Corel Corporation) Hidden
Virtual Villagers - The Secret City (x32 Version: 2.2.0.95 - WildTangent) Hidden
VSClassic (x32 Version: 1.6.0.286 - Corel Corporation) Hidden
VSPro (x32 Version: 1.6.0.286 - Corel Corporation) Hidden
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
Windows Live Call (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Live Mail (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{586509F0-350D-48B5-B763-9CC2F8D96C4C}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live Writer (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM-x32\...\Windows Media Encoder 9) (Version:  - )
Windows Media Encoder 9 Series (x32 Version: 9.00.2980 - Microsoft Corporation) Hidden
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

==================== Restore Points  =========================

16-06-2014 21:34:12 Windows Update
19-06-2014 16:13:42 Removed Rhinoceros 5 (64-bit)

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {25624E13-39CB-48A1-9EA5-6FDA0488B292} - System32\Tasks\MirageAgent => C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe [2010-06-24] (CyberLink)
Task: {2F40E3FA-7DA9-4142-91CD-5DF5ED13B9FE} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {47459D56-C771-4889-8394-A91AD20BD7B5} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HPSAObjUtilTask => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe [2014-06-10] (Microsoft)
Task: {65AB696C-661A-4984-96D6-E91F0BFD9350} - System32\Tasks\AviraSpeedup => C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup_internetsecuritysuite.exe [2014-02-26] (Avira)
Task: {6C4726F5-FE25-4D6D-B6CC-4075BF8DD46C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)
Task: {8502B33D-7350-4E18-BB40-1A0C453D7CC7} - System32\Tasks\RecoveryCDWin7 => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-24] ()
Task: {A67DBBEC-C69A-4407-9C21-F1C98488B8A0} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)
Task: {AE9F780D-2AB8-4116-AF11-ABC21BAA8D14} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-13] (Adobe Systems Incorporated)
Task: {B18BDB73-C955-4E55-9196-36A6EEF565CF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {C598DF7B-9328-4E77-A528-F65CEF5C2D67} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-20] (Piriform Ltd)
Task: {D3DC4C9B-53A4-4110-9F80-D91082D24684} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {D7C58380-E952-4C93-9167-9668C7849E9F} - System32\Tasks\AdobeAAMUpdater-1.0-Kamila-HP-Kamila => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: {DF9BFE8F-8695-40BE-BD81-84DCD9E2FB4F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {E63D7527-99B5-491B-AEE9-3128F5840A4E} - System32\Tasks\MySearchDial => C:\Users\Kamila\AppData\Roaming\mysearchdial\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION
Task: {F015A0F3-52B8-4BCD-9C73-36D260A93BAA} - System32\Tasks\HPCeeScheduleForKamila => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05] (Hewlett-Packard)
Task: {F65A1A52-3958-4AD0-9A84-6A3EAAC283F5} - System32\Tasks\ServicePlan => C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe [2010-05-24] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\HPCeeScheduleForKamila.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\Windows\Tasks\MySearchDial.job => C:\Users\Kamila\AppData\Roaming\MYSEAR~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2010-06-18 16:26 - 2010-06-18 16:26 - 00267832 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPCommon.XmlSerializers.dll
2010-01-18 23:53 - 2010-01-18 23:53 - 00124560 _____ () c:\Program Files (x86)\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\PSPContextMenu64.dll
2010-01-20 16:20 - 2010-01-20 16:20 - 00611896 _____ () C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
2014-03-20 11:24 - 2014-03-20 11:24 - 05288608 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2010-09-09 15:50 - 2010-09-09 15:50 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-09-09 14:11 - 2010-09-09 14:11 - 00270336 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2010-06-18 16:26 - 2010-06-18 16:26 - 00030264 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_LogicLayer.dll
2010-06-18 16:26 - 2010-06-18 16:26 - 00052280 _____ () C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HardwareAccess.dll
2014-03-10 22:17 - 2014-03-26 18:00 - 08279040 _____ () C:\Program Files\GRAPHISOFT\ArchiCAD 17\edmikit500.dll
2014-03-10 22:17 - 2014-03-26 18:00 - 00880128 _____ () C:\Program Files\GRAPHISOFT\ArchiCAD 17\edm_libxml2.dll
2014-02-12 21:58 - 2014-02-12 21:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 21:58 - 2014-02-12 21:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-03-18 23:22 - 2014-03-18 23:22 - 32733088 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\libcef.dll
2014-06-11 19:12 - 2014-06-11 19:12 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-05-13 21:25 - 2014-05-13 21:25 - 16361136 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DpHost => ""="Service"

==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========


==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/19/2014 06:08:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 269585

Error: (06/19/2014 06:08:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 269585

Error: (06/19/2014 06:08:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/19/2014 06:03:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6021

Error: (06/19/2014 06:03:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6021

Error: (06/19/2014 06:03:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/19/2014 06:03:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5023

Error: (06/19/2014 06:03:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5023

Error: (06/19/2014 06:03:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/19/2014 06:03:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4024


System errors:
=============
Error: (06/17/2014 09:46:00 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/17/2014 09:46:00 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem Fehler beendet: %%-1073473535.

Error: (06/17/2014 00:31:34 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.

Error: (06/17/2014 00:31:33 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.

Error: (06/17/2014 00:31:33 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.

Error: (06/17/2014 00:31:32 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.

Error: (06/16/2014 04:34:04 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR2 gefunden.

Error: (06/16/2014 04:34:03 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR2 gefunden.

Error: (06/16/2014 04:34:02 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR2 gefunden.

Error: (06/16/2014 04:34:01 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR2 gefunden.


Microsoft Office Sessions:
=========================
Error: (06/19/2014 06:08:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 269585

Error: (06/19/2014 06:08:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 269585

Error: (06/19/2014 06:08:00 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/19/2014 06:03:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6021

Error: (06/19/2014 06:03:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 6021

Error: (06/19/2014 06:03:37 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/19/2014 06:03:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 5023

Error: (06/19/2014 06:03:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 5023

Error: (06/19/2014 06:03:36 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (06/19/2014 06:03:35 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4024


==================== Memory info ===========================

Percentage of memory in use: 44%
Total physical RAM: 6077.86 MB
Available physical RAM: 3401.85 MB
Total Pagefile: 12153.9 MB
Available Pagefile: 8861.45 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:573.8 GB) (Free:472 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:22.07 GB) (Free:3.22 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive g: (KAMILA) (Removable) (Total:3.65 GB) (Free:2.52 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 596 GB) (Disk ID: 80E95C80)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=574 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=22 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=103 MB) - (Type=0C)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 4 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=4 GB) - (Type=0C)

==================== End Of Log ============================

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 18-06-2014
Ran by Kamila (administrator) on KAMILA-HP on 19-06-2014 18:44:01
Running from C:\Users\Kamila\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpHostW.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\obexsrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(Macrovision Europe Ltd.) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Graphisoft SE) C:\Program Files\GRAPHISOFT\ArchiCAD 17\ArchiCAD.exe
(Graphisoft SE) C:\Program Files\GRAPHISOFT\ArchiCAD 17\GSQuickTimeServer\GSQTServer.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-06-18] (IDT, Inc.)
HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [611896 2010-01-20] ()
HKLM\...\Run: [HPWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-06-18] (Hewlett-Packard Company)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2691480 2014-03-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-09-09] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-06-10] (Hewlett-Packard)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\.DEFAULT\...\RunOnce: [SPReview] - C:\Windows\System32\SPReview\SPReview.exe [301568 2014-03-01] (Microsoft Corporation)
HKU\S-1-5-21-417993538-3000924154-864566095-1000\...\Run: [AviraSpeedup] => C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup_internetsecuritysuite.exe [5036600 2014-02-26] (Avira)
HKU\S-1-5-21-417993538-3000924154-864566095-1000\...\Run: [AbnoWroj] => regsvr32.exe "
Lsa: [Notification Packages] DPPassFilter scecli

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT/4
SearchScopes: HKLM - DefaultScope {852C037B-94C3-4A12-BE98-973078AD32DE} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd0202ie&cd=2XzuyEtN2Y1L1Qzu0EtDtB0AzztByDyE0FtD0F0BtB0AyC0BtN0D0Tzu0SyBzzzztN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1766428529&ir=
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {07E66047-C698-4E6B-9CC8-FE7393E5D410} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM - {852C037B-94C3-4A12-BE98-973078AD32DE} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd0202ie&cd=2XzuyEtN2Y1L1Qzu0EtDtB0AzztByDyE0FtD0F0BtB0AyC0BtN0D0Tzu0SyBzzzztN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1766428529&ir=
SearchScopes: HKLM - {8F87C405-CE84-42A3-BCDC-B0FB888814FF} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {07E66047-C698-4E6B-9CC8-FE7393E5D410} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM-x32 - {8F87C405-CE84-42A3-BCDC-B0FB888814FF} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKCU - DefaultScope {852C037B-94C3-4A12-BE98-973078AD32DE} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd0202ie&cd=2XzuyEtN2Y1L1Qzu0EtDtB0AzztByDyE0FtD0F0BtB0AyC0BtN0D0Tzu0SyBzzzztN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1766428529&ir=
SearchScopes: HKCU - {07E66047-C698-4E6B-9CC8-FE7393E5D410} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKCU - {852C037B-94C3-4A12-BE98-973078AD32DE} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd0202ie&cd=2XzuyEtN2Y1L1Qzu0EtDtB0AzztByDyE0FtD0F0BtB0AyC0BtN0D0Tzu0SyBzzzztN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1766428529&ir=
SearchScopes: HKCU - {8F87C405-CE84-42A3-BCDC-B0FB888814FF} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
BHO: Avira SearchFree Toolbar - {41564952-412D-5637-4300-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport_x64.dll (APN LLC.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: Avira SearchFree Toolbar - {41564952-412D-5637-4300-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport.dll (APN LLC.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-4300-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport_x64.dll (APN LLC.)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-4300-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport.dll (APN LLC.)
Toolbar: HKLM-x32 - mysearchdial Toolbar - {3004627E-F8E9-4E8B-909D-316753CBA923} - C:\Program Files (x86)\Mysearchdial\1.8.21.0\mysearchdialTlbr.dll No File
Toolbar: HKLM-x32 - PDF Architect Toolbar - {25A3A431-30BB-47C8-AD6A-E1063801134F} - C:\Program Files (x86)\PDF Architect\PDFIEPlugin.dll (pdfforge GmbH)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - Avira SearchFree Toolbar - {41564952-412D-5637-4300-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport_x64.dll (APN LLC.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2010-07-21] (EasyBits Software Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2

FireFox:
========
FF ProfilePath: C:\Users\Kamila\AppData\Roaming\Mozilla\Firefox\Profiles\ndf5ex1r.default
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF user.js: detected! => C:\Users\Kamila\AppData\Roaming\Mozilla\Firefox\Profiles\ndf5ex1r.default\user.js
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\Kamila\AppData\Roaming\Mozilla\Firefox\Profiles\ndf5ex1r.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-11]
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt\ []
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2014-03-10]

==================== Services (Whitelisted) =================

R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [811088 2014-05-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-05-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1039952 2014-05-20] (Avira Operations GmbH & Co. KG)
S4 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2014-02-13] () [File not signed]
S2 CLKMSVC10_C6F09094; C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\HDDVD\NavFilter\kmsvc.exe [245232 2010-06-29] (CyberLink)
S4 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [647680 2010-09-16] (Macrovision Europe Ltd.) [File not signed]
R3 FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [1028096 2010-09-16] (Macrovision Europe Ltd.) [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [47416 2014-02-05] (Hewlett-Packard Company)
S4 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-06-16] (Hewlett-Packard Company) [File not signed]
S4 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [112080 2014-05-20] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-20] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-02-26] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [84720 2014-02-26] (Avira Operations GmbH & Co. KG)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-19 18:44 - 2014-06-19 18:45 - 00019751 _____ () C:\Users\Kamila\Downloads\FRST.txt
2014-06-19 18:43 - 2014-06-19 18:44 - 00000000 ____D () C:\FRST
2014-06-19 18:43 - 2014-06-19 18:43 - 02082304 _____ (Farbar) C:\Users\Kamila\Downloads\FRST64.exe
2014-06-19 14:18 - 2014-06-19 14:30 - 00000000 ____D () C:\Users\Kamila\Desktop\Beschprechung Brnd
2014-06-18 22:35 - 2014-06-18 22:35 - 03032135 _____ () C:\Users\Kamila\Downloads\Aussschnitt1_200.dwg
2014-06-18 21:15 - 2014-06-18 21:52 - 00000000 ____D () C:\Users\Kamila\Desktop\Stevie Master
2014-06-17 21:45 - 2014-06-19 07:08 - 00000336 _____ () C:\Windows\setupact.log
2014-06-17 21:45 - 2014-06-17 21:45 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-17 21:44 - 2014-06-17 21:44 - 00000582 _____ () C:\Windows\PFRO.log
2014-06-17 07:58 - 2014-06-17 07:58 - 04748896 _____ (Piriform Ltd) C:\Users\Kamila\Downloads\ccsetup414.exe
2014-06-16 12:00 - 2014-06-17 07:54 - 00000000 ____D () C:\ProgramData\VirtualizedApplications
2014-06-16 09:47 - 2014-06-17 07:51 - 00000000 ____D () C:\ProgramData\AbnoWroj
2014-06-16 09:47 - 2014-06-16 09:47 - 00000000 __RHD () C:\MSOCache
2014-06-16 09:41 - 2014-06-16 23:33 - 00000000 ____D () C:\Users\Kamila\AppData\Roaming\SoftGrid Client
2014-06-16 09:41 - 2014-06-16 09:41 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-06-16 09:41 - 2014-06-16 09:41 - 00000000 ____D () C:\Users\Kamila\AppData\Local\SoftGrid Client
2014-06-16 09:41 - 2014-06-16 09:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (Deutsch)
2014-06-16 09:40 - 2014-06-16 23:35 - 00000000 ____D () C:\Program Files (x86)\Microsoft Application Virtualization Client
2014-06-16 09:40 - 2014-06-16 09:41 - 00000000 ____D () C:\Users\Kamila\AppData\Roaming\TP
2014-06-16 09:40 - 2014-06-16 09:40 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-06-14 08:31 - 2014-06-14 08:31 - 00002188 _____ () C:\Users\Public\Desktop\Style Builder 2014.lnk
2014-06-14 08:31 - 2014-06-14 08:31 - 00002102 _____ () C:\Users\Public\Desktop\LayOut 2014.lnk
2014-06-14 08:31 - 2014-06-14 08:31 - 00002017 _____ () C:\Users\Public\Desktop\SketchUp 2014.lnk
2014-06-14 08:31 - 2014-06-14 08:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2014
2014-06-14 08:30 - 2014-06-14 08:30 - 00000000 ____D () C:\Program Files (x86)\SketchUp
2014-06-14 08:25 - 2014-06-14 08:28 - 88751616 _____ (Trimble Navigation Limited) C:\Users\Kamila\Downloads\SketchUpPro-de(1).exe
2014-06-14 08:18 - 2014-06-14 08:18 - 00000000 ____D () C:\Users\Kamila\AppData\Roaming\SketchUp
2014-06-14 08:15 - 2014-06-14 08:15 - 00003120 _____ () C:\Windows\SysWOW64\ALLFSAF14a.ocx
2014-06-14 08:14 - 2014-06-14 08:14 - 00000000 ____D () C:\ProgramData\SketchUp
2014-06-14 08:09 - 2014-06-14 08:13 - 88751616 _____ (Trimble Navigation Limited) C:\Users\Kamila\Downloads\SketchUpPro-de.exe
2014-06-11 19:12 - 2014-06-11 19:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-11 17:33 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-11 17:33 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-11 17:33 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-11 17:33 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-11 17:33 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-11 17:33 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-11 17:33 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-11 17:33 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-11 17:33 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-11 17:33 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-11 17:33 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-11 17:33 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-11 17:33 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-11 17:33 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-11 17:33 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-11 17:33 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-11 17:33 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-11 17:33 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-11 17:33 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-11 17:33 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-11 17:33 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-11 17:33 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-11 17:33 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-11 17:33 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-11 17:33 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-11 17:33 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-11 17:33 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-11 17:33 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-11 17:33 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-11 17:33 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-11 17:33 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-11 17:33 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-11 17:33 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-11 17:33 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-11 17:33 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-11 17:33 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-11 17:33 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-11 17:33 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-11 17:33 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-11 17:33 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-11 17:33 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-11 17:33 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-11 17:33 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-11 17:33 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-11 17:33 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-11 17:33 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-11 17:33 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-11 17:33 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-11 17:33 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-11 17:33 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-11 17:33 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-11 17:33 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-11 17:33 - 2014-05-08 11:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-11 17:33 - 2014-05-08 11:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-06-11 17:33 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-11 17:33 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-11 17:33 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-11 17:33 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-11 17:33 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-11 17:33 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-11 17:33 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-11 17:33 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-11 17:33 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-11 17:33 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-11 17:33 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-11 17:33 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-11 17:32 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-11 17:32 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-02 16:43 - 2014-06-02 16:44 - 08944640 _____ () C:\Users\Kamila\Desktop\wunderkammer.ppt
2014-05-28 11:51 - 2014-05-28 11:51 - 00000000 ____D () C:\Users\Kamila\cityguide

==================== One Month Modified Files and Folders =======

2014-06-19 18:45 - 2014-06-19 18:44 - 00019751 _____ () C:\Users\Kamila\Downloads\FRST.txt
2014-06-19 18:44 - 2014-06-19 18:43 - 00000000 ____D () C:\FRST
2014-06-19 18:43 - 2014-06-19 18:43 - 02082304 _____ (Farbar) C:\Users\Kamila\Downloads\FRST64.exe
2014-06-19 18:32 - 2010-09-16 01:51 - 01522905 _____ () C:\Windows\WindowsUpdate.log
2014-06-19 18:27 - 2014-02-26 21:27 - 00000296 _____ () C:\Windows\Tasks\MySearchDial.job
2014-06-19 18:24 - 2014-03-13 19:43 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-19 18:11 - 2014-03-12 21:21 - 00000000 ____D () C:\Users\Kamila\Graphisoft
2014-06-19 18:11 - 2014-03-12 21:21 - 00000000 ____D () C:\Users\Kamila\Documents\BIMx
2014-06-19 18:10 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-06-19 15:13 - 2014-03-02 20:41 - 00000000 ____D () C:\Users\Kamila\AppData\Roaming\Skype
2014-06-19 14:30 - 2014-06-19 14:18 - 00000000 ____D () C:\Users\Kamila\Desktop\Beschprechung Brnd
2014-06-19 07:17 - 2009-07-14 06:45 - 00023024 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-19 07:17 - 2009-07-14 06:45 - 00023024 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-19 07:08 - 2014-06-17 21:45 - 00000336 _____ () C:\Windows\setupact.log
2014-06-19 07:08 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-18 22:35 - 2014-06-18 22:35 - 03032135 _____ () C:\Users\Kamila\Downloads\Aussschnitt1_200.dwg
2014-06-18 21:52 - 2014-06-18 21:15 - 00000000 ____D () C:\Users\Kamila\Desktop\Stevie Master
2014-06-18 19:45 - 2014-02-26 22:47 - 00000000 ____D () C:\Users\Kamila\AppData\Local\Adobe
2014-06-17 21:45 - 2014-06-17 21:45 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-17 21:44 - 2014-06-17 21:44 - 00000582 _____ () C:\Windows\PFRO.log
2014-06-17 08:19 - 2014-03-10 21:41 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2014-06-17 08:18 - 2014-05-01 21:22 - 00000000 ____D () C:\Windows\Minidump
2014-06-17 08:18 - 2009-09-07 03:57 - 00000000 ____D () C:\Windows\Panther
2014-06-17 07:59 - 2014-03-17 22:47 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-06-17 07:59 - 2014-03-17 22:47 - 00000000 ____D () C:\Program Files\CCleaner
2014-06-17 07:58 - 2014-06-17 07:58 - 04748896 _____ (Piriform Ltd) C:\Users\Kamila\Downloads\ccsetup414.exe
2014-06-17 07:54 - 2014-06-16 12:00 - 00000000 ____D () C:\ProgramData\VirtualizedApplications
2014-06-17 07:51 - 2014-06-16 09:47 - 00000000 ____D () C:\ProgramData\AbnoWroj
2014-06-16 23:35 - 2014-06-16 09:40 - 00000000 ____D () C:\Program Files (x86)\Microsoft Application Virtualization Client
2014-06-16 23:35 - 2014-02-26 21:57 - 01649782 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-06-16 23:35 - 2010-07-21 19:34 - 00700118 _____ () C:\Windows\system32\perfh007.dat
2014-06-16 23:35 - 2010-07-21 19:34 - 00149968 _____ () C:\Windows\system32\perfc007.dat
2014-06-16 23:33 - 2014-06-16 09:41 - 00000000 ____D () C:\Users\Kamila\AppData\Roaming\SoftGrid Client
2014-06-16 21:17 - 2014-03-14 15:57 - 00003192 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForKamila
2014-06-16 21:17 - 2014-03-14 15:57 - 00000336 _____ () C:\Windows\Tasks\HPCeeScheduleForKamila.job
2014-06-16 09:47 - 2014-06-16 09:47 - 00000000 __RHD () C:\MSOCache
2014-06-16 09:41 - 2014-06-16 09:41 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-06-16 09:41 - 2014-06-16 09:41 - 00000000 ____D () C:\Users\Kamila\AppData\Local\SoftGrid Client
2014-06-16 09:41 - 2014-06-16 09:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (Deutsch)
2014-06-16 09:41 - 2014-06-16 09:40 - 00000000 ____D () C:\Users\Kamila\AppData\Roaming\TP
2014-06-16 09:40 - 2014-06-16 09:40 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-06-16 09:40 - 2010-07-21 11:08 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-06-16 09:40 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-06-15 20:09 - 2014-05-08 20:50 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-06-15 20:09 - 2014-03-02 20:41 - 00000000 ____D () C:\ProgramData\Skype
2014-06-14 10:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-06-14 08:31 - 2014-06-14 08:31 - 00002188 _____ () C:\Users\Public\Desktop\Style Builder 2014.lnk
2014-06-14 08:31 - 2014-06-14 08:31 - 00002102 _____ () C:\Users\Public\Desktop\LayOut 2014.lnk
2014-06-14 08:31 - 2014-06-14 08:31 - 00002017 _____ () C:\Users\Public\Desktop\SketchUp 2014.lnk
2014-06-14 08:31 - 2014-06-14 08:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2014
2014-06-14 08:30 - 2014-06-14 08:30 - 00000000 ____D () C:\Program Files (x86)\SketchUp
2014-06-14 08:28 - 2014-06-14 08:25 - 88751616 _____ (Trimble Navigation Limited) C:\Users\Kamila\Downloads\SketchUpPro-de(1).exe
2014-06-14 08:18 - 2014-06-14 08:18 - 00000000 ____D () C:\Users\Kamila\AppData\Roaming\SketchUp
2014-06-14 08:15 - 2014-06-14 08:15 - 00003120 _____ () C:\Windows\SysWOW64\ALLFSAF14a.ocx
2014-06-14 08:14 - 2014-06-14 08:14 - 00000000 ____D () C:\ProgramData\SketchUp
2014-06-14 08:13 - 2014-06-14 08:09 - 88751616 _____ (Trimble Navigation Limited) C:\Users\Kamila\Downloads\SketchUpPro-de.exe
2014-06-14 07:57 - 2014-03-21 19:02 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-06-14 07:57 - 2014-03-06 17:12 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-06-12 12:59 - 2014-02-26 21:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-11 19:18 - 2014-03-05 11:24 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-11 19:16 - 2014-03-05 11:24 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-11 19:14 - 2014-05-06 09:19 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-11 19:12 - 2014-06-11 19:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-08 11:13 - 2014-06-11 17:32 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 11:08 - 2014-06-11 17:32 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-04 21:36 - 2014-05-08 20:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-06-02 16:44 - 2014-06-02 16:43 - 08944640 _____ () C:\Users\Kamila\Desktop\wunderkammer.ppt
2014-06-01 09:25 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-30 12:21 - 2014-06-11 17:33 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-30 12:02 - 2014-06-11 17:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-30 12:02 - 2014-06-11 17:33 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-30 11:45 - 2014-06-11 17:33 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-30 11:39 - 2014-06-11 17:33 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-30 11:39 - 2014-06-11 17:33 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-30 11:38 - 2014-06-11 17:33 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-30 11:28 - 2014-06-11 17:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-30 11:27 - 2014-06-11 17:33 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-30 11:24 - 2014-06-11 17:33 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-30 11:21 - 2014-06-11 17:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-30 11:21 - 2014-06-11 17:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-30 11:20 - 2014-06-11 17:33 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-30 11:18 - 2014-06-11 17:33 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-30 11:11 - 2014-06-11 17:33 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-30 11:08 - 2014-06-11 17:33 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-30 11:06 - 2014-06-11 17:33 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-30 11:02 - 2014-06-11 17:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-30 10:55 - 2014-06-11 17:33 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-30 10:49 - 2014-06-11 17:33 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-30 10:46 - 2014-06-11 17:33 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-30 10:44 - 2014-06-11 17:33 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-30 10:44 - 2014-06-11 17:33 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-30 10:43 - 2014-06-11 17:33 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-30 10:42 - 2014-06-11 17:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-30 10:38 - 2014-06-11 17:33 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-30 10:35 - 2014-06-11 17:33 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-30 10:34 - 2014-06-11 17:33 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-30 10:33 - 2014-06-11 17:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-30 10:30 - 2014-06-11 17:33 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-30 10:29 - 2014-06-11 17:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-30 10:28 - 2014-06-11 17:33 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-30 10:27 - 2014-06-11 17:33 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-30 10:24 - 2014-06-11 17:33 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-05-30 10:23 - 2014-06-11 17:33 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-30 10:16 - 2014-06-11 17:33 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-30 10:10 - 2014-06-11 17:33 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-30 10:06 - 2014-06-11 17:33 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-30 10:04 - 2014-06-11 17:33 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-30 10:02 - 2014-06-11 17:33 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-30 09:56 - 2014-06-11 17:33 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-30 09:56 - 2014-06-11 17:33 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-30 09:54 - 2014-06-11 17:33 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-30 09:50 - 2014-06-11 17:33 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-05-30 09:49 - 2014-06-11 17:33 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-30 09:43 - 2014-06-11 17:33 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-30 09:40 - 2014-06-11 17:33 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-30 09:30 - 2014-06-11 17:33 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-30 09:21 - 2014-06-11 17:33 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-30 09:15 - 2014-06-11 17:33 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-30 09:13 - 2014-06-11 17:33 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-30 09:13 - 2014-06-11 17:33 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-05-28 11:51 - 2014-05-28 11:51 - 00000000 ____D () C:\Users\Kamila\cityguide
2014-05-28 11:51 - 2014-02-20 02:31 - 00000000 ____D () C:\Users\Kamila
2014-05-20 10:35 - 2014-02-26 21:14 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-05-20 10:35 - 2014-02-26 21:14 - 00112080 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys

Some content of TEMP:
====================
C:\Users\Kamila\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-19 09:41

==================== End Of Log ============================
--- --- ---

--- --- ---

M-K-D-B 19.06.2014 18:11
Servus Kalima,



Zitat:
Running from C:\Users\Kamila\Downloads
Alle Tools direkt auf den Desktop downloaden bzw. dorthin verschieben und vom Desktop starten, da unsere Anleitungen daraufhin ausgelegt sind.
Zudem lassen sich dann am Ende der Bereinigung alle verwendeten Tools sehr einfach entfernen.





Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Mucha 19.06.2014 18:58
Code:
ComboFix 14-06-19.01 - Kamila 19.06.2014  19:33:06.1.8 - x64
Microsoft Windows 7 Home Premium  6.1.7601.1.1252.49.1031.18.6078.3709 [GMT 2:00]
ausgeführt von:: c:\users\Kamila\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((  Dateien erstellt von 2014-05-19 bis 2014-06-19  ))))))))))))))))))))))))))))))
.
.
2014-06-19 17:42 . 2014-06-19 17:42        --------        d-----w-        c:\users\Default\AppData\Local\temp
2014-06-19 16:43 . 2014-06-19 16:46        --------        d-----w-        C:\FRST
2014-06-16 10:00 . 2014-06-17 05:54        --------        d-----w-        c:\programdata\VirtualizedApplications
2014-06-16 07:47 . 2014-06-16 07:47        --------        d-----r-        C:\MSOCache
2014-06-16 07:47 . 2014-06-17 05:51        --------        d-----w-        c:\programdata\AbnoWroj
2014-06-16 07:41 . 2014-06-16 21:33        --------        d-----w-        c:\users\Kamila\AppData\Roaming\SoftGrid Client
2014-06-16 07:41 . 2014-06-16 07:41        --------        d-----w-        c:\users\Kamila\AppData\Local\SoftGrid Client
2014-06-16 07:40 . 2014-06-16 07:40        --------        d-----w-        c:\program files\Microsoft Office
2014-06-16 07:40 . 2014-06-16 21:35        --------        d-----w-        c:\program files (x86)\Microsoft Application Virtualization Client
2014-06-16 07:40 . 2014-06-16 07:41        --------        d-----w-        c:\users\Kamila\AppData\Roaming\TP
2014-06-15 18:09 . 2014-06-15 18:09        --------        d-----w-        c:\program files (x86)\Common Files\Skype
2014-06-14 06:30 . 2014-06-14 06:30        --------        d-----w-        c:\program files (x86)\SketchUp
2014-06-14 06:18 . 2014-06-14 06:18        --------        d-----w-        c:\users\Kamila\AppData\Roaming\SketchUp
2014-06-14 06:14 . 2014-06-14 06:14        --------        d-----w-        c:\programdata\SketchUp
2014-06-11 15:32 . 2014-06-08 09:13        506368        ----a-w-        c:\windows\system32\aepdu.dll
2014-06-11 15:32 . 2014-06-08 09:08        424448        ----a-w-        c:\windows\system32\aeinv.dll
2014-05-28 09:51 . 2014-05-28 09:51        --------        d-----w-        c:\users\Kamila\cityguide
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-06-11 17:16 . 2014-03-05 09:24        95414520        ----a-w-        c:\windows\system32\MRT.exe
2014-05-20 08:35 . 2014-02-26 19:14        130584        ----a-w-        c:\windows\system32\drivers\avipbb.sys
2014-05-20 08:35 . 2014-02-26 19:14        112080        ----a-w-        c:\windows\system32\drivers\avgntflt.sys
2014-05-16 12:59 . 2014-05-16 13:00        278528        ----a-w-        c:\windows\SysWow64\Oemdspif.dll
2014-05-16 12:59 . 2014-05-16 13:00        421376        ----a-w-        c:\windows\system32\atipdl64.dll
2014-05-16 12:59 . 2014-05-16 13:00        4032512        ----a-w-        c:\windows\SysWow64\atiumdag.dll
2014-05-16 12:59 . 2014-05-16 13:00        356352        ----a-w-        c:\windows\SysWow64\atipdlxx.dll
2014-05-16 12:59 . 2014-05-16 13:00        3392000        ----a-w-        c:\windows\SysWow64\atiumdva.dll
2014-05-16 12:59 . 2014-05-16 13:00        15830016        ----a-w-        c:\windows\SysWow64\atioglxx.dll
2014-05-16 12:59 . 2014-05-16 13:00        120320        ----a-w-        c:\windows\system32\atitmm64.dll
2014-05-16 12:59 . 2010-09-15 23:54        57344        ----a-w-        c:\windows\system32\coinst.dll
2014-05-16 12:59 . 2010-09-15 23:54        5202944        ----a-w-        c:\windows\system32\atiumd64.dll
2014-05-16 12:59 . 2010-09-15 23:54        39424        ----a-w-        c:\windows\system32\atiuxp64.dll
2014-05-16 12:59 . 2010-09-15 23:54        37376        ----a-w-        c:\windows\system32\atiu9p64.dll
2014-05-16 12:59 . 2010-09-15 23:54        3147264        ----a-w-        c:\windows\system32\atiumd6a.dll
2014-05-16 12:59 . 2010-09-15 23:54        30208        ----a-w-        c:\windows\SysWow64\atiuxpag.dll
2014-05-16 12:59 . 2010-09-15 23:54        28160        ----a-w-        c:\windows\SysWow64\atiu9pag.dll
2014-05-16 12:59 . 2014-05-16 13:00        7767552        ----a-w-        c:\windows\system32\drivers\atikmdag.sys
2014-05-16 12:59 . 2014-05-16 13:00        53760        ----a-w-        c:\windows\system32\atimpc64.dll
2014-05-16 12:59 . 2014-05-16 13:00        53760        ----a-w-        c:\windows\system32\amdpcom64.dll
2014-05-16 12:59 . 2014-05-16 13:00        52736        ----a-w-        c:\windows\SysWow64\atimpc32.dll
2014-05-16 12:59 . 2014-05-16 13:00        52736        ----a-w-        c:\windows\SysWow64\amdpcom32.dll
2014-05-16 12:59 . 2014-05-16 13:00        279040        ----a-w-        c:\windows\system32\drivers\atikmpag.sys
2014-05-16 12:59 . 2014-05-16 13:00        20736512        ----a-w-        c:\windows\system32\atio6axx.dll
2014-05-16 12:59 . 2014-05-16 13:00        12288        ----a-w-        c:\windows\system32\atimuixx.dll
2014-05-16 12:59 . 2014-05-16 13:00        59392        ----a-w-        c:\windows\system32\atiedu64.dll
2014-05-16 12:59 . 2014-05-16 13:00        5425664        ----a-w-        c:\windows\system32\aticaldd64.dll
2014-05-16 12:59 . 2014-05-16 13:00        53248        ----a-w-        c:\windows\system32\drivers\ati2erec.dll
2014-05-16 12:59 . 2014-05-16 13:00        51200        ----a-w-        c:\windows\system32\aticalrt64.dll
2014-05-16 12:59 . 2014-05-16 13:00        462336        ----a-w-        c:\windows\system32\atieclxx.exe
2014-05-16 12:59 . 2014-05-16 13:00        46080        ----a-w-        c:\windows\SysWow64\aticalrt.dll
2014-05-16 12:59 . 2014-05-16 13:00        450560        ----a-w-        c:\windows\system32\ATIDEMGX.dll
2014-05-16 12:59 . 2014-05-16 13:00        44544        ----a-w-        c:\windows\system32\aticalcl64.dll
2014-05-16 12:59 . 2014-05-16 13:00        44032        ----a-w-        c:\windows\SysWow64\aticalcl.dll
2014-05-16 12:59 . 2014-05-16 13:00        4375552        ----a-w-        c:\windows\SysWow64\aticaldd.dll
2014-05-16 12:59 . 2014-05-16 13:00        43520        ----a-w-        c:\windows\SysWow64\ati2edxx.dll
2014-05-16 12:59 . 2014-05-16 13:00        338432        ----a-w-        c:\windows\system32\atiadlxx.dll
2014-05-16 12:59 . 2014-05-16 13:00        241664        ----a-w-        c:\windows\SysWow64\atiadlxy.dll
2014-05-16 12:59 . 2014-05-16 13:00        21504        ----a-w-        c:\windows\system32\atig6txx.dll
2014-05-16 12:59 . 2014-05-16 13:00        203264        ----a-w-        c:\windows\system32\atiesrxx.exe
2014-05-16 12:59 . 2014-05-16 13:00        19968        ----a-w-        c:\windows\SysWow64\atigktxx.dll
2014-05-16 12:59 . 2014-05-16 13:00        14848        ----a-w-        c:\windows\system32\atig6pxx.dll
2014-05-16 12:59 . 2014-05-16 13:00        143360        ----a-w-        c:\windows\system32\atiapfxx.exe
2014-05-16 12:59 . 2014-05-16 13:00        12800        ----a-w-        c:\windows\SysWow64\atiglpxx.dll
2014-05-16 12:59 . 2014-05-16 13:00        12800        ----a-w-        c:\windows\system32\atiglpxx.dll
2014-05-16 12:59 . 2010-09-15 23:54        4602880        ----a-w-        c:\windows\system32\atidxx64.dll
2014-05-16 12:59 . 2010-09-15 23:54        3914240        ----a-w-        c:\windows\SysWow64\atidxx32.dll
2014-05-16 12:59 . 2010-09-15 23:54        616960        ----a-w-        c:\windows\system32\aticfx64.dll
2014-05-16 12:59 . 2010-09-15 23:54        528384        ----a-w-        c:\windows\SysWow64\aticfx32.dll
2014-05-13 19:25 . 2014-03-13 17:43        70832        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-13 19:25 . 2014-03-13 17:43        692400        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe
2014-04-14 18:13 . 2014-04-25 19:29        96168        ----a-w-        c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-04-12 02:22 . 2014-05-15 08:17        95680        ----a-w-        c:\windows\system32\drivers\ksecdd.sys
2014-04-12 02:22 . 2014-05-15 08:17        155072        ----a-w-        c:\windows\system32\drivers\ksecpkg.sys
2014-04-12 02:19 . 2014-05-15 08:17        29184        ----a-w-        c:\windows\system32\sspisrv.dll
2014-04-12 02:19 . 2014-05-15 08:17        136192        ----a-w-        c:\windows\system32\sspicli.dll
2014-04-12 02:19 . 2014-05-15 08:17        28160        ----a-w-        c:\windows\system32\secur32.dll
2014-04-12 02:19 . 2014-05-15 08:17        1460736        ----a-w-        c:\windows\system32\lsasrv.dll
2014-04-12 02:19 . 2014-05-15 08:17        31232        ----a-w-        c:\windows\system32\lsass.exe
2014-04-12 02:12 . 2014-05-15 08:17        22016        ----a-w-        c:\windows\SysWow64\secur32.dll
2014-04-12 02:10 . 2014-05-15 08:17        96768        ----a-w-        c:\windows\SysWow64\sspicli.dll
2014-03-25 02:43 . 2014-05-15 08:17        14175744        ----a-w-        c:\windows\system32\shell32.dll
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{41564952-412D-5637-4300-7A786E7484D7}]
2014-02-13 05:22        12240        ----a-w-        c:\program files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{41564952-412D-5637-4300-7A786E7484D7}"= "c:\program files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport.dll" [2014-02-13 12240]
.
[HKEY_CLASSES_ROOT\clsid\{41564952-412d-5637-4300-7a786e7484d7}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AviraSpeedup"="c:\program files (x86)\Avira\AviraSpeedup\avira_system_speedup_internetsecuritysuite.exe" [2014-02-26 5036600]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2014-05-20 737872]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-02-12 43848]
"Adobe Creative Cloud"="c:\program files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" [2014-03-21 2691480]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-02-21 152392]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2014-01-17 421888]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-09-09 98304]
"HP Quick Launch"="c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" [2012-03-05 578944]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"EnableShellExecuteHooks"= 1 (0x1)
.
[hkey_local_machine\software\Wow6432Node\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages        REG_MULTI_SZ          DPPassFilter scecli
.
R2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe [x]
R2 CLKMSVC10_C6F09094;CyberLink Product - 2010/09/16 02:06;c:\program files (x86)\Hewlett-Packard\Media\DVD\Kernel\HDDVD\NavFilter\kmsvc.exe;c:\program files (x86)\Hewlett-Packard\Media\DVD\Kernel\HDDVD\NavFilter\kmsvc.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files\Motorola\Bluetooth\audiosrv.exe;c:\program files\Motorola\Bluetooth\audiosrv.exe [x]
R3 BTMCOM;Bluetooth Serial Port;c:\windows\system32\Drivers\btmcom.sys;c:\windows\SYSNATIVE\Drivers\btmcom.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys;c:\windows\SYSNATIVE\DRIVERS\netw5v64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;c:\windows\system32\DRIVERS\yk62x64.sys;c:\windows\SYSNATIVE\DRIVERS\yk62x64.sys [x]
R4 APNMCP;Ask Aktualisierungsdienst;c:\program files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe;c:\program files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [x]
R4 ezSharedSvc;Easybits Services for Windows;c:\windows\System32\ezSharedSvcHost.exe;c:\windows\SYSNATIVE\ezSharedSvcHost.exe [x]
R4 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe;c:\program files\IDT\WDM\AESTSr64.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AntiVirMailService;Avira Email-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\avmailc7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avmailc7.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 AntiVirWebService;Avira Browser-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe [x]
S2 avnetflt;avnetflt;c:\windows\system32\DRIVERS\avnetflt.sys;c:\windows\SYSNATIVE\DRIVERS\avnetflt.sys [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files\Motorola\Bluetooth\obexsrv.exe;c:\program files\Motorola\Bluetooth\obexsrv.exe [x]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 HP Support Assistant Service;HP Support Assistant Service;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe;c:\program files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [x]
S2 HP Wireless Assistant Service;HP Wireless Assistant Service;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe;c:\program files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [x]
S2 hpsrv;HP Service;c:\windows\system32\Hpservice.exe;c:\windows\SYSNATIVE\Hpservice.exe [x]
S2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service;c:\program files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe;c:\program files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [x]
S2 HPWMISVC;HPWMISVC;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe;c:\program files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [x]
S2 PDF Architect Helper Service;PDF Architect Helper Service;c:\program files (x86)\PDF Architect\HelperService.exe;c:\program files (x86)\PDF Architect\HelperService.exe [x]
S2 PDF Architect Service;PDF Architect Service;c:\program files (x86)\PDF Architect\ConversionService.exe;c:\program files (x86)\PDF Architect\ConversionService.exe [x]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 vcsFPService;Validity VCS Fingerprint Service;c:\windows\system32\vcsFPService.exe;c:\windows\SYSNATIVE\vcsFPService.exe [x]
S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe [x]
S3 Bluetooth Device Manager;Bluetooth Device Manager;c:\program files\Motorola\Bluetooth\devmgrsrv.exe;c:\program files\Motorola\Bluetooth\devmgrsrv.exe [x]
S3 BTMUSB;Motorola Bluetooth Radio Service;c:\windows\system32\Drivers\btmusb.sys;c:\windows\SYSNATIVE\Drivers\btmusb.sys [x]
S3 clwvd;HP Webcam Splitter;c:\windows\system32\DRIVERS\clwvd.sys;c:\windows\SYSNATIVE\DRIVERS\clwvd.sys [x]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys;c:\windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*Deregistered* - CLKMDRV10_C6F09094
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2010-06-16 11:38        451872        ----a-w-        c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-06-19 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-13 19:25]
.
2014-06-16 c:\windows\Tasks\HPCeeScheduleForKamila.job
- c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-01-05 01:53]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{41564952-412D-5637-4300-7A786E7484D7}]
2014-02-13 05:22        13776        ----a-w-        c:\program files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport_x64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{41564952-412D-5637-4300-7A786E7484D7}"= "c:\program files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport_x64.dll" [2014-02-13 13776]
.
[HKEY_CLASSES_ROOT\CLSID\{41564952-412D-5637-4300-7A786E7484D7}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2010-06-18 487424]
"SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2010-01-20 611896]
"HPWirelessAssistant"="c:\program files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe" [2010-06-18 8192]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2014-02-27 558496]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"="c:\program files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" [2014-06-10 21720]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.de/
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: {{bd707fe6-39f6-4bda-9265-86a76719bdc5} - c:\program files\Motorola\Bluetooth\btmiesend.htm
TCP: DhcpNameServer = 192.168.0.1 192.168.0.2
FF - ProfilePath - c:\users\Kamila\AppData\Roaming\Mozilla\Firefox\Profiles\ndf5ex1r.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-{3004627E-F8E9-4E8B-909D-316753CBA923} - c:\program files (x86)\Mysearchdial\1.8.21.0\mysearchdialTlbr.dll
Wow6432Node-HKCU-Run-AbnoWroj - (no file)
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-EasyBits Magic Desktop - c:\windows\system32\ezMDUninstall.exe
AddRemove-{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE} - c:\program files (x86)\InstallShield Installation Information\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}\setup.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.13"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-06-19  19:45:10
ComboFix-quarantined-files.txt  2014-06-19 17:45
.
Vor Suchlauf: 9 Verzeichnis(se), 506.699.665.408 Bytes frei
Nach Suchlauf: 17 Verzeichnis(se), 506.457.161.728 Bytes frei
.
- - End Of File - - C9AACD0EA42E3AB122E61EA2A3E7141E
ich starte main rechner jetzt neu

Die Meldung ist weg! Cool! :applaus:
Danke sehr!

VG Kamila

M-K-D-B 20.06.2014 13:09
Schritt 1
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).





Schritt 2
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.







Schritt 3
Bitte deaktiviere dein Anti-Viren-Programm, da es das Ergebnis beeinflussen oder ggf. die Bereinigung stören kann.
Bitte lade dir zoek.exe von hier: http://hijackthis.nl/smeenk/ und speichere die Datei auf deinem Desktop.
  • Starte Zoek.exe mit einem Doppelklick.
  • Achtung: Das folgende Skript wurde nur für diesen speziellen Fall geschrieben und könnte andere Computer beschädigen.
  • Kopiere den Text der folgenden Box in das Skriptfenster von zoek:
    Code:
    iedefaults;
    resetIEproxy;
    FFdefaults;
    CHRdefaults;
    emptyclsid;
    autoclean;
  • Nun klicke auf "Run script" und sei geduldig bis das Skript durchgelaufen ist.
  • Wenn das Tool fertig ist, wird sich Notepad mit der Logdatei öffnen (ggf. erst nach einem Neustart). Das Log befindet sich aber auch noch unter c:\ .
  • Bitte poste mir das ZOEK-Log (möglichst in CODE-Tags - #-Symbol im Antwortfenster klicken).





Schritt 4
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei von AdwCleaner,
  • die Logdatei von MBAM,
  • die Logdatei von Zoek,
  • die beiden neuen Logdateien von FRST.

Mucha 21.06.2014 09:32
Code:
# AdwCleaner v3.212 - Bericht erstellt am 20/06/2014 um 21:32:12
# Aktualisiert 05/06/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Kamila - KAMILA-HP
# Gestartet von : C:\Users\Kamila\Desktop\adwcleaner_3.212.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Program Files (x86)\Mysearchdial
Ordner Gelöscht : C:\Program Files (x86)\PC Speed Maximizer
Ordner Gelöscht : C:\Users\Kamila\AppData\Roaming\Mysearchdial
Ordner Gelöscht : C:\Users\Kamila\AppData\Roaming\pdfforge
Ordner Gelöscht : C:\Users\Kamila\Documents\PC Speed Maximizer
Datei Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eBay.lnk
Datei Gelöscht : C:\Users\Kamila\AppData\Roaming\Mozilla\Firefox\Profiles\ndf5ex1r.default\user.js

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MYSEAR~1_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MYSEAR~1_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MySearchDial_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MySearchDial_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{25A3A431-30BB-47C8-AD6A-E1063801134F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3004627E-F8E9-4E8B-909D-316753CBA923}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4ED063C9-4A0B-4B44-A9DC-23AFF424A0D3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C358B3D0-B911-41E3-A276-E7D43A6BA56D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0400EBCA-042C-4000-AA89-9713FBEDB671}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0BD19251-4B4B-4B94-AB16-617106245BB7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3281114F-BCAB-45E3-80D9-A6CD64D4E636}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{44533FCB-F9FB-436A-8B6B-CF637B2D465A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{44B29DDD-CF7A-454A-A275-A322A398D93F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A4DE94DB-DF03-45A3-8A5D-D1B7464B242D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AA0F50A8-2618-4AE4-A779-9F7378555A8F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B2DB115C-8278-4947-9A07-57B53D1C4215}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B97FC455-DB33-431D-84DB-6F1514110BD5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C67281E0-78F5-4E49-9FAE-4B1B2ADAF17B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E72E9312-0367-4216-BFC7-21485FA8390B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F6CCB6C9-127E-44AE-8552-B94356F39FFE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FFD25630-2734-4AE9-88E6-21BF6525F3FE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{219046AE-358F-4CF1-B1FD-2B4DE83642A8}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{25A3A431-30BB-47C8-AD6A-E1063801134F}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{3004627E-F8E9-4E8B-909D-316753CBA923}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0400EBCA-042C-4000-AA89-9713FBEDB671}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0BD19251-4B4B-4B94-AB16-617106245BB7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3281114F-BCAB-45E3-80D9-A6CD64D4E636}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{44533FCB-F9FB-436A-8B6B-CF637B2D465A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{44B29DDD-CF7A-454A-A275-A322A398D93F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A4DE94DB-DF03-45A3-8A5D-D1B7464B242D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{AA0F50A8-2618-4AE4-A779-9F7378555A8F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B2DB115C-8278-4947-9A07-57B53D1C4215}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B97FC455-DB33-431D-84DB-6F1514110BD5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C67281E0-78F5-4E49-9FAE-4B1B2ADAF17B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E72E9312-0367-4216-BFC7-21485FA8390B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F6CCB6C9-127E-44AE-8552-B94356F39FFE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FFD25630-2734-4AE9-88E6-21BF6525F3FE}
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\mysearchdial
Schlüssel Gelöscht : HKLM\Software\InstallCore
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mysearchdial

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17126


-\\ Mozilla Firefox v30.0 (de)

[ Datei : C:\Users\Kamila\AppData\Roaming\Mozilla\Firefox\Profiles\ndf5ex1r.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [6575 octets] - [20/06/2014 21:28:45]
AdwCleaner[S0].txt - [6205 octets] - [20/06/2014 21:32:12]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6265 octets] ##########
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 20.06.2014
Suchlauf-Zeit: 21:49:23
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.06.20.11
Rootkit Datenbank: v2014.06.19.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Kamila

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 300782
Verstrichene Zeit: 12 Min, 18 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 0
(No malicious items detected)

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 0
(No malicious items detected)

Physische Sektoren: 0
(No malicious items detected)


(end)

M-K-D-B 21.06.2014 09:32
Fehlen noch die Logdatei von Zoek und FRST.

Mucha 21.06.2014 09:45
ich lass jetzt zoek laufen.
Grüß

M-K-D-B 21.06.2014 10:41
ok :)

Mucha 21.06.2014 12:30
Hi, der läuft schon über 3 dtunden- ist es normal?
Da steht jetzt: ---Remove from Windows Installer 10:46:42, 37

M-K-D-B 21.06.2014 14:37
Zitat:
Zitat von Mucha (Beitrag 1319638)
Hi, der läuft schon über 3 dtunden- ist es normal?
Da steht jetzt: ---Remove from Windows Installer 10:46:42, 37
Ist etwas lang... mal abwarten, was sich ergibt würde ich sagen.

Mucha 21.06.2014 22:57
Hi Matthias, der zoek läuft immer noch. ich lass ihm es machen, aber ich breuchte langsam meinen Rechner... Dauert es immer so lange?
LG

hi, der läuft immer noch. kann es daran liegen, dass das internet bei mir instabil war? heute war ein techniker und hat am internet verbindung gearbeitet. kann ich den script jetzt stoppen?

M-K-D-B 22.06.2014 11:55
Servus,


ja stoppe mal und guck nach, ob du eine Logdatei von Zoek findest...

dann weiter mit FRST bitte. :)

Mucha 22.06.2014 14:46
ok. Mache ich.
Hier die reste von Zoek ;)
Code:
Zoek.exe v5.0.0.0 Updated 20-06-2014
Tool run by Kamila on 21.06.2014 at 10:44:44,26.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Kamila\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

21.06.2014 10:46:27 Zoek.exe System Restore Point Created Succesfully.

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-06-2014 01
Ran by Kamila (administrator) on KAMILA-HP on 22-06-2014 14:40:36
Running from C:\Users\Kamila\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(DigitalPersona, Inc.) C:\Program Files\DigitalPersona\Bin\DpHostW.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.EXE
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\devmgrsrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\Common\HPSupportSolutionsFrameworkService.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Motorola, Inc.) C:\Program Files\Motorola\Bluetooth\obexsrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(CyberLink) C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(Macrovision Europe Ltd.) C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
() C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
(Acresso Corporation) C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-06-18] (IDT, Inc.)
HKLM\...\Run: [SmartMenu] => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe [611896 2010-01-20] ()
HKLM\...\Run: [HPWirelessAssistant] => C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe [363064 2010-06-18] (Hewlett-Packard Company)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [737872 2014-05-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2691480 2014-03-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-09-09] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [578944 2012-03-05] (Hewlett-Packard Development Company, L.P.)
HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-06-10] (Hewlett-Packard)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-417993538-3000924154-864566095-1000\...\Run: [AviraSpeedup] => C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup_internetsecuritysuite.exe [5036600 2014-02-26] (Avira)
HKU\S-1-5-21-417993538-3000924154-864566095-1000\...\Run: [ISUSPM] => C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe [210208 2008-10-20] (Acresso Corporation)
Lsa: [Notification Packages] DPPassFilter scecli

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {852C037B-94C3-4A12-BE98-973078AD32DE} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd0202ie&cd=2XzuyEtN2Y1L1Qzu0EtDtB0AzztByDyE0FtD0F0BtB0AyC0BtN0D0Tzu0SyBzzzztN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1766428529&ir=
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {07E66047-C698-4E6B-9CC8-FE7393E5D410} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM - {852C037B-94C3-4A12-BE98-973078AD32DE} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd0202ie&cd=2XzuyEtN2Y1L1Qzu0EtDtB0AzztByDyE0FtD0F0BtB0AyC0BtN0D0Tzu0SyBzzzztN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1766428529&ir=
SearchScopes: HKLM - {8F87C405-CE84-42A3-BCDC-B0FB888814FF} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {07E66047-C698-4E6B-9CC8-FE7393E5D410} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKLM-x32 - {8F87C405-CE84-42A3-BCDC-B0FB888814FF} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKCU - {07E66047-C698-4E6B-9CC8-FE7393E5D410} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
SearchScopes: HKCU - {852C037B-94C3-4A12-BE98-973078AD32DE} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=irmsd0202ie&cd=2XzuyEtN2Y1L1Qzu0EtDtB0AzztByDyE0FtD0F0BtB0AyC0BtN0D0Tzu0SyBzzzztN1L2XzutBtFtBtFtCyDtFtCyCtAtCtN1L1CzutBtAtDtC1N1R&cr=1766428529&ir=
SearchScopes: HKCU - {8F87C405-CE84-42A3-BCDC-B0FB888814FF} URL = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
BHO: Avira SearchFree Toolbar - {41564952-412D-5637-4300-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport_x64.dll (APN LLC.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO-x32: Avira SearchFree Toolbar - {41564952-412D-5637-4300-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport.dll (APN LLC.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - Avira SearchFree Toolbar - {41564952-412D-5637-4300-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport_x64.dll (APN LLC.)
Toolbar: HKLM-x32 - Avira SearchFree Toolbar - {41564952-412D-5637-4300-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport.dll (APN LLC.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - Avira SearchFree Toolbar - {41564952-412D-5637-4300-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport_x64.dll (APN LLC.)
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
ShellExecuteHooks-x32: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll [52920 2010-07-21] (EasyBits Software Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2

FireFox:
========
FF ProfilePath: C:\Users\Kamila\AppData\Roaming\Mozilla\Firefox\Profiles\ndf5ex1r.default
FF Homepage: hxxp://www.google.de/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Adblock Plus - C:\Users\Kamila\AppData\Roaming\Mozilla\Firefox\Profiles\ndf5ex1r.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-11]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2014-03-10]
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\DigitalPersona\Bin\FirefoxExt [2014-06-19]

==================== Services (Whitelisted) =================

R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [811088 2014-05-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-05-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-05-20] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1039952 2014-05-20] (Avira Operations GmbH & Co. KG)
S4 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2014-02-13] () [File not signed]
S2 CLKMSVC10_C6F09094; C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\HDDVD\NavFilter\kmsvc.exe [245232 2010-06-29] (CyberLink)
S4 ezSharedSvc; C:\Windows\SysWOW64\ezSharedSvcHost.exe [514232 2010-04-23] (EasyBits Software AS) [File not signed]
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [647680 2010-09-16] (Macrovision Europe Ltd.) [File not signed]
R3 FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [1028096 2010-09-16] (Macrovision Europe Ltd.) [File not signed]
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [47416 2014-02-05] (Hewlett-Packard Company)
S4 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-06-16] (Hewlett-Packard Company) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S4 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [112080 2014-05-20] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-05-20] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-02-26] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [84720 2014-02-26] (Avira Operations GmbH & Co. KG)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-06-22] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-06-22 14:40 - 2014-06-22 14:40 - 00019618 _____ () C:\Users\Kamila\Desktop\FRST.txt
2014-06-22 14:40 - 2014-06-22 14:40 - 00000000 ____D () C:\Users\Kamila\Desktop\FRST-OlderVersion
2014-06-21 10:46 - 2014-06-21 10:46 - 00000408 _____ () C:\zoek-results.log
2014-06-21 10:43 - 2014-06-21 10:46 - 00000530 _____ () C:\runcheck.txt
2014-06-21 10:41 - 2014-06-21 10:41 - 00000000 ____D () C:\zoek_backup
2014-06-21 10:34 - 2014-06-21 10:35 - 01285120 _____ () C:\Users\Kamila\Desktop\zoek.exe
2014-06-21 10:30 - 2014-06-21 10:30 - 00001158 _____ () C:\Users\Kamila\Desktop\mbam.txt
2014-06-21 10:15 - 2014-06-21 10:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (Deutsch)
2014-06-20 21:48 - 2014-06-22 14:33 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-20 21:47 - 2014-06-20 21:47 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-06-20 21:47 - 2014-06-20 21:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-20 21:47 - 2014-06-20 21:47 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-20 21:47 - 2014-06-20 21:47 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-20 21:47 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-20 21:47 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-20 21:47 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-06-20 21:45 - 2014-06-20 21:46 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Kamila\Desktop\mbam-setup-2.0.2.1012.exe
2014-06-20 21:28 - 2014-06-20 21:32 - 00000000 ____D () C:\AdwCleaner
2014-06-20 21:13 - 2014-06-20 21:13 - 01333465 _____ () C:\Users\Kamila\Desktop\adwcleaner_3.212.exe
2014-06-19 22:50 - 2014-06-19 22:50 - 00003910 _____ () C:\Windows\DPINST.LOG
2014-06-19 22:50 - 2014-06-19 22:50 - 00001146 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP SimplePass Identity Protection.lnk
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\SysWOW64\zh-Hant
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\SysWOW64\zh-Hans
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\SysWOW64\tr
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\SysWOW64\sv
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\SysWOW64\sl
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\SysWOW64\ru
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\SysWOW64\ro
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\SysWOW64\pl
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\SysWOW64\no
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\SysWOW64\nl
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\SysWOW64\ko
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\SysWOW64\ja
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\SysWOW64\it
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\SysWOW64\hu
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\SysWOW64\gl-ES
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\SysWOW64\fr
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\SysWOW64\fi
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\SysWOW64\eu-ES
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\SysWOW64\es
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\SysWOW64\el
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\SysWOW64\da
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\SysWOW64\cs
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\SysWOW64\ca-ES
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\SysWOW64\bg
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\system32\zh-Hant
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\system32\zh-Hans
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\system32\tr
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\system32\sv
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\system32\sl
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\system32\ru
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\system32\ro
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\system32\pl
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\system32\no
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\system32\nl
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\system32\ko
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\system32\ja
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\system32\it
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\system32\hu
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\system32\gl-ES
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\system32\fr
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\system32\fi
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\system32\eu-ES
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\system32\es
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\system32\el
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\system32\da
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\system32\cs
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\system32\ca-ES
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\system32\bg
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\DPDrv
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Program Files (x86)\DigitalPersona
2014-06-19 19:45 - 2014-06-19 19:45 - 00025956 _____ () C:\ComboFix.txt
2014-06-19 19:30 - 2014-06-19 19:45 - 00000000 ____D () C:\Qoobox
2014-06-19 19:30 - 2014-06-19 19:43 - 00000000 ____D () C:\Windows\erdnt
2014-06-19 19:30 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-06-19 19:30 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-06-19 19:30 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-06-19 19:30 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-06-19 19:30 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-06-19 19:30 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-06-19 19:30 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-06-19 19:30 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-06-19 19:23 - 2014-06-19 19:24 - 05207168 ____R (Swearware) C:\Users\Kamila\Desktop\ComboFix.exe
2014-06-19 18:45 - 2014-06-19 18:46 - 00034103 _____ () C:\Users\Kamila\Downloads\Addition.txt
2014-06-19 18:44 - 2014-06-19 18:46 - 00044735 _____ () C:\Users\Kamila\Desktop\FRST_01.txt
2014-06-19 18:43 - 2014-06-22 14:40 - 02083328 _____ (Farbar) C:\Users\Kamila\Desktop\FRST64.exe
2014-06-19 18:43 - 2014-06-22 14:40 - 00000000 ____D () C:\FRST
2014-06-19 14:18 - 2014-06-19 19:50 - 00000000 ____D () C:\Users\Kamila\Desktop\Beschprechung Brnd
2014-06-18 22:35 - 2014-06-18 22:35 - 03032135 _____ () C:\Users\Kamila\Downloads\Aussschnitt1_200.dwg
2014-06-18 21:15 - 2014-06-18 21:52 - 00000000 ____D () C:\Users\Kamila\Desktop\Stevie Master
2014-06-17 21:45 - 2014-06-22 14:30 - 00000728 _____ () C:\Windows\setupact.log
2014-06-17 21:45 - 2014-06-17 21:45 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-17 21:44 - 2014-06-22 14:30 - 00002006 _____ () C:\Windows\PFRO.log
2014-06-17 07:58 - 2014-06-17 07:58 - 04748896 _____ (Piriform Ltd) C:\Users\Kamila\Downloads\ccsetup414.exe
2014-06-16 12:00 - 2014-06-17 07:54 - 00000000 ____D () C:\ProgramData\VirtualizedApplications
2014-06-16 09:47 - 2014-06-17 07:51 - 00000000 ____D () C:\ProgramData\AbnoWroj
2014-06-16 09:47 - 2014-06-16 09:47 - 00000000 ___RD () C:\MSOCache
2014-06-16 09:41 - 2014-06-16 23:33 - 00000000 ____D () C:\Users\Kamila\AppData\Roaming\SoftGrid Client
2014-06-16 09:41 - 2014-06-16 09:41 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-06-16 09:41 - 2014-06-16 09:41 - 00000000 ____D () C:\Users\Kamila\AppData\Local\SoftGrid Client
2014-06-16 09:40 - 2014-06-16 23:35 - 00000000 ____D () C:\Program Files (x86)\Microsoft Application Virtualization Client
2014-06-16 09:40 - 2014-06-16 09:41 - 00000000 ____D () C:\Users\Kamila\AppData\Roaming\TP
2014-06-16 09:40 - 2014-06-16 09:40 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-06-14 08:31 - 2014-06-14 08:31 - 00002188 _____ () C:\Users\Public\Desktop\Style Builder 2014.lnk
2014-06-14 08:31 - 2014-06-14 08:31 - 00002102 _____ () C:\Users\Public\Desktop\LayOut 2014.lnk
2014-06-14 08:31 - 2014-06-14 08:31 - 00002017 _____ () C:\Users\Public\Desktop\SketchUp 2014.lnk
2014-06-14 08:31 - 2014-06-14 08:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2014
2014-06-14 08:30 - 2014-06-14 08:30 - 00000000 ____D () C:\Program Files (x86)\SketchUp
2014-06-14 08:25 - 2014-06-14 08:28 - 88751616 _____ (Trimble Navigation Limited) C:\Users\Kamila\Downloads\SketchUpPro-de(1).exe
2014-06-14 08:18 - 2014-06-14 08:18 - 00000000 ____D () C:\Users\Kamila\AppData\Roaming\SketchUp
2014-06-14 08:15 - 2014-06-14 08:15 - 00003120 _____ () C:\Windows\SysWOW64\ALLFSAF14a.ocx
2014-06-14 08:14 - 2014-06-14 08:14 - 00000000 ____D () C:\ProgramData\SketchUp
2014-06-14 08:09 - 2014-06-14 08:13 - 88751616 _____ (Trimble Navigation Limited) C:\Users\Kamila\Downloads\SketchUpPro-de.exe
2014-06-11 19:12 - 2014-06-11 19:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-11 17:33 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-11 17:33 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-11 17:33 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-11 17:33 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-11 17:33 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-11 17:33 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-11 17:33 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-11 17:33 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-11 17:33 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-11 17:33 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-11 17:33 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-11 17:33 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-11 17:33 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-11 17:33 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-11 17:33 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-11 17:33 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-11 17:33 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-11 17:33 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-11 17:33 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-11 17:33 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-11 17:33 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-11 17:33 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-11 17:33 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-11 17:33 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-11 17:33 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-11 17:33 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-11 17:33 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-11 17:33 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-11 17:33 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-11 17:33 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-11 17:33 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-11 17:33 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-11 17:33 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-11 17:33 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-11 17:33 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-11 17:33 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-11 17:33 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-11 17:33 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-11 17:33 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-11 17:33 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-11 17:33 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-11 17:33 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-11 17:33 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-11 17:33 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-11 17:33 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-11 17:33 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-11 17:33 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-11 17:33 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-11 17:33 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-11 17:33 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-11 17:33 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-11 17:33 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-11 17:33 - 2014-05-08 11:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-11 17:33 - 2014-05-08 11:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-06-11 17:33 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-11 17:33 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-11 17:33 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-11 17:33 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-11 17:33 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-11 17:33 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-11 17:33 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-11 17:33 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-11 17:33 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-11 17:33 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-11 17:33 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-11 17:33 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-11 17:32 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-11 17:32 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-02 16:43 - 2014-06-02 16:44 - 08944640 _____ () C:\Users\Kamila\Desktop\wunderkammer.ppt
2014-05-28 11:51 - 2014-05-28 11:51 - 00000000 ____D () C:\Users\Kamila\cityguide

==================== One Month Modified Files and Folders =======

2014-06-22 14:41 - 2014-06-22 14:40 - 00019618 _____ () C:\Users\Kamila\Desktop\FRST.txt
2014-06-22 14:40 - 2014-06-22 14:40 - 00000000 ____D () C:\Users\Kamila\Desktop\FRST-OlderVersion
2014-06-22 14:40 - 2014-06-19 18:43 - 02083328 _____ (Farbar) C:\Users\Kamila\Desktop\FRST64.exe
2014-06-22 14:40 - 2014-06-19 18:43 - 00000000 ____D () C:\FRST
2014-06-22 14:40 - 2009-07-14 06:45 - 00023024 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-22 14:40 - 2009-07-14 06:45 - 00023024 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-22 14:33 - 2014-06-20 21:48 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-22 14:30 - 2014-06-17 21:45 - 00000728 _____ () C:\Windows\setupact.log
2014-06-22 14:30 - 2014-06-17 21:44 - 00002006 _____ () C:\Windows\PFRO.log
2014-06-22 14:30 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-22 14:28 - 2010-09-16 01:51 - 01639404 _____ () C:\Windows\WindowsUpdate.log
2014-06-22 14:24 - 2014-03-13 19:43 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-22 02:00 - 2014-02-26 22:47 - 00000000 ____D () C:\Users\Kamila\AppData\Local\Adobe
2014-06-21 10:46 - 2014-06-21 10:46 - 00000408 _____ () C:\zoek-results.log
2014-06-21 10:46 - 2014-06-21 10:43 - 00000530 _____ () C:\runcheck.txt
2014-06-21 10:41 - 2014-06-21 10:41 - 00000000 ____D () C:\zoek_backup
2014-06-21 10:35 - 2014-06-21 10:34 - 01285120 _____ () C:\Users\Kamila\Desktop\zoek.exe
2014-06-21 10:30 - 2014-06-21 10:30 - 00001158 _____ () C:\Users\Kamila\Desktop\mbam.txt
2014-06-21 10:15 - 2014-06-21 10:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (Deutsch)
2014-06-21 10:15 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-06-20 21:47 - 2014-06-20 21:47 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-06-20 21:47 - 2014-06-20 21:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-20 21:47 - 2014-06-20 21:47 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-20 21:47 - 2014-06-20 21:47 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-20 21:46 - 2014-06-20 21:45 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Kamila\Desktop\mbam-setup-2.0.2.1012.exe
2014-06-20 21:34 - 2014-03-14 15:57 - 00000336 _____ () C:\Windows\Tasks\HPCeeScheduleForKamila.job
2014-06-20 21:32 - 2014-06-20 21:28 - 00000000 ____D () C:\AdwCleaner
2014-06-20 21:21 - 2014-03-14 15:57 - 00003192 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForKamila
2014-06-20 21:21 - 2014-03-06 17:12 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-06-20 21:20 - 2014-03-21 19:02 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-06-20 21:13 - 2014-06-20 21:13 - 01333465 _____ () C:\Users\Kamila\Desktop\adwcleaner_3.212.exe
2014-06-19 22:50 - 2014-06-19 22:50 - 00003910 _____ () C:\Windows\DPINST.LOG
2014-06-19 22:50 - 2014-06-19 22:50 - 00001146 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP SimplePass Identity Protection.lnk
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\SysWOW64\zh-Hant
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\SysWOW64\zh-Hans
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\SysWOW64\tr
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\SysWOW64\sv
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\SysWOW64\sl
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\SysWOW64\ru
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\SysWOW64\ro
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\SysWOW64\pl
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\SysWOW64\no
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\SysWOW64\nl
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\SysWOW64\ko
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\SysWOW64\ja
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\SysWOW64\it
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\SysWOW64\hu
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\SysWOW64\gl-ES
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\SysWOW64\fr
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\SysWOW64\fi
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\SysWOW64\eu-ES
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\SysWOW64\es
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\SysWOW64\el
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\SysWOW64\da
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\SysWOW64\cs
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\SysWOW64\ca-ES
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\SysWOW64\bg
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\system32\zh-Hant
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\system32\zh-Hans
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\system32\tr
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\system32\sv
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\system32\sl
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\system32\ru
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\system32\ro
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\system32\pl
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\system32\no
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\system32\nl
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\system32\ko
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\system32\ja
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\system32\it
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\system32\hu
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\system32\gl-ES
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\system32\fr
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\system32\fi
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\system32\eu-ES
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\system32\es
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\system32\el
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\system32\da
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\system32\cs
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\system32\ca-ES
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\system32\bg
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Windows\DPDrv
2014-06-19 22:50 - 2014-06-19 22:50 - 00000000 ____D () C:\Program Files (x86)\DigitalPersona
2014-06-19 22:50 - 2010-09-16 02:23 - 00000000 ____D () C:\Program Files\DigitalPersona
2014-06-19 22:50 - 2010-07-21 19:33 - 00000000 ____D () C:\Windows\SysWOW64\de
2014-06-19 22:50 - 2010-07-21 19:33 - 00000000 ____D () C:\Windows\system32\de
2014-06-19 22:50 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\WinBioPlugIns
2014-06-19 22:48 - 2009-09-07 02:40 - 00000000 ____D () C:\SwSetup
2014-06-19 22:36 - 2014-03-12 21:21 - 00000000 ____D () C:\Users\Kamila\Graphisoft
2014-06-19 22:07 - 2014-03-12 21:21 - 00000000 ____D () C:\Users\Kamila\Documents\BIMx
2014-06-19 19:50 - 2014-06-19 14:18 - 00000000 ____D () C:\Users\Kamila\Desktop\Beschprechung Brnd
2014-06-19 19:45 - 2014-06-19 19:45 - 00025956 _____ () C:\ComboFix.txt
2014-06-19 19:45 - 2014-06-19 19:30 - 00000000 ____D () C:\Qoobox
2014-06-19 19:43 - 2014-06-19 19:30 - 00000000 ____D () C:\Windows\erdnt
2014-06-19 19:42 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-06-19 19:24 - 2014-06-19 19:23 - 05207168 ____R (Swearware) C:\Users\Kamila\Desktop\ComboFix.exe
2014-06-19 18:46 - 2014-06-19 18:45 - 00034103 _____ () C:\Users\Kamila\Downloads\Addition.txt
2014-06-19 18:46 - 2014-06-19 18:44 - 00044735 _____ () C:\Users\Kamila\Desktop\FRST_01.txt
2014-06-19 15:13 - 2014-03-02 20:41 - 00000000 ____D () C:\Users\Kamila\AppData\Roaming\Skype
2014-06-18 22:35 - 2014-06-18 22:35 - 03032135 _____ () C:\Users\Kamila\Downloads\Aussschnitt1_200.dwg
2014-06-18 21:52 - 2014-06-18 21:15 - 00000000 ____D () C:\Users\Kamila\Desktop\Stevie Master
2014-06-17 21:45 - 2014-06-17 21:45 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-17 08:19 - 2014-03-10 21:41 - 00000000 ____D () C:\Program Files (x86)\PDFCreator
2014-06-17 08:18 - 2014-05-01 21:22 - 00000000 ____D () C:\Windows\Minidump
2014-06-17 08:18 - 2009-09-07 03:57 - 00000000 ____D () C:\Windows\Panther
2014-06-17 07:59 - 2014-03-17 22:47 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-06-17 07:59 - 2014-03-17 22:47 - 00000000 ____D () C:\Program Files\CCleaner
2014-06-17 07:58 - 2014-06-17 07:58 - 04748896 _____ (Piriform Ltd) C:\Users\Kamila\Downloads\ccsetup414.exe
2014-06-17 07:54 - 2014-06-16 12:00 - 00000000 ____D () C:\ProgramData\VirtualizedApplications
2014-06-17 07:51 - 2014-06-16 09:47 - 00000000 ____D () C:\ProgramData\AbnoWroj
2014-06-16 23:35 - 2014-06-16 09:40 - 00000000 ____D () C:\Program Files (x86)\Microsoft Application Virtualization Client
2014-06-16 23:35 - 2014-02-26 21:57 - 01649782 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-06-16 23:35 - 2010-07-21 19:34 - 00700118 _____ () C:\Windows\system32\perfh007.dat
2014-06-16 23:35 - 2010-07-21 19:34 - 00149968 _____ () C:\Windows\system32\perfc007.dat
2014-06-16 23:33 - 2014-06-16 09:41 - 00000000 ____D () C:\Users\Kamila\AppData\Roaming\SoftGrid Client
2014-06-16 09:47 - 2014-06-16 09:47 - 00000000 ___RD () C:\MSOCache
2014-06-16 09:41 - 2014-06-16 09:41 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-06-16 09:41 - 2014-06-16 09:41 - 00000000 ____D () C:\Users\Kamila\AppData\Local\SoftGrid Client
2014-06-16 09:41 - 2014-06-16 09:40 - 00000000 ____D () C:\Users\Kamila\AppData\Roaming\TP
2014-06-16 09:40 - 2014-06-16 09:40 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-06-16 09:40 - 2010-07-21 11:08 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-06-16 09:40 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-06-15 20:09 - 2014-05-08 20:50 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-06-15 20:09 - 2014-03-02 20:41 - 00000000 ____D () C:\ProgramData\Skype
2014-06-14 10:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-06-14 08:31 - 2014-06-14 08:31 - 00002188 _____ () C:\Users\Public\Desktop\Style Builder 2014.lnk
2014-06-14 08:31 - 2014-06-14 08:31 - 00002102 _____ () C:\Users\Public\Desktop\LayOut 2014.lnk
2014-06-14 08:31 - 2014-06-14 08:31 - 00002017 _____ () C:\Users\Public\Desktop\SketchUp 2014.lnk
2014-06-14 08:31 - 2014-06-14 08:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2014
2014-06-14 08:30 - 2014-06-14 08:30 - 00000000 ____D () C:\Program Files (x86)\SketchUp
2014-06-14 08:28 - 2014-06-14 08:25 - 88751616 _____ (Trimble Navigation Limited) C:\Users\Kamila\Downloads\SketchUpPro-de(1).exe
2014-06-14 08:18 - 2014-06-14 08:18 - 00000000 ____D () C:\Users\Kamila\AppData\Roaming\SketchUp
2014-06-14 08:15 - 2014-06-14 08:15 - 00003120 _____ () C:\Windows\SysWOW64\ALLFSAF14a.ocx
2014-06-14 08:14 - 2014-06-14 08:14 - 00000000 ____D () C:\ProgramData\SketchUp
2014-06-14 08:13 - 2014-06-14 08:09 - 88751616 _____ (Trimble Navigation Limited) C:\Users\Kamila\Downloads\SketchUpPro-de.exe
2014-06-12 12:59 - 2014-02-26 21:28 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-11 19:18 - 2014-03-05 11:24 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-11 19:16 - 2014-03-05 11:24 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-11 19:14 - 2014-05-06 09:19 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-11 19:12 - 2014-06-11 19:12 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-08 11:13 - 2014-06-11 17:32 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 11:08 - 2014-06-11 17:32 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-04 21:36 - 2014-05-08 20:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-06-02 16:44 - 2014-06-02 16:43 - 08944640 _____ () C:\Users\Kamila\Desktop\wunderkammer.ppt
2014-06-01 09:25 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-30 12:21 - 2014-06-11 17:33 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-30 12:02 - 2014-06-11 17:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-30 12:02 - 2014-06-11 17:33 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-30 11:45 - 2014-06-11 17:33 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-30 11:39 - 2014-06-11 17:33 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-30 11:39 - 2014-06-11 17:33 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-30 11:38 - 2014-06-11 17:33 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-30 11:28 - 2014-06-11 17:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-30 11:27 - 2014-06-11 17:33 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-30 11:24 - 2014-06-11 17:33 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-30 11:21 - 2014-06-11 17:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-30 11:21 - 2014-06-11 17:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-30 11:20 - 2014-06-11 17:33 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-30 11:18 - 2014-06-11 17:33 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-30 11:11 - 2014-06-11 17:33 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-30 11:08 - 2014-06-11 17:33 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-30 11:06 - 2014-06-11 17:33 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-30 11:02 - 2014-06-11 17:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-30 10:55 - 2014-06-11 17:33 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-30 10:49 - 2014-06-11 17:33 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-30 10:46 - 2014-06-11 17:33 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-30 10:44 - 2014-06-11 17:33 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-30 10:44 - 2014-06-11 17:33 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-30 10:43 - 2014-06-11 17:33 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-30 10:42 - 2014-06-11 17:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-30 10:38 - 2014-06-11 17:33 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-30 10:35 - 2014-06-11 17:33 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-30 10:34 - 2014-06-11 17:33 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-30 10:33 - 2014-06-11 17:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-30 10:30 - 2014-06-11 17:33 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-30 10:29 - 2014-06-11 17:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-30 10:28 - 2014-06-11 17:33 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-30 10:27 - 2014-06-11 17:33 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-30 10:24 - 2014-06-11 17:33 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-05-30 10:23 - 2014-06-11 17:33 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-30 10:16 - 2014-06-11 17:33 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-30 10:10 - 2014-06-11 17:33 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-30 10:06 - 2014-06-11 17:33 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-30 10:04 - 2014-06-11 17:33 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-30 10:02 - 2014-06-11 17:33 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-30 09:56 - 2014-06-11 17:33 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-30 09:56 - 2014-06-11 17:33 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-30 09:54 - 2014-06-11 17:33 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-30 09:50 - 2014-06-11 17:33 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-05-30 09:49 - 2014-06-11 17:33 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-30 09:43 - 2014-06-11 17:33 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-30 09:40 - 2014-06-11 17:33 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-30 09:30 - 2014-06-11 17:33 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-30 09:21 - 2014-06-11 17:33 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-30 09:15 - 2014-06-11 17:33 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-30 09:13 - 2014-06-11 17:33 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-30 09:13 - 2014-06-11 17:33 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-05-28 11:51 - 2014-05-28 11:51 - 00000000 ____D () C:\Users\Kamila\cityguide
2014-05-28 11:51 - 2014-02-20 02:31 - 00000000 ____D () C:\Users\Kamila

Some content of TEMP:
====================
C:\Users\Kamila\AppData\Local\Temp\7za.exe
C:\Users\Kamila\AppData\Local\Temp\avgnt.exe
C:\Users\Kamila\AppData\Local\Temp\Extract.exe
C:\Users\Kamila\AppData\Local\Temp\hijackthis.exe
C:\Users\Kamila\AppData\Local\Temp\NirCmd.exe
C:\Users\Kamila\AppData\Local\Temp\PEVZ.EXE
C:\Users\Kamila\AppData\Local\Temp\Quarantine.exe
C:\Users\Kamila\AppData\Local\Temp\remove.exe
C:\Users\Kamila\AppData\Local\Temp\sed.exe
C:\Users\Kamila\AppData\Local\Temp\shortcut.exe
C:\Users\Kamila\AppData\Local\Temp\SP55909.exe
C:\Users\Kamila\AppData\Local\Temp\swreg.exe
C:\Users\Kamila\AppData\Local\Temp\swxcacls.exe
C:\Users\Kamila\AppData\Local\Temp\wget.exe
C:\Users\Kamila\AppData\Local\Temp\zoek-delete.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-19 09:41

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---

das war frst.

LG


Alle Zeitangaben in WEZ +1. Es ist jetzt 23:40 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131