Trojaner-Board - Blue Screen und pc sehr langsam

Trojaner-Board (https://www.trojaner-board.de/)

- Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)

- - Blue Screen und pc sehr langsam (https://www.trojaner-board.de/155963-blue-screen-pc-sehr-langsam.html)

Blue Screen und pc sehr langsam

Hallo
Ich habe seit einiger Zeit wieder Blue Screen dann fährt der Computer automatisch runter und lädt sich wieder neu. Er braucht sehr lange Zeit um wieder vollständig hoch zu fahren und allgemein öffnen sich alle Programme so wie das Internet sehr mühsam . Das Internet und nicht nur hängen sich auf.Ich bräuchte eure Hilfe.

hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Die Berichte :

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:29-06-2014

Ran by Aga (administrator) on MARCIN-PC on 01-07-2014 21:46:11

Running from C:\Users\Aga\Downloads

Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: Deutsch (Deutschland)

Internet Explorer Version 9

Boot Mode: Normal
 
 

==================== Processes (Whitelisted) =================
 

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe

(SANDBOXIE L.T.D) C:\Program Files\Sandboxie\SbieSvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe

(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe

(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe

() C:\Windows\System32\PnkBstrA.exe

(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe

(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE

(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe

(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe

(Google Inc.) C:\Users\Aga\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\Aga\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\Aga\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\Aga\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\Aga\AppData\Local\Google\Chrome\Application\chrome.exe

(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe

(Google Inc.) C:\Users\Aga\AppData\Local\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Users\Aga\AppData\Local\Google\Chrome\Application\chrome.exe

(Farbar) C:\Users\Aga\Downloads\FRST (1).exe

(Microsoft Corporation) C:\Windows\System32\conime.exe
 
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432 2014-07-01] (AVAST Software)

HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)

HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter

HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter

HKU\S-1-5-21-423745193-3980066226-3922103518-1000\...\Run: [Google Update] => C:\Users\Aga\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-09-15] (Google Inc.)

HKU\S-1-5-21-423745193-3980066226-3922103518-1000\...\MountPoints2: {411a3a26-e479-11e0-97f2-90e6ba694f59} - E:\Autorun.exe

HKU\S-1-5-21-423745193-3980066226-3922103518-1000\...\Winlogon: [Shell] explorer.exe, <==== ATTENTION 

ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)

ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File

ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File

ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File

ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xBF4129600C73CC01

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de

SearchScopes: HKLM - DefaultScope value is missing.

SearchScopes: HKCU - {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p18_serp_ie_de_display?ie=UTF8&tag=bds-p18-serp-de-ie-21&tagbase=bds-p18&tbrId=v1_abb-channel-18_d41eaec6f430451b8967d51d039a34e3_18_38_20121216_DE_ie_ds_OC1&query={searchTerms}

BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)

BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Toolbar: HKLM - No Name - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} -  No File

Toolbar: HKCU - No Name - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} -  No File

Toolbar: HKCU - No Name - {C840E246-6B95-475E-9BD7-CAA1C7ECA9F2} -  No File

Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
 

FireFox:

========

FF ProfilePath: C:\Users\Aga\AppData\Roaming\Mozilla\Firefox\Profiles\nycp6mbp.default

FF NewTab: hxxp://www.google.com/firefox

FF SearchEngineOrder.1: Google

FF SelectedSearchEngine: Google

FF Homepage: https://www.google.de/

FF Keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_125.dll ()

FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1209149.dll (Adobe Systems, Inc.)

FF Plugin: @java.com/DTPlugin,version=10.60.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)

FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File

FF Plugin: @real.com/nppl3260;version=6.0.12.448 - C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.)

FF Plugin: @real.com/nprpjplug;version=6.0.12.448 - C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)

FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin: @videolan.org/vlc,version=2.0.6 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Aga\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Aga\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Aga\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF user.js: detected! => C:\Users\Aga\AppData\Roaming\Mozilla\Firefox\Profiles\nycp6mbp.default\user.js

FF SearchPlugin: C:\Users\Aga\AppData\Roaming\Mozilla\Firefox\Profiles\nycp6mbp.default\searchplugins\amazon-distro.xml

FF SearchPlugin: C:\Users\Aga\AppData\Roaming\Mozilla\Firefox\Profiles\nycp6mbp.default\searchplugins\englische-ergebnisse.xml

FF SearchPlugin: C:\Users\Aga\AppData\Roaming\Mozilla\Firefox\Profiles\nycp6mbp.default\searchplugins\gmx-suche.xml

FF SearchPlugin: C:\Users\Aga\AppData\Roaming\Mozilla\Firefox\Profiles\nycp6mbp.default\searchplugins\lastminute.xml

FF SearchPlugin: C:\Users\Aga\AppData\Roaming\Mozilla\Firefox\Profiles\nycp6mbp.default\searchplugins\webde-suche.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml

FF Extension: FoxyDeal - C:\Users\Aga\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{F58A62EB-38DC-43C4-A539-DC52E135208D} [2013-04-21]

FF Extension: Torntv 2 - C:\Users\Aga\AppData\Roaming\Mozilla\Firefox\Profiles\nycp6mbp.default\Extensions\torntv2@torntv.com.xpi [2013-03-25]

FF Extension: Anti-Banner - C:\Program Files\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak2 [2014-03-12]

FF Extension: Modul zur Link-Untersuchung - C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak2 [2014-03-12]

FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-03-12]

FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension

FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2011-09-19]

FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF

FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-11-26]
 

Chrome: 

=======

CHR StartupUrls: "https://www.google.de/"

CHR Extension: (WOT) - C:\Users\Aga\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2014-07-01]

CHR Extension: (Adblock Plus) - C:\Users\Aga\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-07-01]

CHR Extension: (avast! Online Security) - C:\Users\Aga\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-11-26]

CHR Extension: (Skype Click to Call) - C:\Users\Aga\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-03-12]

CHR Extension: (Google Wallet) - C:\Users\Aga\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-24]

CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-01]

CHR HKLM\...\Chrome\Extension: [leocdeigfnkaojcapikdjcdbedcjmffc] - C:\Users\Aga\AppData\Local\Temp\crx952F.tmp [2014-07-01]

CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-01-17]

CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Users\Aga\AppData\Roaming\DVDVideoSoft\dvsYoutubeDownload.crx [2012-10-12]

CHR StartMenuInternet: Google Chrome - C:\Users\Aga\AppData\Local\Google\Chrome\Application\chrome.exe

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 

========================== Services (Whitelisted) =================
 

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-01] (AVAST Software)

R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)

R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)

R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2013-03-03] ()

R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [85776 2012-12-16] (SANDBOXIE L.T.D)
 

==================== Drivers (Whitelisted) ====================
 

R2 ACEDRV07; C:\Windows\system32\drivers\ACEDRV07.sys [101376 2011-12-11] (Protect Software GmbH) [File not signed]

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-07-01] ()

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-07-01] (AVAST Software)

R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [55112 2014-07-01] (AVAST Software)

R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-07-01] ()

R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [779536 2014-07-01] (AVAST Software)

R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [414392 2014-07-01] (AVAST Software)

R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57800 2014-07-01] (AVAST Software)

R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [192352 2014-07-01] ()

S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)

R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-07-01] (Malwarebytes Corporation)

R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-05-12] (Malwarebytes Corporation)

R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [7680 2006-10-18] ()

R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [157776 2012-12-16] (SANDBOXIE L.T.D)

S3 IpInIp; system32\DRIVERS\ipinip.sys [X]

S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]

S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

S3 XDva397; \??\C:\Windows\system32\XDva397.sys [X]
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2014-07-01 21:46 - 2014-07-01 21:46 - 00016181 _____ () C:\Users\Aga\Downloads\FRST.txt

2014-07-01 21:45 - 2014-07-01 21:46 - 00000000 ____D () C:\FRST

2014-07-01 21:45 - 2014-07-01 21:45 - 01073664 _____ (Farbar) C:\Users\Aga\Downloads\FRST (1).exe

2014-07-01 21:43 - 2014-07-01 21:43 - 01073664 _____ (Farbar) C:\Users\Aga\Downloads\FRST.exe

2014-07-01 18:52 - 2014-07-01 18:52 - 00448512 _____ (OldTimer Tools) C:\Users\Aga\Downloads\TFC.exe

2014-07-01 18:44 - 2014-07-01 18:47 - 00000000 ____D () C:\ProgramData\TEMP

2014-07-01 18:44 - 2014-07-01 18:47 - 00000000 ____D () C:\Program Files\SpywareBlaster

2014-07-01 18:44 - 2014-07-01 18:44 - 00000836 _____ () C:\Users\Public\Desktop\SpywareBlaster.lnk

2014-07-01 18:44 - 2014-07-01 18:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster

2014-07-01 18:44 - 2014-07-01 18:44 - 00000000 ____D () C:\ProgramData\Licenses

2014-07-01 18:43 - 2014-07-01 18:43 - 04095448 _____ (BrightFort LLC ) C:\Users\Aga\Downloads\spywareblastersetup50.exe

2014-07-01 18:39 - 2014-07-01 18:40 - 00895120 _____ (Google Inc.) C:\Users\Aga\Downloads\ChromeSetup.exe

2014-07-01 18:35 - 2014-07-01 18:35 - 01346519 _____ () C:\Users\Aga\Downloads\adwcleaner_3.214.exe

2014-07-01 18:35 - 2014-07-01 18:35 - 01016261 _____ (Thisisu) C:\Users\Aga\Downloads\JRT.exe

2014-07-01 18:28 - 2014-07-01 21:09 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-07-01 18:28 - 2014-07-01 18:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-07-01 18:28 - 2014-07-01 18:28 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware

2014-07-01 18:28 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2014-07-01 18:28 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-07-01 18:25 - 2014-07-01 18:25 - 00000608 _____ () C:\Windows\PFRO.log

2014-07-01 17:55 - 2014-07-01 17:55 - 00023064 _____ () C:\Users\Aga\Documents\cc_20140701_175512.reg

2014-07-01 17:55 - 2014-07-01 17:55 - 00000332 _____ () C:\Users\Aga\Documents\cc_20140701_175529.reg

2014-07-01 17:50 - 2014-07-01 17:50 - 04812672 _____ (Piriform Ltd) C:\Users\Aga\Downloads\ccsetup415.exe

2014-07-01 17:46 - 2014-07-01 17:46 - 00000000 ____D () C:\Users\Aga\AppData\Roaming\DropboxMaster

2014-07-01 17:45 - 2014-07-01 17:45 - 00000000 ____D () C:\Users\Aga\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

2014-07-01 17:45 - 2014-07-01 17:45 - 00000000 ____D () C:\Program Files\Dropbox

2014-07-01 17:43 - 2014-07-01 17:46 - 00000000 ____D () C:\Users\Aga\AppData\Roaming\Dropbox

2014-07-01 17:28 - 2014-07-01 17:28 - 00000000 ____D () C:\ProgramData\Oracle

2014-07-01 17:28 - 2014-07-01 17:28 - 00000000 ____D () C:\Program Files\Common Files\Java

2014-07-01 17:28 - 2014-05-07 14:59 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe

2014-07-01 17:27 - 2014-07-01 17:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2014-07-01 17:27 - 2014-05-07 15:02 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll

2014-07-01 17:27 - 2014-05-07 14:59 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe

2014-07-01 17:27 - 2014-05-07 14:58 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe

2014-07-01 17:23 - 2014-07-01 17:27 - 00004126 _____ () C:\Windows\system32\jupdate-1.7.0_60-b19.log

2014-07-01 17:21 - 2014-07-01 17:21 - 00284288 _____ (Mozilla) C:\Users\Aga\Downloads\Firefox Setup Stub 30.0.exe

2014-07-01 17:19 - 2014-07-01 17:19 - 00918952 _____ (Oracle Corporation) C:\Users\Aga\Downloads\chromeinstall-7u60.exe

2014-07-01 17:16 - 2014-07-01 17:16 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr

2014-07-01 17:16 - 2014-07-01 17:16 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys

2014-07-01 17:08 - 2014-07-01 17:09 - 18732144 _____ (Adobe Systems Inc.) C:\Users\Aga\Downloads\AdobeAIRInstaller (1).exe

2014-07-01 17:07 - 2014-07-01 17:07 - 01179085 _____ () C:\Users\Aga\Downloads\7z934.exe

2014-06-28 20:09 - 2014-04-26 18:01 - 00502784 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll

2014-06-28 20:09 - 2014-04-05 05:23 - 00915392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys

2014-06-28 20:09 - 2014-04-05 03:49 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys

2014-06-28 20:09 - 2014-03-25 15:26 - 11587584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll

2014-06-28 20:09 - 2014-03-10 03:22 - 01401344 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll

2014-06-28 20:09 - 2014-03-10 03:22 - 01248768 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll

2014-06-28 20:08 - 2014-05-28 18:48 - 12356608 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-06-28 20:08 - 2014-05-28 18:39 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-06-28 20:08 - 2014-05-28 18:38 - 09711104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-06-28 20:08 - 2014-05-28 18:33 - 01106432 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-06-28 20:08 - 2014-05-28 18:32 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-06-28 20:08 - 2014-05-28 18:32 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-06-28 20:08 - 2014-05-28 18:31 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll

2014-06-28 20:08 - 2014-05-28 18:31 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-06-28 20:08 - 2014-05-28 18:30 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-06-28 20:08 - 2014-05-28 18:30 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2014-06-28 20:08 - 2014-05-28 18:30 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-06-28 20:08 - 2014-05-28 18:30 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-06-28 20:08 - 2014-05-28 18:30 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-06-28 20:08 - 2014-05-28 18:30 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-06-28 20:08 - 2014-05-28 18:30 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll

2014-06-28 20:08 - 2014-05-28 18:29 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-06-28 20:08 - 2014-05-28 18:29 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-06-28 20:08 - 2014-05-28 18:29 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-06-28 20:08 - 2014-05-28 18:29 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe

2014-06-28 20:08 - 2014-05-28 18:29 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe

2014-06-28 20:08 - 2014-05-28 18:28 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
 

==================== One Month Modified Files and Folders =======
 

2014-07-01 21:46 - 2014-07-01 21:46 - 00016181 _____ () C:\Users\Aga\Downloads\FRST.txt

2014-07-01 21:46 - 2014-07-01 21:45 - 00000000 ____D () C:\FRST

2014-07-01 21:45 - 2014-07-01 21:45 - 01073664 _____ (Farbar) C:\Users\Aga\Downloads\FRST (1).exe

2014-07-01 21:44 - 2006-11-02 14:47 - 00004112 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

2014-07-01 21:44 - 2006-11-02 14:47 - 00004112 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

2014-07-01 21:43 - 2014-07-01 21:43 - 01073664 _____ (Farbar) C:\Users\Aga\Downloads\FRST.exe

2014-07-01 21:16 - 2011-09-15 09:35 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-423745193-3980066226-3922103518-1000UA.job

2014-07-01 21:09 - 2014-07-01 18:28 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-07-01 21:02 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\Microsoft.NET

2014-07-01 20:54 - 2014-03-05 17:11 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-07-01 20:16 - 2011-09-15 09:35 - 00001060 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-423745193-3980066226-3922103518-1000Core.job

2014-07-01 20:00 - 2011-09-15 12:11 - 02069034 _____ () C:\Windows\WindowsUpdate.log

2014-07-01 19:01 - 2011-10-22 11:25 - 00000000 ____D () C:\Users\Aga\Desktop\All

2014-07-01 18:57 - 2011-09-14 17:23 - 00000000 ____D () C:\ProgramData\NVIDIA

2014-07-01 18:57 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-07-01 18:56 - 2013-04-20 21:35 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware

2014-07-01 18:56 - 2006-11-02 15:01 - 00032538 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

2014-07-01 18:52 - 2014-07-01 18:52 - 00448512 _____ (OldTimer Tools) C:\Users\Aga\Downloads\TFC.exe

2014-07-01 18:51 - 2014-03-12 23:58 - 00000000 ____D () C:\Users\Aga\AppData\Roaming\OpenCandy

2014-07-01 18:47 - 2014-07-01 18:44 - 00000000 ____D () C:\ProgramData\TEMP

2014-07-01 18:47 - 2014-07-01 18:44 - 00000000 ____D () C:\Program Files\SpywareBlaster

2014-07-01 18:44 - 2014-07-01 18:44 - 00000836 _____ () C:\Users\Public\Desktop\SpywareBlaster.lnk

2014-07-01 18:44 - 2014-07-01 18:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster

2014-07-01 18:44 - 2014-07-01 18:44 - 00000000 ____D () C:\ProgramData\Licenses

2014-07-01 18:43 - 2014-07-01 18:43 - 04095448 _____ (BrightFort LLC ) C:\Users\Aga\Downloads\spywareblastersetup50.exe

2014-07-01 18:40 - 2014-07-01 18:39 - 00895120 _____ (Google Inc.) C:\Users\Aga\Downloads\ChromeSetup.exe

2014-07-01 18:35 - 2014-07-01 18:35 - 01346519 _____ () C:\Users\Aga\Downloads\adwcleaner_3.214.exe

2014-07-01 18:35 - 2014-07-01 18:35 - 01016261 _____ (Thisisu) C:\Users\Aga\Downloads\JRT.exe

2014-07-01 18:32 - 2008-01-21 09:16 - 01588036 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-07-01 18:28 - 2014-07-01 18:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-07-01 18:28 - 2014-07-01 18:28 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware

2014-07-01 18:28 - 2013-04-23 22:11 - 00000859 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-07-01 18:28 - 2013-04-20 21:35 - 00000000 ____D () C:\Users\Aga\AppData\Roaming\Malwarebytes

2014-07-01 18:28 - 2013-04-20 21:35 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-07-01 18:25 - 2014-07-01 18:25 - 00000608 _____ () C:\Windows\PFRO.log

2014-07-01 17:55 - 2014-07-01 17:55 - 00023064 _____ () C:\Users\Aga\Documents\cc_20140701_175512.reg

2014-07-01 17:55 - 2014-07-01 17:55 - 00000332 _____ () C:\Users\Aga\Documents\cc_20140701_175529.reg

2014-07-01 17:52 - 2011-09-15 10:04 - 00000764 _____ () C:\Users\Public\Desktop\CCleaner.lnk

2014-07-01 17:52 - 2011-09-15 10:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner

2014-07-01 17:52 - 2011-09-15 10:04 - 00000000 ____D () C:\Program Files\CCleaner

2014-07-01 17:50 - 2014-07-01 17:50 - 04812672 _____ (Piriform Ltd) C:\Users\Aga\Downloads\ccsetup415.exe

2014-07-01 17:46 - 2014-07-01 17:46 - 00000000 ____D () C:\Users\Aga\AppData\Roaming\DropboxMaster

2014-07-01 17:46 - 2014-07-01 17:43 - 00000000 ____D () C:\Users\Aga\AppData\Roaming\Dropbox

2014-07-01 17:45 - 2014-07-01 17:45 - 00000000 ____D () C:\Users\Aga\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

2014-07-01 17:45 - 2014-07-01 17:45 - 00000000 ____D () C:\Program Files\Dropbox

2014-07-01 17:33 - 2013-04-21 15:44 - 00002425 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk

2014-07-01 17:28 - 2014-07-01 17:28 - 00000000 ____D () C:\ProgramData\Oracle

2014-07-01 17:28 - 2014-07-01 17:28 - 00000000 ____D () C:\Program Files\Common Files\Java

2014-07-01 17:27 - 2014-07-01 17:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2014-07-01 17:27 - 2014-07-01 17:23 - 00004126 _____ () C:\Windows\system32\jupdate-1.7.0_60-b19.log

2014-07-01 17:27 - 2014-01-19 17:34 - 00000000 ____D () C:\Program Files\Java

2014-07-01 17:23 - 2014-03-12 23:01 - 00000000 ____D () C:\Program Files\Mozilla Firefox

2014-07-01 17:23 - 2013-02-04 19:33 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service

2014-07-01 17:23 - 2011-09-15 09:40 - 00000818 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

2014-07-01 17:23 - 2011-09-15 09:40 - 00000806 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk

2014-07-01 17:21 - 2014-07-01 17:21 - 00284288 _____ (Mozilla) C:\Users\Aga\Downloads\Firefox Setup Stub 30.0.exe

2014-07-01 17:20 - 2014-03-05 17:11 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe

2014-07-01 17:20 - 2014-03-05 17:11 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl

2014-07-01 17:19 - 2014-07-01 17:19 - 00918952 _____ (Oracle Corporation) C:\Users\Aga\Downloads\chromeinstall-7u60.exe

2014-07-01 17:17 - 2013-11-26 17:39 - 00001873 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk

2014-07-01 17:16 - 2014-07-01 17:16 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr

2014-07-01 17:16 - 2014-07-01 17:16 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys

2014-07-01 17:16 - 2013-11-26 17:38 - 00779536 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys

2014-07-01 17:16 - 2013-11-26 17:38 - 00414392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys

2014-07-01 17:16 - 2013-11-26 17:38 - 00276432 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe

2014-07-01 17:16 - 2013-11-26 17:38 - 00192352 _____ () C:\Windows\system32\Drivers\aswVmm.sys

2014-07-01 17:16 - 2013-11-26 17:38 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys

2014-07-01 17:16 - 2013-11-26 17:38 - 00057800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys

2014-07-01 17:16 - 2013-11-26 17:38 - 00055112 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys

2014-07-01 17:16 - 2013-11-26 17:38 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys

2014-07-01 17:12 - 2013-04-21 15:33 - 00000000 ____D () C:\Program Files\Common Files\Adobe AIR

2014-07-01 17:09 - 2014-07-01 17:08 - 18732144 _____ (Adobe Systems Inc.) C:\Users\Aga\Downloads\AdobeAIRInstaller (1).exe

2014-07-01 17:07 - 2014-07-01 17:07 - 01179085 _____ () C:\Users\Aga\Downloads\7z934.exe

2014-06-28 20:26 - 2011-09-15 09:36 - 00002024 _____ () C:\Users\Aga\Desktop\Google Chrome.lnk

2014-06-28 20:09 - 2013-11-26 17:46 - 00000000 ____D () C:\Windows\system32\MRT

2014-06-01 17:18 - 2006-11-02 12:24 - 92708840 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
 

Files to move or delete:

====================

C:\Users\Public\AlexaNSISPlugin.4312.dll
 
 

Some content of TEMP:

====================

C:\Users\Aga\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp2np8gu.dll
 
 

==================== Bamital & volsnap Check =================
 

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\system32\winlogon.exe => File is digitally signed

C:\Windows\system32\wininit.exe => File is digitally signed

C:\Windows\system32\svchost.exe => File is digitally signed

C:\Windows\system32\services.exe => File is digitally signed

C:\Windows\system32\User32.dll => File is digitally signed

C:\Windows\system32\userinit.exe => File is digitally signed

C:\Windows\system32\rpcss.dll => File is digitally signed

C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 

LastRegBack: 2014-07-01 19:03
 

==================== End Of Log ============================

--- --- ---

Code:

Additional scan result of Farbar Recovery Scan Tool (x86) Version:29-06-2014

Ran by Aga at 2014-07-01 21:46:53

Running from C:\Users\Aga\Downloads

Boot Mode: Normal

==========================================================
 
 

==================== Security Center ========================
 

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 

==================== Installed Programs ======================
 

7-Zip 9.34 alpha (HKLM\...\7-Zip) (Version:  - )

Adobe AIR (HKLM\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)

Adobe AIR (Version: 14.0.0.110 - Adobe Systems Incorporated) Hidden

Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)

Adobe Reader XI (11.0.07)  MUI (HKLM\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)

Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.9.149 - Adobe Systems, Inc.)

avast! Free Antivirus (HKLM\...\Avast) (Version: 9.0.2021 - AVAST Software)

Camtasia Studio 7 (HKLM\...\{DE042823-C359-4B87-B66B-308057E8B6AF}) (Version: 7.0.1 - TechSmith Corporation)

CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)

Cheat Engine 6.3 (HKLM\...\Cheat Engine 6.3_is1) (Version:  - Cheat Engine)

D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden

Dropbox (HKCU\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)

ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version:  - )

F1 2011 (HKLM\...\GFWL_{434D0FA1-3E0C-4D03-A5D4-5E1000008100}) (Version: 1.0.0000.129 - Codemasters)

F1 2011 (Version: 1.0.0000.129 - Codemasters) Hidden

Google Chrome (HKCU\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)

Grand Theft Auto IV (Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden

HxD Hex Editor version 1.7.7.0 (HKLM\...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Maël Hörz)

Java 7 Update 60 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.600 - Oracle)

Java Auto Updater (Version: 2.1.60.19 - Oracle, Inc.) Hidden

JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)

Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

League of Legends (HKLM\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )

League of Legends (Version: 3.0.1 - Riot Games ) Hidden

Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)

Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)

Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden

Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)

Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden

Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)

Microsoft Games for Windows Marketplace (HKLM\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)

Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)

Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)

Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)

Microsoft Office Small Business Edition 2003 (HKLM\...\{91CA0407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)

Microsoft XNA Framework Redistributable 4.0 (HKLM\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)

Mozilla Firefox 30.0 (x86 de) (HKLM\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)

Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)

MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden

MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden

Notepad++ (HKLM\...\Notepad++) (Version: 5.9.8 - )

NVIDIA 3D Vision Controller Driver (Version: 280.19 - NVIDIA Corporation) Hidden

NVIDIA 3D Vision Controller-Treiber 280.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 280.19 - NVIDIA Corporation)

NVIDIA 3D Vision Treiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)

NVIDIA Grafiktreiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)

NVIDIA Install Application (Version: 2.1002.108.688 - NVIDIA Corporation) Hidden

NVIDIA PhysX (Version: 9.10.0514 - NVIDIA Corporation) Hidden

NVIDIA PhysX-Systemsoftware 9.10.0514 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.10.0514 - NVIDIA Corporation)

NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.1106 - NVIDIA Corporation) Hidden

NVIDIA Systemsteuerung 311.06 (Version: 311.06 - NVIDIA Corporation) Hidden

NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)

NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden

QuickShare (HKLM\...\{55532499-5676-4DAE-9A57-AEB907A0A1DD}) (Version: 1.6.1.714 - Linkury Inc.) <==== ATTENTION

Realtek 8136 8168 8169 Ethernet Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0005 - Realtek)

RMFon (HKLM\...\{9A958D2C-4D3D-44CD-8834-AFB85F5C4467}_is1) (Version: 1.3 - Radio Muzyka Fakty sp. z o.o.)

Sandboxie 3.76 (32-bit) (HKLM\...\Sandboxie) (Version: 3.76 - SANDBOXIE L.T.D)

Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden

Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.9.9216 - Skype Technologies S.A.)

Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)

SpywareBlaster 5.0 (HKLM\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)

STRIKE FX GAMEPAD (HKLM\...\{FEC7CD2E-2BB5-40C3-9592-078F64677E6C}) (Version: 1.00.0000 - GASIA)

swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden

Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)

Vista Codec Package (HKLM\...\{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}) (Version: 5.7.9 - Shark007)

VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)

Wallpaper SlideShow LT 1.5.1 (HKLM\...\{58A49B80-2595-4C9D-B3EB-261E68A2C4D1}_is1) (Version:  - Gianpaolo Bottin)

Windows Live Communications Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)

Windows Live Essentials (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Family Safety (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden

Windows Live Fotogalerie (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden

Windows Live Installer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Mail (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Mesh (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Mesh ActiveX control for remote connections (HKLM\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)

Windows Live Messenger (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden

Windows Live Messenger Companion Core (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Movie Maker (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Photo Common (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Photo Gallery (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live PIMT Platform (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live SOXE (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live SOXE Definitions (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live UX Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live UX Platform Language Pack (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live Writer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Writer Resources (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

WinRAR 5.01 beta 1 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.1 - win.rar GmbH)
 

==================== Restore Points  =========================
 

12-03-2014 21:59:04 Uniblue SpeedUpMyPC installation

12-03-2014 22:08:19 Windows Update

18-04-2014 12:39:26 Windows Update

28-06-2014 18:00:10 Windows Update

01-07-2014 14:55:25 Windows Update

01-07-2014 15:11:03 avast! antivirus system restore point

01-07-2014 15:21:08 Installed Java 7 Update 60

01-07-2014 15:45:39 TuneUp Utilities 2014 wird entfernt

01-07-2014 15:47:54 TuneUp Utilities 2014 (de-DE) wird entfernt
 

==================== Hosts content: ==========================
 

2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

::1             localhost
 

==================== Scheduled Tasks (whitelisted) =============
 

Task: {1647F577-48F4-4F0A-A9B0-FCCD87167241} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)

Task: {1A594D74-99A1-4715-A7A0-78B35FED38DC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-01] (Adobe Systems Incorporated)

Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM

Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI

Task: {34C6CB05-00E7-4705-BB9F-506CE730A327} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2014-05-07] (Oracle Corporation)

Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages

Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)

Task: {4FF2761A-979E-49CD-BF8B-98056026F692} - System32\Tasks\Test TimeTrigger => C:\Users\Aga\AppData\Local\Temp\Runner.exe <==== ATTENTION

Task: {6B11EB07-2BAF-4D7B-AF95-DB4C7265429B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd)

Task: {9E4AB2AE-7D19-4A9D-9504-3DC96B16B8A2} - System32\Tasks\{6B23975A-5D65-46B7-AB38-D006542DCD95} => C:\Program Files\Skype\\Phone\Skype.exe [2013-11-18] (Skype Technologies S.A.)

Task: {A332B675-CD29-4D25-AE06-A2CC5A48F9E8} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2008-01-21] (Microsoft Corporation)

Task: {C12F61A2-5D31-4B3A-8899-8023DDB641CE} - System32\Tasks\Google Updater and Installer => C:\Users\Aga\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-15] (Google Inc.)

Task: {D7B4206F-F952-405F-B7DE-0D09AE3516AF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-423745193-3980066226-3922103518-1000UA => C:\Users\Aga\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-15] (Google Inc.)

Task: {E13825F7-7290-42B5-9048-93A62808C17F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-423745193-3980066226-3922103518-1000Core => C:\Users\Aga\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-15] (Google Inc.)

Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()

Task: {EC5D604D-E7EC-43FA-BD2F-A3114AD1A6FE} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)

Task: {F34653EC-8074-4ABF-BEAB-C114A66788D1} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-01] (AVAST Software)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-423745193-3980066226-3922103518-1000Core.job => C:\Users\Aga\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-423745193-3980066226-3922103518-1000UA.job => C:\Users\Aga\AppData\Local\Google\Update\GoogleUpdate.exe
 

==================== Loaded Modules (whitelisted) =============
 

2014-04-17 21:42 - 2014-07-01 17:15 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll

2014-07-01 16:53 - 2014-06-30 19:59 - 02789376 _____ () C:\Program Files\AVAST Software\Avast\defs\14063001\algo.dll

2011-09-17 13:27 - 2013-03-03 18:02 - 00076888 _____ () C:\Windows\system32\PnkBstrA.exe

2013-11-26 17:38 - 2014-07-01 17:16 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

2014-06-28 20:24 - 2014-06-05 15:58 - 04217672 _____ () C:\Users\Aga\AppData\Local\Google\Chrome\Application\35.0.1916.153\pdf.dll

2014-06-28 20:25 - 2014-06-05 15:58 - 00414536 _____ () C:\Users\Aga\AppData\Local\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll

2014-06-28 20:24 - 2014-06-05 15:58 - 01732424 _____ () C:\Users\Aga\AppData\Local\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll

2014-04-19 22:22 - 2014-02-10 13:44 - 04592128 _____ () C:\Users\Aga\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll

2014-04-19 22:22 - 2014-02-10 13:44 - 00112128 _____ () C:\Users\Aga\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll
 

==================== Alternate Data Streams (whitelisted) =========
 

AlternateDataStreams: C:\ProgramData\TEMP:5C321E34
 

==================== Safe Mode (whitelisted) ===================
 
 

==================== EXE Association (whitelisted) =============
 
 

==================== MSCONFIG/TASK MANAGER disabled items =========
 

MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun

MSCONFIG\startupreg: GameXN GO => "C:\ProgramData\GameXN\GameXNGO.exe" /startup

MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start

MSCONFIG\startupreg: RGSC => C:\Program Files\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent

MSCONFIG\startupreg: Steam => "C:\Program Files\Steam\Steam.exe" -silent

MSCONFIG\startupreg: uTorrent => "C:\Program Files\uTorrent\uTorrent.exe"  /MINIMIZED
 

==================== Faulty Device Manager Devices =============
 

Name: Teredo Tunneling Pseudo-Interface

Description: Microsoft Tun-Miniportadapter

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: tunmp

Problem: : This device cannot start. (Code10)

Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.

On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (07/01/2014 06:58:46 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (07/01/2014 06:27:24 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (07/01/2014 05:39:56 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (07/01/2014 05:11:01 PM) (Source: VSS) (EventID: 8194) (User: )

Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005.

Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
 
 

Vorgang:

   Generatordaten werden gesammelt
 

Kontext:

   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}

   Generatorname: System Writer

   Generatorinstanz-ID: {89f45c7e-9bb1-45ee-9c9a-e6f74b23b965}
 

Error: (07/01/2014 04:52:52 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (06/28/2014 07:52:36 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (04/21/2014 00:36:23 AM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (04/20/2014 00:00:58 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Fehlerhafte Anwendung LolClient.exe, Version 0.0.0.0, Zeitstempel 0x515663e0, fehlerhaftes Modul Adobe AIR.dll, Version 3.7.0.1530, Zeitstempel 0x5156646c, Ausnahmecode 0xc0000005, Fehleroffset 0x0006dd76,

Prozess-ID 0xd30, Anwendungsstartzeit LolClient.exe0.
 

Error: (04/19/2014 09:45:35 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (04/18/2014 10:00:45 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 

System errors:

=============

Error: (07/01/2014 06:59:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: NVIDIA Update Service Daemon%%1069
 

Error: (07/01/2014 06:59:46 PM) (Source: Service Control Manager) (EventID: 7038) (User: )

Description: nvUpdatusService.\UpdatusUser%%1330
 

Error: (07/01/2014 06:58:48 PM) (Source: Service Control Manager) (EventID: 7026) (User: )

Description: i8042prt
 

Error: (07/01/2014 06:57:19 PM) (Source: netbt) (EventID: 4321) (User: )

Description: Der Name "MARCIN-PC      :20" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.178.29

registriert werden. Der Computer mit IP-Adresse 192.168.178.23 hat nicht

zugelassen, dass dieser Computer diesen Namen verwendet.
 

Error: (07/01/2014 06:57:19 PM) (Source: Server) (EventID: 2505) (User: )

Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{EE72C859-98BF-4B4B-B736-43AD1E2D6359} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.
 

Error: (07/01/2014 06:55:48 PM) (Source: DCOM) (EventID: 10010) (User: )

Description: {DCAB0989-1301-4319-BE5F-ADE89F88581C}
 

Error: (07/01/2014 06:53:04 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: NVIDIA Display Driver Service1
 

Error: (07/01/2014 06:28:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: NVIDIA Update Service Daemon%%1069
 

Error: (07/01/2014 06:28:18 PM) (Source: Service Control Manager) (EventID: 7038) (User: )

Description: nvUpdatusService.\UpdatusUser%%1330
 

Error: (07/01/2014 06:27:25 PM) (Source: Service Control Manager) (EventID: 7026) (User: )

Description: i8042prt
 
 

Microsoft Office Sessions:

=========================

Error: (07/01/2014 06:58:46 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (07/01/2014 06:27:24 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (07/01/2014 05:39:56 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (07/01/2014 05:11:01 PM) (Source: VSS) (EventID: 8194) (User: )

Description: 0x80070005
 

Vorgang:

   Generatordaten werden gesammelt
 

Kontext:

   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}

   Generatorname: System Writer

   Generatorinstanz-ID: {89f45c7e-9bb1-45ee-9c9a-e6f74b23b965}
 

Error: (07/01/2014 04:52:52 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (06/28/2014 07:52:36 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (04/21/2014 00:36:23 AM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (04/20/2014 00:00:58 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: LolClient.exe0.0.0.0515663e0Adobe AIR.dll3.7.0.15305156646cc00000050006dd76d3001cf5c094516cfb3
 

Error: (04/19/2014 09:45:35 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (04/18/2014 10:00:45 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 

CodeIntegrity Errors:

===================================

  Date: 2014-07-01 21:46:47.645

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-07-01 21:46:47.490

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-07-01 21:46:47.344

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-07-01 21:46:47.184

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-07-01 21:46:46.911

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-07-01 21:46:46.767

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-07-01 21:46:46.620

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-07-01 21:46:46.478

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-07-01 21:46:25.278

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-07-01 21:46:25.118

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 
 

==================== Memory info =========================== 
 

Percentage of memory in use: 34%

Total physical RAM: 3326.18 MB

Available physical RAM: 2172.84 MB

Total Pagefile: 6886.35 MB

Available Pagefile: 5404.69 MB

Total Virtual: 2047.88 MB

Available Virtual: 1890.91 MB
 

==================== Drives ================================
 

Drive c: () (Fixed) (Total:698.63 GB) (Free:483.76 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 699 GB) (Disk ID: 3C91DB17)

Partition 1: (Active) - (Size=699 GB) - (Type=07 NTFS)
 

==================== End Of Log ============================

Vielleicht mit TuneUp kaputt getunt? ;)

Adware & Co. deinstallieren

Lade Dir bitte von hier http://deeprybka.trojaner-board.de/b...ninstaller.pngRevo Uninstaller herunter.
Installiere und starte das Programm.
Suche im Uninstallerfeld nach den Programmen, die unter:
http://deeprybka.trojaner-board.de/b.../revo/add1.png
diesen Zusatz haben:
http://deeprybka.trojaner-board.de/b...e/revo/att.PNG
Wähle die Programme nacheinander aus und klicke jedesmal auf Uninstall.
Wähle anschließend den Modus "Moderat" aus.
http://deeprybka.trojaner-board.de/b.../uninstall.PNG http://deeprybka.trojaner-board.de/b...o/moderat2.PNG
Reste löschen:
Klicke auf http://deeprybka.trojaner-board.de/b.../selectall.PNG dann auf http://deeprybka.trojaner-board.de/b...evo/delete.PNG und dann auf http://deeprybka.trojaner-board.de/b...evo/weiter.PNG.

Solltest Du ein Programm nicht finden oder nicht deinstallieren können, mache bitte mit dem nächsten Schritt weiter:

Scan mit Combofix

WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link

WICHTIG: Speichere Combofix auf deinem Desktop.

Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!

Wenn Combofix fertig ist, wird es ein Logfile erstellen.

Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).

Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

So der Revo Uninstaller hat nichts gefunden. Als nächstes poste ich den Combofix.txt

[CODE][Combofix Logfile:

Code:

ComboFix 14-06-30.01 - Aga 02.07.2014  15:07:47.2.2 - x86

Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.49.1031.18.3326.2134 [GMT 2:00]

ausgeführt von:: c:\users\Aga\Downloads\ComboFix.exe

AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}

SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

(((((((((((((((((((((((   Dateien erstellt von 2014-06-02 bis 2014-07-02  ))))))))))))))))))))))))))))))

.

.

2014-07-02 13:13 . 2014-07-02 13:13        --------        d-----w-        c:\users\Aga\AppData\Local\temp

2014-07-02 13:13 . 2014-07-02 13:13        --------        d-----w-        c:\users\UpdatusUser\AppData\Local\temp

2014-07-02 13:13 . 2014-07-02 13:13        --------        d-----w-        c:\users\Default\AppData\Local\temp

2014-07-02 11:57 . 2014-07-02 11:57        --------        d-----w-        c:\program files\VS Revo Group

2014-07-01 19:45 . 2014-07-01 19:47        --------        d-----w-        C:\FRST

2014-07-01 16:44 . 2014-07-01 16:44        --------        d-----w-        c:\programdata\Licenses

2014-07-01 16:44 . 2014-07-01 16:47        --------        d-----w-        c:\program files\SpywareBlaster

2014-07-01 16:28 . 2014-07-02 12:12        110296        ----a-w-        c:\windows\system32\drivers\MBAMSwissArmy.sys

2014-07-01 16:28 . 2014-07-01 16:28        --------        d-----w-        c:\program files\Malwarebytes Anti-Malware

2014-07-01 16:28 . 2014-05-12 05:26        51928        ----a-w-        c:\windows\system32\drivers\mwac.sys

2014-07-01 16:28 . 2014-05-12 05:25        74456        ----a-w-        c:\windows\system32\drivers\mbamchameleon.sys

2014-07-01 15:45 . 2014-07-01 15:45        --------        d-----w-        c:\program files\Dropbox

2014-07-01 15:43 . 2014-07-01 15:46        --------        d-----w-        c:\users\Aga\AppData\Roaming\Dropbox

2014-07-01 15:28 . 2014-07-01 15:28        --------        d-----w-        c:\programdata\Oracle

2014-07-01 15:28 . 2014-07-01 15:28        --------        d-----w-        c:\program files\Common Files\Java

2014-07-01 15:27 . 2014-05-07 13:02        96680        ----a-w-        c:\windows\system32\WindowsAccessBridge.dll

2014-07-01 15:16 . 2014-07-01 15:16        24184        ----a-w-        c:\windows\system32\drivers\aswHwid.sys

2014-07-01 15:16 . 2014-07-01 15:16        43152        ----a-w-        c:\windows\avastSS.scr

2014-06-28 18:09 . 2014-04-26 16:01        502784        ----a-w-        c:\windows\system32\usp10.dll

2014-06-28 18:09 . 2014-04-05 03:23        915392        ----a-w-        c:\windows\system32\drivers\tcpip.sys

2014-06-28 18:09 . 2014-04-05 01:49        31232        ----a-w-        c:\windows\system32\drivers\tcpipreg.sys

2014-06-28 18:09 . 2014-03-10 01:22        1401344        ----a-w-        c:\windows\system32\msxml6.dll

2014-06-28 18:09 . 2014-03-10 01:22        1248768        ----a-w-        c:\windows\system32\msxml3.dll

.

.

.

((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2014-07-01 15:20 . 2014-03-05 15:11        71344        ----a-w-        c:\windows\system32\FlashPlayerCPLApp.cpl

2014-07-01 15:20 . 2014-03-05 15:11        699056        ----a-w-        c:\windows\system32\FlashPlayerApp.exe

2014-07-01 15:16 . 2013-11-26 15:38        57800        ----a-w-        c:\windows\system32\drivers\aswTdi.sys

2014-07-01 15:16 . 2013-11-26 15:38        192352        ----a-w-        c:\windows\system32\drivers\aswVmm.sys

2014-07-01 15:16 . 2013-11-26 15:38        779536        ----a-w-        c:\windows\system32\drivers\aswSnx.sys

2014-07-01 15:16 . 2013-11-26 15:38        414392        ----a-w-        c:\windows\system32\drivers\aswSP.sys

2014-07-01 15:16 . 2013-11-26 15:38        49944        ----a-w-        c:\windows\system32\drivers\aswRvrt.sys

2014-07-01 15:16 . 2013-11-26 15:38        67824        ----a-w-        c:\windows\system32\drivers\aswMonFlt.sys

2014-07-01 15:16 . 2013-11-26 15:38        55112        ----a-w-        c:\windows\system32\drivers\aswRdr.sys

2014-07-01 15:16 . 2013-11-26 15:38        276432        ----a-w-        c:\windows\system32\aswBoot.exe

2014-05-12 05:25 . 2013-04-23 20:11        23256        ----a-w-        c:\windows\system32\drivers\mbam.sys

.

.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))

.

.

*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]

@="{472083B0-C522-11CF-8763-00608CC02F24}"

[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]

2014-07-01 15:15        578240        ----a-w-        c:\program files\AVAST Software\Avast\ashShell.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2013-09-11 02:09        131248        ----a-w-        c:\users\Aga\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2013-09-11 02:09        131248        ----a-w-        c:\users\Aga\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2013-09-11 02:09        131248        ----a-w-        c:\users\Aga\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2013-09-11 02:09        131248        ----a-w-        c:\users\Aga\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-07-01 4086432]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2014-05-07 256896]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

"EnableSecureUIAPath"= 1 (0x1)

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

@="Service"

.

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]

"Google Update"="c:\users\Aga\AppData\Local\Google\Update\GoogleUpdate.exe" /c

"Skype"="c:\program files\Skype\Phone\Skype.exe" /minimized /regrun

"Sidebar"=c:\program files\Windows Sidebar\sidebar.exe /autoRun

"SandboxieControl"="c:\program files\Sandboxie\SbieCtrl.exe"

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

LocalServiceAndNoImpersonation        REG_MULTI_SZ           FontCache

.

Inhalt des "geplante Tasks" Ordners

.

2014-07-02 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-05 15:20]

.

2014-07-01 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-423745193-3980066226-3922103518-1000Core.job

- c:\users\Aga\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-15 07:35]

.

2014-07-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-423745193-3980066226-3922103518-1000UA.job

- c:\users\Aga\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-15 07:35]

.

.

------- Zusätzlicher Suchlauf -------

.

uStart Page = https://www.google.de/

IE: Free YouTube to MP3 Converter - c:\users\Aga\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

IE: Nach Microsoft &Excel exportieren - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000

TCP: DhcpNameServer = 192.168.178.1

FF - ProfilePath - c:\users\Aga\AppData\Roaming\Mozilla\Firefox\Profiles\nycp6mbp.default\

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxps://www.google.de/

FF - prefs.js: keyword.URL - hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=

FF - user.js: extensions.autoDisableScopes - 0

FF - user.js: extensions.autoDisableScopes - 0

FF - user.js: extensions.delta.tlbrSrchUrl - 

FF - user.js: extensions.delta.id - a6d1ae3f00000000000090e6ba694f59

FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}

FF - user.js: extensions.delta.instlDay - 15815

FF - user.js: extensions.delta.vrsn - 1.8.16.16

FF - user.js: extensions.delta.vrsni - 1.8.16.16

FF - user.js: extensions.delta.vrsnTs - 1.8.16.161:28

FF - user.js: extensions.delta.prtnrId - delta

FF - user.js: extensions.delta.prdct - delta

FF - user.js: extensions.delta.aflt - babsst

FF - user.js: extensions.delta.smplGrp - none

FF - user.js: extensions.delta.tlbrId - base

FF - user.js: extensions.delta.instlRef - sst

FF - user.js: extensions.delta.dfltLng - en

FF - user.js: extensions.delta.excTlbr - false

FF - user.js: extensions.delta.ffxUnstlRst - true

FF - user.js: extensions.delta.admin - false

FF - user.js: extensions.delta.autoRvrt - false

FF - user.js: extensions.delta.rvrt - false

FF - user.js: extensions.delta.newTab - false

FF - user.js: network.http.max-persistent-connections-per-server - 4

FF - user.js: nglayout.initialpaint.delay - 600

FF - user.js: content.notify.interval - 600000

FF - user.js: content.max.tokenizing.time - 1800000

FF - user.js: content.switch.threshold - 600000

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, hxxp://www.gmer.net

Rootkit scan 2014-07-02 15:13

Windows 6.0.6002 Service Pack 2 NTFS

.

Scanne versteckte Prozesse... 

.

Scanne versteckte Autostarteinträge... 

.

Scanne versteckte Dateien... 

.

Scan erfolgreich abgeschlossen

versteckte Dateien: 0

.

**************************************************************************

.

--------------------- Gesperrte Registrierungsschluessel ---------------------

.

[HKEY_USERS\S-1-5-21-423745193-3980066226-3922103518-1000\Software\SecuROM\License information*]

"datasecu"=hex:ee,33,08,28,82,fc,27,91,3f,77,31,25,e2,8c,f2,53,a0,40,ce,ae,67,

   44,13,24,1b,32,a0,8b,85,89,00,ab,1c,21,d7,d1,fc,a7,4e,1b,01,49,d0,b3,3a,fe,\

"rkeysecu"=hex:a1,e3,ed,0e,e2,ec,ab,8e,74,41,cc,08,a8,fe,cf,94

.

Zeit der Fertigstellung: 2014-07-02  15:14:56

ComboFix-quarantined-files.txt  2014-07-02 13:14

ComboFix2.txt  2014-07-02 12:57

.

Vor Suchlauf: 16 Verzeichnis(se), 518.956.019.712 Bytes frei

Nach Suchlauf: 17 Verzeichnis(se), 518.909.718.528 Bytes frei

.

- - End Of File - - BC2E2C7445BC0D21F06A85B845AFBB35

--- --- ---
5C616939100B85E558DA92B899A0FC36
/CODE]

Downloade Dir bitte

Malwarebytes Anti-Malware

Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

und ein frisches FRST log bitte.

Ich poste nacheinander die Auswertungen von den Scans

mbam.txt :

Code:

Malwarebytes Anti-Malware

www.malwarebytes.org
 

Suchlauf Datum: 03.07.2014

Suchlauf-Zeit: 13:21:04

Logdatei: Mwbp.txt

Administrator: Ja
 

Version: 2.00.2.1012

Malware Datenbank: v2014.07.03.02

Rootkit Datenbank: v2014.07.01.01

Lizenz: Testversion

Malware Schutz: Aktiviert

Bösartiger Webseiten Schutz: Aktiviert

Self-protection: Deaktiviert
 

Betriebssystem: Windows Vista Service Pack 2

CPU: x86

Dateisystem: NTFS

Benutzer: Aga
 

Suchlauf-Art: Bedrohungs-Suchlauf

Ergebnis: Abgeschlossen

Durchsuchte Objekte: 296673

Verstrichene Zeit: 8 Min, 3 Sek
 

Speicher: Aktiviert

Autostart: Aktiviert

Dateisystem: Aktiviert

Archive: Aktiviert

Rootkits: Deaktiviert

Heuristics: Aktiviert

PUP: Warnen

PUM: Aktiviert
 

Prozesse: 0

(No malicious items detected)
 

Module: 0

(No malicious items detected)
 

Registrierungsschlüssel: 0

(No malicious items detected)
 

Registrierungswerte: 0

(No malicious items detected)
 

Registrierungsdaten: 0

(No malicious items detected)
 

Ordner: 4

PUP.Optional.OpenCandy, C:\Users\Aga\AppData\Roaming\OpenCandy, In Quarantäne, [50ce58439edda78f5507aaedc141bc44], 

PUP.Optional.OpenCandy, C:\Users\Aga\AppData\Roaming\OpenCandy\35888F3784EC439099E8D9AFAE905042, In Quarantäne, [50ce58439edda78f5507aaedc141bc44], 

PUP.Optional.SavingsExplorer.A, C:\Users\Aga\AppData\Local\Savings Explorer, In Quarantäne, [b767bae164171026017f169423df3fc1], 

PUP.Optional.AmazonBrowserBar.A, C:\Program Files\Amazon\ABB, In Quarantäne, [c6583d5e7407c076075bd1dca55de61a], 
 

Dateien: 25

PUP.Optional.Delta.A, C:\Users\Aga\AppData\Roaming\Mozilla\Firefox\Profiles\nycp6mbp.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.admin", false);), Ersetzt,[1e0008937704e94d50c65a663cc82dd3]

PUP.Optional.Delta.A, C:\Users\Aga\AppData\Roaming\Mozilla\Firefox\Profiles\nycp6mbp.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.aflt", "babsst");), Ersetzt,[5fbf13889edd8da976a0f1cfd82c46ba]

PUP.Optional.Delta.A, C:\Users\Aga\AppData\Roaming\Mozilla\Firefox\Profiles\nycp6mbp.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");), Ersetzt,[1d014457f388dc5a29edeed233d1a45c]

PUP.Optional.Delta.A, C:\Users\Aga\AppData\Roaming\Mozilla\Firefox\Profiles\nycp6mbp.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.autoRvrt", "false");), Ersetzt,[bb6314876417d75fda3ce8d87094f30d]

PUP.Optional.Delta.A, C:\Users\Aga\AppData\Roaming\Mozilla\Firefox\Profiles\nycp6mbp.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.bbDpng", "21");), Ersetzt,[41dd3b60f784f244ab6bc9f7fc088d73]

PUP.Optional.Delta.A, C:\Users\Aga\AppData\Roaming\Mozilla\Firefox\Profiles\nycp6mbp.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.cntry", "DE");), Ersetzt,[8b9314875b20a690c650744c659f4ab6]

PUP.Optional.Delta.A, C:\Users\Aga\AppData\Roaming\Mozilla\Firefox\Profiles\nycp6mbp.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.dfltLng", "en");), Ersetzt,[d94539626318ed49b95ddfe1c44006fa]

PUP.Optional.Delta.A, C:\Users\Aga\AppData\Roaming\Mozilla\Firefox\Profiles\nycp6mbp.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.excTlbr", false);), Ersetzt,[d04e603b7b0038fe9d79596756ae8b75]

PUP.Optional.Delta.A, C:\Users\Aga\AppData\Roaming\Mozilla\Firefox\Profiles\nycp6mbp.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.ffxUnstlRst", true);), Ersetzt,[bb636635ef8c0d293bdb5a660bf9748c]

PUP.Optional.Delta.A, C:\Users\Aga\AppData\Roaming\Mozilla\Firefox\Profiles\nycp6mbp.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.hdrMd5", "0CB5EA51A6AD7FEFBE2B600138003756");), Ersetzt,[b8660a912259c4723dd90cb4d52f827e]

PUP.Optional.Delta.A, C:\Users\Aga\AppData\Roaming\Mozilla\Firefox\Profiles\nycp6mbp.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.id", "a6d1ae3f00000000000090e6ba694f59");), Ersetzt,[e9352b70e09b6bcbdb3bd7e9ab597090]

PUP.Optional.Delta.A, C:\Users\Aga\AppData\Roaming\Mozilla\Firefox\Profiles\nycp6mbp.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.instlDay", "15815");), Ersetzt,[2ef08d0e661591a560b6f4ccbd47ac54]

PUP.Optional.Delta.A, C:\Users\Aga\AppData\Roaming\Mozilla\Firefox\Profiles\nycp6mbp.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.instlRef", "sst");), Ersetzt,[65b9c5d69ae13cfabd59fac6cc38867a]

PUP.Optional.Delta.A, C:\Users\Aga\AppData\Roaming\Mozilla\Firefox\Profiles\nycp6mbp.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.lastVrsnTs", "1.8.16.161:28:25");), Ersetzt,[65b96b30047781b59f77f5cb57adda26]

PUP.Optional.Delta.A, C:\Users\Aga\AppData\Roaming\Mozilla\Firefox\Profiles\nycp6mbp.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.newTab", false);), Ersetzt,[4dd11b80f685db5b34e27e428a7ae41c]

PUP.Optional.Delta.A, C:\Users\Aga\AppData\Roaming\Mozilla\Firefox\Profiles\nycp6mbp.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.prdct", "delta");), Ersetzt,[25f953482d4efa3c8f87e7d944c04eb2]

PUP.Optional.Delta.A, C:\Users\Aga\AppData\Roaming\Mozilla\Firefox\Profiles\nycp6mbp.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.prtnrId", "delta");), Ersetzt,[9589dfbc5b2067cf19fd9e22b64e8977]

PUP.Optional.Delta.A, C:\Users\Aga\AppData\Roaming\Mozilla\Firefox\Profiles\nycp6mbp.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.rvrt", "false");), Ersetzt,[5dc1a9f2ceadb3830115fac66a9a6f91]

PUP.Optional.Delta.A, C:\Users\Aga\AppData\Roaming\Mozilla\Firefox\Profiles\nycp6mbp.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.sg", "azb");), Ersetzt,[b965f2a995e60f27d0466e52b0547a86]

PUP.Optional.Delta.A, C:\Users\Aga\AppData\Roaming\Mozilla\Firefox\Profiles\nycp6mbp.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.smplGrp", "none");), Ersetzt,[bd615843c4b769cd0a0ce1df73918c74]

PUP.Optional.Delta.A, C:\Users\Aga\AppData\Roaming\Mozilla\Firefox\Profiles\nycp6mbp.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.tlbrId", "base");), Ersetzt,[96884c4fd0abe74f37df0fb1b74d22de]

PUP.Optional.Delta.A, C:\Users\Aga\AppData\Roaming\Mozilla\Firefox\Profiles\nycp6mbp.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.tlbrSrchUrl", "");), Ersetzt,[76a823785f1cc67031e54d73d52fb848]

PUP.Optional.Delta.A, C:\Users\Aga\AppData\Roaming\Mozilla\Firefox\Profiles\nycp6mbp.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.vrsn", "1.8.16.16");), Ersetzt,[130b6d2ea1da0234e135d1ef5fa53dc3]

PUP.Optional.Delta.A, C:\Users\Aga\AppData\Roaming\Mozilla\Firefox\Profiles\nycp6mbp.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.vrsnTs", "1.8.16.161:28:25");), Ersetzt,[08161883582349ed67afbb05ec189070]

PUP.Optional.Delta.A, C:\Users\Aga\AppData\Roaming\Mozilla\Firefox\Profiles\nycp6mbp.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.vrsni", "1.8.16.16");), Ersetzt,[8a94bae183f8f04640d6f0d08c78eb15]
 

Physische Sektoren: 0

(No malicious items detected)
 
 

(end)

adwcleaner logdatei

Code:

# AdwCleaner v3.214 - Bericht erstellt am 03/07/2014 um 14:11:02

# Aktualisiert 29/06/2014 von Xplode

# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)

# Benutzername : Aga - MARCIN-PC

# Gestartet von : C:\Users\Aga\Downloads\adwcleaner_3.214.exe

# Option : Löschen
 

***** [ Dienste ] *****
 
 

***** [ Dateien / Ordner ] *****
 

Ordner Gelöscht : C:\ProgramData\apn

Ordner Gelöscht : C:\ProgramData\Babylon

Ordner Gelöscht : C:\Users\Aga\AppData\Local\apn

Ordner Gelöscht : C:\Users\Aga\AppData\Roaming\Babylon

Ordner Gelöscht : C:\Users\Aga\AppData\Roaming\DesktopIconForAmazon

Ordner Gelöscht : C:\Users\Aga\AppData\Roaming\Gutscheinmieze

Ordner Gelöscht : C:\Users\Aga\AppData\Roaming\OCS

Datei Gelöscht : C:\Users\Aga\AppData\Roaming\Mozilla\Firefox\Profiles\nycp6mbp.default\Extensions\torntv2@torntv.com.xpi

Datei Gelöscht : C:\Users\Aga\AppData\Roaming\Mozilla\Firefox\Profiles\nycp6mbp.default\foxydeal.sqlite

Datei Gelöscht : C:\Users\Aga\AppData\Roaming\Mozilla\Firefox\Profiles\nycp6mbp.default\invalidprefs.js

Datei Gelöscht : C:\Users\Aga\AppData\Roaming\Mozilla\Firefox\Profiles\nycp6mbp.default\user.js
 

***** [ Verknüpfungen ] *****
 
 

***** [ Registrierungsdatenbank ] *****
 

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\leocdeigfnkaojcapikdjcdbedcjmffc

Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\speedupmypc

Schlüssel Gelöscht : HKCU\Software\a08ad8e569ef17

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF}

Schlüssel Gelöscht : HKCU\Software\distromatic

Schlüssel Gelöscht : HKCU\Software\OCS

Schlüssel Gelöscht : HKCU\Software\Softonic

Schlüssel Gelöscht : HKLM\Software\Babylon

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}

Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5

Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4

Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375

Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964

Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C

Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A71991503412AEB42838B02C5ED9F9CD

Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7

Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5E8031606EB60A64C882918F8FF38DD4
 

***** [ Browser ] *****
 

-\\ Internet Explorer v9.0.8112.16555
 
 

-\\ Mozilla Firefox v30.0 (de)
 

[ Datei : C:\Users\Aga\AppData\Roaming\Mozilla\Firefox\Profiles\nycp6mbp.default\prefs.js ]
 

Zeile gelöscht : user_pref("extensions.dnsbasic.init", true);
 

-\\ Google Chrome v
 

[ Datei : C:\Users\Aga\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 

*************************
 

AdwCleaner[R0].txt - [8568 octets] - [03/07/2014 14:01:34]

AdwCleaner[S0].txt - [8489 octets] - [03/07/2014 14:11:02]
 

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8549 octets] ##########

JRT.txt

Code:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.1.4 (04.06.2014:1)

OS: Windows Vista (TM) Home Premium x86

Ran by Aga on 03.07.2014 at 14:19:29,63

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 

~~~ Services
 
 
 

~~~ Registry Values
 
 
 

~~~ Registry Keys
 

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-423745193-3980066226-3922103518-1000\Software\sweetim
 
 
 

~~~ Files
 
 
 

~~~ Folders
 

Successfully deleted: [Folder] "C:\Windows\system32\ai_recyclebin"
 
 
 

~~~ FireFox
 

Emptied folder: C:\Users\Aga\AppData\Roaming\mozilla\firefox\profiles\nycp6mbp.default\minidumps [6 files]
 
 
 

~~~ Event Viewer Logs were cleared
 
 
 
 
 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 03.07.2014 at 14:22:34,49

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST log

FRST Logfile:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:29-06-2014

Ran by Aga (administrator) on MARCIN-PC on 03-07-2014 14:24:19

Running from C:\Users\Aga\Desktop

Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: Deutsch (Deutschland)

Internet Explorer Version 9

Boot Mode: Normal
 
 

==================== Processes (Whitelisted) =================
 

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(SANDBOXIE L.T.D) C:\Program Files\Sandboxie\SbieSvc.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe

() C:\Windows\System32\PnkBstrA.exe

(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE

(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe

(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(Microsoft Corporation) C:\Windows\System32\mobsync.exe

(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe

(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe

(Microsoft Corporation) C:\Windows\System32\conime.exe
 
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432 2014-07-01] (AVAST Software)

HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)

ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)

ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File

ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File

ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File

ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xBF4129600C73CC01

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de

SearchScopes: HKLM - DefaultScope value is missing.

BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)

BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Toolbar: HKLM - No Name - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} -  No File

Toolbar: HKCU - No Name - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} -  No File

Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
 

FireFox:

========

FF ProfilePath: C:\Users\Aga\AppData\Roaming\Mozilla\Firefox\Profiles\nycp6mbp.default

FF NewTab: hxxp://www.google.com/firefox

FF SearchEngineOrder.1: Google

FF SelectedSearchEngine: Google

FF Homepage: https://www.google.de/

FF Keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_125.dll ()

FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1209149.dll (Adobe Systems, Inc.)

FF Plugin: @java.com/DTPlugin,version=10.60.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)

FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File

FF Plugin: @real.com/nppl3260;version=6.0.12.448 - C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.)

FF Plugin: @real.com/nprpjplug;version=6.0.12.448 - C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)

FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin: @videolan.org/vlc,version=2.0.6 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Aga\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Aga\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Aga\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF SearchPlugin: C:\Users\Aga\AppData\Roaming\Mozilla\Firefox\Profiles\nycp6mbp.default\searchplugins\amazon-distro.xml

FF SearchPlugin: C:\Users\Aga\AppData\Roaming\Mozilla\Firefox\Profiles\nycp6mbp.default\searchplugins\englische-ergebnisse.xml

FF SearchPlugin: C:\Users\Aga\AppData\Roaming\Mozilla\Firefox\Profiles\nycp6mbp.default\searchplugins\gmx-suche.xml

FF SearchPlugin: C:\Users\Aga\AppData\Roaming\Mozilla\Firefox\Profiles\nycp6mbp.default\searchplugins\lastminute.xml

FF SearchPlugin: C:\Users\Aga\AppData\Roaming\Mozilla\Firefox\Profiles\nycp6mbp.default\searchplugins\webde-suche.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml

FF Extension: FoxyDeal - C:\Users\Aga\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{F58A62EB-38DC-43C4-A539-DC52E135208D} [2013-04-21]

FF Extension: Anti-Banner - C:\Program Files\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak2 [2014-03-12]

FF Extension: Modul zur Link-Untersuchung - C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak2 [2014-03-12]

FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-03-12]

FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension

FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2011-09-19]

FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF

FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-11-26]
 

Chrome: 

=======

CHR HomePage: 

CHR StartupUrls: "https://www.google.de/"

CHR Extension: (WOT) - C:\Users\Aga\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2014-07-01]

CHR Extension: (Adblock Plus) - C:\Users\Aga\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-07-01]

CHR Extension: (avast! Online Security) - C:\Users\Aga\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-11-26]

CHR Extension: (Skype Click to Call) - C:\Users\Aga\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-03-12]

CHR Extension: (Google Wallet) - C:\Users\Aga\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-24]

CHR Extension: (Auto Refresh Plus) - C:\Users\Aga\AppData\Local\Google\Chrome\User Data\Default\Extensions\oilipfekkmncanaajkapbpancpelijih [2014-07-02]

CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-01]

CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-01-17]

CHR StartMenuInternet: Google Chrome - C:\Users\Aga\AppData\Local\Google\Chrome\Application\chrome.exe

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 

========================== Services (Whitelisted) =================
 

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-01] (AVAST Software)

S2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)

S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)

R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2013-03-03] ()

R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [85776 2012-12-16] (SANDBOXIE L.T.D)
 

==================== Drivers (Whitelisted) ====================
 

R2 ACEDRV07; C:\Windows\system32\drivers\ACEDRV07.sys [101376 2011-12-11] (Protect Software GmbH) [File not signed]

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-07-01] ()

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-07-01] (AVAST Software)

R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [55112 2014-07-01] (AVAST Software)

R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-07-01] ()

R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [779536 2014-07-01] (AVAST Software)

R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [414392 2014-07-01] (AVAST Software)

R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57800 2014-07-01] (AVAST Software)

R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [192352 2014-07-01] ()

S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)

S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)

S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-05-12] (Malwarebytes Corporation)

R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [7680 2006-10-18] ()

R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [157776 2012-12-16] (SANDBOXIE L.T.D)

U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)

S3 catchme; \??\C:\Users\Aga\AppData\Local\Temp\catchme.sys [X]

S3 IpInIp; system32\DRIVERS\ipinip.sys [X]

S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]

S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

S3 XDva397; \??\C:\Windows\system32\XDva397.sys [X]
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2014-07-03 14:24 - 2014-07-03 14:24 - 00013831 _____ () C:\Users\Aga\Desktop\FRST.txt

2014-07-03 14:23 - 2014-07-01 21:43 - 01073664 _____ (Farbar) C:\Users\Aga\Desktop\FRST.exe

2014-07-03 14:22 - 2014-07-03 14:22 - 00001020 _____ () C:\Users\Aga\Desktop\JRT.txt

2014-07-03 14:18 - 2014-07-03 14:18 - 00000481 _____ () C:\Users\Aga\Desktop\JRT.exe - Verknüpfung.lnk

2014-07-03 14:15 - 2014-07-03 14:15 - 00007099 _____ () C:\Users\Aga\Desktop\Mwbp.txt

2014-07-03 14:13 - 2014-07-03 14:13 - 00008629 _____ () C:\Users\Aga\Desktop\AdwCleaner[S0].txt

2014-07-03 14:12 - 2014-07-03 14:12 - 00000310 _____ () C:\Windows\PFRO.log

2014-07-03 14:09 - 2014-07-03 14:09 - 00008568 _____ () C:\Users\AdwCleaner[R0].txt

2014-07-03 14:03 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll

2014-07-03 13:57 - 2014-07-03 13:57 - 00001176 _____ () C:\Malwarebytes Anti-Malware.lnk

2014-07-03 13:17 - 2014-07-03 13:17 - 01016261 _____ (Thisisu) C:\Users\Aga\Downloads\JRT (1).exe

2014-07-03 13:16 - 2014-07-03 14:11 - 00000000 ____D () C:\AdwCleaner

2014-07-03 13:16 - 2014-07-03 13:16 - 01346519 _____ () C:\Users\Aga\Downloads\adwcleaner_3.214 (1).exe

2014-07-02 15:14 - 2014-07-02 15:14 - 00010518 _____ () C:\ComboFix.txt

2014-07-02 15:06 - 2014-07-02 15:15 - 00000000 ____D () C:\ComboFix

2014-07-02 14:45 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe

2014-07-02 14:45 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe

2014-07-02 14:45 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe

2014-07-02 14:45 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe

2014-07-02 14:45 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe

2014-07-02 14:45 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe

2014-07-02 14:45 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe

2014-07-02 14:45 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe

2014-07-02 14:43 - 2014-07-02 15:14 - 00000000 ____D () C:\Qoobox

2014-07-02 14:43 - 2014-07-02 14:56 - 00000000 ____D () C:\Windows\erdnt

2014-07-02 14:36 - 2014-07-02 14:37 - 05212874 ____R (Swearware) C:\Users\Aga\Downloads\ComboFix.exe

2014-07-02 13:57 - 2014-07-02 13:57 - 00001017 _____ () C:\Users\Aga\Desktop\Revo Uninstaller.lnk

2014-07-02 13:57 - 2014-07-02 13:57 - 00000000 ____D () C:\Program Files\VS Revo Group

2014-07-02 13:56 - 2014-07-02 13:57 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Aga\Downloads\revosetup95.exe

2014-07-01 21:46 - 2014-07-01 21:51 - 00032323 _____ () C:\Users\Aga\Downloads\FRST.txt

2014-07-01 21:46 - 2014-07-01 21:51 - 00028852 _____ () C:\Users\Aga\Downloads\Addition.txt

2014-07-01 21:45 - 2014-07-03 14:24 - 00000000 ____D () C:\FRST

2014-07-01 21:45 - 2014-07-01 21:45 - 01073664 _____ (Farbar) C:\Users\Aga\Downloads\FRST (1).exe

2014-07-01 21:43 - 2014-07-01 21:43 - 01073664 _____ (Farbar) C:\Users\Aga\Downloads\FRST.exe

2014-07-01 18:52 - 2014-07-01 18:52 - 00448512 _____ (OldTimer Tools) C:\Users\Aga\Downloads\TFC.exe

2014-07-01 18:44 - 2014-07-02 14:53 - 00000000 ____D () C:\ProgramData\TEMP

2014-07-01 18:44 - 2014-07-01 18:47 - 00000000 ____D () C:\Program Files\SpywareBlaster

2014-07-01 18:44 - 2014-07-01 18:44 - 00000836 _____ () C:\Users\Public\Desktop\SpywareBlaster.lnk

2014-07-01 18:44 - 2014-07-01 18:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster

2014-07-01 18:44 - 2014-07-01 18:44 - 00000000 ____D () C:\ProgramData\Licenses

2014-07-01 18:43 - 2014-07-01 18:43 - 04095448 _____ (BrightFort LLC ) C:\Users\Aga\Downloads\spywareblastersetup50.exe

2014-07-01 18:39 - 2014-07-01 18:40 - 00895120 _____ (Google Inc.) C:\Users\Aga\Downloads\ChromeSetup.exe

2014-07-01 18:35 - 2014-07-01 18:35 - 01346519 _____ () C:\Users\Aga\Downloads\adwcleaner_3.214.exe

2014-07-01 18:35 - 2014-07-01 18:35 - 01016261 _____ (Thisisu) C:\Users\Aga\Downloads\JRT.exe

2014-07-01 18:28 - 2014-07-03 14:13 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-07-01 18:28 - 2014-07-01 18:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-07-01 18:28 - 2014-07-01 18:28 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware

2014-07-01 18:28 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2014-07-01 18:28 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-07-01 17:55 - 2014-07-01 17:55 - 00023064 _____ () C:\Users\Aga\Documents\cc_20140701_175512.reg

2014-07-01 17:55 - 2014-07-01 17:55 - 00000332 _____ () C:\Users\Aga\Documents\cc_20140701_175529.reg

2014-07-01 17:50 - 2014-07-01 17:50 - 04812672 _____ (Piriform Ltd) C:\Users\Aga\Downloads\ccsetup415.exe

2014-07-01 17:46 - 2014-07-01 17:46 - 00000000 ____D () C:\Users\Aga\AppData\Roaming\DropboxMaster

2014-07-01 17:45 - 2014-07-01 17:45 - 00000000 ____D () C:\Users\Aga\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

2014-07-01 17:45 - 2014-07-01 17:45 - 00000000 ____D () C:\Program Files\Dropbox

2014-07-01 17:43 - 2014-07-01 17:46 - 00000000 ____D () C:\Users\Aga\AppData\Roaming\Dropbox

2014-07-01 17:28 - 2014-07-01 17:28 - 00000000 ____D () C:\ProgramData\Oracle

2014-07-01 17:28 - 2014-07-01 17:28 - 00000000 ____D () C:\Program Files\Common Files\Java

2014-07-01 17:28 - 2014-05-07 14:59 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe

2014-07-01 17:27 - 2014-07-01 17:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2014-07-01 17:27 - 2014-05-07 15:02 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll

2014-07-01 17:27 - 2014-05-07 14:59 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe

2014-07-01 17:27 - 2014-05-07 14:58 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe

2014-07-01 17:23 - 2014-07-01 17:27 - 00004126 _____ () C:\Windows\system32\jupdate-1.7.0_60-b19.log

2014-07-01 17:21 - 2014-07-01 17:21 - 00284288 _____ (Mozilla) C:\Users\Aga\Downloads\Firefox Setup Stub 30.0.exe

2014-07-01 17:19 - 2014-07-01 17:19 - 00918952 _____ (Oracle Corporation) C:\Users\Aga\Downloads\chromeinstall-7u60.exe

2014-07-01 17:16 - 2014-07-01 17:16 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr

2014-07-01 17:16 - 2014-07-01 17:16 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys

2014-07-01 17:08 - 2014-07-01 17:09 - 18732144 _____ (Adobe Systems Inc.) C:\Users\Aga\Downloads\AdobeAIRInstaller (1).exe

2014-07-01 17:07 - 2014-07-01 17:07 - 01179085 _____ () C:\Users\Aga\Downloads\7z934.exe

2014-06-28 20:09 - 2014-04-26 18:01 - 00502784 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll

2014-06-28 20:09 - 2014-04-05 05:23 - 00915392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys

2014-06-28 20:09 - 2014-04-05 03:49 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys

2014-06-28 20:09 - 2014-03-25 15:26 - 11587584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll

2014-06-28 20:09 - 2014-03-10 03:22 - 01401344 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll

2014-06-28 20:09 - 2014-03-10 03:22 - 01248768 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll

2014-06-28 20:08 - 2014-05-28 18:48 - 12356608 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-06-28 20:08 - 2014-05-28 18:39 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-06-28 20:08 - 2014-05-28 18:38 - 09711104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-06-28 20:08 - 2014-05-28 18:33 - 01106432 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-06-28 20:08 - 2014-05-28 18:32 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-06-28 20:08 - 2014-05-28 18:32 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-06-28 20:08 - 2014-05-28 18:31 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll

2014-06-28 20:08 - 2014-05-28 18:31 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-06-28 20:08 - 2014-05-28 18:30 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-06-28 20:08 - 2014-05-28 18:30 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2014-06-28 20:08 - 2014-05-28 18:30 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-06-28 20:08 - 2014-05-28 18:30 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-06-28 20:08 - 2014-05-28 18:30 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-06-28 20:08 - 2014-05-28 18:30 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-06-28 20:08 - 2014-05-28 18:30 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll

2014-06-28 20:08 - 2014-05-28 18:29 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-06-28 20:08 - 2014-05-28 18:29 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-06-28 20:08 - 2014-05-28 18:29 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-06-28 20:08 - 2014-05-28 18:29 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe

2014-06-28 20:08 - 2014-05-28 18:29 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe

2014-06-28 20:08 - 2014-05-28 18:28 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
 

==================== One Month Modified Files and Folders =======
 

2014-07-03 14:24 - 2014-07-03 14:24 - 00013831 _____ () C:\Users\Aga\Desktop\FRST.txt

2014-07-03 14:24 - 2014-07-01 21:45 - 00000000 ____D () C:\FRST

2014-07-03 14:22 - 2014-07-03 14:22 - 00001020 _____ () C:\Users\Aga\Desktop\JRT.txt

2014-07-03 14:19 - 2013-04-21 15:01 - 00000000 ____D () C:\Windows\ERUNT

2014-07-03 14:18 - 2014-07-03 14:18 - 00000481 _____ () C:\Users\Aga\Desktop\JRT.exe - Verknüpfung.lnk

2014-07-03 14:16 - 2011-09-15 12:11 - 01093082 _____ () C:\Windows\WindowsUpdate.log

2014-07-03 14:16 - 2011-09-15 09:35 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-423745193-3980066226-3922103518-1000UA.job

2014-07-03 14:15 - 2014-07-03 14:15 - 00007099 _____ () C:\Users\Aga\Desktop\Mwbp.txt

2014-07-03 14:13 - 2014-07-03 14:13 - 00008629 _____ () C:\Users\Aga\Desktop\AdwCleaner[S0].txt

2014-07-03 14:13 - 2014-07-01 18:28 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-07-03 14:12 - 2014-07-03 14:12 - 00000310 _____ () C:\Windows\PFRO.log

2014-07-03 14:12 - 2011-09-14 17:23 - 00000000 ____D () C:\ProgramData\NVIDIA

2014-07-03 14:12 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-07-03 14:12 - 2006-11-02 14:47 - 00004112 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

2014-07-03 14:12 - 2006-11-02 14:47 - 00004112 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

2014-07-03 14:11 - 2014-07-03 13:16 - 00000000 ____D () C:\AdwCleaner

2014-07-03 14:11 - 2006-11-02 15:01 - 00032538 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

2014-07-03 14:09 - 2014-07-03 14:09 - 00008568 _____ () C:\Users\AdwCleaner[R0].txt

2014-07-03 13:57 - 2014-07-03 13:57 - 00001176 _____ () C:\Malwarebytes Anti-Malware.lnk

2014-07-03 13:54 - 2014-03-05 17:11 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-07-03 13:37 - 2012-12-16 17:25 - 00000000 ____D () C:\Program Files\Amazon

2014-07-03 13:17 - 2014-07-03 13:17 - 01016261 _____ (Thisisu) C:\Users\Aga\Downloads\JRT (1).exe

2014-07-03 13:16 - 2014-07-03 13:16 - 01346519 _____ () C:\Users\Aga\Downloads\adwcleaner_3.214 (1).exe

2014-07-02 15:15 - 2014-07-02 15:06 - 00000000 ____D () C:\ComboFix

2014-07-02 15:14 - 2014-07-02 15:14 - 00010518 _____ () C:\ComboFix.txt

2014-07-02 15:14 - 2014-07-02 14:43 - 00000000 ____D () C:\Qoobox

2014-07-02 15:13 - 2006-11-02 12:23 - 00000215 _____ () C:\Windows\system.ini

2014-07-02 14:57 - 2006-11-02 13:18 - 00000000 __RHD () C:\Users\Default

2014-07-02 14:57 - 2006-11-02 13:18 - 00000000 ___RD () C:\Users\Public

2014-07-02 14:56 - 2014-07-02 14:43 - 00000000 ____D () C:\Windows\erdnt

2014-07-02 14:53 - 2014-07-01 18:44 - 00000000 ____D () C:\ProgramData\TEMP

2014-07-02 14:37 - 2014-07-02 14:36 - 05212874 ____R (Swearware) C:\Users\Aga\Downloads\ComboFix.exe

2014-07-02 13:57 - 2014-07-02 13:57 - 00001017 _____ () C:\Users\Aga\Desktop\Revo Uninstaller.lnk

2014-07-02 13:57 - 2014-07-02 13:57 - 00000000 ____D () C:\Program Files\VS Revo Group

2014-07-02 13:57 - 2014-07-02 13:56 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Aga\Downloads\revosetup95.exe

2014-07-01 21:51 - 2014-07-01 21:46 - 00032323 _____ () C:\Users\Aga\Downloads\FRST.txt

2014-07-01 21:51 - 2014-07-01 21:46 - 00028852 _____ () C:\Users\Aga\Downloads\Addition.txt

2014-07-01 21:45 - 2014-07-01 21:45 - 01073664 _____ (Farbar) C:\Users\Aga\Downloads\FRST (1).exe

2014-07-01 21:43 - 2014-07-03 14:23 - 01073664 _____ (Farbar) C:\Users\Aga\Desktop\FRST.exe

2014-07-01 21:43 - 2014-07-01 21:43 - 01073664 _____ (Farbar) C:\Users\Aga\Downloads\FRST.exe

2014-07-01 21:02 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\Microsoft.NET

2014-07-01 20:16 - 2011-09-15 09:35 - 00001060 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-423745193-3980066226-3922103518-1000Core.job

2014-07-01 19:01 - 2011-10-22 11:25 - 00000000 ____D () C:\Users\Aga\Desktop\All

2014-07-01 18:56 - 2013-04-20 21:35 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware

2014-07-01 18:52 - 2014-07-01 18:52 - 00448512 _____ (OldTimer Tools) C:\Users\Aga\Downloads\TFC.exe

2014-07-01 18:47 - 2014-07-01 18:44 - 00000000 ____D () C:\Program Files\SpywareBlaster

2014-07-01 18:44 - 2014-07-01 18:44 - 00000836 _____ () C:\Users\Public\Desktop\SpywareBlaster.lnk

2014-07-01 18:44 - 2014-07-01 18:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster

2014-07-01 18:44 - 2014-07-01 18:44 - 00000000 ____D () C:\ProgramData\Licenses

2014-07-01 18:43 - 2014-07-01 18:43 - 04095448 _____ (BrightFort LLC ) C:\Users\Aga\Downloads\spywareblastersetup50.exe

2014-07-01 18:40 - 2014-07-01 18:39 - 00895120 _____ (Google Inc.) C:\Users\Aga\Downloads\ChromeSetup.exe

2014-07-01 18:35 - 2014-07-01 18:35 - 01346519 _____ () C:\Users\Aga\Downloads\adwcleaner_3.214.exe

2014-07-01 18:35 - 2014-07-01 18:35 - 01016261 _____ (Thisisu) C:\Users\Aga\Downloads\JRT.exe

2014-07-01 18:32 - 2008-01-21 09:16 - 01588036 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-07-01 18:28 - 2014-07-01 18:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-07-01 18:28 - 2014-07-01 18:28 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware

2014-07-01 18:28 - 2013-04-23 22:11 - 00000859 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-07-01 18:28 - 2013-04-20 21:35 - 00000000 ____D () C:\Users\Aga\AppData\Roaming\Malwarebytes

2014-07-01 18:28 - 2013-04-20 21:35 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-07-01 17:55 - 2014-07-01 17:55 - 00023064 _____ () C:\Users\Aga\Documents\cc_20140701_175512.reg

2014-07-01 17:55 - 2014-07-01 17:55 - 00000332 _____ () C:\Users\Aga\Documents\cc_20140701_175529.reg

2014-07-01 17:52 - 2011-09-15 10:04 - 00000764 _____ () C:\Users\Public\Desktop\CCleaner.lnk

2014-07-01 17:52 - 2011-09-15 10:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner

2014-07-01 17:52 - 2011-09-15 10:04 - 00000000 ____D () C:\Program Files\CCleaner

2014-07-01 17:50 - 2014-07-01 17:50 - 04812672 _____ (Piriform Ltd) C:\Users\Aga\Downloads\ccsetup415.exe

2014-07-01 17:46 - 2014-07-01 17:46 - 00000000 ____D () C:\Users\Aga\AppData\Roaming\DropboxMaster

2014-07-01 17:46 - 2014-07-01 17:43 - 00000000 ____D () C:\Users\Aga\AppData\Roaming\Dropbox

2014-07-01 17:45 - 2014-07-01 17:45 - 00000000 ____D () C:\Users\Aga\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

2014-07-01 17:45 - 2014-07-01 17:45 - 00000000 ____D () C:\Program Files\Dropbox

2014-07-01 17:33 - 2013-04-21 15:44 - 00002425 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk

2014-07-01 17:28 - 2014-07-01 17:28 - 00000000 ____D () C:\ProgramData\Oracle

2014-07-01 17:28 - 2014-07-01 17:28 - 00000000 ____D () C:\Program Files\Common Files\Java

2014-07-01 17:27 - 2014-07-01 17:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2014-07-01 17:27 - 2014-07-01 17:23 - 00004126 _____ () C:\Windows\system32\jupdate-1.7.0_60-b19.log

2014-07-01 17:27 - 2014-01-19 17:34 - 00000000 ____D () C:\Program Files\Java

2014-07-01 17:23 - 2014-03-12 23:01 - 00000000 ____D () C:\Program Files\Mozilla Firefox

2014-07-01 17:23 - 2013-02-04 19:33 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service

2014-07-01 17:23 - 2011-09-15 09:40 - 00000818 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

2014-07-01 17:23 - 2011-09-15 09:40 - 00000806 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk

2014-07-01 17:21 - 2014-07-01 17:21 - 00284288 _____ (Mozilla) C:\Users\Aga\Downloads\Firefox Setup Stub 30.0.exe

2014-07-01 17:20 - 2014-03-05 17:11 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe

2014-07-01 17:20 - 2014-03-05 17:11 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl

2014-07-01 17:19 - 2014-07-01 17:19 - 00918952 _____ (Oracle Corporation) C:\Users\Aga\Downloads\chromeinstall-7u60.exe

2014-07-01 17:17 - 2013-11-26 17:39 - 00001873 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk

2014-07-01 17:16 - 2014-07-01 17:16 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr

2014-07-01 17:16 - 2014-07-01 17:16 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys

2014-07-01 17:16 - 2013-11-26 17:38 - 00779536 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys

2014-07-01 17:16 - 2013-11-26 17:38 - 00414392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys

2014-07-01 17:16 - 2013-11-26 17:38 - 00276432 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe

2014-07-01 17:16 - 2013-11-26 17:38 - 00192352 _____ () C:\Windows\system32\Drivers\aswVmm.sys

2014-07-01 17:16 - 2013-11-26 17:38 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys

2014-07-01 17:16 - 2013-11-26 17:38 - 00057800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys

2014-07-01 17:16 - 2013-11-26 17:38 - 00055112 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys

2014-07-01 17:16 - 2013-11-26 17:38 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys

2014-07-01 17:12 - 2013-04-21 15:33 - 00000000 ____D () C:\Program Files\Common Files\Adobe AIR

2014-07-01 17:09 - 2014-07-01 17:08 - 18732144 _____ (Adobe Systems Inc.) C:\Users\Aga\Downloads\AdobeAIRInstaller (1).exe

2014-07-01 17:07 - 2014-07-01 17:07 - 01179085 _____ () C:\Users\Aga\Downloads\7z934.exe

2014-06-28 20:26 - 2011-09-15 09:36 - 00002024 _____ () C:\Users\Aga\Desktop\Google Chrome.lnk

2014-06-28 20:09 - 2013-11-26 17:46 - 00000000 ____D () C:\Windows\system32\MRT
 

Some content of TEMP:

====================

C:\Users\Aga\AppData\Local\temp\Quarantine.exe
 
 

==================== Bamital & volsnap Check =================
 

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\system32\winlogon.exe => File is digitally signed

C:\Windows\system32\wininit.exe => File is digitally signed

C:\Windows\system32\svchost.exe => File is digitally signed

C:\Windows\system32\services.exe => File is digitally signed

C:\Windows\system32\User32.dll => File is digitally signed

C:\Windows\system32\userinit.exe => File is digitally signed

C:\Windows\system32\rpcss.dll => File is digitally signed

C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 

LastRegBack: 2014-07-03 14:18
 

==================== End Of Log ============================

--- --- ---

--- --- ---

Ich habe eben bemerkt dass ich den Addition.txt. vergessen habe hinzuzufügen so poste ich nochmal FRST.txt und Addition.txt. :

FRST Logfile:

FRST Logfile:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:29-06-2014

Ran by Aga (administrator) on MARCIN-PC on 03-07-2014 22:59:37

Running from C:\Users\Aga\Desktop\PC Bereinigung

Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: Deutsch (Deutschland)

Internet Explorer Version 9

Boot Mode: Normal
 
 
 

==================== Processes (Whitelisted) =================
 

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(SANDBOXIE L.T.D) C:\Program Files\Sandboxie\SbieSvc.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe

(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe

(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe

() C:\Windows\System32\PnkBstrA.exe

(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE

(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE

(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe

(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe

(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe

(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
 
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432 2014-07-01] (AVAST Software)

HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)

ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)

ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File

ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File

ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File

ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xBF4129600C73CC01

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de

SearchScopes: HKLM - DefaultScope value is missing.

BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)

BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Toolbar: HKLM - No Name - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} -  No File

Toolbar: HKCU - No Name - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} -  No File

Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
 

FireFox:

========

FF ProfilePath: C:\Users\Aga\AppData\Roaming\Mozilla\Firefox\Profiles\nycp6mbp.default

FF NewTab: hxxp://www.google.com/firefox

FF SearchEngineOrder.1: Google

FF SelectedSearchEngine: Google

FF Homepage: https://www.google.de/

FF Keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_125.dll ()

FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1209149.dll (Adobe Systems, Inc.)

FF Plugin: @java.com/DTPlugin,version=10.60.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)

FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File

FF Plugin: @real.com/nppl3260;version=6.0.12.448 - C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.)

FF Plugin: @real.com/nprpjplug;version=6.0.12.448 - C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)

FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin: @videolan.org/vlc,version=2.0.6 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Aga\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Aga\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Aga\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF SearchPlugin: C:\Users\Aga\AppData\Roaming\Mozilla\Firefox\Profiles\nycp6mbp.default\searchplugins\amazon-distro.xml

FF SearchPlugin: C:\Users\Aga\AppData\Roaming\Mozilla\Firefox\Profiles\nycp6mbp.default\searchplugins\englische-ergebnisse.xml

FF SearchPlugin: C:\Users\Aga\AppData\Roaming\Mozilla\Firefox\Profiles\nycp6mbp.default\searchplugins\gmx-suche.xml

FF SearchPlugin: C:\Users\Aga\AppData\Roaming\Mozilla\Firefox\Profiles\nycp6mbp.default\searchplugins\lastminute.xml

FF SearchPlugin: C:\Users\Aga\AppData\Roaming\Mozilla\Firefox\Profiles\nycp6mbp.default\searchplugins\webde-suche.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml

FF Extension: FoxyDeal - C:\Users\Aga\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{F58A62EB-38DC-43C4-A539-DC52E135208D} [2013-04-21]

FF Extension: Anti-Banner - C:\Program Files\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak2 [2014-03-12]

FF Extension: Modul zur Link-Untersuchung - C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak2 [2014-03-12]

FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-03-12]

FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension

FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2011-09-19]

FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF

FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-11-26]
 

Chrome: 

=======

CHR HomePage: 

CHR StartupUrls: "https://www.google.de/"

CHR Extension: (WOT) - C:\Users\Aga\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2014-07-01]

CHR Extension: (Adblock Plus) - C:\Users\Aga\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-07-01]

CHR Extension: (avast! Online Security) - C:\Users\Aga\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-11-26]

CHR Extension: (Skype Click to Call) - C:\Users\Aga\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-03-12]

CHR Extension: (Google Wallet) - C:\Users\Aga\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-24]

CHR Extension: (Auto Refresh Plus) - C:\Users\Aga\AppData\Local\Google\Chrome\User Data\Default\Extensions\oilipfekkmncanaajkapbpancpelijih [2014-07-02]

CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-01]

CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-01-17]

CHR StartMenuInternet: Google Chrome - C:\Users\Aga\AppData\Local\Google\Chrome\Application\chrome.exe

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 

========================== Services (Whitelisted) =================
 

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-01] (AVAST Software)

R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)

R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)

R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2013-03-03] ()

R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [85776 2012-12-16] (SANDBOXIE L.T.D)
 

==================== Drivers (Whitelisted) ====================
 

R2 ACEDRV07; C:\Windows\system32\drivers\ACEDRV07.sys [101376 2011-12-11] (Protect Software GmbH) [File not signed]

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-07-01] ()

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-07-01] (AVAST Software)

R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [55112 2014-07-01] (AVAST Software)

R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-07-01] ()

R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [779536 2014-07-01] (AVAST Software)

R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [414392 2014-07-01] (AVAST Software)

R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57800 2014-07-01] (AVAST Software)

R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [192352 2014-07-01] ()

S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)

R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-07-03] (Malwarebytes Corporation)

R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-05-12] (Malwarebytes Corporation)

R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [7680 2006-10-18] ()

R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [157776 2012-12-16] (SANDBOXIE L.T.D)

U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)

S3 catchme; \??\C:\Users\Aga\AppData\Local\Temp\catchme.sys [X]

S3 IpInIp; system32\DRIVERS\ipinip.sys [X]

S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]

S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

S3 XDva397; \??\C:\Windows\system32\XDva397.sys [X]
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2014-07-03 22:46 - 2014-07-03 22:46 - 00000034 _____ () C:\Windows\setupact.log

2014-07-03 22:46 - 2014-07-03 22:46 - 00000000 _____ () C:\Windows\setuperr.log

2014-07-03 16:01 - 2014-07-03 22:59 - 00000000 ____D () C:\Users\Aga\Desktop\PC Bereinigung

2014-07-03 14:12 - 2014-07-03 14:12 - 00000310 _____ () C:\Windows\PFRO.log

2014-07-03 14:09 - 2014-07-03 14:09 - 00008568 _____ () C:\Users\AdwCleaner[R0].txt

2014-07-03 14:03 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll

2014-07-03 13:57 - 2014-07-03 13:57 - 00001176 _____ () C:\Malwarebytes Anti-Malware.lnk

2014-07-03 13:17 - 2014-07-03 13:17 - 01016261 _____ (Thisisu) C:\Users\Aga\Downloads\JRT (1).exe

2014-07-03 13:16 - 2014-07-03 14:11 - 00000000 ____D () C:\AdwCleaner

2014-07-03 13:16 - 2014-07-03 13:16 - 01346519 _____ () C:\Users\Aga\Downloads\adwcleaner_3.214 (1).exe

2014-07-02 15:14 - 2014-07-02 15:14 - 00010518 _____ () C:\ComboFix.txt

2014-07-02 15:06 - 2014-07-02 15:15 - 00000000 ____D () C:\ComboFix

2014-07-02 14:45 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe

2014-07-02 14:45 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe

2014-07-02 14:45 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe

2014-07-02 14:45 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe

2014-07-02 14:45 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe

2014-07-02 14:45 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe

2014-07-02 14:45 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe

2014-07-02 14:45 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe

2014-07-02 14:43 - 2014-07-02 15:14 - 00000000 ____D () C:\Qoobox

2014-07-02 14:43 - 2014-07-02 14:56 - 00000000 ____D () C:\Windows\erdnt

2014-07-02 14:36 - 2014-07-02 14:37 - 05212874 ____R (Swearware) C:\Users\Aga\Downloads\ComboFix.exe

2014-07-02 13:57 - 2014-07-02 13:57 - 00000000 ____D () C:\Program Files\VS Revo Group

2014-07-02 13:56 - 2014-07-02 13:57 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Aga\Downloads\revosetup95.exe

2014-07-01 21:46 - 2014-07-01 21:51 - 00032323 _____ () C:\Users\Aga\Downloads\FRST.txt

2014-07-01 21:46 - 2014-07-01 21:51 - 00028852 _____ () C:\Users\Aga\Downloads\Addition.txt

2014-07-01 21:45 - 2014-07-03 22:59 - 00000000 ____D () C:\FRST

2014-07-01 21:45 - 2014-07-01 21:45 - 01073664 _____ (Farbar) C:\Users\Aga\Downloads\FRST (1).exe

2014-07-01 21:43 - 2014-07-01 21:43 - 01073664 _____ (Farbar) C:\Users\Aga\Downloads\FRST.exe

2014-07-01 18:52 - 2014-07-01 18:52 - 00448512 _____ (OldTimer Tools) C:\Users\Aga\Downloads\TFC.exe

2014-07-01 18:44 - 2014-07-02 14:53 - 00000000 ____D () C:\ProgramData\TEMP

2014-07-01 18:44 - 2014-07-01 18:47 - 00000000 ____D () C:\Program Files\SpywareBlaster

2014-07-01 18:44 - 2014-07-01 18:44 - 00000836 _____ () C:\Users\Public\Desktop\SpywareBlaster.lnk

2014-07-01 18:44 - 2014-07-01 18:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster

2014-07-01 18:44 - 2014-07-01 18:44 - 00000000 ____D () C:\ProgramData\Licenses

2014-07-01 18:43 - 2014-07-01 18:43 - 04095448 _____ (BrightFort LLC ) C:\Users\Aga\Downloads\spywareblastersetup50.exe

2014-07-01 18:39 - 2014-07-01 18:40 - 00895120 _____ (Google Inc.) C:\Users\Aga\Downloads\ChromeSetup.exe

2014-07-01 18:35 - 2014-07-01 18:35 - 01346519 _____ () C:\Users\Aga\Downloads\adwcleaner_3.214.exe

2014-07-01 18:35 - 2014-07-01 18:35 - 01016261 _____ (Thisisu) C:\Users\Aga\Downloads\JRT.exe

2014-07-01 18:28 - 2014-07-03 22:49 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-07-01 18:28 - 2014-07-01 18:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-07-01 18:28 - 2014-07-01 18:28 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware

2014-07-01 18:28 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2014-07-01 18:28 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-07-01 17:55 - 2014-07-01 17:55 - 00023064 _____ () C:\Users\Aga\Documents\cc_20140701_175512.reg

2014-07-01 17:55 - 2014-07-01 17:55 - 00000332 _____ () C:\Users\Aga\Documents\cc_20140701_175529.reg

2014-07-01 17:50 - 2014-07-01 17:50 - 04812672 _____ (Piriform Ltd) C:\Users\Aga\Downloads\ccsetup415.exe

2014-07-01 17:46 - 2014-07-01 17:46 - 00000000 ____D () C:\Users\Aga\AppData\Roaming\DropboxMaster

2014-07-01 17:45 - 2014-07-01 17:45 - 00000000 ____D () C:\Users\Aga\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

2014-07-01 17:45 - 2014-07-01 17:45 - 00000000 ____D () C:\Program Files\Dropbox

2014-07-01 17:43 - 2014-07-01 17:46 - 00000000 ____D () C:\Users\Aga\AppData\Roaming\Dropbox

2014-07-01 17:28 - 2014-07-01 17:28 - 00000000 ____D () C:\ProgramData\Oracle

2014-07-01 17:28 - 2014-07-01 17:28 - 00000000 ____D () C:\Program Files\Common Files\Java

2014-07-01 17:28 - 2014-05-07 14:59 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe

2014-07-01 17:27 - 2014-07-01 17:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2014-07-01 17:27 - 2014-05-07 15:02 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll

2014-07-01 17:27 - 2014-05-07 14:59 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe

2014-07-01 17:27 - 2014-05-07 14:58 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe

2014-07-01 17:23 - 2014-07-01 17:27 - 00004126 _____ () C:\Windows\system32\jupdate-1.7.0_60-b19.log

2014-07-01 17:21 - 2014-07-01 17:21 - 00284288 _____ (Mozilla) C:\Users\Aga\Downloads\Firefox Setup Stub 30.0.exe

2014-07-01 17:19 - 2014-07-01 17:19 - 00918952 _____ (Oracle Corporation) C:\Users\Aga\Downloads\chromeinstall-7u60.exe

2014-07-01 17:16 - 2014-07-01 17:16 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr

2014-07-01 17:16 - 2014-07-01 17:16 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys

2014-07-01 17:08 - 2014-07-01 17:09 - 18732144 _____ (Adobe Systems Inc.) C:\Users\Aga\Downloads\AdobeAIRInstaller (1).exe

2014-07-01 17:07 - 2014-07-01 17:07 - 01179085 _____ () C:\Users\Aga\Downloads\7z934.exe

2014-06-28 20:09 - 2014-04-26 18:01 - 00502784 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll

2014-06-28 20:09 - 2014-04-05 05:23 - 00915392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys

2014-06-28 20:09 - 2014-04-05 03:49 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys

2014-06-28 20:09 - 2014-03-25 15:26 - 11587584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll

2014-06-28 20:09 - 2014-03-10 03:22 - 01401344 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll

2014-06-28 20:09 - 2014-03-10 03:22 - 01248768 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll

2014-06-28 20:08 - 2014-05-28 18:48 - 12356608 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-06-28 20:08 - 2014-05-28 18:39 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-06-28 20:08 - 2014-05-28 18:38 - 09711104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-06-28 20:08 - 2014-05-28 18:33 - 01106432 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-06-28 20:08 - 2014-05-28 18:32 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-06-28 20:08 - 2014-05-28 18:32 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-06-28 20:08 - 2014-05-28 18:31 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll

2014-06-28 20:08 - 2014-05-28 18:31 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-06-28 20:08 - 2014-05-28 18:30 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-06-28 20:08 - 2014-05-28 18:30 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2014-06-28 20:08 - 2014-05-28 18:30 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-06-28 20:08 - 2014-05-28 18:30 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-06-28 20:08 - 2014-05-28 18:30 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-06-28 20:08 - 2014-05-28 18:30 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-06-28 20:08 - 2014-05-28 18:30 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll

2014-06-28 20:08 - 2014-05-28 18:29 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-06-28 20:08 - 2014-05-28 18:29 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-06-28 20:08 - 2014-05-28 18:29 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-06-28 20:08 - 2014-05-28 18:29 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe

2014-06-28 20:08 - 2014-05-28 18:29 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe

2014-06-28 20:08 - 2014-05-28 18:28 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
 

==================== One Month Modified Files and Folders =======
 

2014-07-03 22:59 - 2014-07-03 16:01 - 00000000 ____D () C:\Users\Aga\Desktop\PC Bereinigung

2014-07-03 22:59 - 2014-07-01 21:45 - 00000000 ____D () C:\FRST

2014-07-03 22:54 - 2014-03-05 17:11 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-07-03 22:49 - 2014-07-01 18:28 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-07-03 22:48 - 2011-09-15 12:11 - 01100404 _____ () C:\Windows\WindowsUpdate.log

2014-07-03 22:46 - 2014-07-03 22:46 - 00000034 _____ () C:\Windows\setupact.log

2014-07-03 22:46 - 2014-07-03 22:46 - 00000000 _____ () C:\Windows\setuperr.log

2014-07-03 22:44 - 2011-09-14 17:23 - 00000000 ____D () C:\ProgramData\NVIDIA

2014-07-03 22:44 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-07-03 22:44 - 2006-11-02 14:47 - 00004112 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

2014-07-03 22:44 - 2006-11-02 14:47 - 00004112 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

2014-07-03 16:47 - 2006-11-02 15:01 - 00032538 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

2014-07-03 16:16 - 2011-09-15 09:35 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-423745193-3980066226-3922103518-1000UA.job

2014-07-03 14:19 - 2013-04-21 15:01 - 00000000 ____D () C:\Windows\ERUNT

2014-07-03 14:12 - 2014-07-03 14:12 - 00000310 _____ () C:\Windows\PFRO.log

2014-07-03 14:11 - 2014-07-03 13:16 - 00000000 ____D () C:\AdwCleaner

2014-07-03 14:09 - 2014-07-03 14:09 - 00008568 _____ () C:\Users\AdwCleaner[R0].txt

2014-07-03 13:57 - 2014-07-03 13:57 - 00001176 _____ () C:\Malwarebytes Anti-Malware.lnk

2014-07-03 13:37 - 2012-12-16 17:25 - 00000000 ____D () C:\Program Files\Amazon

2014-07-03 13:17 - 2014-07-03 13:17 - 01016261 _____ (Thisisu) C:\Users\Aga\Downloads\JRT (1).exe

2014-07-03 13:16 - 2014-07-03 13:16 - 01346519 _____ () C:\Users\Aga\Downloads\adwcleaner_3.214 (1).exe

2014-07-02 15:15 - 2014-07-02 15:06 - 00000000 ____D () C:\ComboFix

2014-07-02 15:14 - 2014-07-02 15:14 - 00010518 _____ () C:\ComboFix.txt

2014-07-02 15:14 - 2014-07-02 14:43 - 00000000 ____D () C:\Qoobox

2014-07-02 15:13 - 2006-11-02 12:23 - 00000215 _____ () C:\Windows\system.ini

2014-07-02 14:57 - 2006-11-02 13:18 - 00000000 __RHD () C:\Users\Default

2014-07-02 14:57 - 2006-11-02 13:18 - 00000000 ___RD () C:\Users\Public

2014-07-02 14:56 - 2014-07-02 14:43 - 00000000 ____D () C:\Windows\erdnt

2014-07-02 14:53 - 2014-07-01 18:44 - 00000000 ____D () C:\ProgramData\TEMP

2014-07-02 14:37 - 2014-07-02 14:36 - 05212874 ____R (Swearware) C:\Users\Aga\Downloads\ComboFix.exe

2014-07-02 13:57 - 2014-07-02 13:57 - 00000000 ____D () C:\Program Files\VS Revo Group

2014-07-02 13:57 - 2014-07-02 13:56 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Aga\Downloads\revosetup95.exe

2014-07-01 21:51 - 2014-07-01 21:46 - 00032323 _____ () C:\Users\Aga\Downloads\FRST.txt

2014-07-01 21:51 - 2014-07-01 21:46 - 00028852 _____ () C:\Users\Aga\Downloads\Addition.txt

2014-07-01 21:45 - 2014-07-01 21:45 - 01073664 _____ (Farbar) C:\Users\Aga\Downloads\FRST (1).exe

2014-07-01 21:43 - 2014-07-01 21:43 - 01073664 _____ (Farbar) C:\Users\Aga\Downloads\FRST.exe

2014-07-01 21:02 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\Microsoft.NET

2014-07-01 20:16 - 2011-09-15 09:35 - 00001060 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-423745193-3980066226-3922103518-1000Core.job

2014-07-01 19:01 - 2011-10-22 11:25 - 00000000 ____D () C:\Users\Aga\Desktop\All

2014-07-01 18:56 - 2013-04-20 21:35 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware

2014-07-01 18:52 - 2014-07-01 18:52 - 00448512 _____ (OldTimer Tools) C:\Users\Aga\Downloads\TFC.exe

2014-07-01 18:47 - 2014-07-01 18:44 - 00000000 ____D () C:\Program Files\SpywareBlaster

2014-07-01 18:44 - 2014-07-01 18:44 - 00000836 _____ () C:\Users\Public\Desktop\SpywareBlaster.lnk

2014-07-01 18:44 - 2014-07-01 18:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster

2014-07-01 18:44 - 2014-07-01 18:44 - 00000000 ____D () C:\ProgramData\Licenses

2014-07-01 18:43 - 2014-07-01 18:43 - 04095448 _____ (BrightFort LLC ) C:\Users\Aga\Downloads\spywareblastersetup50.exe

2014-07-01 18:40 - 2014-07-01 18:39 - 00895120 _____ (Google Inc.) C:\Users\Aga\Downloads\ChromeSetup.exe

2014-07-01 18:35 - 2014-07-01 18:35 - 01346519 _____ () C:\Users\Aga\Downloads\adwcleaner_3.214.exe

2014-07-01 18:35 - 2014-07-01 18:35 - 01016261 _____ (Thisisu) C:\Users\Aga\Downloads\JRT.exe

2014-07-01 18:32 - 2008-01-21 09:16 - 01588036 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-07-01 18:28 - 2014-07-01 18:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-07-01 18:28 - 2014-07-01 18:28 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware

2014-07-01 18:28 - 2013-04-23 22:11 - 00000859 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-07-01 18:28 - 2013-04-20 21:35 - 00000000 ____D () C:\Users\Aga\AppData\Roaming\Malwarebytes

2014-07-01 18:28 - 2013-04-20 21:35 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-07-01 17:55 - 2014-07-01 17:55 - 00023064 _____ () C:\Users\Aga\Documents\cc_20140701_175512.reg

2014-07-01 17:55 - 2014-07-01 17:55 - 00000332 _____ () C:\Users\Aga\Documents\cc_20140701_175529.reg

2014-07-01 17:52 - 2011-09-15 10:04 - 00000764 _____ () C:\Users\Public\Desktop\CCleaner.lnk

2014-07-01 17:52 - 2011-09-15 10:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner

2014-07-01 17:52 - 2011-09-15 10:04 - 00000000 ____D () C:\Program Files\CCleaner

2014-07-01 17:50 - 2014-07-01 17:50 - 04812672 _____ (Piriform Ltd) C:\Users\Aga\Downloads\ccsetup415.exe

2014-07-01 17:46 - 2014-07-01 17:46 - 00000000 ____D () C:\Users\Aga\AppData\Roaming\DropboxMaster

2014-07-01 17:46 - 2014-07-01 17:43 - 00000000 ____D () C:\Users\Aga\AppData\Roaming\Dropbox

2014-07-01 17:45 - 2014-07-01 17:45 - 00000000 ____D () C:\Users\Aga\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

2014-07-01 17:45 - 2014-07-01 17:45 - 00000000 ____D () C:\Program Files\Dropbox

2014-07-01 17:33 - 2013-04-21 15:44 - 00002425 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk

2014-07-01 17:28 - 2014-07-01 17:28 - 00000000 ____D () C:\ProgramData\Oracle

2014-07-01 17:28 - 2014-07-01 17:28 - 00000000 ____D () C:\Program Files\Common Files\Java

2014-07-01 17:27 - 2014-07-01 17:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2014-07-01 17:27 - 2014-07-01 17:23 - 00004126 _____ () C:\Windows\system32\jupdate-1.7.0_60-b19.log

2014-07-01 17:27 - 2014-01-19 17:34 - 00000000 ____D () C:\Program Files\Java

2014-07-01 17:23 - 2014-03-12 23:01 - 00000000 ____D () C:\Program Files\Mozilla Firefox

2014-07-01 17:23 - 2013-02-04 19:33 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service

2014-07-01 17:23 - 2011-09-15 09:40 - 00000818 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

2014-07-01 17:23 - 2011-09-15 09:40 - 00000806 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk

2014-07-01 17:21 - 2014-07-01 17:21 - 00284288 _____ (Mozilla) C:\Users\Aga\Downloads\Firefox Setup Stub 30.0.exe

2014-07-01 17:20 - 2014-03-05 17:11 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe

2014-07-01 17:20 - 2014-03-05 17:11 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl

2014-07-01 17:19 - 2014-07-01 17:19 - 00918952 _____ (Oracle Corporation) C:\Users\Aga\Downloads\chromeinstall-7u60.exe

2014-07-01 17:17 - 2013-11-26 17:39 - 00001873 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk

2014-07-01 17:16 - 2014-07-01 17:16 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr

2014-07-01 17:16 - 2014-07-01 17:16 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys

2014-07-01 17:16 - 2013-11-26 17:38 - 00779536 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys

2014-07-01 17:16 - 2013-11-26 17:38 - 00414392 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys

2014-07-01 17:16 - 2013-11-26 17:38 - 00276432 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe

2014-07-01 17:16 - 2013-11-26 17:38 - 00192352 _____ () C:\Windows\system32\Drivers\aswVmm.sys

2014-07-01 17:16 - 2013-11-26 17:38 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys

2014-07-01 17:16 - 2013-11-26 17:38 - 00057800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys

2014-07-01 17:16 - 2013-11-26 17:38 - 00055112 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys

2014-07-01 17:16 - 2013-11-26 17:38 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys

2014-07-01 17:12 - 2013-04-21 15:33 - 00000000 ____D () C:\Program Files\Common Files\Adobe AIR

2014-07-01 17:09 - 2014-07-01 17:08 - 18732144 _____ (Adobe Systems Inc.) C:\Users\Aga\Downloads\AdobeAIRInstaller (1).exe

2014-07-01 17:07 - 2014-07-01 17:07 - 01179085 _____ () C:\Users\Aga\Downloads\7z934.exe

2014-06-28 20:26 - 2011-09-15 09:36 - 00002024 _____ () C:\Users\Aga\Desktop\Google Chrome.lnk

2014-06-28 20:09 - 2013-11-26 17:46 - 00000000 ____D () C:\Windows\system32\MRT
 

==================== Bamital & volsnap Check =================
 

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\system32\winlogon.exe => File is digitally signed

C:\Windows\system32\wininit.exe => File is digitally signed

C:\Windows\system32\svchost.exe => File is digitally signed

C:\Windows\system32\services.exe => File is digitally signed

C:\Windows\system32\User32.dll => File is digitally signed

C:\Windows\system32\userinit.exe => File is digitally signed

C:\Windows\system32\rpcss.dll => File is digitally signed

C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 

LastRegBack: 2014-07-03 22:50
 

==================== End Of Log ============================

--- --- ---

--- --- ---

--- --- ---

Code:

Additional scan result of Farbar Recovery Scan Tool (x86) Version:29-06-2014

Ran by Aga at 2014-07-03 23:00:05

Running from C:\Users\Aga\Desktop\PC Bereinigung

Boot Mode: Normal

==========================================================
 
 

==================== Security Center ========================
 

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 

==================== Installed Programs ======================
 

7-Zip 9.34 alpha (HKLM\...\7-Zip) (Version:  - )

Adobe AIR (HKLM\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)

Adobe AIR (Version: 14.0.0.110 - Adobe Systems Incorporated) Hidden

Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)

Adobe Reader XI (11.0.07)  MUI (HKLM\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)

Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.9.149 - Adobe Systems, Inc.)

avast! Free Antivirus (HKLM\...\Avast) (Version: 9.0.2021 - AVAST Software)

Camtasia Studio 7 (HKLM\...\{DE042823-C359-4B87-B66B-308057E8B6AF}) (Version: 7.0.1 - TechSmith Corporation)

CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)

Cheat Engine 6.3 (HKLM\...\Cheat Engine 6.3_is1) (Version:  - Cheat Engine)

D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden

Dropbox (HKCU\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)

ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version:  - )

F1 2011 (HKLM\...\GFWL_{434D0FA1-3E0C-4D03-A5D4-5E1000008100}) (Version: 1.0.0000.129 - Codemasters)

F1 2011 (Version: 1.0.0000.129 - Codemasters) Hidden

Google Chrome (HKCU\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)

Grand Theft Auto IV (Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden

HxD Hex Editor version 1.7.7.0 (HKLM\...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Maël Hörz)

Java 7 Update 60 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.600 - Oracle)

Java Auto Updater (Version: 2.1.60.19 - Oracle, Inc.) Hidden

JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)

Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

League of Legends (HKLM\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )

League of Legends (Version: 3.0.1 - Riot Games ) Hidden

Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)

Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)

Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden

Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)

Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden

Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)

Microsoft Games for Windows Marketplace (HKLM\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)

Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)

Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)

Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)

Microsoft Office Small Business Edition 2003 (HKLM\...\{91CA0407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)

Microsoft XNA Framework Redistributable 4.0 (HKLM\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)

Mozilla Firefox 30.0 (x86 de) (HKLM\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)

Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)

MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden

MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden

Notepad++ (HKLM\...\Notepad++) (Version: 5.9.8 - )

NVIDIA 3D Vision Controller Driver (Version: 280.19 - NVIDIA Corporation) Hidden

NVIDIA 3D Vision Controller-Treiber 280.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 280.19 - NVIDIA Corporation)

NVIDIA 3D Vision Treiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)

NVIDIA Grafiktreiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)

NVIDIA Install Application (Version: 2.1002.108.688 - NVIDIA Corporation) Hidden

NVIDIA PhysX (Version: 9.10.0514 - NVIDIA Corporation) Hidden

NVIDIA PhysX-Systemsoftware 9.10.0514 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.10.0514 - NVIDIA Corporation)

NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.1106 - NVIDIA Corporation) Hidden

NVIDIA Systemsteuerung 311.06 (Version: 311.06 - NVIDIA Corporation) Hidden

NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)

NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden

QuickShare (HKLM\...\{55532499-5676-4DAE-9A57-AEB907A0A1DD}) (Version: 1.6.1.714 - Linkury Inc.) <==== ATTENTION

Realtek 8136 8168 8169 Ethernet Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0005 - Realtek)

Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)

RMFon (HKLM\...\{9A958D2C-4D3D-44CD-8834-AFB85F5C4467}_is1) (Version: 1.3 - Radio Muzyka Fakty sp. z o.o.)

Sandboxie 3.76 (32-bit) (HKLM\...\Sandboxie) (Version: 3.76 - SANDBOXIE L.T.D)

Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden

Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.9.9216 - Skype Technologies S.A.)

Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)

SpywareBlaster 5.0 (HKLM\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)

STRIKE FX GAMEPAD (HKLM\...\{FEC7CD2E-2BB5-40C3-9592-078F64677E6C}) (Version: 1.00.0000 - GASIA)

swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden

Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)

Vista Codec Package (HKLM\...\{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}) (Version: 5.7.9 - Shark007)

VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)

Wallpaper SlideShow LT 1.5.1 (HKLM\...\{58A49B80-2595-4C9D-B3EB-261E68A2C4D1}_is1) (Version:  - Gianpaolo Bottin)

Windows Live Communications Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)

Windows Live Essentials (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Family Safety (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden

Windows Live Fotogalerie (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden

Windows Live Installer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Mail (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Mesh (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Mesh ActiveX control for remote connections (HKLM\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)

Windows Live Messenger (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden

Windows Live Messenger Companion Core (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Movie Maker (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Photo Common (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Photo Gallery (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live PIMT Platform (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live SOXE (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live SOXE Definitions (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live UX Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live UX Platform Language Pack (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live Writer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Writer Resources (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

WinRAR 5.01 beta 1 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.1 - win.rar GmbH)
 

==================== Restore Points  =========================
 

12-03-2014 21:59:04 Uniblue SpeedUpMyPC installation

12-03-2014 22:08:19 Windows Update

18-04-2014 12:39:26 Windows Update

28-06-2014 18:00:10 Windows Update

01-07-2014 14:55:25 Windows Update

01-07-2014 15:11:03 avast! antivirus system restore point

01-07-2014 15:21:08 Installed Java 7 Update 60

01-07-2014 15:45:39 TuneUp Utilities 2014 wird entfernt

01-07-2014 15:47:54 TuneUp Utilities 2014 (de-DE) wird entfernt
 

==================== Hosts content: ==========================
 

2006-11-02 12:23 - 2014-07-02 14:56 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost
 

==================== Scheduled Tasks (whitelisted) =============
 

Task: {1647F577-48F4-4F0A-A9B0-FCCD87167241} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)

Task: {1A594D74-99A1-4715-A7A0-78B35FED38DC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-01] (Adobe Systems Incorporated)

Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM

Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI

Task: {34C6CB05-00E7-4705-BB9F-506CE730A327} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2014-05-07] (Oracle Corporation)

Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages

Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)

Task: {4FF2761A-979E-49CD-BF8B-98056026F692} - System32\Tasks\Test TimeTrigger => C:\Users\Aga\AppData\Local\Temp\Runner.exe <==== ATTENTION

Task: {6B11EB07-2BAF-4D7B-AF95-DB4C7265429B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd)

Task: {970FD62F-5979-49FC-9FB4-2D897E96E1D2} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2008-01-21] (Microsoft Corporation)

Task: {9E4AB2AE-7D19-4A9D-9504-3DC96B16B8A2} - System32\Tasks\{6B23975A-5D65-46B7-AB38-D006542DCD95} => C:\Program Files\Skype\\Phone\Skype.exe [2013-11-18] (Skype Technologies S.A.)

Task: {C12F61A2-5D31-4B3A-8899-8023DDB641CE} - System32\Tasks\Google Updater and Installer => C:\Users\Aga\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-15] (Google Inc.)

Task: {D7B4206F-F952-405F-B7DE-0D09AE3516AF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-423745193-3980066226-3922103518-1000UA => C:\Users\Aga\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-15] (Google Inc.)

Task: {E13825F7-7290-42B5-9048-93A62808C17F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-423745193-3980066226-3922103518-1000Core => C:\Users\Aga\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-15] (Google Inc.)

Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()

Task: {EC5D604D-E7EC-43FA-BD2F-A3114AD1A6FE} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)

Task: {F34653EC-8074-4ABF-BEAB-C114A66788D1} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-01] (AVAST Software)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-423745193-3980066226-3922103518-1000Core.job => C:\Users\Aga\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-423745193-3980066226-3922103518-1000UA.job => C:\Users\Aga\AppData\Local\Google\Update\GoogleUpdate.exe
 

==================== Loaded Modules (whitelisted) =============
 

2014-04-17 21:42 - 2014-07-01 17:15 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll

2014-07-03 22:45 - 2014-07-03 22:45 - 02789888 _____ () C:\Program Files\AVAST Software\Avast\defs\14070301\algo.dll

2011-09-17 13:27 - 2013-03-03 18:02 - 00076888 _____ () C:\Windows\system32\PnkBstrA.exe

2013-11-26 17:38 - 2014-07-01 17:16 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
 

==================== Alternate Data Streams (whitelisted) =========
 

AlternateDataStreams: C:\ProgramData\TEMP:5C321E34
 

==================== Safe Mode (whitelisted) ===================
 
 

==================== EXE Association (whitelisted) =============
 
 

==================== MSCONFIG/TASK MANAGER disabled items =========
 
 

==================== Faulty Device Manager Devices =============
 

Name: Teredo Tunneling Pseudo-Interface

Description: Microsoft Tun-Miniportadapter

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: tunmp

Problem: : This device cannot start. (Code10)

Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.

On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (07/03/2014 10:46:35 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (07/03/2014 02:30:02 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (07/03/2014 02:26:47 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 

System errors:

=============

Error: (07/03/2014 10:47:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: NVIDIA Update Service Daemon%%1069
 

Error: (07/03/2014 10:47:29 PM) (Source: Service Control Manager) (EventID: 7038) (User: )

Description: nvUpdatusService.\UpdatusUser%%1330
 

Error: (07/03/2014 10:46:35 PM) (Source: Service Control Manager) (EventID: 7026) (User: )

Description: i8042prt
 

Error: (07/03/2014 10:45:00 PM) (Source: netbt) (EventID: 4321) (User: )

Description: Der Name "MARCIN-PC      :20" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.178.29

registriert werden. Der Computer mit IP-Adresse 192.168.178.21 hat nicht

zugelassen, dass dieser Computer diesen Namen verwendet.
 

Error: (07/03/2014 10:45:00 PM) (Source: Server) (EventID: 2505) (User: )

Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{EE72C859-98BF-4B4B-B736-43AD1E2D6359} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.
 

Error: (07/03/2014 10:44:57 PM) (Source: netbt) (EventID: 4321) (User: )

Description: Der Name "MARCIN-PC      :0" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.178.29

registriert werden. Der Computer mit IP-Adresse 192.168.178.21 hat nicht

zugelassen, dass dieser Computer diesen Namen verwendet.
 

Error: (07/03/2014 10:44:57 PM) (Source: netbt) (EventID: 4321) (User: )

Description: Der Name "MARCIN-PC      :0" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.178.29

registriert werden. Der Computer mit IP-Adresse 192.168.178.21 hat nicht

zugelassen, dass dieser Computer diesen Namen verwendet.
 

Error: (07/03/2014 02:32:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: NVIDIA Update Service Daemon%%1069
 

Error: (07/03/2014 02:32:05 PM) (Source: Service Control Manager) (EventID: 7038) (User: )

Description: nvUpdatusService.\UpdatusUser%%1330
 

Error: (07/03/2014 02:30:03 PM) (Source: Service Control Manager) (EventID: 7026) (User: )

Description: i8042prt
 
 

Microsoft Office Sessions:

=========================

Error: (07/03/2014 10:46:35 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (07/03/2014 02:30:02 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (07/03/2014 02:26:47 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 

CodeIntegrity Errors:

===================================

  Date: 2014-07-03 23:00:00.642

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-07-03 23:00:00.502

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-07-03 23:00:00.361

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-07-03 23:00:00.205

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-07-03 22:45:58.964

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-07-03 15:50:33.164

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-07-03 15:50:32.678

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-07-03 15:50:32.182

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-07-03 15:50:31.625

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-07-03 14:24:39.654

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 
 

==================== Memory info =========================== 
 

Percentage of memory in use: 29%

Total physical RAM: 3326.18 MB

Available physical RAM: 2352.94 MB

Total Pagefile: 6888.35 MB

Available Pagefile: 5939.18 MB

Total Virtual: 2047.88 MB

Available Virtual: 1919.54 MB
 

==================== Drives ================================
 

Drive c: () (Fixed) (Total:698.63 GB) (Free:483.17 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 699 GB) (Disk ID: 3C91DB17)

Partition 1: (Active) - (Size=699 GB) - (Type=07 NTFS)
 

==================== End Of Log ============================

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

Also alles durchgeführt , Bluescreen bis jetzt kam nicht mehr aber der PC ist noch etwas langsam aber schon besser.

Code:

ESETSmartInstaller@High as downloader log:

all ok

ESETSmartInstaller@High as downloader log:

all ok

ESETSmartInstaller@High as downloader log:

all ok

# version=8

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.6920

# api_version=3.0.2

# EOSSerial=4b0fc8e0dddb234898c01681906a0f5e

# engine=13661

# end=finished

# remove_checked=false

# archives_checked=true

# unwanted_checked=false

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2013-04-20 10:44:11

# local_time=2013-04-21 12:44:11 (+0100, Mitteleuropäische Sommerzeit)

# country="Germany"

# lang=1033

# osver=6.0.6002 NT Service Pack 2

# compatibility_mode=1799 16775165 100 97 9876 32074 2648 0

# compatibility_mode=5892 16776574 100 100 0 204030579 0 0

# scanned=240683

# found=1

# cleaned=0

# scan_time=8482

sh=1AFB97E6909518E228B181A5C98B72A35665D44A ft=0 fh=0000000000000000 vn="Win32/Adware.OneStep application" ac=I fn="C:\_OTL\MovedFiles\04202013_213119\C_PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{650EED71-89E2-453B-8DCF-2AA1B4AE6EF3}\chrome\dnsbasic.jar"

ESETSmartInstaller@High as downloader log:

all ok

# version=8

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.7587

# api_version=3.0.2

# EOSSerial=4b0fc8e0dddb234898c01681906a0f5e

# engine=19031

# end=stopped

# remove_checked=false

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=true

# antistealth_checked=true

# utc_time=2014-07-04 11:27:19

# local_time=2014-07-05 01:27:19 (+0100, Mitteleuropäische Sommerzeit)

# country="Germany"

# lang=1031

# osver=6.0.6002 NT Service Pack 2

# compatibility_mode_1='avast! Antivirus'

# compatibility_mode=783 16777213 100 97 287422 19039737 0 0

# compatibility_mode_1=''

# compatibility_mode=5892 16776573 100 100 2266 242049167 0 0

# scanned=60503

# found=2

# cleaned=0

# scan_time=1812

sh=B20B0BD8E5CDD280C5DC922FFD896DF50D208CB7 ft=1 fh=59ddf8c2c6946d84 vn="Variante von Win32/HackTool.CheatEngine.AB potenziell unsichere Anwendung" ac=I fn="C:\Program Files\Cheat Engine 6.3\cheatengine-i386.exe"

sh=860EFD5893E4DD4E820227B7DEAD144F974456AC ft=1 fh=c0b9ed8dfe12ffb8 vn="Variante von Win32/HackTool.CheatEngine.AF potenziell unsichere Anwendung" ac=I fn="C:\Program Files\Cheat Engine 6.3\standalonephase1.dat"

ESETSmartInstaller@High as downloader log:

all ok

# version=8

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.7587

# api_version=3.0.2

# EOSSerial=4b0fc8e0dddb234898c01681906a0f5e

# engine=19037

# end=finished

# remove_checked=false

# archives_checked=false

# unwanted_checked=true

# unsafe_checked=true

# antistealth_checked=true

# utc_time=2014-07-05 01:47:02

# local_time=2014-07-05 03:47:02 (+0100, Mitteleuropäische Sommerzeit)

# country="Germany"

# lang=1031

# osver=6.0.6002 NT Service Pack 2

# compatibility_mode_1='avast! Antivirus'

# compatibility_mode=783 16777213 100 97 339005 19091320 0 0

# compatibility_mode_1=''

# compatibility_mode=5892 16776574 100 100 53849 242100750 0 0

# scanned=239023

# found=17

# cleaned=0

# scan_time=3841

sh=B20B0BD8E5CDD280C5DC922FFD896DF50D208CB7 ft=1 fh=59ddf8c2c6946d84 vn="Variante von Win32/HackTool.CheatEngine.AB potenziell unsichere Anwendung" ac=I fn="C:\Program Files\Cheat Engine 6.3\cheatengine-i386.exe"

sh=860EFD5893E4DD4E820227B7DEAD144F974456AC ft=1 fh=c0b9ed8dfe12ffb8 vn="Variante von Win32/HackTool.CheatEngine.AF potenziell unsichere Anwendung" ac=I fn="C:\Program Files\Cheat Engine 6.3\standalonephase1.dat"

sh=FE9249DC2E4F0DC6DE3B17F99DB18FB15DE35294 ft=1 fh=3674938724bb7e81 vn="Win32/HackTool.Crack.BC potenziell unsichere Anwendung" ac=I fn="C:\Users\Aga\Desktop\All\Games\Grand Theft Auto IV\LaunchGTAIV.exe"

sh=06586A975DD03695C96988C8E21CFB24CBCBC663 ft=1 fh=3674938796638cd0 vn="Win32/HackTool.Crack.BC potenziell unsichere Anwendung" ac=I fn="C:\Users\Aga\Desktop\All\Games\Gta\LaunchGTAIV.exe"

sh=A10E2EE7D94B41C54149D3561166C37C1465E079 ft=1 fh=9ebb843da5694f15 vn="Variante von Win32/HackTool.Inject.F potenziell unsichere Anwendung" ac=I fn="C:\Users\Aga\Desktop\All\Neuer Ordner (2)\Winject.exe"

sh=B0CF1C0E8610F7286F8D8ADEA3728628241630B8 ft=1 fh=cdebc04b45596b87 vn="Variante von Win32/Bundled.Toolbar.Ask.D potenziell unsichere Anwendung" ac=I fn="C:\Users\Aga\Downloads\avira_free_antivirus_de.exe"

sh=3D84C7C0E316EAD02DD7A59E746EC798DAB8BC0C ft=1 fh=ce50a11e70bad71c vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung" ac=I fn="C:\Users\Aga\Downloads\ccsetup328.exe"

sh=6585F3BCD797EFC2F81599CDE50115668B677D52 ft=1 fh=c4c5afd1d69feff3 vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung" ac=I fn="C:\Users\Aga\Downloads\ccsetup408.exe"

sh=C662A89E2318810A6012EF702A9C39F6E0AC3B36 ft=1 fh=e8789dd77b481b56 vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung" ac=I fn="C:\Users\Aga\Downloads\ccsetup411.exe"

sh=D12F2B7B95F3EB52E57E5E034F4315F4716670FF ft=1 fh=fa0e3acfd523f7f9 vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung" ac=I fn="C:\Users\Aga\Downloads\ccsetup415.exe"

sh=A285B6AB3A4B305D62BD64167DDCF20CBC334A1E ft=1 fh=8ef37e04d274dcbb vn="Win32/OpenCandy potenziell unsichere Anwendung" ac=I fn="C:\Users\Aga\Downloads\CheatEngine63.exe"

sh=C3EC296EDBB060A9E844DA1F8F4F2E38D17F6247 ft=1 fh=104b1dc5af0194ee vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung" ac=I fn="C:\Users\Aga\Downloads\dfsetup217.exe"

sh=C68D573D0D892915889499FB54F72E1F502E5550 ft=1 fh=2b85d7430a786b61 vn="Win32/MyPCBackup.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Aga\Downloads\disk-defrag-setup.exe"

sh=EF76EAED06685DBD831F5F944B2530F73A29F258 ft=1 fh=bc6bf34f6970fc46 vn="Variante von Win32/InstallCore.BY evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Aga\Downloads\DownloadManagerSetup.exe"

sh=B37B52285DE862B7CAEA96BB8EB99D9B10DE236F ft=1 fh=1dbf7062960066bb vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung" ac=I fn="C:\Users\Aga\Downloads\Shockwave_Installer_Slim.exe"

sh=8C80438480791F21881734A9F59227AA7519C5A9 ft=1 fh=d67fba6ac1068f02 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Aga\Downloads\TuneUp 2013.exe"

sh=DC3C29A963871A9FF0613FFEC4FC39AB04760924 ft=1 fh=aa8756f8c51680cf vn="Variante von Win32/Bundled.Toolbar.Ask.F potenziell unsichere Anwendung" ac=I fn="C:\Windows\Installer\MSIA42E.tmp"

Code:

 Results of screen317's Security Check version 0.99.85  

 Windows Vista Service Pack 2 x86 (UAC is enabled)  

 Internet Explorer 9  

 Internet Explorer 8  
 ``````````````Antivirus/Firewall Check:`````````````` 

avast! Antivirus   

 Antivirus out of date!  
 `````````Anti-malware/Other Utilities Check:````````` 

 SpywareBlaster 5.0    

 CCleaner     

 JavaFX 2.1.1    

 Java 7 Update 60  

 Adobe Flash Player         14.0.0.125  

 Adobe Reader XI  

 Mozilla Firefox (30.0) 

 Google Chrome 34.0.1847.116  

 Google Chrome 35.0.1916.153  
 ````````Process Check: objlist.exe by Laurent````````  

 AVAST Software Avast AvastSvc.exe  

 AVAST Software Avast AvastUI.exe  
 `````````````````System Health check````````````````` 

 Total Fragmentation on Drive C:  % 
 ````````````````````End of Log``````````````````````

FRST Logfile:

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:05-07-2014 01

Ran by Aga (administrator) on MARCIN-PC on 05-07-2014 16:11:42

Running from C:\Users\Aga\Desktop\PC Bereinigung

Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: Deutsch (Deutschland)

Internet Explorer Version 9

Boot Mode: Normal
 
 
 

==================== Processes (Whitelisted) =================
 

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

(Microsoft Corporation) C:\Windows\System32\SLsvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(SANDBOXIE L.T.D) C:\Program Files\Sandboxie\SbieSvc.exe

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe

() C:\Windows\System32\PnkBstrA.exe

(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE

(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE

(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe

(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(Microsoft Corporation) C:\Windows\System32\mobsync.exe

(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe

(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe

(Microsoft Corporation) C:\Windows\System32\conime.exe
 
 

==================== Registry (Whitelisted) ==================
 

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432 2014-07-01] (AVAST Software)

HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)

ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software)

ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File

ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File

ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File

ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
 

==================== Internet (Whitelisted) ====================
 

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xBF4129600C73CC01

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de

SearchScopes: HKLM - DefaultScope value is missing.

BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files\Windows Live\Companion\companioncore.dll (Microsoft Corporation)

BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Toolbar: HKLM - No Name - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} -  No File

Toolbar: HKCU - No Name - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} -  No File

Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL (Microsoft Corporation)

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
 

FireFox:

========

FF ProfilePath: C:\Users\Aga\AppData\Roaming\Mozilla\Firefox\Profiles\nycp6mbp.default

FF NewTab: hxxp://www.google.com/firefox

FF SearchEngineOrder.1: Google

FF SelectedSearchEngine: Google

FF Homepage: https://www.google.de/

FF Keyword.URL: hxxp://www.google.com/search?ie=UTF-8&oe=utf-8&q=

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_125.dll ()

FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1209149.dll (Adobe Systems, Inc.)

FF Plugin: @java.com/DTPlugin,version=10.60.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)

FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)

FF Plugin: @nvidia.com/3DVision - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF Plugin: @nvidia.com/3DVisionStreaming - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF Plugin: @pandonetworks.com/PandoWebPlugin - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll No File

FF Plugin: @real.com/nppl3260;version=6.0.12.448 - C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll (RealNetworks, Inc.)

FF Plugin: @real.com/nprpjplug;version=6.0.12.448 - C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)

FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin: @videolan.org/vlc,version=2.0.6 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin: @videolan.org/vlc,version=2.1.1 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Aga\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Aga\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Aga\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF SearchPlugin: C:\Users\Aga\AppData\Roaming\Mozilla\Firefox\Profiles\nycp6mbp.default\searchplugins\amazon-distro.xml

FF SearchPlugin: C:\Users\Aga\AppData\Roaming\Mozilla\Firefox\Profiles\nycp6mbp.default\searchplugins\englische-ergebnisse.xml

FF SearchPlugin: C:\Users\Aga\AppData\Roaming\Mozilla\Firefox\Profiles\nycp6mbp.default\searchplugins\gmx-suche.xml

FF SearchPlugin: C:\Users\Aga\AppData\Roaming\Mozilla\Firefox\Profiles\nycp6mbp.default\searchplugins\lastminute.xml

FF SearchPlugin: C:\Users\Aga\AppData\Roaming\Mozilla\Firefox\Profiles\nycp6mbp.default\searchplugins\webde-suche.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml

FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml

FF Extension: FoxyDeal - C:\Users\Aga\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{F58A62EB-38DC-43C4-A539-DC52E135208D} [2013-04-21]

FF Extension: Anti-Banner - C:\Program Files\Mozilla Firefox\extensions\KavAntiBanner@kaspersky.ru_bak2 [2014-03-12]

FF Extension: Modul zur Link-Untersuchung - C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak2 [2014-03-12]

FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-03-12]

FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension

FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2011-09-19]

FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF

FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2013-11-26]
 

Chrome: 

=======

CHR HomePage: 

CHR StartupUrls: "https://www.google.de/"

CHR Extension: (WOT) - C:\Users\Aga\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2014-07-01]

CHR Extension: (Adblock Plus) - C:\Users\Aga\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-07-01]

CHR Extension: (avast! Online Security) - C:\Users\Aga\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-11-26]

CHR Extension: (Skype Click to Call) - C:\Users\Aga\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-03-12]

CHR Extension: (Google Wallet) - C:\Users\Aga\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-11-24]

CHR Extension: (Auto Refresh Plus) - C:\Users\Aga\AppData\Local\Google\Chrome\User Data\Default\Extensions\oilipfekkmncanaajkapbpancpelijih [2014-07-02]

CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-07-01]

CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2012-01-17]

CHR StartMenuInternet: Google Chrome - C:\Users\Aga\AppData\Local\Google\Chrome\Application\chrome.exe

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 

========================== Services (Whitelisted) =================
 

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-01] (AVAST Software)

S2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)

S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)

R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2013-03-03] ()

R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [85776 2012-12-16] (SANDBOXIE L.T.D)
 

==================== Drivers (Whitelisted) ====================
 

R2 ACEDRV07; C:\Windows\system32\drivers\ACEDRV07.sys [101376 2011-12-11] (Protect Software GmbH) [File not signed]

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-07-01] ()

R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-07-01] (AVAST Software)

R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [55112 2014-07-01] (AVAST Software)

R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-07-01] ()

R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [779536 2014-07-01] (AVAST Software)

R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [414520 2014-07-05] (AVAST Software)

R1 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [57800 2014-07-01] (AVAST Software)

R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [192352 2014-07-01] ()

S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)

S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)

S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-05-12] (Malwarebytes Corporation)

R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [7680 2006-10-18] ()

R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [157776 2012-12-16] (SANDBOXIE L.T.D)

U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-21] (Microsoft Corporation)

S3 catchme; \??\C:\Users\Aga\AppData\Local\Temp\catchme.sys [X]

S3 IpInIp; system32\DRIVERS\ipinip.sys [X]

S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]

S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]

S3 XDva397; \??\C:\Windows\system32\XDva397.sys [X]
 

==================== NetSvcs (Whitelisted) ===================
 
 

==================== One Month Created Files and Folders ========
 

2014-07-05 16:11 - 2014-07-05 16:11 - 00000923 _____ () C:\Users\Aga\Desktop\checkup.txt

2014-07-05 16:03 - 2014-07-05 16:02 - 00854390 _____ () C:\Users\Aga\Desktop\SecurityCheck.exe

2014-07-05 16:02 - 2014-07-05 16:02 - 00854390 _____ () C:\Users\Aga\Downloads\SecurityCheck.exe

2014-07-05 00:52 - 2014-07-05 00:52 - 02347384 _____ (ESET) C:\Users\Aga\Downloads\esetsmartinstaller_deu.exe

2014-07-03 23:14 - 2014-07-03 23:14 - 00033696 _____ () C:\Users\Aga\Desktop\FRST.txt

2014-07-03 23:13 - 2014-07-03 23:13 - 00024112 _____ () C:\Users\Aga\Desktop\Addition.txt

2014-07-03 22:46 - 2014-07-03 22:46 - 00000034 _____ () C:\Windows\setupact.log

2014-07-03 22:46 - 2014-07-03 22:46 - 00000000 _____ () C:\Windows\setuperr.log

2014-07-03 16:01 - 2014-07-05 16:11 - 00000000 ____D () C:\Users\Aga\Desktop\PC Bereinigung

2014-07-03 14:12 - 2014-07-03 14:12 - 00000310 _____ () C:\Windows\PFRO.log

2014-07-03 14:09 - 2014-07-03 14:09 - 00008568 _____ () C:\Users\AdwCleaner[R0].txt

2014-07-03 14:03 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll

2014-07-03 13:57 - 2014-07-03 13:57 - 00001176 _____ () C:\Malwarebytes Anti-Malware.lnk

2014-07-03 13:17 - 2014-07-03 13:17 - 01016261 _____ (Thisisu) C:\Users\Aga\Downloads\JRT (1).exe

2014-07-03 13:16 - 2014-07-03 14:11 - 00000000 ____D () C:\AdwCleaner

2014-07-03 13:16 - 2014-07-03 13:16 - 01346519 _____ () C:\Users\Aga\Downloads\adwcleaner_3.214 (1).exe

2014-07-02 15:14 - 2014-07-02 15:14 - 00010518 _____ () C:\ComboFix.txt

2014-07-02 15:06 - 2014-07-02 15:15 - 00000000 ____D () C:\ComboFix

2014-07-02 14:45 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe

2014-07-02 14:45 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe

2014-07-02 14:45 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe

2014-07-02 14:45 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe

2014-07-02 14:45 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe

2014-07-02 14:45 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe

2014-07-02 14:45 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe

2014-07-02 14:45 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe

2014-07-02 14:43 - 2014-07-02 15:14 - 00000000 ____D () C:\Qoobox

2014-07-02 14:43 - 2014-07-02 14:56 - 00000000 ____D () C:\Windows\erdnt

2014-07-02 14:36 - 2014-07-02 14:37 - 05212874 ____R (Swearware) C:\Users\Aga\Downloads\ComboFix.exe

2014-07-02 13:57 - 2014-07-02 13:57 - 00000000 ____D () C:\Program Files\VS Revo Group

2014-07-02 13:56 - 2014-07-02 13:57 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Aga\Downloads\revosetup95.exe

2014-07-01 21:46 - 2014-07-01 21:51 - 00032323 _____ () C:\Users\Aga\Downloads\FRST.txt

2014-07-01 21:46 - 2014-07-01 21:51 - 00028852 _____ () C:\Users\Aga\Downloads\Addition.txt

2014-07-01 21:45 - 2014-07-05 16:11 - 00000000 ____D () C:\FRST

2014-07-01 21:45 - 2014-07-01 21:45 - 01073664 _____ (Farbar) C:\Users\Aga\Downloads\FRST (1).exe

2014-07-01 21:43 - 2014-07-01 21:43 - 01073664 _____ (Farbar) C:\Users\Aga\Downloads\FRST.exe

2014-07-01 18:52 - 2014-07-01 18:52 - 00448512 _____ (OldTimer Tools) C:\Users\Aga\Downloads\TFC.exe

2014-07-01 18:44 - 2014-07-02 14:53 - 00000000 ____D () C:\ProgramData\TEMP

2014-07-01 18:44 - 2014-07-01 18:47 - 00000000 ____D () C:\Program Files\SpywareBlaster

2014-07-01 18:44 - 2014-07-01 18:44 - 00000836 _____ () C:\Users\Public\Desktop\SpywareBlaster.lnk

2014-07-01 18:44 - 2014-07-01 18:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster

2014-07-01 18:44 - 2014-07-01 18:44 - 00000000 ____D () C:\ProgramData\Licenses

2014-07-01 18:43 - 2014-07-01 18:43 - 04095448 _____ (BrightFort LLC ) C:\Users\Aga\Downloads\spywareblastersetup50.exe

2014-07-01 18:39 - 2014-07-01 18:40 - 00895120 _____ (Google Inc.) C:\Users\Aga\Downloads\ChromeSetup.exe

2014-07-01 18:35 - 2014-07-01 18:35 - 01346519 _____ () C:\Users\Aga\Downloads\adwcleaner_3.214.exe

2014-07-01 18:35 - 2014-07-01 18:35 - 01016261 _____ (Thisisu) C:\Users\Aga\Downloads\JRT.exe

2014-07-01 18:28 - 2014-07-05 14:33 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-07-01 18:28 - 2014-07-01 18:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-07-01 18:28 - 2014-07-01 18:28 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware

2014-07-01 18:28 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2014-07-01 18:28 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-07-01 17:55 - 2014-07-01 17:55 - 00023064 _____ () C:\Users\Aga\Documents\cc_20140701_175512.reg

2014-07-01 17:55 - 2014-07-01 17:55 - 00000332 _____ () C:\Users\Aga\Documents\cc_20140701_175529.reg

2014-07-01 17:50 - 2014-07-01 17:50 - 04812672 _____ (Piriform Ltd) C:\Users\Aga\Downloads\ccsetup415.exe

2014-07-01 17:46 - 2014-07-01 17:46 - 00000000 ____D () C:\Users\Aga\AppData\Roaming\DropboxMaster

2014-07-01 17:45 - 2014-07-01 17:45 - 00000000 ____D () C:\Users\Aga\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

2014-07-01 17:45 - 2014-07-01 17:45 - 00000000 ____D () C:\Program Files\Dropbox

2014-07-01 17:43 - 2014-07-01 17:46 - 00000000 ____D () C:\Users\Aga\AppData\Roaming\Dropbox

2014-07-01 17:28 - 2014-07-01 17:28 - 00000000 ____D () C:\ProgramData\Oracle

2014-07-01 17:28 - 2014-07-01 17:28 - 00000000 ____D () C:\Program Files\Common Files\Java

2014-07-01 17:28 - 2014-05-07 14:59 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe

2014-07-01 17:27 - 2014-07-01 17:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2014-07-01 17:27 - 2014-05-07 15:02 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll

2014-07-01 17:27 - 2014-05-07 14:59 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe

2014-07-01 17:27 - 2014-05-07 14:58 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe

2014-07-01 17:23 - 2014-07-01 17:27 - 00004126 _____ () C:\Windows\system32\jupdate-1.7.0_60-b19.log

2014-07-01 17:21 - 2014-07-01 17:21 - 00284288 _____ (Mozilla) C:\Users\Aga\Downloads\Firefox Setup Stub 30.0.exe

2014-07-01 17:19 - 2014-07-01 17:19 - 00918952 _____ (Oracle Corporation) C:\Users\Aga\Downloads\chromeinstall-7u60.exe

2014-07-01 17:16 - 2014-07-01 17:16 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr

2014-07-01 17:16 - 2014-07-01 17:16 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys

2014-07-01 17:08 - 2014-07-01 17:09 - 18732144 _____ (Adobe Systems Inc.) C:\Users\Aga\Downloads\AdobeAIRInstaller (1).exe

2014-07-01 17:07 - 2014-07-01 17:07 - 01179085 _____ () C:\Users\Aga\Downloads\7z934.exe

2014-06-28 20:09 - 2014-04-26 18:01 - 00502784 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll

2014-06-28 20:09 - 2014-04-05 05:23 - 00915392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys

2014-06-28 20:09 - 2014-04-05 03:49 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpipreg.sys

2014-06-28 20:09 - 2014-03-25 15:26 - 11587584 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll

2014-06-28 20:09 - 2014-03-10 03:22 - 01401344 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll

2014-06-28 20:09 - 2014-03-10 03:22 - 01248768 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll

2014-06-28 20:08 - 2014-05-28 18:48 - 12356608 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-06-28 20:08 - 2014-05-28 18:39 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-06-28 20:08 - 2014-05-28 18:38 - 09711104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-06-28 20:08 - 2014-05-28 18:33 - 01106432 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-06-28 20:08 - 2014-05-28 18:32 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-06-28 20:08 - 2014-05-28 18:32 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-06-28 20:08 - 2014-05-28 18:31 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll

2014-06-28 20:08 - 2014-05-28 18:31 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-06-28 20:08 - 2014-05-28 18:30 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-06-28 20:08 - 2014-05-28 18:30 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2014-06-28 20:08 - 2014-05-28 18:30 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-06-28 20:08 - 2014-05-28 18:30 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-06-28 20:08 - 2014-05-28 18:30 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-06-28 20:08 - 2014-05-28 18:30 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-06-28 20:08 - 2014-05-28 18:30 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll

2014-06-28 20:08 - 2014-05-28 18:29 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-06-28 20:08 - 2014-05-28 18:29 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-06-28 20:08 - 2014-05-28 18:29 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-06-28 20:08 - 2014-05-28 18:29 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe

2014-06-28 20:08 - 2014-05-28 18:29 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe

2014-06-28 20:08 - 2014-05-28 18:28 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
 

==================== One Month Modified Files and Folders =======
 

2014-07-05 16:11 - 2014-07-05 16:11 - 00000923 _____ () C:\Users\Aga\Desktop\checkup.txt

2014-07-05 16:11 - 2014-07-03 16:01 - 00000000 ____D () C:\Users\Aga\Desktop\PC Bereinigung

2014-07-05 16:11 - 2014-07-01 21:45 - 00000000 ____D () C:\FRST

2014-07-05 16:02 - 2014-07-05 16:03 - 00854390 _____ () C:\Users\Aga\Desktop\SecurityCheck.exe

2014-07-05 16:02 - 2014-07-05 16:02 - 00854390 _____ () C:\Users\Aga\Downloads\SecurityCheck.exe

2014-07-05 15:54 - 2014-03-05 17:11 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-07-05 15:16 - 2011-09-15 09:35 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-423745193-3980066226-3922103518-1000UA.job

2014-07-05 14:36 - 2011-09-15 12:11 - 01130526 _____ () C:\Windows\WindowsUpdate.log

2014-07-05 14:33 - 2014-07-01 18:28 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-07-05 14:32 - 2011-09-14 17:23 - 00000000 ____D () C:\ProgramData\NVIDIA

2014-07-05 14:32 - 2006-11-02 15:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-07-05 14:32 - 2006-11-02 14:47 - 00004112 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0

2014-07-05 14:32 - 2006-11-02 14:47 - 00004112 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0

2014-07-05 01:27 - 2006-11-02 15:01 - 00032538 _____ () C:\Windows\Tasks\SCHEDLGU.TXT

2014-07-05 00:52 - 2014-07-05 00:52 - 02347384 _____ (ESET) C:\Users\Aga\Downloads\esetsmartinstaller_deu.exe

2014-07-05 00:43 - 2013-11-26 17:38 - 00414520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys

2014-07-03 23:14 - 2014-07-03 23:14 - 00033696 _____ () C:\Users\Aga\Desktop\FRST.txt

2014-07-03 23:13 - 2014-07-03 23:13 - 00024112 _____ () C:\Users\Aga\Desktop\Addition.txt

2014-07-03 22:46 - 2014-07-03 22:46 - 00000034 _____ () C:\Windows\setupact.log

2014-07-03 22:46 - 2014-07-03 22:46 - 00000000 _____ () C:\Windows\setuperr.log

2014-07-03 14:19 - 2013-04-21 15:01 - 00000000 ____D () C:\Windows\ERUNT

2014-07-03 14:12 - 2014-07-03 14:12 - 00000310 _____ () C:\Windows\PFRO.log

2014-07-03 14:11 - 2014-07-03 13:16 - 00000000 ____D () C:\AdwCleaner

2014-07-03 14:09 - 2014-07-03 14:09 - 00008568 _____ () C:\Users\AdwCleaner[R0].txt

2014-07-03 13:57 - 2014-07-03 13:57 - 00001176 _____ () C:\Malwarebytes Anti-Malware.lnk

2014-07-03 13:37 - 2012-12-16 17:25 - 00000000 ____D () C:\Program Files\Amazon

2014-07-03 13:17 - 2014-07-03 13:17 - 01016261 _____ (Thisisu) C:\Users\Aga\Downloads\JRT (1).exe

2014-07-03 13:16 - 2014-07-03 13:16 - 01346519 _____ () C:\Users\Aga\Downloads\adwcleaner_3.214 (1).exe

2014-07-02 15:15 - 2014-07-02 15:06 - 00000000 ____D () C:\ComboFix

2014-07-02 15:14 - 2014-07-02 15:14 - 00010518 _____ () C:\ComboFix.txt

2014-07-02 15:14 - 2014-07-02 14:43 - 00000000 ____D () C:\Qoobox

2014-07-02 15:13 - 2006-11-02 12:23 - 00000215 _____ () C:\Windows\system.ini

2014-07-02 14:57 - 2006-11-02 13:18 - 00000000 __RHD () C:\Users\Default

2014-07-02 14:57 - 2006-11-02 13:18 - 00000000 ___RD () C:\Users\Public

2014-07-02 14:56 - 2014-07-02 14:43 - 00000000 ____D () C:\Windows\erdnt

2014-07-02 14:53 - 2014-07-01 18:44 - 00000000 ____D () C:\ProgramData\TEMP

2014-07-02 14:37 - 2014-07-02 14:36 - 05212874 ____R (Swearware) C:\Users\Aga\Downloads\ComboFix.exe

2014-07-02 13:57 - 2014-07-02 13:57 - 00000000 ____D () C:\Program Files\VS Revo Group

2014-07-02 13:57 - 2014-07-02 13:56 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Aga\Downloads\revosetup95.exe

2014-07-01 21:51 - 2014-07-01 21:46 - 00032323 _____ () C:\Users\Aga\Downloads\FRST.txt

2014-07-01 21:51 - 2014-07-01 21:46 - 00028852 _____ () C:\Users\Aga\Downloads\Addition.txt

2014-07-01 21:45 - 2014-07-01 21:45 - 01073664 _____ (Farbar) C:\Users\Aga\Downloads\FRST (1).exe

2014-07-01 21:43 - 2014-07-01 21:43 - 01073664 _____ (Farbar) C:\Users\Aga\Downloads\FRST.exe

2014-07-01 21:02 - 2006-11-02 13:18 - 00000000 ____D () C:\Windows\Microsoft.NET

2014-07-01 20:16 - 2011-09-15 09:35 - 00001060 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-423745193-3980066226-3922103518-1000Core.job

2014-07-01 19:01 - 2011-10-22 11:25 - 00000000 ____D () C:\Users\Aga\Desktop\All

2014-07-01 18:56 - 2013-04-20 21:35 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware

2014-07-01 18:52 - 2014-07-01 18:52 - 00448512 _____ (OldTimer Tools) C:\Users\Aga\Downloads\TFC.exe

2014-07-01 18:47 - 2014-07-01 18:44 - 00000000 ____D () C:\Program Files\SpywareBlaster

2014-07-01 18:44 - 2014-07-01 18:44 - 00000836 _____ () C:\Users\Public\Desktop\SpywareBlaster.lnk

2014-07-01 18:44 - 2014-07-01 18:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpywareBlaster

2014-07-01 18:44 - 2014-07-01 18:44 - 00000000 ____D () C:\ProgramData\Licenses

2014-07-01 18:43 - 2014-07-01 18:43 - 04095448 _____ (BrightFort LLC ) C:\Users\Aga\Downloads\spywareblastersetup50.exe

2014-07-01 18:40 - 2014-07-01 18:39 - 00895120 _____ (Google Inc.) C:\Users\Aga\Downloads\ChromeSetup.exe

2014-07-01 18:35 - 2014-07-01 18:35 - 01346519 _____ () C:\Users\Aga\Downloads\adwcleaner_3.214.exe

2014-07-01 18:35 - 2014-07-01 18:35 - 01016261 _____ (Thisisu) C:\Users\Aga\Downloads\JRT.exe

2014-07-01 18:32 - 2008-01-21 09:16 - 01588036 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-07-01 18:28 - 2014-07-01 18:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-07-01 18:28 - 2014-07-01 18:28 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware

2014-07-01 18:28 - 2013-04-23 22:11 - 00000859 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2014-07-01 18:28 - 2013-04-20 21:35 - 00000000 ____D () C:\Users\Aga\AppData\Roaming\Malwarebytes

2014-07-01 18:28 - 2013-04-20 21:35 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-07-01 17:55 - 2014-07-01 17:55 - 00023064 _____ () C:\Users\Aga\Documents\cc_20140701_175512.reg

2014-07-01 17:55 - 2014-07-01 17:55 - 00000332 _____ () C:\Users\Aga\Documents\cc_20140701_175529.reg

2014-07-01 17:52 - 2011-09-15 10:04 - 00000764 _____ () C:\Users\Public\Desktop\CCleaner.lnk

2014-07-01 17:52 - 2011-09-15 10:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner

2014-07-01 17:52 - 2011-09-15 10:04 - 00000000 ____D () C:\Program Files\CCleaner

2014-07-01 17:50 - 2014-07-01 17:50 - 04812672 _____ (Piriform Ltd) C:\Users\Aga\Downloads\ccsetup415.exe

2014-07-01 17:46 - 2014-07-01 17:46 - 00000000 ____D () C:\Users\Aga\AppData\Roaming\DropboxMaster

2014-07-01 17:46 - 2014-07-01 17:43 - 00000000 ____D () C:\Users\Aga\AppData\Roaming\Dropbox

2014-07-01 17:45 - 2014-07-01 17:45 - 00000000 ____D () C:\Users\Aga\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

2014-07-01 17:45 - 2014-07-01 17:45 - 00000000 ____D () C:\Program Files\Dropbox

2014-07-01 17:33 - 2013-04-21 15:44 - 00002425 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk

2014-07-01 17:28 - 2014-07-01 17:28 - 00000000 ____D () C:\ProgramData\Oracle

2014-07-01 17:28 - 2014-07-01 17:28 - 00000000 ____D () C:\Program Files\Common Files\Java

2014-07-01 17:27 - 2014-07-01 17:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2014-07-01 17:27 - 2014-07-01 17:23 - 00004126 _____ () C:\Windows\system32\jupdate-1.7.0_60-b19.log

2014-07-01 17:27 - 2014-01-19 17:34 - 00000000 ____D () C:\Program Files\Java

2014-07-01 17:23 - 2014-03-12 23:01 - 00000000 ____D () C:\Program Files\Mozilla Firefox

2014-07-01 17:23 - 2013-02-04 19:33 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service

2014-07-01 17:23 - 2011-09-15 09:40 - 00000818 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

2014-07-01 17:23 - 2011-09-15 09:40 - 00000806 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk

2014-07-01 17:21 - 2014-07-01 17:21 - 00284288 _____ (Mozilla) C:\Users\Aga\Downloads\Firefox Setup Stub 30.0.exe

2014-07-01 17:20 - 2014-03-05 17:11 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe

2014-07-01 17:20 - 2014-03-05 17:11 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl

2014-07-01 17:19 - 2014-07-01 17:19 - 00918952 _____ (Oracle Corporation) C:\Users\Aga\Downloads\chromeinstall-7u60.exe

2014-07-01 17:17 - 2013-11-26 17:39 - 00001873 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk

2014-07-01 17:16 - 2014-07-01 17:16 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr

2014-07-01 17:16 - 2014-07-01 17:16 - 00024184 _____ () C:\Windows\system32\Drivers\aswHwid.sys

2014-07-01 17:16 - 2013-11-26 17:38 - 00779536 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys

2014-07-01 17:16 - 2013-11-26 17:38 - 00276432 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe

2014-07-01 17:16 - 2013-11-26 17:38 - 00192352 _____ () C:\Windows\system32\Drivers\aswVmm.sys

2014-07-01 17:16 - 2013-11-26 17:38 - 00067824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys

2014-07-01 17:16 - 2013-11-26 17:38 - 00057800 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys

2014-07-01 17:16 - 2013-11-26 17:38 - 00055112 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys

2014-07-01 17:16 - 2013-11-26 17:38 - 00049944 _____ () C:\Windows\system32\Drivers\aswRvrt.sys

2014-07-01 17:12 - 2013-04-21 15:33 - 00000000 ____D () C:\Program Files\Common Files\Adobe AIR

2014-07-01 17:09 - 2014-07-01 17:08 - 18732144 _____ (Adobe Systems Inc.) C:\Users\Aga\Downloads\AdobeAIRInstaller (1).exe

2014-07-01 17:07 - 2014-07-01 17:07 - 01179085 _____ () C:\Users\Aga\Downloads\7z934.exe

2014-06-28 20:26 - 2011-09-15 09:36 - 00002024 _____ () C:\Users\Aga\Desktop\Google Chrome.lnk

2014-06-28 20:09 - 2013-11-26 17:46 - 00000000 ____D () C:\Windows\system32\MRT
 

==================== Bamital & volsnap Check =================
 

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\system32\winlogon.exe => File is digitally signed

C:\Windows\system32\wininit.exe => File is digitally signed

C:\Windows\system32\svchost.exe => File is digitally signed

C:\Windows\system32\services.exe => File is digitally signed

C:\Windows\system32\User32.dll => File is digitally signed

C:\Windows\system32\userinit.exe => File is digitally signed

C:\Windows\system32\rpcss.dll => File is digitally signed

C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 

LastRegBack: 2014-07-05 14:39
 

==================== End Of Log ============================

--- --- ---

--- --- ---

Code:

Additional scan result of Farbar Recovery Scan Tool (x86) Version:05-07-2014 01

Ran by Aga at 2014-07-05 16:12:15

Running from C:\Users\Aga\Desktop\PC Bereinigung

Boot Mode: Normal

==========================================================
 
 

==================== Security Center ========================
 

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 

==================== Installed Programs ======================
 

7-Zip 9.34 alpha (HKLM\...\7-Zip) (Version:  - )

Adobe AIR (HKLM\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)

Adobe AIR (Version: 14.0.0.110 - Adobe Systems Incorporated) Hidden

Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)

Adobe Reader XI (11.0.07)  MUI (HKLM\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)

Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.9.149 - Adobe Systems, Inc.)

avast! Free Antivirus (HKLM\...\Avast) (Version: 9.0.2021 - AVAST Software)

Camtasia Studio 7 (HKLM\...\{DE042823-C359-4B87-B66B-308057E8B6AF}) (Version: 7.0.1 - TechSmith Corporation)

CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)

Cheat Engine 6.3 (HKLM\...\Cheat Engine 6.3_is1) (Version:  - Cheat Engine)

D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden

Dropbox (HKCU\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)

ESET Online Scanner v3 (HKLM\...\ESET Online Scanner) (Version:  - )

F1 2011 (HKLM\...\GFWL_{434D0FA1-3E0C-4D03-A5D4-5E1000008100}) (Version: 1.0.0000.129 - Codemasters)

F1 2011 (Version: 1.0.0000.129 - Codemasters) Hidden

Google Chrome (HKCU\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)

Grand Theft Auto IV (Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden

HxD Hex Editor version 1.7.7.0 (HKLM\...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Maël Hörz)

Java 7 Update 60 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.600 - Oracle)

Java Auto Updater (Version: 2.1.60.19 - Oracle, Inc.) Hidden

JavaFX 2.1.1 (HKLM\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)

Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

League of Legends (HKLM\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )

League of Legends (Version: 3.0.1 - Riot Games ) Hidden

Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)

Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version:  - Microsoft Corporation)

Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729 - Microsoft Corporation) Hidden

Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)

Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden

Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)

Microsoft Games for Windows Marketplace (HKLM\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)

Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)

Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)

Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)

Microsoft Office Small Business Edition 2003 (HKLM\...\{91CA0407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)

Microsoft XNA Framework Redistributable 4.0 (HKLM\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)

Mozilla Firefox 30.0 (x86 de) (HKLM\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)

Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)

MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden

MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden

Notepad++ (HKLM\...\Notepad++) (Version: 5.9.8 - )

NVIDIA 3D Vision Controller Driver (Version: 280.19 - NVIDIA Corporation) Hidden

NVIDIA 3D Vision Controller-Treiber 280.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 280.19 - NVIDIA Corporation)

NVIDIA 3D Vision Treiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)

NVIDIA Grafiktreiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)

NVIDIA Install Application (Version: 2.1002.108.688 - NVIDIA Corporation) Hidden

NVIDIA PhysX (Version: 9.10.0514 - NVIDIA Corporation) Hidden

NVIDIA PhysX-Systemsoftware 9.10.0514 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.10.0514 - NVIDIA Corporation)

NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.1106 - NVIDIA Corporation) Hidden

NVIDIA Systemsteuerung 311.06 (Version: 311.06 - NVIDIA Corporation) Hidden

NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)

NVIDIA Update Components (Version: 1.11.3 - NVIDIA Corporation) Hidden

QuickShare (HKLM\...\{55532499-5676-4DAE-9A57-AEB907A0A1DD}) (Version: 1.6.1.714 - Linkury Inc.) <==== ATTENTION

Realtek 8136 8168 8169 Ethernet Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0005 - Realtek)

Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)

RMFon (HKLM\...\{9A958D2C-4D3D-44CD-8834-AFB85F5C4467}_is1) (Version: 1.3 - Radio Muzyka Fakty sp. z o.o.)

Sandboxie 3.76 (32-bit) (HKLM\...\Sandboxie) (Version: 3.76 - SANDBOXIE L.T.D)

Segoe UI (Version: 15.4.2271.0615 - Microsoft Corp) Hidden

Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.9.9216 - Skype Technologies S.A.)

Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)

SpywareBlaster 5.0 (HKLM\...\SpywareBlaster_is1) (Version: 5.0.0 - BrightFort LLC)

STRIKE FX GAMEPAD (HKLM\...\{FEC7CD2E-2BB5-40C3-9592-078F64677E6C}) (Version: 1.00.0000 - GASIA)

swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden

Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)

Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)

Vista Codec Package (HKLM\...\{F9FD80CE-0448-4D4F-8BCD-77FC514C3F99}) (Version: 5.7.9 - Shark007)

VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)

Wallpaper SlideShow LT 1.5.1 (HKLM\...\{58A49B80-2595-4C9D-B3EB-261E68A2C4D1}_is1) (Version:  - Gianpaolo Bottin)

Windows Live Communications Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)

Windows Live Essentials (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Family Safety (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden

Windows Live Fotogalerie (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden

Windows Live Installer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Mail (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Mesh (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Mesh ActiveX control for remote connections (HKLM\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)

Windows Live Messenger (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden

Windows Live Messenger Companion Core (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Movie Maker (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Photo Common (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Photo Gallery (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live PIMT Platform (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Windows Live SOXE (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live SOXE Definitions (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live UX Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live UX Platform Language Pack (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden

Windows Live Writer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Windows Live Writer Resources (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

WinRAR 5.01 beta 1 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.1 - win.rar GmbH)
 

==================== Restore Points  =========================
 

12-03-2014 21:59:04 Uniblue SpeedUpMyPC installation

12-03-2014 22:08:19 Windows Update

18-04-2014 12:39:26 Windows Update

28-06-2014 18:00:10 Windows Update

01-07-2014 14:55:25 Windows Update

01-07-2014 15:11:03 avast! antivirus system restore point

01-07-2014 15:21:08 Installed Java 7 Update 60

01-07-2014 15:45:39 TuneUp Utilities 2014 wird entfernt

01-07-2014 15:47:54 TuneUp Utilities 2014 (de-DE) wird entfernt

04-07-2014 22:43:42 Windows Update
 

==================== Hosts content: ==========================
 

2006-11-02 12:23 - 2014-07-02 14:56 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost
 

==================== Scheduled Tasks (whitelisted) =============
 

Task: {1647F577-48F4-4F0A-A9B0-FCCD87167241} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)

Task: {1A594D74-99A1-4715-A7A0-78B35FED38DC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-01] (Adobe Systems Incorporated)

Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM

Task: {320124A7-D70F-41DE-A9D1-D5E8E19D5D91} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI

Task: {34C6CB05-00E7-4705-BB9F-506CE730A327} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2014-05-07] (Oracle Corporation)

Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages

Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-21] (Microsoft Corporation)

Task: {4FF2761A-979E-49CD-BF8B-98056026F692} - System32\Tasks\Test TimeTrigger => C:\Users\Aga\AppData\Local\Temp\Runner.exe <==== ATTENTION

Task: {6B11EB07-2BAF-4D7B-AF95-DB4C7265429B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd)

Task: {87C09435-7155-45B8-AF61-5D5FCB4A490B} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2008-01-21] (Microsoft Corporation)

Task: {9E4AB2AE-7D19-4A9D-9504-3DC96B16B8A2} - System32\Tasks\{6B23975A-5D65-46B7-AB38-D006542DCD95} => C:\Program Files\Skype\\Phone\Skype.exe [2013-11-18] (Skype Technologies S.A.)

Task: {C12F61A2-5D31-4B3A-8899-8023DDB641CE} - System32\Tasks\Google Updater and Installer => C:\Users\Aga\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-15] (Google Inc.)

Task: {D7B4206F-F952-405F-B7DE-0D09AE3516AF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-423745193-3980066226-3922103518-1000UA => C:\Users\Aga\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-15] (Google Inc.)

Task: {E13825F7-7290-42B5-9048-93A62808C17F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-423745193-3980066226-3922103518-1000Core => C:\Users\Aga\AppData\Local\Google\Update\GoogleUpdate.exe [2011-09-15] (Google Inc.)

Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-21] ()

Task: {EC5D604D-E7EC-43FA-BD2F-A3114AD1A6FE} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\netsh.exe [2006-11-02] (Microsoft Corporation)

Task: {F34653EC-8074-4ABF-BEAB-C114A66788D1} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-01] (AVAST Software)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-423745193-3980066226-3922103518-1000Core.job => C:\Users\Aga\AppData\Local\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-423745193-3980066226-3922103518-1000UA.job => C:\Users\Aga\AppData\Local\Google\Update\GoogleUpdate.exe
 

==================== Loaded Modules (whitelisted) =============
 

2014-04-17 21:42 - 2014-07-01 17:15 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll

2014-07-05 14:33 - 2014-07-05 14:33 - 02789888 _____ () C:\Program Files\AVAST Software\Avast\defs\14070500\algo.dll

2011-09-17 13:27 - 2013-03-03 18:02 - 00076888 _____ () C:\Windows\system32\PnkBstrA.exe

2013-11-26 17:38 - 2014-07-01 17:16 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
 

==================== Alternate Data Streams (whitelisted) =========
 

AlternateDataStreams: C:\ProgramData\TEMP:5C321E34
 

==================== Safe Mode (whitelisted) ===================
 
 

==================== EXE Association (whitelisted) =============
 
 

==================== MSCONFIG/TASK MANAGER disabled items =========
 
 

==================== Faulty Device Manager Devices =============
 

Name: Teredo Tunneling Pseudo-Interface

Description: Microsoft Tun-Miniportadapter

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: tunmp

Problem: : This device cannot start. (Code10)

Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.

On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (07/05/2014 02:34:16 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (07/05/2014 00:38:22 AM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (07/03/2014 10:46:35 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (07/03/2014 02:30:02 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (07/03/2014 02:26:47 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 

System errors:

=============

Error: (07/05/2014 02:35:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: NVIDIA Update Service Daemon%%1069
 

Error: (07/05/2014 02:35:06 PM) (Source: Service Control Manager) (EventID: 7038) (User: )

Description: nvUpdatusService.\UpdatusUser%%1330
 

Error: (07/05/2014 02:34:16 PM) (Source: Service Control Manager) (EventID: 7011) (User: )

Description: 30000MBAMService
 

Error: (07/05/2014 02:34:16 PM) (Source: Service Control Manager) (EventID: 7026) (User: )

Description: i8042prt
 

Error: (07/05/2014 00:40:32 AM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: NVIDIA Update Service Daemon%%1069
 

Error: (07/05/2014 00:40:32 AM) (Source: Service Control Manager) (EventID: 7038) (User: )

Description: nvUpdatusService.\UpdatusUser%%1330
 

Error: (07/05/2014 00:38:22 AM) (Source: Service Control Manager) (EventID: 7026) (User: )

Description: i8042prt
 

Error: (07/03/2014 10:47:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: NVIDIA Update Service Daemon%%1069
 

Error: (07/03/2014 10:47:29 PM) (Source: Service Control Manager) (EventID: 7038) (User: )

Description: nvUpdatusService.\UpdatusUser%%1330
 

Error: (07/03/2014 10:46:35 PM) (Source: Service Control Manager) (EventID: 7026) (User: )

Description: i8042prt
 
 

Microsoft Office Sessions:

=========================

Error: (07/05/2014 02:34:16 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (07/05/2014 00:38:22 AM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (07/03/2014 10:46:35 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (07/03/2014 02:30:02 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (07/03/2014 02:26:47 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 

CodeIntegrity Errors:

===================================

  Date: 2014-07-05 16:12:10.874

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-07-05 16:12:10.734

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-07-05 16:12:10.578

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-07-05 16:12:10.438

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-07-05 16:12:10.188

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-07-05 16:12:10.048

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-07-05 16:12:09.907

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-07-05 16:12:09.767

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-07-05 16:11:51.515

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 

  Date: 2014-07-05 16:11:51.374

  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
 
 

==================== Memory info =========================== 
 

Percentage of memory in use: 41%

Total physical RAM: 3326.18 MB

Available physical RAM: 1938.63 MB

Total Pagefile: 6884.35 MB

Available Pagefile: 5912.16 MB

Total Virtual: 2047.88 MB

Available Virtual: 1911.53 MB
 

==================== Drives ================================
 

Drive c: () (Fixed) (Total:698.63 GB) (Free:481.25 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 699 GB) (Disk ID: 3C91DB17)

Partition 1: (Active) - (Size=699 GB) - (Type=07 NTFS)
 

==================== End Of Log ============================

Sieht gut aus. Deinstalliere mal Avast und installiere es neu.

Sorry das ich erst jetz antworte aber konnte ich früher nicht, habe ich deeinstaliert und wieder neu instaliert was soll ich jetzt weiter tun ?

gibt es noch Probleme?

Nein , momentan ist alles ok.

Fertig :)

Die Reihenfolge ist hier entscheidend.

Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
- Windowstaste + R > Combofix /Uninstall (eingeben) > OK
- Alternative: Combofix.exe in uninstall.exe umbenennen und starten
- Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
Downloade Dir bitte auf jeden Fall DelFix auf deinen Desktop:
- Schließe alle offenen Programme.
- Starte die delfix.exe mit einem Doppelklick.
- Setze vor jede Funktion ein Häkchen.
- Klicke auf Start.
- Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
- Starte deinen Rechner abschließend neu.
Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.

Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun :)

Hier noch ein paar Tipps zur Absicherung deines Systems.

Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.

Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
Windows Updates
- Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
- Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
Gehe sicher das die automatischen Updates aktiviert sind.
Software Updates
Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.

Anti- Viren Software

Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.

Zusätzlicher Schutz

MalwareBytes Anti Malware
Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
Ein Tutorial zur Verwendung findest Du hier.
WinPatrol
Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.

Sicheres Browsen

SpywareBlaster
Eine kurze Einführung findest du Hier
MVPs hosts file
Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
WOT (Web of trust)
Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.

Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.

Opera
Mozilla Firefox.
- Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
- NoScript
  Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
- AdblockPlus
  Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
  Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )

Don'ts

Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe

Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

Vielen dank für Deine Hilfe und guten Ratschläge , habe deine Anweisungen gefolgt und alle schritte erledigt.