joeathome | 07.03.2014 10:12 | Ständige Popups in Chrome sowie Firefox, langsames Internet, Avast findet keine Fehler Hallo liebe Forumsgemeinde,
ich hab seit ein Paar Wochen Probleme mit ständigen Popups. Das ganze hat in Firefox angefangen. Hab dann gedacht, wenn ich mit Chrome surfe wird es vielleicht besser. Aber da ist das gleiche. Das ganze hat meines Erachtens begonnen, nachdem ich SpeedupmyPc über mein System laufen hab lassen. Bei einem Virusscan mit Avast Premium kommt nichts dabei raus.
Zu meinen Systemdaten:
Intel Core 2 Quad Q8200 @ je 2.33 GHz
3 GB Ram
Betriebssystem: Winows 7 Home Prem. SP 1 32 Bit
Jetzt die LogFiles:
1. FRST.txt: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 05-03-2014 02
Ran by Joe (administrator) on JOE-PC on 07-03-2014 08:41:20
Running from C:\Users\Joe\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Cherished Technololgy LIMITED) C:\ProgramData\WPM\wprotectmanager.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(CyberLink) C:\Program Files\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe
(CyberLink) C:\Program Files\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe
(Hewlett-Packard Company) C:\Program Files\Common Files\LightScribe\LSSrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS32.exe
() C:\Program Files\NewPlayer\NewPlayerUpdaterService.exe
(Entriq, Inc.) C:\Program Files\maxdome\DCBin\DCService.exe
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
(Microsoft Corporation) c:\program files\windows defender\MpCmdRun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Uniblue Systems Limited) C:\Program Files\Uniblue\SpeedUpMyPC\speedupmypc.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Lavasoft) C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
(Lavasoft) C:\ProgramData\Search Protection\SearchProtection.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTray.exe
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
(Sony) C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe
(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
() C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
() C:\Program Files\maxdome\DCBin\DCTrayApp.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
(PC Utilities Software Limited) C:\Program Files\Optimizer Pro\OptProSmartScan.exe
() C:\Program Files\WISO\Steuersoftware 2013\mshaktuell.exe
(PC Utilities Software Limited) C:\Program Files\Optimizer Pro\OptProReminder.exe
(MyPCBackup.com) C:\Program Files\MyPC Backup\MyPC Backup.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
() C:\Users\Joe\Desktop\Defogger.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [NeroFilterCheck] - C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [155648 2006-01-12] (Nero AG)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-10-11] (Apple Inc.)
HKLM\...\Run: [Windows Mobile Device Center] - C:\Windows\WindowsMobile\wmdc.exe [648072 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [PowerDVD13Agent] - C:\Program Files\CyberLink\PowerDVD13\PowerDVD13Agent.exe [513048 2013-05-27] (CyberLink Corp.)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [AvastUI.exe] - C:\Program Files\AVAST Software\Avast\AvastUI.exe [3767096 2014-01-30] (AVAST Software)
HKLM\...\Run: [Ad-Aware Browsing Protection] - C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [559696 2013-09-27] (Lavasoft)
HKLM\...\Run: [Search Protection] - C:\ProgramData\Search Protection\SearchProtection.exe [943016 2013-06-13] (Lavasoft)
HKLM\...\Run: [] - [X]
HKLM\...\Run: [AdAwareTray] - C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTray.exe [3643224 2014-01-23] ()
HKU\S-1-5-21-1996083772-1622292050-2711835131-1000\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] - C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [143360 2006-12-23] (Nero AG)
HKU\S-1-5-21-1996083772-1622292050-2711835131-1000\...\Run: [Sony PC Companion] - C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe [449760 2013-10-31] (Sony)
HKU\S-1-5-21-1996083772-1622292050-2711835131-1000\...\Run: [Skype] - C:\Program Files\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-1996083772-1622292050-2711835131-1000\...\Run: [Optimizer Pro] - C:\Program Files\Optimizer Pro\OptProLauncher.exe [135160 2014-01-28] (PC Utilities Software Limited)
HKU\S-1-5-21-1996083772-1622292050-2711835131-1000\...\MountPoints2: {c1088b7d-934a-11e3-82ef-0023541dc17a} - M:\Startme.exe
HKU\S-1-5-21-1996083772-1622292050-2711835131-1000\...\MountPoints2: {d55be574-9a3e-11e1-ae0f-0023541dc17a} - F:\Startme.exe
AppInit_DLLs: c:\progra~2\optimi~1\optpro~1.dll => C:\Program Files\Optimizer Pro\OptProCrash.dll [2961368 2014-03-05] ()
Startup: C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://securedsearch2.lavasoft.com/index.php?pr=vmn&id=adawaretb&v=3_8&idate=2014-02-03&ent=hp&u=1408723875B059AE0CD7A952EFF30966
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x70E2CA84A4DBCC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nationzoom.com/?type=hp&ts=1387397287&from=tugs&uid=SAMSUNGXHD642JJ_S1AFJ1NQ907509
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1387397287&from=tugs&uid=SAMSUNGXHD642JJ_S1AFJ1NQ907509&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.nationzoom.com/?type=hp&ts=1387397287&from=tugs&uid=SAMSUNGXHD642JJ_S1AFJ1NQ907509
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.nationzoom.com/?type=hp&ts=1387397287&from=tugs&uid=SAMSUNGXHD642JJ_S1AFJ1NQ907509
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nationzoom.com/web/?type=ds&ts=1387397287&from=tugs&uid=SAMSUNGXHD642JJ_S1AFJ1NQ907509&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.nationzoom.com/?type=sc&ts=1387397287&from=tugs&uid=SAMSUNGXHD642JJ_S1AFJ1NQ907509
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1387397287&from=tugs&uid=SAMSUNGXHD642JJ_S1AFJ1NQ907509&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1387397287&from=tugs&uid=SAMSUNGXHD642JJ_S1AFJ1NQ907509&q={searchTerms}
SearchScopes: HKCU - DefaultScope {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://securedsearch2.lavasoft.com/results.php?pr=vmn&id=adawaretb&v=3_8&idate=2014-02-03&hsimp=yhs-lavasoft&ent=ch&q={searchTerms}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/?q={searchTerms}&AF=109986&babsrc=SP_ss&mntrId=6812002d0000000000000023541dc17a
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.nationzoom.com/web/?type=ds&ts=1387397287&from=tugs&uid=SAMSUNGXHD642JJ_S1AFJ1NQ907509&q={searchTerms}
SearchScopes: HKCU - {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL = hxxp://securedsearch2.lavasoft.com/results.php?pr=vmn&id=adawaretb&v=3_8&idate=2014-02-03&hsimp=yhs-lavasoft&ent=ch&q={searchTerms}
BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: Plus-HD-1.3 - {11111111-1111-1111-1111-110311121157} - C:\Program Files\Plus-HD-1.3\Plus-HD-1.3-bho.dll (Plus HD)
BHO: media enhance - {11111111-1111-1111-1111-110411411150} - C:\Program Files\media enhance\media enhance-bho.dll (feven)
BHO: fiv en - {11111111-1111-1111-1111-110511161182} - C:\Program Files\fiv en\fiv en-bho.dll (feven)
BHO: Ad-Aware Security Add-on - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files\Lavasoft\AdAware SecureSearch Toolbar\adawareDx.dll ()
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM - Ad-Aware Security Add-on - {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files\Lavasoft\AdAware SecureSearch Toolbar\adawareDx.dll ()
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Joe\AppData\Roaming\Mozilla\Firefox\Profiles\ge1xl749.default
FF user.js: detected! => C:\Users\Joe\AppData\Roaming\Mozilla\Firefox\Profiles\ge1xl749.default\user.js
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF DefaultSearchEngine: nationzoom
FF SelectedSearchEngine: nationzoom
FF Homepage: hxxp://securedsearch2.lavasoft.com/index.php?pr=vmn&id=adawaretb&v=3_8&idate=2014-02-03&ent=hp&u=1408723875B059AE0CD7A952EFF30966
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @playstation.com/PsndlCheck,version=1.00 - C:\Program Files\Sony\PLAYSTATION Network Downloader\nppsndl.dll (Sony Computer Entertainment Inc.)
FF Plugin: @SonyCreativeSoftware.com/Media Go,version=1.0 - C:\Program Files\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF Plugin: @thrixxx.com/WebLaunch - C:\Program Files\thriXXX\WebLaunch\Binaries\npWebLaunch.dll ( )
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.7 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @thrixxx.com/WebLaunch - C:\Program Files\thriXXX\WebLaunch\Binaries\npWebLaunch.dll ( )
FF SearchPlugin: C:\Users\Joe\AppData\Roaming\Mozilla\Firefox\Profiles\ge1xl749.default\searchplugins\11-suche.xml
FF SearchPlugin: C:\Users\Joe\AppData\Roaming\Mozilla\Firefox\Profiles\ge1xl749.default\searchplugins\conduit-search.xml
FF SearchPlugin: C:\Users\Joe\AppData\Roaming\Mozilla\Firefox\Profiles\ge1xl749.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Joe\AppData\Roaming\Mozilla\Firefox\Profiles\ge1xl749.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Joe\AppData\Roaming\Mozilla\Firefox\Profiles\ge1xl749.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Joe\AppData\Roaming\Mozilla\Firefox\Profiles\ge1xl749.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\babylon.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\nationzoom.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\adawaretb.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: media enhance - C:\Users\Joe\AppData\Roaming\Mozilla\Firefox\Profiles\ge1xl749.default\Extensions\0c822a17-a68f-4066-9257-d229458d21ca@9c178d17-dc61-4aaf-b2da-1425ac7300ac.com [2014-03-05]
FF Extension: Plus-HD-1.3 - C:\Users\Joe\AppData\Roaming\Mozilla\Firefox\Profiles\ge1xl749.default\Extensions\509508ef-0b14-4616-a557-0d58601be33d@c4a581e9-0ea6-46db-a185-58e021ee138c.com [2014-03-05]
FF Extension: fiv en - C:\Users\Joe\AppData\Roaming\Mozilla\Firefox\Profiles\ge1xl749.default\Extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com [2014-03-05]
FF Extension: Ad-Aware Security Add-on - C:\Users\Joe\AppData\Roaming\Mozilla\Firefox\Profiles\ge1xl749.default\Extensions\{87934c42-161d-45bc-8cef-ef18abe2a30c} [2014-02-03]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-01-25]
Chrome:
=======
CHR HomePage: hxxp://securedsearch2.lavasoft.com/index.php?pr=vmn&id=adawaretb&v=3_8&idate=2014-02-03&ent=hp&u=1408723875B059AE0CD7A952EFF30966
CHR DefaultSearchKeyword: securesearch
CHR DefaultSearchProvider: SecureSearch
CHR DefaultSearchURL: hxxp://securedsearch2.lavasoft.com/results.php?pr=vmn&id=adawaretb&v=3_8&idate=2014-02-03&hsimp=yhs-lavasoft&ent=ch&q={searchTerms}
CHR DefaultNewTabURL:
CHR Extension: (Google Docs) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-30]
CHR Extension: (Google Drive) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-30]
CHR Extension: (YouTube) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-30]
CHR Extension: (McAfee Security Scan+) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh [2014-03-05]
CHR Extension: (Google-Suche) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-30]
CHR Extension: (fiv en) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh [2014-03-05]
CHR Extension: (avast! Online Security) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-02-03]
CHR Extension: (Plus-HD-1.3) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl [2014-02-03]
CHR Extension: (media enhance) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\lekgiimbfodefdaoofhlckefjbgpeilo [2014-03-05]
CHR Extension: (Google Wallet) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-30]
CHR Extension: (Lavasoft NewTab) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\oejkcgajlodefenbbjdnaiahmbnnoole [2014-02-03]
CHR Extension: (Google Mail) - C:\Users\Joe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-30]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2013-12-14]
CHR HKLM\...\Chrome\Extension: [oejkcgajlodefenbbjdnaiahmbnnoole] - C:\Program Files\Lavasoft\AdAware SecureSearch Toolbar\chrome-newtab-search.crx [2014-01-17]
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
========================== Services (Whitelisted) =================
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-01-30] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [113704 2014-01-30] (AVAST Software)
S2 BackupStack; C:\Program Files\MyPC Backup\BackupStack.exe [36392 2014-02-18] (Just Develop It)
R2 ca82e1a5; C:\Program Files\Optimizer Pro\OptProCrashSvc.dll [186496 2014-03-05] ()
R2 CyberLink PowerDVD 13 Media Server Monitor Service; C:\Program Files\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe [77576 2013-05-27] (CyberLink)
R2 CyberLink PowerDVD 13 Media Server Service; C:\Program Files\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe [323336 2013-05-27] (CyberLink)
R2 EpsonBidirectionalService; C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION)
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe [651232 2014-01-23] ()
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [235696 2014-01-16] (McAfee, Inc.)
R2 NewPlayerUpdaterService; C:\Program Files\NewPlayer\NewPlayerUpdaterService.exe [11776 2014-02-25] ()
R2 Prosieben; C:\Program Files\maxdome\DCBin\DCService.exe [77032 2009-05-01] (Entriq, Inc.)
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)
R2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [499856 2013-12-18] (Cherished Technololgy LIMITED)
==================== Drivers (Whitelisted) ====================
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [26136 2013-12-14] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-01-30] (AVAST Software)
R1 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [265072 2014-02-24] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [79720 2013-12-14] (AVAST Software)
R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2013-12-14] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [775952 2014-01-30] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [410784 2014-01-30] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [64168 2014-01-30] (AVAST Software)
R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [180248 2014-01-30] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2012-01-26] (DT Soft Ltd)
R3 NxpCap; C:\Windows\System32\DRIVERS\NxpCap.sys [1299032 2009-08-24] (NXP Semiconductors Germany GmbH)
R3 RT61; C:\Windows\System32\DRIVERS\RT61.sys [368128 2009-06-02] (Ralink Technology, Corp.)
R3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [340624 2013-07-17] (BitDefender S.R.L.)
R2 {09F57980-3432-4AFC-957D-27AC45FAE1F5}; C:\Program Files\CyberLink\PowerDVD13\Common\NavFilter\000.fcl [76560 2013-05-27] (CyberLink Corp.)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-03-07 08:41 - 2014-03-07 08:41 - 00021527 _____ () C:\Users\Joe\Desktop\FRST.txt
2014-03-07 08:41 - 2014-03-07 08:41 - 00000000 ____D () C:\FRST
2014-03-07 08:40 - 2014-03-07 08:40 - 00000468 _____ () C:\Users\Joe\Desktop\defogger_disable.log
2014-03-06 19:15 - 2014-03-06 19:15 - 00000000 ____D () C:\Users\Ramona\AppData\Roaming\AVAST Software
2014-03-06 19:14 - 2014-03-06 19:14 - 00000000 ____D () C:\Users\Ramona\AppData\Local\adawarebp
2014-03-05 23:49 - 2014-03-05 23:49 - 00000538 _____ () C:\Users\Joe\Downloads\defogger_disable.log
2014-03-05 23:49 - 2014-03-05 23:49 - 00000156 _____ () C:\Users\Joe\defogger_reenable
2014-03-05 23:47 - 2014-03-05 23:47 - 00380416 _____ () C:\Users\Joe\Desktop\Gmer-19357.exe
2014-03-05 23:45 - 2014-03-05 23:46 - 01145344 _____ (Farbar) C:\Users\Joe\Desktop\FRST.exe
2014-03-05 23:43 - 2014-03-05 23:43 - 00050477 _____ () C:\Users\Joe\Desktop\Defogger.exe
2014-03-05 23:02 - 2014-03-05 23:02 - 00006144 _____ () C:\Users\Joe\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-03-05 23:00 - 2014-03-05 23:00 - 00000000 ____D () C:\Program Files\Digital Copy
2014-03-05 22:57 - 2014-03-05 23:00 - 23009752 _____ (Deluxe Digital Studios) C:\Users\Joe\Downloads\StarTrekIntoDarkness_DEU_Installer (1).exe
2014-03-05 22:52 - 2014-03-05 22:52 - 00000000 ____D () C:\Users\Joe\AppData\Local\Tuguu_SL
2014-03-05 22:51 - 2014-03-07 08:38 - 00002322 _____ () C:\Windows\Tasks\media enhance-firefoxinstaller.job
2014-03-05 22:51 - 2014-03-07 08:38 - 00001556 _____ () C:\Windows\Tasks\media enhance-updater.job
2014-03-05 22:51 - 2014-03-07 08:38 - 00001510 _____ () C:\Windows\Tasks\media enhance-codedownloader.job
2014-03-05 22:51 - 2014-03-07 08:38 - 00001410 _____ () C:\Windows\Tasks\media enhance-enabler.job
2014-03-05 22:51 - 2014-03-05 22:51 - 00001919 _____ () C:\Users\Joe\Desktop\Sync Folder.lnk
2014-03-05 22:51 - 2014-03-05 22:51 - 00001063 _____ () C:\Users\Public\Desktop\NewPlayer.lnk
2014-03-05 22:51 - 2014-03-05 22:51 - 00001049 _____ () C:\Users\Joe\Desktop\MyPC Backup.lnk
2014-03-05 22:51 - 2014-03-05 22:51 - 00000000 ____D () C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-03-05 22:51 - 2014-03-05 22:51 - 00000000 ____D () C:\Users\Joe\AppData\Local\newplayer
2014-03-05 22:51 - 2014-03-05 22:51 - 00000000 ____D () C:\Program Files\NewPlayer
2014-03-05 22:50 - 2014-03-07 08:38 - 00003084 _____ () C:\Windows\Tasks\media enhance-chromeinstaller.job
2014-03-05 22:50 - 2014-03-05 22:51 - 00000000 ____D () C:\Program Files\media enhance
2014-03-05 22:50 - 2014-03-05 22:50 - 00001024 _____ () C:\Users\Joe\Desktop\Optimizer Pro.lnk
2014-03-05 22:49 - 2014-03-07 08:38 - 00003056 _____ () C:\Windows\Tasks\fiv en-chromeinstaller.job
2014-03-05 22:49 - 2014-03-07 08:38 - 00002188 _____ () C:\Windows\Tasks\fiv en-firefoxinstaller.job
2014-03-05 22:49 - 2014-03-07 08:38 - 00001458 _____ () C:\Windows\Tasks\fiv en-updater.job
2014-03-05 22:49 - 2014-03-07 08:38 - 00001412 _____ () C:\Windows\Tasks\fiv en-codedownloader.job
2014-03-05 22:49 - 2014-03-07 08:38 - 00001312 _____ () C:\Windows\Tasks\fiv en-enabler.job
2014-03-05 22:47 - 2014-03-05 22:48 - 23009752 _____ (Deluxe Digital Studios) C:\Users\Joe\Downloads\StarTrekIntoDarkness_DEU_Installer.exe
2014-03-05 22:47 - 2014-03-05 22:48 - 00397720 _____ () C:\Users\Joe\Downloads\Setup.exe
2014-02-24 22:35 - 2014-02-24 22:35 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-02-14 23:49 - 2014-02-06 11:38 - 17103872 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-14 23:49 - 2014-02-06 11:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-14 23:49 - 2014-02-06 11:19 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-14 23:49 - 2014-02-06 11:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-14 23:49 - 2014-02-06 11:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-14 23:49 - 2014-02-06 10:57 - 02168320 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-14 23:49 - 2014-02-06 10:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-14 23:49 - 2014-02-06 10:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-14 23:49 - 2014-02-06 10:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-14 23:49 - 2014-02-06 10:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-14 23:49 - 2014-02-06 10:47 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-14 23:49 - 2014-02-06 10:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-14 23:49 - 2014-02-06 10:34 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-14 23:49 - 2014-02-06 10:25 - 04244480 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-14 23:49 - 2014-02-06 10:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-14 23:49 - 2014-02-06 10:13 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-14 23:49 - 2014-02-06 10:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-14 23:49 - 2014-02-06 10:03 - 11266048 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-14 23:49 - 2014-02-06 09:41 - 01820160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-14 23:49 - 2014-02-06 09:36 - 01156096 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-14 23:49 - 2014-02-06 09:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-14 23:41 - 2013-12-21 09:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-02-14 20:53 - 2014-01-01 00:05 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-02-14 20:52 - 2013-12-25 00:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-02-14 20:52 - 2013-12-06 03:02 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-02-14 20:52 - 2013-12-06 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-02-14 20:52 - 2013-12-04 03:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-02-14 20:52 - 2013-12-04 03:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-02-14 20:52 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-02-14 20:52 - 2013-12-04 03:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-02-14 20:52 - 2013-12-04 03:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-02-14 20:52 - 2013-12-04 02:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-02-14 20:52 - 2013-12-04 02:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-02-14 20:52 - 2013-12-04 02:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-02-14 20:52 - 2013-12-04 02:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-02-14 20:52 - 2013-11-26 09:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-02-11 21:16 - 2014-02-11 21:16 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2014-02-11 20:45 - 2014-02-11 21:12 - 998775370 _____ () C:\Users\Joe\Downloads\babes_gg_natasha_aidra_dc112313_1080p_6000.mp4
2014-02-11 20:35 - 2014-02-11 20:35 - 00000000 ____D () C:\Users\Joe\Documents\Sony
2014-02-11 20:09 - 2014-02-11 20:09 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ggsemc_01009.Wdf
2014-02-11 20:09 - 2014-02-11 20:09 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ggflt_01009.Wdf
2014-02-11 19:42 - 2014-02-11 19:42 - 00000000 ____D () C:\ProgramData\Sony Mobile
2014-02-11 19:42 - 2014-02-11 19:42 - 00000000 ____D () C:\Program Files\Sony Mobile
2014-02-11 19:38 - 2014-02-11 19:38 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_wpdcomp_01_09_00.Wdf
==================== One Month Modified Files and Folders =======
2014-03-07 08:41 - 2014-03-07 08:41 - 00021527 _____ () C:\Users\Joe\Desktop\FRST.txt
2014-03-07 08:41 - 2014-03-07 08:41 - 00000000 ____D () C:\FRST
2014-03-07 08:41 - 2014-01-30 18:10 - 00001092 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-07 08:40 - 2014-03-07 08:40 - 00000468 _____ () C:\Users\Joe\Desktop\defogger_disable.log
2014-03-07 08:39 - 2013-01-25 17:32 - 00000000 ____D () C:\Users\Joe\AppData\Roaming\Skype
2014-03-07 08:38 - 2014-03-05 22:51 - 00002322 _____ () C:\Windows\Tasks\media enhance-firefoxinstaller.job
2014-03-07 08:38 - 2014-03-05 22:51 - 00001556 _____ () C:\Windows\Tasks\media enhance-updater.job
2014-03-07 08:38 - 2014-03-05 22:51 - 00001510 _____ () C:\Windows\Tasks\media enhance-codedownloader.job
2014-03-07 08:38 - 2014-03-05 22:51 - 00001410 _____ () C:\Windows\Tasks\media enhance-enabler.job
2014-03-07 08:38 - 2014-03-05 22:50 - 00003084 _____ () C:\Windows\Tasks\media enhance-chromeinstaller.job
2014-03-07 08:38 - 2014-03-05 22:49 - 00003056 _____ () C:\Windows\Tasks\fiv en-chromeinstaller.job
2014-03-07 08:38 - 2014-03-05 22:49 - 00002188 _____ () C:\Windows\Tasks\fiv en-firefoxinstaller.job
2014-03-07 08:38 - 2014-03-05 22:49 - 00001458 _____ () C:\Windows\Tasks\fiv en-updater.job
2014-03-07 08:38 - 2014-03-05 22:49 - 00001412 _____ () C:\Windows\Tasks\fiv en-codedownloader.job
2014-03-07 08:38 - 2014-03-05 22:49 - 00001312 _____ () C:\Windows\Tasks\fiv en-enabler.job
2014-03-07 08:38 - 2014-01-30 18:10 - 00001088 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-07 08:38 - 2013-12-18 21:08 - 00001308 _____ () C:\Windows\Tasks\Plus-HD-1.3-updater.job
2014-03-07 08:38 - 2013-12-18 21:08 - 00001210 _____ () C:\Windows\Tasks\Plus-HD-1.3-codedownloader.job
2014-03-07 08:38 - 2013-12-18 21:08 - 00001110 _____ () C:\Windows\Tasks\Plus-HD-1.3-enabler.job
2014-03-07 08:38 - 2013-12-18 21:08 - 00000256 _____ () C:\Windows\Tasks\SpeedUpMyPC Startup.job
2014-03-07 08:38 - 2013-12-18 21:07 - 00002072 _____ () C:\Windows\Tasks\Plus-HD-1.3-firefoxinstaller.job
2014-03-07 08:38 - 2013-12-18 21:07 - 00001944 _____ () C:\Windows\Tasks\Plus-HD-1.3-chromeinstaller.job
2014-03-07 08:38 - 2012-01-25 09:10 - 01319398 _____ () C:\Windows\WindowsUpdate.log
2014-03-07 08:37 - 2013-12-18 21:08 - 00000262 _____ () C:\Windows\Tasks\SpeedUpMyPC Maintenance.job
2014-03-07 08:37 - 2012-08-08 19:45 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-06 19:20 - 2009-07-14 05:34 - 00020272 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-06 19:20 - 2009-07-14 05:34 - 00020272 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-06 19:15 - 2014-03-06 19:15 - 00000000 ____D () C:\Users\Ramona\AppData\Roaming\AVAST Software
2014-03-06 19:14 - 2014-03-06 19:14 - 00000000 ____D () C:\Users\Ramona\AppData\Local\adawarebp
2014-03-06 19:14 - 2014-02-03 20:53 - 00002305 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2014-03-06 19:13 - 2012-01-25 10:20 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-06 19:13 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-06 19:13 - 2009-07-14 05:39 - 00051214 _____ () C:\Windows\setupact.log
2014-03-06 03:07 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-03-06 03:03 - 2013-01-25 17:32 - 00000000 ___RD () C:\Program Files\Skype
2014-03-06 03:03 - 2013-01-25 17:32 - 00000000 ____D () C:\ProgramData\Skype
2014-03-06 03:03 - 2010-11-20 22:01 - 01593276 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-05 23:49 - 2014-03-05 23:49 - 00000538 _____ () C:\Users\Joe\Downloads\defogger_disable.log
2014-03-05 23:49 - 2014-03-05 23:49 - 00000156 _____ () C:\Users\Joe\defogger_reenable
2014-03-05 23:49 - 2012-01-25 09:18 - 00000000 ____D () C:\Users\Joe
2014-03-05 23:47 - 2014-03-05 23:47 - 00380416 _____ () C:\Users\Joe\Desktop\Gmer-19357.exe
2014-03-05 23:46 - 2014-03-05 23:45 - 01145344 _____ (Farbar) C:\Users\Joe\Desktop\FRST.exe
2014-03-05 23:43 - 2014-03-05 23:43 - 00050477 _____ () C:\Users\Joe\Desktop\Defogger.exe
2014-03-05 23:02 - 2014-03-05 23:02 - 00006144 _____ () C:\Users\Joe\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-03-05 23:00 - 2014-03-05 23:00 - 00000000 ____D () C:\Program Files\Digital Copy
2014-03-05 23:00 - 2014-03-05 22:57 - 23009752 _____ (Deluxe Digital Studios) C:\Users\Joe\Downloads\StarTrekIntoDarkness_DEU_Installer (1).exe
2014-03-05 22:52 - 2014-03-05 22:52 - 00000000 ____D () C:\Users\Joe\AppData\Local\Tuguu_SL
2014-03-05 22:51 - 2014-03-05 22:51 - 00001919 _____ () C:\Users\Joe\Desktop\Sync Folder.lnk
2014-03-05 22:51 - 2014-03-05 22:51 - 00001063 _____ () C:\Users\Public\Desktop\NewPlayer.lnk
2014-03-05 22:51 - 2014-03-05 22:51 - 00001049 _____ () C:\Users\Joe\Desktop\MyPC Backup.lnk
2014-03-05 22:51 - 2014-03-05 22:51 - 00000000 ____D () C:\Users\Joe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-03-05 22:51 - 2014-03-05 22:51 - 00000000 ____D () C:\Users\Joe\AppData\Local\newplayer
2014-03-05 22:51 - 2014-03-05 22:51 - 00000000 ____D () C:\Program Files\NewPlayer
2014-03-05 22:51 - 2014-03-05 22:50 - 00000000 ____D () C:\Program Files\media enhance
2014-03-05 22:51 - 2014-01-07 00:45 - 00000000 ____D () C:\Program Files\MyPC Backup
2014-03-05 22:50 - 2014-03-05 22:50 - 00001024 _____ () C:\Users\Joe\Desktop\Optimizer Pro.lnk
2014-03-05 22:50 - 2014-01-07 00:44 - 00000000 ____D () C:\Program Files\Optimizer Pro
2014-03-05 22:48 - 2014-03-05 22:47 - 23009752 _____ (Deluxe Digital Studios) C:\Users\Joe\Downloads\StarTrekIntoDarkness_DEU_Installer.exe
2014-03-05 22:48 - 2014-03-05 22:47 - 00397720 _____ () C:\Users\Joe\Downloads\Setup.exe
2014-03-05 22:48 - 2014-01-07 00:44 - 00000000 _____ () C:\END
2014-03-05 22:32 - 2014-01-30 18:13 - 00002121 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-03-05 22:14 - 2012-01-26 20:25 - 00000000 ____D () C:\Users\Joe\AppData\Roaming\vlc
2014-03-05 20:02 - 2013-06-25 21:08 - 00001028 _____ () C:\Users\Public\Desktop\VLC media player.lnk
2014-03-05 19:55 - 2010-11-20 22:48 - 00199312 _____ () C:\Windows\PFRO.log
2014-02-25 00:08 - 2012-08-08 19:45 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-02-25 00:08 - 2012-01-26 22:32 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-02-24 22:40 - 2013-06-26 11:07 - 00265072 _____ (AVAST Software) C:\Windows\system32\Drivers\aswndisflt.sys
2014-02-24 22:35 - 2014-02-24 22:35 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-02-24 22:35 - 2012-02-25 20:57 - 00002012 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-02-15 20:23 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache
2014-02-14 23:46 - 2013-08-18 02:06 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-14 23:44 - 2012-01-25 10:04 - 85946576 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-14 23:41 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-02-14 20:48 - 2012-01-25 09:20 - 00504630 _____ () C:\Windows\DPINST.LOG
2014-02-11 21:51 - 2012-06-25 20:09 - 00153088 ___SH () C:\Users\Joe\Downloads\Thumbs.db
2014-02-11 21:16 - 2014-02-11 21:16 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01007.Wdf
2014-02-11 21:15 - 2012-05-24 20:40 - 00002048 _____ () C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2014-02-11 21:15 - 2012-01-26 23:04 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-02-11 21:12 - 2014-02-11 20:45 - 998775370 _____ () C:\Users\Joe\Downloads\babes_gg_natasha_aidra_dc112313_1080p_6000.mp4
2014-02-11 20:35 - 2014-02-11 20:35 - 00000000 ____D () C:\Users\Joe\Documents\Sony
2014-02-11 20:09 - 2014-02-11 20:09 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ggsemc_01009.Wdf
2014-02-11 20:09 - 2014-02-11 20:09 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_ggflt_01009.Wdf
2014-02-11 19:42 - 2014-02-11 19:42 - 00000000 ____D () C:\ProgramData\Sony Mobile
2014-02-11 19:42 - 2014-02-11 19:42 - 00000000 ____D () C:\Program Files\Sony Mobile
2014-02-11 19:40 - 2012-05-24 20:42 - 00000000 ____D () C:\ProgramData\Sony Ericsson
2014-02-11 19:40 - 2012-05-24 20:42 - 00000000 ____D () C:\Program Files\Sony Ericsson
2014-02-11 19:38 - 2014-02-11 19:38 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_wpdcomp_01_09_00.Wdf
2014-02-11 19:37 - 2013-12-18 21:08 - 00001127 _____ () C:\Users\Public\Desktop\SpeedUpMyPC.lnk
2014-02-06 11:38 - 2014-02-14 23:49 - 17103872 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-06 11:20 - 2014-02-14 23:49 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-06 11:19 - 2014-02-14 23:49 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-02-06 11:01 - 2014-02-14 23:49 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-02-06 11:00 - 2014-02-14 23:49 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-02-06 10:57 - 2014-02-14 23:49 - 02168320 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-06 10:52 - 2014-02-14 23:49 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-06 10:52 - 2014-02-14 23:49 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-02-06 10:49 - 2014-02-14 23:49 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-06 10:47 - 2014-02-14 23:49 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-02-06 10:47 - 2014-02-14 23:49 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-02-06 10:46 - 2014-02-14 23:49 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-02-06 10:34 - 2014-02-14 23:49 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-06 10:25 - 2014-02-14 23:49 - 04244480 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-06 10:25 - 2014-02-14 23:49 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-02-06 10:13 - 2014-02-14 23:49 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-06 10:09 - 2014-02-14 23:49 - 01964032 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-02-06 10:03 - 2014-02-14 23:49 - 11266048 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-06 09:41 - 2014-02-14 23:49 - 01820160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-06 09:36 - 2014-02-14 23:49 - 01156096 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-06 09:34 - 2014-02-14 23:49 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
Some content of TEMP:
====================
C:\Users\Joe\AppData\Local\Temp\311ec2fa-7fc9-43ba-8aa3-65ba182637a4.exe
C:\Users\Joe\AppData\Local\Temp\BackupSetup.exe
C:\Users\Joe\AppData\Local\Temp\ose00000.exe
C:\Users\Joe\AppData\Local\Temp\vlc-2.1.3-win32.exe
C:\Users\Joe\AppData\Local\Temp\_is24E9.exe
C:\Users\Ramona\AppData\Local\Temp\NeroSearchTrayHook_{CE803B91-801F-4A49-A3DE-2471BB678FBB}.dll
C:\Users\Ramona\AppData\Local\Temp\SecurityScan_Release.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-03-06 00:48
==================== End Of Log ============================ 2. Addition.txt: Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 05-03-2014 02
Ran by Joe at 2014-03-07 08:41:49
Running from C:\Users\Joe\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Ad-Aware Antivirus (Disabled - Out of date) {D87B6541-12A1-DAEA-0033-9B8057AAB996}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Ad-Aware Antivirus (Disabled - Out of date) {631A84A5-349B-D564-3A83-A0F22C2DF32B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: Ad-Aware Firewall (Disabled) {E040E464-58CE-DBB2-2B6C-32B5A979FEED}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
==================== Installed Programs ======================
Update for Microsoft Office 2007 (KB2508958) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version: - Microsoft)
Activision(R) (Version: 1.00.0000 - Activision) Hidden
Ad-Aware Antivirus (HKLM\...\{17E73768-9F21-4334-ABE6-CD131031564C}_AdAwareUpdater) (Version: 11.1.5354.0 - Lavasoft)
Ad-Aware Security Add-on (HKLM\...\adawaretb) (Version: 3.8.0.2 - Lavasoft)
AdAwareInstaller (Version: 11.1.5354.0 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.1.5354.0 - Lavasoft) Hidden
Adobe Flash Player 12 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 12.0.0.70 - Adobe Systems Incorporated)
Adobe Reader X (10.1.8) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.8 - Adobe Systems Incorporated)
AirPlus G (HKLM\...\{2B7E4354-0492-460A-BDB1-1F59EE141025}) (Version: 1.0.24 - D-Link)
AirPlus G DWL-G510 (HKLM\...\{8B128562-681D-4FFA-BEBF-A825985B2CB9}) (Version: 1.0.24 - D-Link)
AntimalwareEngine (Version: 2.6.0.0 - Lavasoft) Hidden
Apple Application Support (HKLM\...\{F5266D28-E0B2-4130-BFC5-EE155AD514DC}) (Version: 2.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{8F1ADE4D-EFAC-4F5A-B346-23C2687FAF50}) (Version: 5.2.0.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
avast! Premier (HKLM\...\avast) (Version: 9.0.2013 - Avast Software)
AVS Media Player 4.1.10.97 (HKLM\...\AVS Media Player_is1) (Version: - Online Media Technologies Ltd.)
AVS Update Manager 1.0 (HKLM\...\AVS Update Manager_is1) (Version: - Online Media Technologies Ltd.)
AVS Video Converter 8 (HKLM\...\AVS4YOU Video Converter 7_is1) (Version: - Online Media Technologies Ltd.)
AVS4YOU Software Navigator 1.4 (HKLM\...\AVS4YOU Software Navigator_is1) (Version: - Online Media Technologies Ltd.)
Babylon toolbar on IE (HKLM\...\BabylonToolbar) (Version: - ) <==== ATTENTION
Complitly (HKLM\...\{4FFBB818-B13C-11E0-931D-B2664824019B}_is1) (Version: - Complitly) <==== ATTENTION
CyberLink PowerDVD 13 (HKLM\...\InstallShield_{3CFDF154-7E60-4E98-A8DF-C693A4F8E6B6}) (Version: 13.0.2720.57 - CyberLink Corp.)
CyberLink PowerDVD 13 (Version: 13.0.2720.57 - CyberLink Corp.) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.45.2.0287 - DT Soft Ltd)
Die Völker 2 (HKLM\...\Die Völker 2) (Version: - )
Digital Copy (HKLM\...\Digital Copy) (Version: - )
DMUninstaller (HKLM\...\DMUninstaller) (Version: - ) <==== ATTENTION
Epson Easy Photo Print 2 (HKLM\...\{39F58DDB-B2B8-4B86-AF20-4706A80EB30D}) (Version: 2.2.0.0 - SEIKO EPSON CORPORATION)
Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser) (HKLM\...\{B2D55EB8-32C5-4B43-9006-9E97DECBA178}) (Version: 1.00.0000 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM\...\{03B8AA32-F23C-4178-B8E6-09ECD07EAA47}) (Version: 2.40.0001 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON SX420W Series Handbuch (HKLM\...\EPSON SX420W Series Manual) (Version: - )
EPSON SX420W Series Netzwerk-Handbuch (HKLM\...\EPSON SX420W Series Network Guide) (Version: - )
EPSON SX420W Series Printer Uninstall (HKLM\...\EPSON SX420W Series) (Version: - SEIKO EPSON Corporation)
EpsonNet Print (HKLM\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.4i - SEIKO EPSON CORPORATION)
EpsonNet Setup 3.2 (HKLM\...\{C9D8A041-2963-4B31-8FFC-1500F3DB9293}) (Version: 3.2a - SEIKO EPSON CORPORATION)
fiv en (HKLM\...\fiv en) (Version: 1.34.3.2 - feven)
Google Chrome (HKLM\...\Google Chrome) (Version: 33.0.1750.146 - Google Inc.)
Google Update Helper (Version: 1.3.22.5 - Google Inc.) Hidden
Ice Age(TM) 4 - Voll Verschoben! Die arktischen Spiele demo (HKLM\...\InstallShield_{F7A7D9B3-A142-4957-AC8E-530D1DE1A91A}) (Version: 1.00.0000 - Activision)
Java 7 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JavaFX 2.1.0 (HKLM\...\{1111706F-666A-4037-7777-210328764D10}) (Version: 2.1.0 - Oracle Corporation)
KaM - The Peasants Rebellion (HKLM\...\KaM - The Peasants Rebellion) (Version: - )
LEGO Digital Designer (HKLM\...\New LEGO Digital Designer) (Version: - LEGO A/S)
LightScribe 1.4.136.1 (Version: 1.4.136.1 - hxxp://www.lightscribe.com) Hidden
maxdome Download Manager 4.1.300.78 (HKLM\...\{E948B551-08DB-4163-8995-8C43B03D1B19}) (Version: 4.1.30078 - Prosieben)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)
media enhance (HKLM\...\media enhance) (Version: 1.34.3.2 - feven)
Media Go (HKLM\...\{DBF1AE39-DA30-4B89-A7EB-3BDA675C5D9E}) (Version: 2.1.392 - Sony)
Media Go Video Playback Engine 1.88.114.12060 (HKLM\...\{7FA1DAFD-AF55-E915-FD92-F269443A2ADF}) (Version: 1.88.114.12060 - Sony)
Mein Verein (HKLM\...\{9ACE3A18-EE13-4012-989C-2BCDC95BA6B9}_is1) (Version: 13.0 - Buhl Data Service GmbH)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Corporation (Version: 9.1.0.0 - Microsoft Corporation) Hidden
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0 - Microsoft Corporation) Hidden
Microsoft IntelliType Pro 8.2 (HKLM\...\Microsoft IntelliType Pro 8.2) (Version: 8.20.469.0 - Microsoft Corporation)
Microsoft IntelliType Pro 8.2 (Version: 8.20.469.0 - Microsoft Corporation) Hidden
Microsoft LifeCam (HKLM\...\{BD71B413-9FEE-49BB-A6D1-2C0BFB99BDFE}) (Version: 3.60.253.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - KB2467175 (HKLM\...\{a0fe116e-9a8a-466f-aee0-625cb7c207e3}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 26.0 (x86 de) (HKLM\...\Mozilla Firefox 26.0 (x86 de)) (Version: 26.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 26.0 - Mozilla)
MyPC Backup (HKLM\...\MyPC Backup) (Version: - JDi Backup Ltd) <==== ATTENTION
Nero 7 Essentials (HKLM\...\{B28B351F-1232-46EA-85EF-B8EA91641031}) (Version: 7.02.5017 - Nero AG)
NewPlayer (HKLM\...\NewPlayer) (Version: v2.1.1.1 - TUGUU SL) <==== ATTENTION
NVIDIA 3D Vision Treiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Grafiktreiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.108.688 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.1106 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 311.06 (Version: 311.06 - NVIDIA Corporation) Hidden
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden
Optimizer Pro v3.2 (HKLM\...\Optimizer Pro_is1) (Version: - ) <==== ATTENTION
PlayStation(R)Network Downloader (HKLM\...\{B6659DD8-00A7-4A24-BBFB-C1F6982E5D66}) (Version: 2.07.00849 - Sony Computer Entertainment Inc.)
PlayStation(R)Store (HKLM\...\{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}) (Version: 4.7.14.14146 - Sony Computer Entertainment Inc.)
Plus-HD-1.3 (HKLM\...\Plus-HD-1.3) (Version: 1.31.153.4 - Plus HD) <==== ATTENTION
QuickTime (HKLM\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Siggi Blitz Vorschule 1 (HKLM\...\Siggi Blitz Vorschule 1_is1) (Version: - Paletti)
Siggi Blitz Vorschule 2 (HKLM\...\Siggi Blitz Vorschule 2_is1) (Version: - Paletti)
Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Sony Mobile Update Engine (HKLM\...\Update Engine) (Version: 2.14.2.201402071544 - Sony Mobile Communications AB)
Sony PC Companion 2.10.188 (HKLM\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.188 - Sony)
SpeedUpMyPC (HKLM\...\{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1) (Version: 6.0.1.1 - Uniblue Systems Limited)
thriXXX 3DSexVilla2-058.002 (HKLM\...\3DSexVilla2-058.002) (Version: - )
thriXXX WebLaunch (HKLM\...\thriXXX WebLaunch) (Version: 1.0 - thriXXX)
Uncompressor (HKCU\...\Uncompressor) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2850085) 32-Bit Edition (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{128A5449-CF71-4DA4-A746-F49E3B5DB584}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Win7codecs (HKLM\...\{8C0CAA7A-3272-4991-A808-2C7559DE3409}) (Version: 3.4.1 - Shark007)
Windows Mobile-Gerätecenter (HKLM\...\{904CCF62-818D-4675-BC76-D37EB399F917}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows-Treiberpaket - PEGATRON GROUP (NxpCap) MEDIA (05/20/2009 1.0.5.61) (HKLM\...\396C64E93A7F64C27F3C8716550E5D3548CD9581) (Version: 05/20/2009 1.0.5.61 - PEGATRON GROUP)
WinRAR 4.11 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
WISO Steuer-Sparbuch 2013 (HKLM\...\{D6CC2FAF-F827-4091-96A1-D32CC9B69C79}) (Version: 20.00.8137 - Buhl Data Service GmbH)
WPM17.8.0.3159 (HKLM\...\WPM) (Version: 17.8.0.3159 - Cherished Technololgy LIMITED) <==== ATTENTION
==================== Restore Points =========================
14-02-2014 19:48:17 Sony PC Companion
14-02-2014 19:52:05 Windows Update
14-02-2014 22:40:47 Windows Update
24-02-2014 21:46:00 Windows Update
27-02-2014 22:43:25 Windows Update
05-03-2014 19:02:35 Windows Update
05-03-2014 19:06:24 Windows-Sicherung
06-03-2014 02:00:10 Windows Update
==================== Hosts content: ==========================
2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {056B47BF-C211-4F02-A381-92414140F9D7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-01-30] (Google Inc.)
Task: {06FE2E08-25E4-48A9-ABE9-C8D756450199} - System32\Tasks\Express Files Updater => C:\Program Files\ExpressFiles\EFupdater.exe <==== ATTENTION
Task: {08514B7D-388C-4578-9EA1-403CDCC2D624} - System32\Tasks\Plus-HD-1.3-updater => C:\Program Files\Plus-HD-1.3\Plus-HD-1.3-updater.exe [2013-12-18] (Plus HD) <==== ATTENTION
Task: {0E980EB1-6EC8-4FD5-B339-4B0CEB0FFE14} - System32\Tasks\fiv en-codedownloader => C:\Program Files\fiv en\fiv en-codedownloader.exe [2014-03-05] (feven)
Task: {0F6377F0-9497-4678-BD03-B452410FAE72} - System32\Tasks\SpeedUpMyPC Startup => C:\Program Files\Uniblue\SpeedUpMyPC\speedupmypc.exe [2014-01-28] (Uniblue Systems Limited)
Task: {1B73D7E5-ECFD-40B8-B3A3-E5A32255A542} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => C:\Program Files\Microsoft IntelliType Pro\IType.exe [2011-08-10] (Microsoft Corporation)
Task: {1C553C59-65B5-4D8E-8FCB-60F4C142994F} - System32\Tasks\media enhance-firefoxinstaller => C:\Program Files\media enhance\media enhance-firefoxinstaller.exe [2014-03-05] (feven)
Task: {1E065A45-2729-46D7-9AAE-CAED57192B18} - System32\Tasks\fiv en-enabler => C:\Program Files\fiv en\fiv en-enabler.exe [2014-03-05] (feven) <==== ATTENTION
Task: {219E735B-8272-4492-9EE2-F4002DF191E8} - System32\Tasks\Plus-HD-1.3-firefoxinstaller => C:\Program Files\Plus-HD-1.3\Plus-HD-1.3-firefoxinstaller.exe [2013-12-18] (Plus HD) <==== ATTENTION
Task: {2C43239D-9CFE-47BD-BF51-360671A921F3} - System32\Tasks\fiv en-updater => C:\Program Files\fiv en\fiv en-updater.exe [2014-03-05] (feven)
Task: {30653021-0688-42FA-A8A8-CF4F741996EE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-25] (Adobe Systems Incorporated)
Task: {39197C86-7BBA-4F8A-B0F6-F5EA808912C0} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {4B83BF9C-6318-4F05-9CC6-FB28AC558FAB} - System32\Tasks\fiv en-firefoxinstaller => C:\Program Files\fiv en\fiv en-firefoxinstaller.exe [2014-03-05] (feven)
Task: {52C7C692-DE5E-4766-A5A6-F3E1F1639710} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {6732682E-7E8F-46F8-ADC9-8975BEED82E6} - System32\Tasks\Plus-HD-1.3-codedownloader => C:\Program Files\Plus-HD-1.3\Plus-HD-1.3-codedownloader.exe [2013-12-18] (Plus HD) <==== ATTENTION
Task: {6EAC7038-E748-4CC7-A333-38A5EFA149C4} - System32\Tasks\media enhance-enabler => C:\Program Files\media enhance\media enhance-enabler.exe [2014-03-05] (feven) <==== ATTENTION
Task: {7713ACD0-B8E7-46BA-A424-0D96C1C9B555} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-01-30] (AVAST Software)
Task: {816913F9-979D-4807-96DE-B4C2CC55639C} - System32\Tasks\media enhance-updater => C:\Program Files\media enhance\media enhance-updater.exe [2014-03-05] (feven)
Task: {8B8477A6-C441-4CCE-9042-2448B5B8373B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {A222EB21-405C-4382-90A0-611DE91BA490} - System32\Tasks\Plus-HD-1.3-chromeinstaller => C:\Program Files\Plus-HD-1.3\Plus-HD-1.3-chromeinstaller.exe [2013-12-18] (Plus HD) <==== ATTENTION
Task: {A2375C80-77ED-4CA6-91C2-E22D605BD34A} - System32\Tasks\{307403A8-1847-4F45-83D8-3E1D9A2BB349} => C:\Program Files\JoWooD\DieVölker2\bin\Game.exe [2001-09-25] (JoWooD AG)
Task: {A93AA056-51D2-44AE-8C91-47C6D1C0CBEA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-01-30] (Google Inc.)
Task: {D0AB3C9D-23EC-457A-A6F6-BD71227EB520} - System32\Tasks\media enhance-chromeinstaller => C:\Program Files\media enhance\media enhance-chromeinstaller.exe [2014-03-05] (feven)
Task: {D97E8B21-D9F8-4A9A-9244-F1F7169507CA} - System32\Tasks\SpeedUpMyPC Maintenance => C:\Program Files\Uniblue\SpeedUpMyPC\speedupmypc.exe [2014-01-28] (Uniblue Systems Limited)
Task: {DCFBA19F-E5E9-4234-BED8-BA873EAC9B24} - System32\Tasks\Plus-HD-1.3-enabler => C:\Program Files\Plus-HD-1.3\Plus-HD-1.3-enabler.exe [2013-12-18] (Plus HD) <==== ATTENTION
Task: {EC1EED2C-1106-49FD-9DB4-98253D98F037} - System32\Tasks\media enhance-codedownloader => C:\Program Files\media enhance\media enhance-codedownloader.exe [2014-03-05] (feven)
Task: {FA62798A-22B7-40C2-B929-3043069C78C1} - System32\Tasks\fiv en-chromeinstaller => C:\Program Files\fiv en\fiv en-chromeinstaller.exe [2014-03-05] (feven)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\fiv en-chromeinstaller.job => C:\Program Files\fiv en\fiv en-chromeinstaller.exe
Task: C:\Windows\Tasks\fiv en-codedownloader.job => C:\Program Files\fiv en\fiv en-codedownloader.exe
Task: C:\Windows\Tasks\fiv en-enabler.job => C:\Program Files\fiv en\fiv en-enabler.exe <==== ATTENTION
Task: C:\Windows\Tasks\fiv en-firefoxinstaller.job => C:\Program Files\fiv en\fiv en-firefoxinstaller.exe
Task: C:\Windows\Tasks\fiv en-updater.job => C:\Program Files\fiv en\fiv en-updater.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\media enhance-chromeinstaller.job => C:\Program Files\media enhance\media enhance-chromeinstaller.exe
Task: C:\Windows\Tasks\media enhance-codedownloader.job => C:\Program Files\media enhance\media enhance-codedownloader.exe
Task: C:\Windows\Tasks\media enhance-enabler.job => C:\Program Files\media enhance\media enhance-enabler.exe <==== ATTENTION
Task: C:\Windows\Tasks\media enhance-firefoxinstaller.job => C:\Program Files\media enhance\media enhance-firefoxinstaller.exe
Task: C:\Windows\Tasks\media enhance-updater.job => C:\Program Files\media enhance\media enhance-updater.exe
Task: C:\Windows\Tasks\Plus-HD-1.3-chromeinstaller.job => C:\Program Files\Plus-HD-1.3\Plus-HD-1.3-chromeinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-1.3-codedownloader.job => C:\Program Files\Plus-HD-1.3\Plus-HD-1.3-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-1.3-enabler.job => C:\Program Files\Plus-HD-1.3\Plus-HD-1.3-enabler.exe <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-1.3-firefoxinstaller.job => C:\Program Files\Plus-HD-1.3\Plus-HD-1.3-firefoxinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-1.3-updater.job => C:\Program Files\Plus-HD-1.3\Plus-HD-1.3-updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\SpeedUpMyPC Maintenance.job => C:\Program Files\Uniblue\SpeedUpMyPC\speedupmypc.exe
Task: C:\Windows\Tasks\SpeedUpMyPC Startup.job => C:\Program Files\Uniblue\SpeedUpMyPC\speedupmypc.exe
==================== Loaded Modules (whitelisted) =============
2014-03-05 19:57 - 2014-03-05 17:31 - 02186752 _____ () C:\Program Files\AVAST Software\Avast\defs\14030500\algo.dll
2014-03-06 20:17 - 2014-03-06 18:04 - 02186752 _____ () C:\Program Files\AVAST Software\Avast\defs\14030601\algo.dll
2011-09-27 07:23 - 2011-09-27 07:23 - 00087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2011-09-27 07:22 - 2011-09-27 07:22 - 01242472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-03-05 22:50 - 2014-03-05 22:50 - 02961368 _____ () C:\Program Files\Optimizer Pro\OptProCrash.dll
2014-03-05 22:50 - 2014-03-05 22:50 - 00186496 _____ () C:\Program Files\Optimizer Pro\OptProCrashSvc.dll
2014-01-23 16:26 - 2014-01-23 16:26 - 00651232 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe
2014-01-23 16:33 - 2014-01-23 16:33 - 00087928 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_thread-vc100-mt-1_55.dll
2014-01-23 16:33 - 2014-01-23 16:33 - 00022392 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_system-vc100-mt-1_55.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00030072 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_chrono-vc100-mt-1_55.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00048512 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_date_time-vc100-mt-1_55.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00107904 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_filesystem-vc100-mt-1_55.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 03053416 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareServiceKernel.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00541008 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\SQLite.dll
2014-01-23 16:33 - 2014-01-23 16:33 - 00131920 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\pugixml.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 01928008 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\RCF.dll
2014-01-23 16:33 - 2014-01-23 16:33 - 00638328 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_regex-vc100-mt-1_55.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00477544 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareActivation.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00244088 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareApplicationUpdater.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00119656 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareGamingMode.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00087384 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareReset.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00105304 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTime.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00228728 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareDefinitionsUpdater.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00170376 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareDefinitionsUpdaterScheduler.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00342376 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareIgnoreList.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00210280 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareQuarantine.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00244592 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareAntiMalwareEngine.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00174960 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareAntiRootkitEngine.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00367472 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareScannerHistory.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00502112 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareScanner.dll
2014-01-23 16:33 - 2014-01-23 16:33 - 00030584 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_timer-vc100-mt-1_55.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00268656 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareScannerScheduler.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00274808 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareRealTimeProtection.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00190824 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareIncompatibles.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00181600 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareAntiSpam.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00105320 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareAntiPhishing.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00472944 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareParentalControl.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 01858408 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareWebProtection.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00223088 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareEmailProtection.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00513392 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareNetworkProtection.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00422752 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareInstaller.dll
2014-01-23 16:33 - 2014-01-23 16:33 - 00148808 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\zlib.dll
2014-01-23 16:33 - 2014-01-23 16:33 - 00122704 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\libssh2.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00298840 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwarePromo.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00241504 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareFeedback.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00123744 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\SecurityCenter.dll
2013-07-17 17:10 - 2013-07-17 17:10 - 00565640 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\2.6.0.0\BDSmartDB.dll
2014-02-25 16:00 - 2014-02-25 16:00 - 00011776 _____ () C:\Program Files\NewPlayer\NewPlayerUpdaterService.exe
2009-05-01 16:58 - 2009-05-01 16:58 - 01057512 _____ () C:\Program Files\maxdome\DCBin\PocoFoundation.dll
2009-05-01 16:58 - 2009-05-01 16:58 - 00627944 _____ () C:\Program Files\maxdome\DCBin\PocoNet.dll
2009-05-01 16:58 - 2009-05-01 16:58 - 00514352 _____ () C:\Program Files\maxdome\DCBin\sqlite3.dll
2009-05-01 16:58 - 2009-05-01 16:58 - 00517352 _____ () C:\Program Files\maxdome\DCBin\PocoXML.dll
2012-11-18 03:02 - 2013-01-18 15:20 - 00079648 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 02084720 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareShellExtension.dll
2012-03-07 23:22 - 2012-02-17 20:55 - 00166912 _____ () C:\Program Files\WinRAR\rarext.dll
2013-12-18 21:08 - 2014-01-28 16:34 - 26034688 _____ () C:\Program Files\Uniblue\SpeedUpMyPC\libcef.dll
2013-12-14 09:26 - 2013-12-14 09:26 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 03643224 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTray.exe
2014-01-23 16:33 - 2014-01-23 16:33 - 00405880 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\boost_locale-vc100-mt-1_55.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00308064 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\HtmlFramework.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00056664 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\DllStorage.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00789360 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTrayDefaultSkin.dll
2014-01-23 16:32 - 2014-01-23 16:32 - 00118104 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\Localization.dll
2012-05-24 20:40 - 2012-04-30 10:57 - 00039936 _____ () C:\Program Files\Sony\Sony PC Companion\TMonitorAPI.dll
2012-05-24 20:40 - 2013-09-13 10:02 - 00208896 _____ () C:\Program Files\Sony\Sony PC Companion\MExplorer.dll
2011-07-07 14:54 - 2011-07-07 14:54 - 00233984 _____ () C:\Program Files\Sony\Sony PC Companion\Report.dll
2013-05-08 18:31 - 2013-05-20 11:58 - 00620718 _____ () C:\Program Files\Sony\Sony PC Companion\sqlite3.dll
2012-05-24 20:40 - 2010-01-11 15:44 - 00053248 _____ () C:\Program Files\Sony\Sony PC Companion\VObject.dll
2014-01-03 10:38 - 2014-01-03 10:38 - 00571392 _____ () C:\Program Files\Sony\Sony PC Companion\PhoneUpdate.dll
2012-05-24 20:40 - 2013-10-31 11:35 - 00070880 _____ () C:\Program Files\Sony\Sony PC Companion\PCCompanionInfo.exe
2009-05-01 16:57 - 2009-05-01 16:57 - 00088808 _____ () C:\Program Files\maxdome\DCBin\DCTrayApp.exe
2013-04-28 15:38 - 2013-04-11 10:38 - 01393744 _____ () C:\Program Files\WISO\Steuersoftware 2013\mshaktuell.exe
2013-04-28 15:35 - 2013-04-11 10:38 - 08925264 _____ () C:\Program Files\WISO\Steuersoftware 2013\wgui13.dll
2013-04-28 15:35 - 2013-04-11 10:38 - 00028672 _____ () C:\Program Files\WISO\Steuersoftware 2013\rsdcom48.dll
2013-04-28 15:35 - 2013-04-11 10:38 - 00308816 _____ () C:\Program Files\WISO\Steuersoftware 2013\rscorewinapi48.dll
2013-04-28 15:35 - 2013-04-11 10:38 - 00321104 _____ () C:\Program Files\WISO\Steuersoftware 2013\rsguiwinapi48.dll
2013-04-28 15:35 - 2013-04-11 10:39 - 03001424 _____ () C:\Program Files\WISO\Steuersoftware 2013\wcore13.dll
2013-04-28 15:35 - 2013-04-11 10:38 - 00136272 _____ () C:\Program Files\WISO\Steuersoftware 2013\rsodbc48.dll
2013-04-28 15:35 - 2013-04-11 10:38 - 02173520 _____ () C:\Program Files\WISO\Steuersoftware 2013\wfvie13.dll
2013-04-28 15:35 - 2013-04-11 10:38 - 01607248 _____ () C:\Program Files\WISO\Steuersoftware 2013\wsteu13.dll
2013-04-28 15:35 - 2013-04-11 10:38 - 01724496 _____ () C:\Program Files\WISO\Steuersoftware 2013\wreli13.dll
2013-04-28 15:35 - 2013-04-11 10:38 - 04158544 _____ () C:\Program Files\WISO\Steuersoftware 2013\wauff13.dll
2013-01-17 13:30 - 2013-03-15 15:09 - 01041408 _____ () C:\Program Files\WISO\Steuersoftware 2013\clucene-core.dll
2013-01-17 13:30 - 2013-02-12 11:03 - 00094208 _____ () C:\Program Files\WISO\Steuersoftware 2013\clucene-shared.dll
2013-01-17 13:30 - 2013-02-12 11:03 - 00251392 _____ () C:\Program Files\WISO\Steuersoftware 2013\clucene-contribs-lib.dll
2013-04-28 15:35 - 2013-04-11 10:38 - 01493584 _____ () C:\Program Files\WISO\Steuersoftware 2013\wmain13.dll
2013-04-28 15:35 - 2013-04-11 10:38 - 04947536 _____ () C:\Program Files\WISO\Steuersoftware 2013\wbae113.dll
2013-04-28 15:35 - 2013-04-11 10:38 - 01368144 _____ () C:\Program Files\WISO\Steuersoftware 2013\wbae213.dll
2013-04-28 15:35 - 2013-04-11 10:38 - 01748048 _____ () C:\Program Files\WISO\Steuersoftware 2013\wbae313.dll
2013-04-28 15:35 - 2013-04-11 10:38 - 01560656 _____ () C:\Program Files\WISO\Steuersoftware 2013\wbae413.dll
2013-04-28 15:35 - 2013-04-11 10:38 - 01145936 _____ () C:\Program Files\WISO\Steuersoftware 2013\whau113.dll
2013-04-28 15:35 - 2013-04-11 10:38 - 01216080 _____ () C:\Program Files\WISO\Steuersoftware 2013\whau213.dll
2013-04-28 15:35 - 2013-04-11 10:38 - 01305680 _____ () C:\Program Files\WISO\Steuersoftware 2013\wwerb13.dll
2013-04-28 15:35 - 2013-04-11 10:38 - 06761552 _____ () C:\Program Files\WISO\Steuersoftware 2013\wkont13.dll
2013-04-28 15:35 - 2013-04-11 10:38 - 01245184 _____ () C:\Program Files\WISO\Steuersoftware 2013\wimp13.dll
2013-04-28 15:35 - 2013-04-11 10:38 - 01313872 _____ () C:\Program Files\WISO\Steuersoftware 2013\wfabu13.dll
2014-02-18 14:38 - 2014-02-18 14:38 - 00012288 _____ () C:\Program Files\MyPC Backup\GetText.dll
2014-02-18 14:32 - 2014-02-18 14:32 - 00904704 _____ () C:\Program Files\MyPC Backup\x86\System.Data.SQLite.dll
2013-07-10 17:07 - 2013-07-10 17:07 - 00756888 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
2014-03-05 23:43 - 2014-03-05 23:43 - 00050477 _____ () C:\Users\Joe\Desktop\Defogger.exe
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
MSCONFIG\startupreg: 20131121 => C:\Program Files\AVAST Software\Avast\setup\emupdate\6ea4b844-2dcc-497f-8461-22adc7de73c7.exe /check
MSCONFIG\startupreg: EEventManager => "C:\Program Files\Epson Software\Event Manager\EEventManager.exe"
MSCONFIG\startupreg: Epson Stylus SX420W(Netzwerk) => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIGCE.EXE /FU "C:\Windows\TEMP\E_S4516.tmp" /EF "HKCU"
MSCONFIG\startupreg: IntelliPoint => "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
MSCONFIG\startupreg: ISUSPM Startup => C:\PROGRA~2\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
MSCONFIG\startupreg: ISUSScheduler => "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
MSCONFIG\startupreg: itype => "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
MSCONFIG\startupreg: LifeCam => "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
==================== Faulty Device Manager Devices =============
Name: D-Link AirPlus G DWL-G510 Wireless PCI Adapter(rev.C)
Description: D-Link AirPlus G DWL-G510 Wireless PCI Adapter(rev.C)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: D-Link Corporation
Service: RT61
Problem: : This device cannot find enough free resources that it can use. If you want to use this device, you will need to disable one of the other devices on this system. (Code12)
Resolution: Two devices have been assigned the same input/output (I/O) ports, the same interrupt, or the same Direct Memory Access channel (either by the BIOS, the operating system, or a combination of the two). This error message can also appear if the BIOS did not allocate enough resources to the device (for example, if a universal serial bus (USB) controller does not get an interrupt from the BIOS because of a corrupt Multiprocessor System (MPS) table).
You can use Device Manager to determine where the conflict is and disable the conflicting device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (03/06/2014 07:14:51 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (03/06/2014 00:50:58 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (03/05/2014 11:03:52 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: iexplore.exe, Version: 11.0.9600.16518, Zeitstempel: 0x52f347b2
Name des fehlerhaften Moduls: Plus-HD-1.3-bho.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x52a4a373
Ausnahmecode: 0xc0000005
Fehleroffset: 0x02d58f18
ID des fehlerhaften Prozesses: 0x15d0
Startzeit der fehlerhaften Anwendung: 0xiexplore.exe0
Pfad der fehlerhaften Anwendung: iexplore.exe1
Pfad des fehlerhaften Moduls: iexplore.exe2
Berichtskennung: iexplore.exe3
Error: (03/05/2014 11:03:27 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: wmpnetwk.exe, Version: 12.0.7601.17514, Zeitstempel: 0x4ce7a4a7
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb10c6
Ausnahmecode: 0x0000046b
Fehleroffset: 0x0000812f
ID des fehlerhaften Prozesses: 0x12b8
Startzeit der fehlerhaften Anwendung: 0xwmpnetwk.exe0
Pfad der fehlerhaften Anwendung: wmpnetwk.exe1
Pfad des fehlerhaften Moduls: wmpnetwk.exe2
Berichtskennung: wmpnetwk.exe3
Error: (03/05/2014 07:57:49 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/27/2014 08:23:07 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/15/2014 08:19:08 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (02/15/2014 05:46:41 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/14/2014 08:44:36 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (02/12/2014 11:04:13 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
System errors:
=============
Error: (03/06/2014 09:14:06 PM) (Source: Microsoft-Windows-HAL) (User: )
Description: Der Speicher wurde beim letzten Leistungsübergang des Systems von der Plattformfirmware beschädigt. Überprüfen Sie, ob für Ihr System aktualisierte Firmware verfügbar ist.
Error: (03/06/2014 07:15:49 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (03/06/2014 07:15:49 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (03/06/2014 07:13:39 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Computer Backup (MyPC Backup)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (03/06/2014 07:13:39 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Computer Backup (MyPC Backup) erreicht.
Error: (03/05/2014 11:03:35 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (03/05/2014 08:40:50 PM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "E:" wurden abgebrochen, weil der Schattenkopiespeicher nicht vergrößert werden kann.
Error: (03/05/2014 07:58:26 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (03/05/2014 07:58:26 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (02/27/2014 08:23:47 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2014-02-14 23:40:11.544
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\ProgramData\Ad-Aware Browsing Protection\adawarebp.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-02-14 20:54:51.343
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\ProgramData\Ad-Aware Browsing Protection\adawarebp.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-02-02 00:43:57.427
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\dxgi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-01-26 23:55:30.069
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\dxgi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-01-13 23:05:35.347
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\dxgi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-01-03 22:20:04.950
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\dxgi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-12-28 02:03:53.604
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\dxgi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-12-22 22:34:21.890
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\dxgi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-12-22 22:32:44.190
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\dxgi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2012-12-22 22:32:19.188
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\dxgi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Percentage of memory in use: 43%
Total physical RAM: 3070.55 MB
Available physical RAM: 1744.2 MB
Total Pagefile: 6139.4 MB
Available Pagefile: 4414.89 MB
Total Virtual: 2047.88 MB
Available Virtual: 1901.11 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:195.31 GB) (Free:84.96 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive e: (Daten) (Fixed) (Total:400.85 GB) (Free:68.59 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596 GB) (Disk ID: C46386BA)
Partition: GPT Partition Type.
==================== End Of Log ============================ 3. gmer.log Code:
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-03-07 09:05:21
Windows 6.1.7601 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-3 SAMSUNG_HD642JJ rev.1AA01108 596,17GB
Running: Gmer-19357.exe; Driver: C:\Users\Joe\AppData\Local\Temp\uwldypow.sys
---- System - GMER 2.1 ----
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwAddBootEntry [0x9029DACC]
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwAssignProcessToJobObject [0x9029E5AA]
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwCreateEvent [0x902AA692]
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwCreateEventPair [0x902AA6DE]
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwCreateIoCompletion [0x902AA878]
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwCreateMutant [0x902AA600]
SSDT \??\C:\Windows\system32\drivers\aswSP.sys ZwCreateSection [0x90354426]
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwCreateSemaphore [0x902AA648]
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwCreateThread [0x9029EAE0]
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwCreateThreadEx [0x9029ECFC]
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwCreateTimer [0x902AA832]
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwDebugActiveProcess [0x9029F398]
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwDeleteBootEntry [0x9029DB32]
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwDuplicateObject [0x902A2BE4]
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwLoadDriver [0x9029D71E]
SSDT \??\C:\Windows\system32\drivers\aswSP.sys ZwMapViewOfSection [0x90354506]
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwModifyBootEntry [0x9029DB98]
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwNotifyChangeKey [0x902A2FDA]
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwNotifyChangeMultipleKeys [0x9029FEDE]
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwOpenEvent [0x902AA6BC]
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwOpenEventPair [0x902AA700]
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwOpenIoCompletion [0x902AA89C]
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwOpenMutant [0x902AA626]
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwOpenProcess [0x902A24DE]
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwOpenSection [0x902AA7B0]
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwOpenSemaphore [0x902AA670]
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwOpenThread [0x902A28C6]
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwOpenTimer [0x902AA856]
SSDT \??\C:\Windows\system32\drivers\aswSP.sys ZwProtectVirtualMemory [0x903542AA]
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwQueryObject [0x9029FCF4]
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwQueueApcThreadEx [0x9029FA02]
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwSetBootEntryOrder [0x9029DBFE]
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwSetBootOptions [0x9029DC64]
SSDT \??\C:\Windows\system32\drivers\aswSP.sys ZwSetContextThread [0x90354602]
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwSetSystemInformation [0x9029D7B8]
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwSetSystemPowerState [0x9029D98A]
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwShutdownSystem [0x9029D918]
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwSuspendProcess [0x9029F562]
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwSuspendThread [0x9029F6C4]
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwSystemDebugControl [0x9029DA12]
SSDT \??\C:\Windows\system32\drivers\aswSP.sys ZwTerminateProcess [0x90354378]
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwTerminateThread [0x9029F1F2]
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwVdmControl [0x9029DCCA]
SSDT \??\C:\Windows\system32\drivers\aswSnx.sys ZwWriteVirtualMemory [0x9029E606]
---- Kernel code sections - GMER 2.1 ----
.text ntkrnlpa.exe!ZwRollbackEnlistment + 142D 82C77A15 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82CB1212 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text ntkrnlpa.exe!KeRemoveQueueEx + 10CB 82CB8460 4 Bytes [CC, DA, 29, 90] {INT 3 ; FISUBR DWORD [ECX]; NOP }
.text ntkrnlpa.exe!KeRemoveQueueEx + 1153 82CB84E8 4 Bytes [AA, E5, 29, 90] {STOSB ; IN EAX, 0x29; NOP }
.text ntkrnlpa.exe!KeRemoveQueueEx + 11A7 82CB853C 8 Bytes [92, A6, 2A, 90, DE, A6, 2A, ...] {XCHG EDX, EAX; CMPSB ; SUB DL, [EAX-0x6fd55922]}
.text ntkrnlpa.exe!KeRemoveQueueEx + 11B3 82CB8548 4 Bytes CALL AD73FDCF
.text ntkrnlpa.exe!KeRemoveQueueEx + 11CF 82CB8564 4 Bytes [00, A6, 2A, 90]
.text ...
PAGE ntkrnlpa.exe!ZwReplyWaitReceivePortEx + 108 82E734DF 4 Bytes CALL 902A05C5 \??\C:\Windows\system32\drivers\aswSnx.sys
PAGE ntkrnlpa.exe!ZwAlpcSendWaitReceivePort + 122 82E8D347 4 Bytes CALL 902A05DB \??\C:\Windows\system32\drivers\aswSnx.sys
.text C:\Program Files\CyberLink\PowerDVD13\Common\NavFilter\000.fcl section is writeable [0xA2355000, 0x2ABA, 0xE8000020]
.vmp2 C:\Program Files\CyberLink\PowerDVD13\Common\NavFilter\000.fcl entry point in ".vmp2" section [0xA236AC13]
---- User code sections - GMER 2.1 ----
.text C:\Windows\WindowsMobile\wmdc.exe[164] kernel32.dll!GetBinaryTypeW + 70 771769E4 1 Byte [62]
.text C:\Windows\system32\csrss.exe[408] kernel32.dll!GetBinaryTypeW + 70 771769E4 1 Byte [62]
.text C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe[448] kernel32.dll!GetBinaryTypeW + 70 771769E4 1 Byte [62]
.text C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe[480] kernel32.dll!GetBinaryTypeW + 70 771769E4 1 Byte [62]
.text C:\Windows\system32\wininit.exe[484] kernel32.dll!GetBinaryTypeW + 70 771769E4 1 Byte [62]
.text ...
.text C:\Program Files\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe[2264] kernel32.dll!SetUnhandledExceptionFilter 7715F4EB 5 Bytes JMP 6DE21170 C:\Program Files\CyberLink\PowerDVD13\Common\Boomerang\BoomerangLib.dll
.text C:\Program Files\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe[2264] kernel32.dll!GetBinaryTypeW + 70 771769E4 1 Byte [62]
.text C:\Windows\system32\svchost.exe[2304] kernel32.dll!GetBinaryTypeW + 70 771769E4 1 Byte [62]
.text C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareService.exe[2368] kernel32.dll!GetBinaryTypeW + 70 771769E4 1 Byte [62]
.text C:\Program Files\Common Files\LightScribe\LSSrvc.exe[2424] kernel32.dll!GetBinaryTypeW + 70 771769E4 1 Byte [62]
.text C:\Program Files\Microsoft LifeCam\MSCamS32.exe[2448] kernel32.dll!GetBinaryTypeW + 70 771769E4 1 Byte [62]
.text ...
.text C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe[5240] USER32.dll!RegisterMessagePumpHook + 2F1 76F98B9E 7 Bytes JMP 10053C10 C:\Program Files\Sony\Sony PC Companion\NewUI.dll
.text C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe[5240] USER32.dll!PostMessageW + 43A 76FA48B5 7 Bytes JMP 10053AC0 C:\Program Files\Sony\Sony PC Companion\NewUI.dll
.text C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe[5240] USER32.dll!SetDlgItemTextA + 25 76FB709F 7 Bytes JMP 10053BF0 C:\Program Files\Sony\Sony PC Companion\NewUI.dll
.text C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe[5240] USER32.dll!MessageBoxIndirectA + F5 76FEE95E 7 Bytes JMP 10053C60 C:\Program Files\Sony\Sony PC Companion\NewUI.dll
.text C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe[5240] USER32.dll!MessageBoxIndirectW + 61 76FEE9C4 7 Bytes JMP 10053D30 C:\Program Files\Sony\Sony PC Companion\NewUI.dll
.text C:\Program Files\Sony\Sony PC Companion\PCCompanion.exe[5240] USER32.dll!MessageBoxExA + 1F 76FEE9E8 7 Bytes JMP 10053CE0 C:\Program Files\Sony\Sony PC Companion\NewUI.dll
.text C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5354.0\AdAwareTray.exe[5508] kernel32.dll!GetBinaryTypeW + 70 771769E4 1 Byte [62]
.text C:\Program Files\Optimizer Pro\OptProReminder.exe[5516] kernel32.dll!GetBinaryTypeW + 70 771769E4 1 Byte [62]
.text C:\Program Files\Windows Media Player\wmpnetwk.exe[5760] kernel32.dll!GetBinaryTypeW + 70 771769E4 1 Byte [62]
.text C:\Windows\system32\taskeng.exe[5768] kernel32.dll!GetBinaryTypeW + 70 771769E4 1 Byte [62]
.text C:\Program Files\Optimizer Pro\OptProSmartScan.exe[5880] kernel32.dll!GetBinaryTypeW + 70 771769E4 1 Byte [62]
.text ...
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\000a3a655d63
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\000a3a655d63 (not active ControlSet)
---- EOF - GMER 2.1 ---- Von meinem Virenscaner weis ich nicht wo ich logfiles finde. Ich kann mir nur im Programm selbst das Scanergebnis ansehen.
Ich hoffe ihr könnt mir helfen und findet eine Lösung.:dankeschoen:
LG joeathome |