Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
search.conduit (Reste) entfernen

search.conduit (Reste) entfernen


Log-Analyse und Auswertung: search.conduit (Reste) entfernen

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 02.07.2013, 11:38   #3
hsw1to1tbe
 
search.conduit (Reste) entfernen - Standard

search.conduit (Reste) entfernen


Hallo,

vielen Dank für die schnelle Antwort! Hier die Logs:

Adw:
Code:
ATTFilter
# AdwCleaner v2.303 - Datei am 02/07/2013 um 12:25:11 erstellt
# Aktualisiert am 08/06/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Sysop - INGO-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Sysop.Ingo-PC\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****


***** [Registrierungsdatenbank] *****


***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16611

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v22.0 (de)

*************************

AdwCleaner[S1].txt - [608 octets] - [02/07/2013 12:25:11]

########## EOF - C:\AdwCleaner[S1].txt - [667 octets] ##########
FRST64:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-07-2013
Ran by Sysop (administrator) on 02-07-2013 12:28:06
Running from C:\Users\Sysop.Ingo-PC\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\ccSvcHst.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\ccSvcHst.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7982112 2009-07-28] (Realtek Semiconductor)
HKLM\...\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup [16395880 2009-10-03] (NVIDIA Corporation)
HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [1825064 2009-09-03] (Synaptics Incorporated)
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE [x]
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [X]
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59280 2012-08-27] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [253816 2013-03-12] (Oracle Corporation)
HKU\Default\...\RunOnce: [ScrSav] C:\Program Files (x86)\Packard Bell\Screensaver\run_Packard Bell.exe /default [x]
HKU\Default User\...\RunOnce: [ScrSav] C:\Program Files (x86)\Packard Bell\Screensaver\run_Packard Bell.exe /default [x]
HKU\Ingo\...\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59280 2012-08-29] (Apple Inc.)
HKU\Sysop\...\RunOnce: [ScrSav] C:\Program Files (x86)\Packard Bell\Screensaver\run_Packard Bell.exe /default [x]
Startup: C:\Users\Ingo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Sysop.Ingo-PC\AppData\Roaming\Dropbox\bin\Dropbox.exe (No File)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\coIEPlg.dll (Symantec Corporation)
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
Handler: msdaipp - No CLSID Value - 
Handler-x32: msdaipp - No CLSID Value - 
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 195.3.96.67 213.33.98.136

FireFox:
========
FF ProfilePath: C:\Users\Sysop.Ingo-PC\AppData\Roaming\Mozilla\Firefox\Profiles\kfa8fnwa.default
FF Homepage: about:newtab
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: Ghostery - C:\Users\Sysop.Ingo-PC\AppData\Roaming\Mozilla\Firefox\Profiles\kfa8fnwa.default\Extensions\firefox@ghostery.com
FF Extension: elemhidehelper - C:\Users\Sysop.Ingo-PC\AppData\Roaming\Mozilla\Firefox\Profiles\kfa8fnwa.default\Extensions\elemhidehelper@adblockplus.org.xpi
FF Extension: No Name - C:\Users\Sysop.Ingo-PC\AppData\Roaming\Mozilla\Firefox\Profiles\kfa8fnwa.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi
FF Extension: No Name - C:\Users\Sysop.Ingo-PC\AppData\Roaming\Mozilla\Firefox\Profiles\kfa8fnwa.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [{7BA52691-1876-45ce-9EE6-54BCB3B04BBC}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\coFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\IPSFFPlgn\
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\IPSFFPlgn\
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\coFFPlgn\

==================== Services (Whitelisted) =================

S4 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [844320 2009-09-30] (Acer Incorporated)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\ccSvcHst.exe [138272 2012-06-16] (Symantec Corporation)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [1900728 2013-06-06] (Microsoft Corporation)
S4 Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [240160 2009-07-04] (Acer)

==================== Drivers (Whitelisted) ====================

R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\BASHDefs\20130620.001\BHDrvx64.sys [1393240 2013-05-31] (Symantec Corporation)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\BASHDefs\20130620.001\BHDrvx64.sys [1393240 2013-05-31] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\0604010.00E\ccSetx64.sys [167072 2012-06-07] (Symantec Corporation)
S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [53816 2009-03-02] (Samsung Electronics Co., Ltd.)
S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [53816 2009-03-02] (Samsung Electronics Co., Ltd.)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2013-02-21] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2013-02-21] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2013-02-21] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\IPSDefs\20130629.001\IDSvia64.sys [513184 2013-02-16] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\IPSDefs\20130629.001\IDSvia64.sys [513184 2013-02-16] (Symantec Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20130701.021\ENG64.SYS [126040 2013-05-25] (Symantec Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20130701.021\ENG64.SYS [126040 2013-05-25] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20130701.021\EX64.SYS [2098776 2013-05-25] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.0.0.145\Definitions\VirusDefs\20130701.021\EX64.SYS [2098776 2013-05-25] (Symantec Corporation)
S3 SipIMNDI; C:\Windows\System32\DRIVERS\SipIMNDI64.sys [28192 2009-10-15] (T-Systems International GmbH)
S3 SRTSP; C:\Windows\System32\Drivers\N360x64\0604010.00E\SRTSP64.SYS [737952 2012-07-06] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\0604010.00E\SRTSPX64.SYS [37536 2012-07-06] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\0604010.00E\SYMDS64.SYS [451192 2011-08-16] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\0604010.00E\SYMEFA64.SYS [1129120 2012-05-22] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [175736 2013-02-18] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\0604010.00E\Ironx64.SYS [190072 2011-11-16] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\0604010.00E\SYMNETS.SYS [405624 2011-11-16] (Symantec Corporation)
R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}; C:\Program Files (x86)\CyberLink\PowerDVD8\000.fcl [146928 2009-09-29] (CyberLink Corp.)
R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054}; C:\Program Files (x86)\CyberLink\PowerDVD8\000.fcl [146928 2009-09-29] (CyberLink Corp.)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-07-02 12:27 - 2013-07-02 12:27 - 00000735 ____A C:\Users\Sysop.Ingo-PC\Desktop\AdwCleaner[S1].txt
2013-07-02 12:27 - 2013-07-02 12:27 - 00000000 ____D C:\FRST
2013-07-02 12:25 - 2013-07-02 12:25 - 00000735 ____A C:\AdwCleaner[S1].txt
2013-07-02 12:22 - 2013-07-02 12:22 - 01933556 ____A (Farbar) C:\Users\Sysop.Ingo-PC\Desktop\FRST64.exe
2013-07-02 12:22 - 2013-07-02 12:22 - 00093808 ____A C:\Users\Sysop.Ingo-PC\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-02 12:21 - 2013-07-02 12:21 - 00648201 ____A C:\Users\Sysop.Ingo-PC\Desktop\adwcleaner.exe
2013-07-02 08:12 - 2013-07-02 08:12 - 00000554 ____A C:\Windows\PFRO.log
2013-06-30 21:06 - 2013-06-30 21:07 - 00000000 ____D C:\Users\Sysop.Ingo-PC\AppData\Roaming\Mozilla
2013-06-30 21:06 - 2013-06-30 21:06 - 00012193 ____A C:\Users\Sysop.Ingo-PC\Desktop\gmer.log
2013-06-30 21:06 - 2013-06-30 21:06 - 00000000 ____D C:\Users\Sysop.Ingo-PC\AppData\Local\Mozilla
2013-06-30 20:58 - 2013-06-30 20:58 - 00059996 ____A C:\Users\Sysop.Ingo-PC\Desktop\Extras.Txt
2013-06-30 20:53 - 2013-06-30 20:58 - 00076804 ____A C:\Users\Sysop.Ingo-PC\Desktop\OTL.Txt
2013-06-30 20:41 - 2013-06-30 20:41 - 00000000 ____A C:\Users\Sysop.Ingo-PC\defogger_reenable
2013-06-30 17:44 - 2013-06-30 17:44 - 00000000 ____D C:\Users\Sysop.Ingo-PC\AppData\Roaming\Macromedia
2013-06-30 17:39 - 2013-06-30 17:39 - 00000000 ____D C:\Users\Sysop.Ingo-PC\AppData\Roaming\Apple Computer
2013-06-30 17:39 - 2013-06-30 17:39 - 00000000 ____D C:\Users\Sysop.Ingo-PC\AppData\Roaming\Adobe
2013-06-30 17:38 - 2013-06-30 20:41 - 00000000 ____D C:\users\Sysop.Ingo-PC
2013-06-30 17:38 - 2013-06-30 17:39 - 00000000 ____D C:\Users\Sysop.Ingo-PC\AppData\Local\VirtualStore
2013-06-30 17:38 - 2013-06-30 17:38 - 00000020 ___SH C:\Users\Sysop.Ingo-PC\ntuser.ini
2013-06-30 17:38 - 2013-06-30 17:38 - 00000000 __SHD C:\Users\Sysop.Ingo-PC\Vorlagen
2013-06-30 17:38 - 2013-06-30 17:38 - 00000000 __SHD C:\Users\Sysop.Ingo-PC\Startmenü
2013-06-30 17:38 - 2013-06-30 17:38 - 00000000 __SHD C:\Users\Sysop.Ingo-PC\Netzwerkumgebung
2013-06-30 17:38 - 2013-06-30 17:38 - 00000000 __SHD C:\Users\Sysop.Ingo-PC\Lokale Einstellungen
2013-06-30 17:38 - 2013-06-30 17:38 - 00000000 __SHD C:\Users\Sysop.Ingo-PC\Eigene Dateien
2013-06-30 17:38 - 2013-06-30 17:38 - 00000000 __SHD C:\Users\Sysop.Ingo-PC\Druckumgebung
2013-06-30 17:38 - 2013-06-30 17:38 - 00000000 __SHD C:\Users\Sysop.Ingo-PC\Documents\Eigene Musik
2013-06-30 17:38 - 2013-06-30 17:38 - 00000000 __SHD C:\Users\Sysop.Ingo-PC\Documents\Eigene Bilder
2013-06-30 17:38 - 2013-06-30 17:38 - 00000000 __SHD C:\Users\Sysop.Ingo-PC\AppData\Local\Verlauf
2013-06-30 17:38 - 2013-06-30 17:38 - 00000000 __SHD C:\Users\Sysop.Ingo-PC\AppData\Local\Anwendungsdaten
2013-06-30 17:38 - 2013-06-30 17:38 - 00000000 __SHD C:\Users\Sysop.Ingo-PC\Anwendungsdaten
2013-06-30 17:38 - 2010-01-15 19:11 - 00000000 ____D C:\Users\Sysop.Ingo-PC\AppData\Local\Microsoft Help
2013-06-30 16:50 - 2013-06-30 16:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-06-30 16:26 - 2013-07-02 12:26 - 00000224 ____A C:\Windows\setupact.log
2013-06-30 16:26 - 2013-06-30 16:26 - 00000000 ____A C:\Windows\setuperr.log
2013-06-26 17:45 - 2013-06-26 19:01 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-06-21 08:51 - 2013-06-21 08:51 - 00002363 ____A C:\Users\Sysop.Ingo-PC\Documents\gmer.log
2013-06-21 08:41 - 2013-06-21 08:42 - 00088664 ____A C:\Users\Sysop.Ingo-PC\Documents\OTL.Txt
2013-06-20 15:00 - 2013-06-20 15:00 - 00000020 __ASH C:\Users\Sysop\ntuser.ini
2013-06-20 15:00 - 2013-06-20 15:00 - 00000000 __SHD C:\Users\Sysop\Vorlagen
2013-06-20 15:00 - 2013-06-20 15:00 - 00000000 __SHD C:\Users\Sysop\Startmenü
2013-06-20 15:00 - 2013-06-20 15:00 - 00000000 __SHD C:\Users\Sysop\Netzwerkumgebung
2013-06-20 15:00 - 2013-06-20 15:00 - 00000000 __SHD C:\Users\Sysop\Lokale Einstellungen
2013-06-20 15:00 - 2013-06-20 15:00 - 00000000 __SHD C:\Users\Sysop\Eigene Dateien
2013-06-20 15:00 - 2013-06-20 15:00 - 00000000 __SHD C:\Users\Sysop\Druckumgebung
2013-06-20 15:00 - 2013-06-20 15:00 - 00000000 __SHD C:\Users\Sysop\Documents\Eigene Musik
2013-06-20 15:00 - 2013-06-20 15:00 - 00000000 __SHD C:\Users\Sysop\Documents\Eigene Bilder
2013-06-20 15:00 - 2013-06-20 15:00 - 00000000 __SHD C:\Users\Sysop\AppData\Local\Verlauf
2013-06-20 15:00 - 2013-06-20 15:00 - 00000000 __SHD C:\Users\Sysop\AppData\Local\Anwendungsdaten
2013-06-20 15:00 - 2013-06-20 15:00 - 00000000 __SHD C:\Users\Sysop\Anwendungsdaten
2013-06-20 15:00 - 2013-06-20 15:00 - 00000000 ____D C:\users\Sysop
2013-06-20 15:00 - 2013-06-20 15:00 - 00000000 ____A C:\Users\Sysop\defogger_reenable
2013-06-20 15:00 - 2010-01-15 19:11 - 00000000 ____D C:\Users\Sysop\AppData\Local\Microsoft Help
2013-06-20 08:55 - 2013-06-20 08:55 - 00054294 ____A C:\Users\Sysop.Ingo-PC\Documents\Extras.Txt
2013-06-20 08:46 - 2013-06-30 20:41 - 00000472 ____A C:\Users\Sysop.Ingo-PC\Desktop\defogger_disable.log
2013-06-20 08:46 - 2013-06-20 08:46 - 00000000 ____A C:\Users\Ingo\defogger_reenable
2013-06-20 08:37 - 2013-06-20 08:37 - 00602112 ____A (OldTimer Tools) C:\Users\Sysop.Ingo-PC\Desktop\OTL.exe
2013-06-20 08:28 - 2013-06-20 08:28 - 00377856 ____A C:\Users\Sysop.Ingo-PC\Desktop\gmer_2.1.19163.exe
2013-06-20 08:24 - 2013-06-20 08:24 - 00050477 ____A C:\Users\Sysop.Ingo-PC\Desktop\Defogger.exe
2013-06-19 21:19 - 2013-06-19 21:19 - 00051496 ____A (Windows (R) Win 7 DDK provider) C:\Windows\System32\Drivers\stflt.sys
2013-06-19 12:09 - 2013-06-12 21:47 - 00096168 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-19 12:09 - 2013-06-12 21:43 - 00263592 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-06-19 12:09 - 2013-06-12 21:43 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-06-19 12:09 - 2013-06-12 21:43 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-06-19 12:08 - 2013-06-19 12:09 - 00004944 ____A C:\Windows\SysWOW64\jupdate-1.7.0_25-b16.log
2013-06-19 09:22 - 2013-06-05 17:10 - 00009064 ____A (EldoS Corporation) C:\Windows\System32\elevtmsg.dll
2013-06-19 09:22 - 2012-08-23 16:13 - 00243200 ____A (Microsoft Corporation) C:\Windows\System32\rdpudd.dll
2013-06-19 09:22 - 2012-08-23 16:10 - 00019456 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\rdpvideominiport.sys
2013-06-19 09:22 - 2012-08-23 16:07 - 00057856 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\TsUsbFlt.sys
2013-06-19 09:22 - 2012-08-23 15:47 - 00046592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2013-06-19 09:22 - 2012-08-23 15:46 - 00016896 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2013-06-19 09:22 - 2012-08-23 15:41 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\TsUsbRedirectionGroupPolicyControl.exe
2013-06-19 09:22 - 2012-08-23 15:40 - 00013312 ____A (Microsoft Corporation) C:\Windows\System32\TsUsbRedirectionGroupPolicyExtension.dll
2013-06-19 09:22 - 2012-08-23 15:24 - 00015360 ____A (Microsoft Corporation) C:\Windows\System32\RdpGroupPolicyExtension.dll
2013-06-19 09:22 - 2012-08-23 15:20 - 00054272 ____A (Microsoft Corporation) C:\Windows\System32\MsRdpWebAccess.dll
2013-06-19 09:22 - 2012-08-23 15:18 - 00037376 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2013-06-19 09:22 - 2012-08-23 15:17 - 00018432 ____A (Microsoft Corporation) C:\Windows\System32\wksprtPS.dll
2013-06-19 09:22 - 2012-08-23 15:06 - 00043520 ____A (Microsoft Corporation) C:\Windows\System32\TsUsbGDCoInstaller.dll
2013-06-19 09:22 - 2012-08-23 14:52 - 00044032 ____A (Microsoft Corporation) C:\Windows\System32\tsgqec.dll
2013-06-19 09:22 - 2012-08-23 13:20 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\TSWbPrxy.exe
2013-06-19 09:22 - 2012-08-23 13:15 - 00269312 ____A (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2013-06-19 09:22 - 2012-08-23 13:14 - 00384000 ____A (Microsoft Corporation) C:\Windows\System32\wksprt.exe
2013-06-19 09:22 - 2012-08-23 13:12 - 00192000 ____A (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2013-06-19 09:22 - 2012-08-23 12:54 - 00322560 ____A (Microsoft Corporation) C:\Windows\System32\aaclient.dll
2013-06-19 09:22 - 2012-08-23 12:51 - 00228864 ____A (Microsoft Corporation) C:\Windows\System32\rdpendp_winip.dll
2013-06-19 09:22 - 2012-08-23 12:39 - 01048064 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2013-06-19 09:22 - 2012-08-23 12:22 - 01123840 ____A (Microsoft Corporation) C:\Windows\System32\mstsc.exe
2013-06-19 09:22 - 2012-08-23 11:51 - 03174912 ____A (Microsoft Corporation) C:\Windows\System32\rdpcorets.dll
2013-06-19 09:22 - 2012-08-23 10:19 - 04916224 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2013-06-19 09:22 - 2012-08-23 10:13 - 05773824 ____A (Microsoft Corporation) C:\Windows\System32\mstscax.dll
2013-06-19 09:21 - 2012-08-24 20:13 - 00154480 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\ksecpkg.sys
2013-06-19 09:21 - 2012-08-24 20:09 - 00458712 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\cng.sys
2013-06-19 09:21 - 2012-08-24 20:05 - 00340992 ____A (Microsoft Corporation) C:\Windows\System32\schannel.dll
2013-06-19 09:21 - 2012-08-24 20:03 - 01448448 ____A (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2013-06-19 09:21 - 2012-08-24 18:57 - 00247808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-06-19 09:21 - 2012-08-24 18:57 - 00022016 ____A (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-06-19 09:21 - 2012-08-24 18:53 - 00096768 ____A (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-06-19 09:21 - 2012-05-04 13:00 - 00366592 ____A (Microsoft Corporation) C:\Windows\System32\qdvd.dll
2013-06-19 09:21 - 2012-05-04 11:59 - 00514560 ____A (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2013-06-19 08:24 - 2013-06-20 09:44 - 01603724 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2013-06-15 16:05 - 2013-06-08 16:08 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-15 16:05 - 2013-06-08 16:07 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-15 16:05 - 2013-06-08 16:06 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-15 16:05 - 2013-06-08 16:06 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-15 16:05 - 2013-06-08 16:06 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-15 16:05 - 2013-06-08 14:28 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-15 16:05 - 2013-06-08 13:42 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-15 16:05 - 2013-06-08 13:40 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-15 16:05 - 2013-06-08 13:40 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-15 16:05 - 2013-06-08 13:40 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-15 16:05 - 2013-06-08 13:40 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-15 16:05 - 2013-06-08 13:13 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-12 19:03 - 2013-05-17 03:25 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-06-12 19:03 - 2013-05-17 03:25 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-06-12 19:03 - 2013-05-17 03:25 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-06-12 19:03 - 2013-05-17 03:25 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-06-12 19:03 - 2013-05-17 03:25 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-06-12 19:03 - 2013-05-17 03:25 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-06-12 19:03 - 2013-05-17 03:25 - 00039424 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-06-12 19:03 - 2013-05-17 03:25 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-06-12 19:03 - 2013-05-17 02:59 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-06-12 19:03 - 2013-05-17 02:59 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-06-12 19:03 - 2013-05-17 02:58 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-06-12 19:03 - 2013-05-17 02:58 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-06-12 19:03 - 2013-05-17 02:58 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-06-12 19:03 - 2013-05-17 02:58 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-06-12 19:03 - 2013-05-17 02:58 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-06-12 19:03 - 2013-05-17 02:58 - 00053248 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-06-12 19:03 - 2013-05-17 02:58 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-06-12 19:03 - 2013-05-14 14:23 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-06-12 19:03 - 2013-05-14 10:40 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-06-12 17:59 - 2013-06-12 17:59 - 09089416 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2013-06-12 16:40 - 2013-05-10 07:49 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-12 16:40 - 2013-05-10 05:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-12 16:40 - 2013-05-08 08:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-12 16:40 - 2013-04-26 07:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-12 16:40 - 2013-04-26 06:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-06-12 16:40 - 2013-04-17 09:02 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-06-12 16:40 - 2013-04-17 08:24 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-06-12 16:39 - 2013-05-13 07:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-12 16:39 - 2013-05-13 07:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-12 16:39 - 2013-05-13 07:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-12 16:39 - 2013-05-13 07:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-12 16:39 - 2013-05-13 06:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-12 16:39 - 2013-05-13 06:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-06-12 16:39 - 2013-05-13 06:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-12 16:39 - 2013-05-13 05:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-12 16:39 - 2013-05-13 05:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-12 16:39 - 2013-05-13 05:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-06-12 16:39 - 2013-04-26 01:30 - 01505280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-06-12 16:39 - 2013-04-01 00:52 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-06-11 10:29 - 2010-06-02 04:55 - 00527192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_7.dll
2013-06-11 10:29 - 2010-06-02 04:55 - 00518488 ____A (Microsoft Corporation) C:\Windows\System32\XAudio2_7.dll
2013-06-11 10:29 - 2010-06-02 04:55 - 00077656 ____A (Microsoft Corporation) C:\Windows\System32\XAPOFX1_5.dll
2013-06-11 10:29 - 2010-06-02 04:55 - 00074072 ____A (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_5.dll
2013-06-11 10:29 - 2010-05-26 11:41 - 02526056 ____A (Microsoft Corporation) C:\Windows\System32\D3DCompiler_43.dll
2013-06-11 10:29 - 2010-05-26 11:41 - 02106216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_43.dll
2013-06-11 10:29 - 2010-05-26 11:41 - 00276832 ____A (Microsoft Corporation) C:\Windows\System32\d3dx11_43.dll
2013-06-11 10:29 - 2010-05-26 11:41 - 00248672 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2013-06-11 10:28 - 2009-09-04 17:29 - 00523088 ____A (Microsoft Corporation) C:\Windows\System32\d3dx10_42.dll
2013-06-11 10:28 - 2009-09-04 17:29 - 00453456 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2013-06-11 10:27 - 2013-06-11 19:56 - 00000000 ____D C:\Users\Ingo\AppData\Local\Windows Live

==================== One Month Modified Files and Folders =======

2013-07-02 12:27 - 2013-07-02 12:27 - 00000735 ____A C:\Users\Sysop.Ingo-PC\Desktop\AdwCleaner[S1].txt
2013-07-02 12:27 - 2013-07-02 12:27 - 00000000 ____D C:\FRST
2013-07-02 12:26 - 2013-06-30 16:26 - 00000224 ____A C:\Windows\setupact.log
2013-07-02 12:26 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-07-02 12:25 - 2013-07-02 12:25 - 00000735 ____A C:\AdwCleaner[S1].txt
2013-07-02 12:25 - 2012-03-16 12:41 - 01424041 ____A C:\Windows\WindowsUpdate.log
2013-07-02 12:25 - 2009-07-14 06:45 - 00009920 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-02 12:25 - 2009-07-14 06:45 - 00009920 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-02 12:22 - 2013-07-02 12:22 - 01933556 ____A (Farbar) C:\Users\Sysop.Ingo-PC\Desktop\FRST64.exe
2013-07-02 12:22 - 2013-07-02 12:22 - 00093808 ____A C:\Users\Sysop.Ingo-PC\AppData\Local\GDIPFONTCACHEV1.DAT
2013-07-02 12:21 - 2013-07-02 12:21 - 00648201 ____A C:\Users\Sysop.Ingo-PC\Desktop\adwcleaner.exe
2013-07-02 10:36 - 2011-12-25 10:23 - 00000000 ___RD C:\Users\Ingo\Dropbox
2013-07-02 10:36 - 2011-12-25 10:20 - 00000000 ____D C:\Users\Ingo\AppData\Roaming\Dropbox
2013-07-02 08:12 - 2013-07-02 08:12 - 00000554 ____A C:\Windows\PFRO.log
2013-07-02 08:12 - 2012-04-27 17:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-07-02 08:12 - 2009-07-14 06:45 - 00371760 ____A C:\Windows\System32\FNTCACHE.DAT
2013-06-30 21:07 - 2013-06-30 21:06 - 00000000 ____D C:\Users\Sysop.Ingo-PC\AppData\Roaming\Mozilla
2013-06-30 21:06 - 2013-06-30 21:06 - 00012193 ____A C:\Users\Sysop.Ingo-PC\Desktop\gmer.log
2013-06-30 21:06 - 2013-06-30 21:06 - 00000000 ____D C:\Users\Sysop.Ingo-PC\AppData\Local\Mozilla
2013-06-30 20:58 - 2013-06-30 20:58 - 00059996 ____A C:\Users\Sysop.Ingo-PC\Desktop\Extras.Txt
2013-06-30 20:58 - 2013-06-30 20:53 - 00076804 ____A C:\Users\Sysop.Ingo-PC\Desktop\OTL.Txt
2013-06-30 20:41 - 2013-06-30 20:41 - 00000000 ____A C:\Users\Sysop.Ingo-PC\defogger_reenable
2013-06-30 20:41 - 2013-06-30 17:38 - 00000000 ____D C:\users\Sysop.Ingo-PC
2013-06-30 20:41 - 2013-06-20 08:46 - 00000472 ____A C:\Users\Sysop.Ingo-PC\Desktop\defogger_disable.log
2013-06-30 17:44 - 2013-06-30 17:44 - 00000000 ____D C:\Users\Sysop.Ingo-PC\AppData\Roaming\Macromedia
2013-06-30 17:39 - 2013-06-30 17:39 - 00000000 ____D C:\Users\Sysop.Ingo-PC\AppData\Roaming\Apple Computer
2013-06-30 17:39 - 2013-06-30 17:39 - 00000000 ____D C:\Users\Sysop.Ingo-PC\AppData\Roaming\Adobe
2013-06-30 17:39 - 2013-06-30 17:38 - 00000000 ____D C:\Users\Sysop.Ingo-PC\AppData\Local\VirtualStore
2013-06-30 17:38 - 2013-06-30 17:38 - 00000020 ___SH C:\Users\Sysop.Ingo-PC\ntuser.ini
2013-06-30 17:38 - 2013-06-30 17:38 - 00000000 __SHD C:\Users\Sysop.Ingo-PC\Vorlagen
2013-06-30 17:38 - 2013-06-30 17:38 - 00000000 __SHD C:\Users\Sysop.Ingo-PC\Startmenü
2013-06-30 17:38 - 2013-06-30 17:38 - 00000000 __SHD C:\Users\Sysop.Ingo-PC\Netzwerkumgebung
2013-06-30 17:38 - 2013-06-30 17:38 - 00000000 __SHD C:\Users\Sysop.Ingo-PC\Lokale Einstellungen
2013-06-30 17:38 - 2013-06-30 17:38 - 00000000 __SHD C:\Users\Sysop.Ingo-PC\Eigene Dateien
2013-06-30 17:38 - 2013-06-30 17:38 - 00000000 __SHD C:\Users\Sysop.Ingo-PC\Druckumgebung
2013-06-30 17:38 - 2013-06-30 17:38 - 00000000 __SHD C:\Users\Sysop.Ingo-PC\Documents\Eigene Musik
2013-06-30 17:38 - 2013-06-30 17:38 - 00000000 __SHD C:\Users\Sysop.Ingo-PC\Documents\Eigene Bilder
2013-06-30 17:38 - 2013-06-30 17:38 - 00000000 __SHD C:\Users\Sysop.Ingo-PC\AppData\Local\Verlauf
2013-06-30 17:38 - 2013-06-30 17:38 - 00000000 __SHD C:\Users\Sysop.Ingo-PC\AppData\Local\Anwendungsdaten
2013-06-30 17:38 - 2013-06-30 17:38 - 00000000 __SHD C:\Users\Sysop.Ingo-PC\Anwendungsdaten
2013-06-30 17:06 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\NDF
2013-06-30 16:50 - 2013-06-30 16:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-06-30 16:26 - 2013-06-30 16:26 - 00000000 ____A C:\Windows\setuperr.log
2013-06-28 19:10 - 2009-12-02 19:12 - 00703230 ____A C:\Windows\System32\perfh007.dat
2013-06-28 19:10 - 2009-12-02 19:12 - 00150838 ____A C:\Windows\System32\perfc007.dat
2013-06-28 19:10 - 2009-07-14 07:13 - 01629444 ____A C:\Windows\System32\PerfStringBackup.INI
2013-06-28 16:41 - 2010-01-13 13:12 - 00000000 ____D C:\Users\Ingo\Documents\Privat
2013-06-28 16:19 - 2013-05-19 18:40 - 00000000 ____D C:\Users\Ingo\Documents\Sticker
2013-06-26 19:01 - 2013-06-26 17:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2013-06-26 15:54 - 2010-01-12 17:14 - 00000000 ____D C:\Users\Ingo\AppData\Local\Microsoft Help
2013-06-25 12:18 - 2010-01-13 13:11 - 00000000 ____D C:\Users\Ingo\Documents\Kufstein
2013-06-22 12:25 - 2010-03-03 17:36 - 00000000 ____D C:\Windows\Minidump
2013-06-21 08:51 - 2013-06-21 08:51 - 00002363 ____A C:\Users\Sysop.Ingo-PC\Documents\gmer.log
2013-06-21 08:42 - 2013-06-21 08:41 - 00088664 ____A C:\Users\Sysop.Ingo-PC\Documents\OTL.Txt
2013-06-20 15:00 - 2013-06-20 15:00 - 00000020 __ASH C:\Users\Sysop\ntuser.ini
2013-06-20 15:00 - 2013-06-20 15:00 - 00000000 __SHD C:\Users\Sysop\Vorlagen
2013-06-20 15:00 - 2013-06-20 15:00 - 00000000 __SHD C:\Users\Sysop\Startmenü
2013-06-20 15:00 - 2013-06-20 15:00 - 00000000 __SHD C:\Users\Sysop\Netzwerkumgebung
2013-06-20 15:00 - 2013-06-20 15:00 - 00000000 __SHD C:\Users\Sysop\Lokale Einstellungen
2013-06-20 15:00 - 2013-06-20 15:00 - 00000000 __SHD C:\Users\Sysop\Eigene Dateien
2013-06-20 15:00 - 2013-06-20 15:00 - 00000000 __SHD C:\Users\Sysop\Druckumgebung
2013-06-20 15:00 - 2013-06-20 15:00 - 00000000 __SHD C:\Users\Sysop\Documents\Eigene Musik
2013-06-20 15:00 - 2013-06-20 15:00 - 00000000 __SHD C:\Users\Sysop\Documents\Eigene Bilder
2013-06-20 15:00 - 2013-06-20 15:00 - 00000000 __SHD C:\Users\Sysop\AppData\Local\Verlauf
2013-06-20 15:00 - 2013-06-20 15:00 - 00000000 __SHD C:\Users\Sysop\AppData\Local\Anwendungsdaten
2013-06-20 15:00 - 2013-06-20 15:00 - 00000000 __SHD C:\Users\Sysop\Anwendungsdaten
2013-06-20 15:00 - 2013-06-20 15:00 - 00000000 ____D C:\users\Sysop
2013-06-20 15:00 - 2013-06-20 15:00 - 00000000 ____A C:\Users\Sysop\defogger_reenable
2013-06-20 09:44 - 2013-06-19 08:24 - 01603724 ____A C:\Windows\SysWOW64\PerfStringBackup.INI
2013-06-20 08:55 - 2013-06-20 08:55 - 00054294 ____A C:\Users\Sysop.Ingo-PC\Documents\Extras.Txt
2013-06-20 08:46 - 2013-06-20 08:46 - 00000000 ____A C:\Users\Ingo\defogger_reenable
2013-06-20 08:46 - 2010-01-05 18:06 - 00000000 ____D C:\users\Ingo
2013-06-20 08:42 - 2010-01-13 13:11 - 00000000 ____D C:\Users\Ingo\Documents\Daniel
2013-06-20 08:37 - 2013-06-20 08:37 - 00602112 ____A (OldTimer Tools) C:\Users\Sysop.Ingo-PC\Desktop\OTL.exe
2013-06-20 08:28 - 2013-06-20 08:28 - 00377856 ____A C:\Users\Sysop.Ingo-PC\Desktop\gmer_2.1.19163.exe
2013-06-20 08:24 - 2013-06-20 08:24 - 00050477 ____A C:\Users\Sysop.Ingo-PC\Desktop\Defogger.exe
2013-06-19 21:19 - 2013-06-19 21:19 - 00051496 ____A (Windows (R) Win 7 DDK provider) C:\Windows\System32\Drivers\stflt.sys
2013-06-19 17:17 - 2010-01-05 18:07 - 00000000 ____D C:\Users\Ingo\AppData\Local\VirtualStore
2013-06-19 12:18 - 2010-01-14 16:45 - 06620160 ____A C:\Users\Ingo\Documents\backup.pst
2013-06-19 12:17 - 2012-06-10 08:38 - 00000000 ____D C:\Users\Ingo\AppData\Local\8D128975-D491-4DC1-8654-8E2EBCF7F77A.aplzod
2013-06-19 12:09 - 2013-06-19 12:08 - 00004944 ____A C:\Windows\SysWOW64\jupdate-1.7.0_25-b16.log
2013-06-19 12:09 - 2012-04-14 17:35 - 00000000 ____D C:\Program Files (x86)\Java
2013-06-19 09:26 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-06-19 09:04 - 2010-01-13 13:15 - 00000000 ____D C:\Program Files (x86)\CCleaner
2013-06-18 18:53 - 2009-10-24 01:03 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-06-18 08:17 - 2010-01-14 12:16 - 00002217 ____A C:\Windows\PTH2004G.INI
2013-06-18 08:17 - 2010-01-14 12:16 - 00000190 ____A C:\Windows\LangIDlib.INI
2013-06-18 08:15 - 2012-02-01 19:03 - 00001641 ____A C:\Windows\wininit.ini
2013-06-14 13:05 - 2012-09-11 19:53 - 00000000 ____D C:\Users\Ingo\Documents\Rolf
2013-06-14 11:54 - 2013-05-01 21:44 - 00000000 ____D C:\Program Files\Microsoft Office 15
2013-06-13 19:02 - 2007-07-12 03:49 - 00000000 ____D C:\Windows\Panther
2013-06-12 21:48 - 2012-07-11 10:20 - 00867240 ____A (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2013-06-12 21:48 - 2010-04-18 08:17 - 00789416 ____A (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2013-06-12 21:47 - 2013-06-19 12:09 - 00096168 ____A (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-06-12 21:43 - 2013-06-19 12:09 - 00263592 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2013-06-12 21:43 - 2013-06-19 12:09 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2013-06-12 21:43 - 2013-06-19 12:09 - 00175016 ____A (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2013-06-12 19:05 - 2010-01-12 17:15 - 75825640 ____A (Microsoft Corporation) C:\Windows\System32\MRT.exe
2013-06-12 17:59 - 2013-06-12 17:59 - 09089416 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2013-06-12 17:59 - 2012-09-25 08:39 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-12 17:59 - 2011-06-05 08:04 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-11 19:56 - 2013-06-11 10:27 - 00000000 ____D C:\Users\Ingo\AppData\Local\Windows Live
2013-06-11 19:53 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-06-11 16:58 - 2009-07-14 07:08 - 00032632 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-06-09 19:16 - 2010-01-13 13:11 - 00000000 ____D C:\Users\Ingo\Documents\Bank
2013-06-08 16:08 - 2013-06-15 16:05 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-06-08 16:07 - 2013-06-15 16:05 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-06-08 16:06 - 2013-06-15 16:05 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-06-08 16:06 - 2013-06-15 16:05 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-06-08 16:06 - 2013-06-15 16:05 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-06-08 14:28 - 2013-06-15 16:05 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-06-08 13:42 - 2013-06-15 16:05 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-06-08 13:40 - 2013-06-15 16:05 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-06-08 13:40 - 2013-06-15 16:05 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-06-08 13:40 - 2013-06-15 16:05 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-06-08 13:40 - 2013-06-15 16:05 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-06-08 13:13 - 2013-06-15 16:05 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-06-05 17:10 - 2013-06-19 09:22 - 00009064 ____A (EldoS Corporation) C:\Windows\System32\elevtmsg.dll

Files to move or delete:
====================
C:\ProgramData\FullRemove.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2012-06-26 21:19

==================== End Of Log ============================
--- --- ---


Addition:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-07-2013
Ran by Sysop at 2013-07-02 12:28:54
Running from C:\Users\Sysop.Ingo-PC\Desktop
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

 Update for Microsoft Office 2007 (KB2508958) (x32)
64 Bit HP CIO Components Installer (Version: 6.2.2)
7-Zip 4.65 (x64 edition) (Version: 4.65.00.0)
Adobe Flash Player 11 ActiveX (x32 Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (x32 Version: 11.7.700.224)
Adobe Photoshop Elements 7.0 (x32 Version: 7.0.1)
Adobe Photoshop Elements 7.0 (x32 Version: 7.0.1.3)
Adobe Reader X (10.1.7) - Deutsch (x32 Version: 10.1.7)
Advertising Center (x32 Version: 0.0.0.2)
Apple Application Support (x32 Version: 2.2.2)
Apple Mobile Device Support (Version: 6.0.0.59)
Apple Software Update (x32 Version: 2.1.3.127)
Bonjour (Version: 3.0.0.10)
Canon MP Navigator EX 2.0 (x32)
Canon Utilities Solution Menu (x32)
CanoScan LiDE 200 Scanner Driver
CCleaner (Version: 4.02)
CDDRV_Installer (Version: 4.60)
CyberLink PowerDVD 8 (x32 Version: 8.0.3402)
GEAR driver installer for x86 and x64 (x32 Version: 4.008.5)
iCloud (Version: 2.0.2.187)
ImagXpress (x32 Version: 7.0.74.0)
IrfanView (remove only) (x32 Version: 4.30)
iTunes (Version: 10.7.0.21)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.9.5)
KhalInstallWrapper (Version: 4.72.40)
Lotus Organizer 6.0 (x32)
Microsoft .NET Framework 4.5 (Version: 4.5.50709)
Microsoft .NET Framework 4.5 DEU Language Pack (Version: 4.5.50709)
Microsoft Office 2007 Service Pack 3 (SP3) (x32)
Microsoft Office 365 Home Premium - de-de (Version: 15.0.4505.1510)
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Ultimate 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (x32 Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (x32 Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Mozilla Firefox 22.0 (x86 de) (x32 Version: 22.0)
Mozilla Maintenance Service (x32 Version: 22.0)
Mozilla Thunderbird 17.0.7 (x86 de) (x32 Version: 17.0.7)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
Nero ControlCenter (x32 Version: 9.0.0.1)
Nero DiscSpeed (x32 Version: 5.4.7.201)
Nero DiscSpeed Help (x32 Version: 5.4.4.100)
Nero DriveSpeed (x32 Version: 4.4.7.201)
Nero DriveSpeed Help (x32 Version: 4.4.4.100)
Nero Express Help (x32 Version: 9.4.9.100)
Nero InfoTool (x32 Version: 6.4.7.201)
Nero InfoTool Help (x32 Version: 6.4.4.100)
Nero Installer (x32 Version: 4.4.8.1)
Nero Online Upgrade (x32 Version: 1.3.0.0)
Nero StartSmart (x32 Version: 9.4.11.209)
Nero StartSmart Help (x32 Version: 9.4.1.100)
Nero StartSmart OEM (x32 Version: 9.4.10.100)
NeroExpress (x32 Version: 9.4.10.505)
neroxml (x32 Version: 1.0.0)
Norton 360 (x32 Version: 6.4.1.14)
NVIDIA Drivers (Version: 1.9)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4505.1510)
Office 15 Click-to-Run Licensing Component (Version: 15.0.4505.1510)
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4505.1510)
Packard Bell InfoCentre (x32 Version: 3.02.3000)
Packard Bell Power Management (x32 Version: 4.05.3004)
Packard Bell Recovery Management (x32 Version: 4.05.3006)
Packard Bell Updater (x32 Version: 1.01.3017)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.5904)
Realtek USB 2.0 Card Reader (x32 Version: 6.1.7600.30104)
Samsung ML-2010 Series SmartPanel (x32)
Sudoku (x32)
Synaptics Pointing Device Driver (Version: 14.0.4.0)
TeamViewer 8 (x32 Version: 8.0.16642)
Update for 2007 Microsoft Office System (KB967642) (x32)
Update for Microsoft .NET Framework 4.5 (KB2750147) (x32 Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2805221) (x32 Version: 1)
Update for Microsoft .NET Framework 4.5 (KB2805226) (x32 Version: 1)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (x32)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817327) 32-Bit Edition (x32)
Update für Microsoft Office Excel 2007 Help (KB963678) (x32)
Update für Microsoft Office Outlook 2007 Help (KB963677) (x32)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (x32)
Update für Microsoft Office Word 2007 Help (KB963665) (x32)

==================== Restore Points  =========================

11-06-2013 08:27:23 Windows Live Essentials
11-06-2013 08:28:40 DirectX wurde installiert
11-06-2013 08:29:16 DirectX wurde installiert
11-06-2013 17:48:22 Windows Live Essentials
12-06-2013 17:01:24 Windows Update
15-06-2013 14:04:49 Windows Update
18-06-2013 06:15:39 Removed Video Web Camera
19-06-2013 07:16:08 Windows Update
19-06-2013 07:21:55 Windows Update
19-06-2013 07:23:37 Gerätetreiber-Paketinstallation: EldoS Corporation Systemgeräte
20-06-2013 07:29:12 Windows Update

==================== Scheduled Tasks (whitelisted) =============

Task: {1F823116-4474-408D-8E1E-6E0119CE3648} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\SymErr.exe [2012-02-04] (Symantec Corporation)
Task: {21FD9EA3-189C-4939-A8A3-AE56179A1972} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => C:\Windows\system32\rundll32.exe [2009-07-14] (Microsoft Corporation)
Task: {4DFC6C65-6C4E-48ED-80DF-CB6E1E0C3D91} - System32\Tasks\CCleanerSkipUAC => C:\Program Files (x86)\CCleaner\CCleaner.exe [2013-05-24] (Piriform Ltd)
Task: {512513A9-3E00-4375-93CC-F83229B6CD07} - System32\Tasks\Microsoft\Windows\WindowsBackup\Windows Backup Monitor => C:\Windows\system32\sdclt.exe [2010-11-20] (Microsoft Corporation)
Task: {5D2C43F7-0667-4404-8F41-59007339C36D} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2013-06-14] (Microsoft Corporation)
Task: {B6099374-38D5-4FDE-A4EC-D9F77F9B5B93} - System32\Tasks\Games\UpdateCheck_S-1-5-21-551582189-2095768138-3948745554-1000
Task: {B74E9FFF-82B3-4CE1-8F7B-99EDFDE7C380} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\SymErr.exe [2012-02-04] (Symantec Corporation)
Task: {BA64F4FB-CF4C-4232-AD78-35E978656139} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe [2013-06-06] (Microsoft Corporation)
Task: {C52296EE-CDB9-4D32-9515-066A1E3FC318} - System32\Tasks\{AE1D0868-CD1B-4FEB-81F5-49CF2262FE1F} => C:\Program Files (x86)\CCleaner\CCleaner64.exe [2013-05-24] (Piriform Ltd)
Task: {DEC48389-8EFF-47C6-A2B3-EBA9844EF0D3} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\6.4.1.14\WSCStub.exe [2013-02-02] (Symantec Corporation)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (06/30/2013 04:27:02 PM) (Source: Windows Search Service) (User: )
Description: Der Index kann nicht initialisiert werden.


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/30/2013 04:27:02 PM) (Source: Windows Search Service) (User: )
Description: Die Anwendung kann nicht initialisiert werden.

Kontext: Windows Anwendung


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/30/2013 04:27:02 PM) (Source: Windows Search Service) (User: )
Description: Das Gatherer-Objekt kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/30/2013 04:27:01 PM) (Source: Windows Search Service) (User: )
Description: Plug-In in <Search.TripoliIndexer> kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Element nicht gefunden.  (HRESULT : 0x80070490) (0x80070490)

Error: (06/30/2013 04:26:56 PM) (Source: Windows Search Service) (User: )
Description: Plug-In in <Search.JetPropStore> kann nicht initialisiert werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/30/2013 04:26:56 PM) (Source: Windows Search Service) (User: )
Description: Die Eigenschaftenspeicherdaten können von Windows Search nicht geladen werden.

Kontext: Windows Anwendung, SystemIndex Katalog


Details:
	Die Inhaltsindexdatenbank ist fehlerhaft.  (HRESULT : 0xc0041800) (0xc0041800)

Error: (06/30/2013 04:26:56 PM) (Source: Windows Search Service) (User: )
Description: Windows Search wird aufgrund eines Problems bei der Indizierung The catalog is corrupt beendet.


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/30/2013 04:26:56 PM) (Source: Windows Search Service) (User: )
Description: Vom Suchdienst wurden beschädigte Datendateien im Index {id=4700} erkannt. Vom Dienst wird versucht, dieses Problem durch Neuerstellung des Indexes automatisch zu beheben.


Details:
	Der Inhaltsindexkatalog ist fehlerhaft.  (HRESULT : 0xc0041801) (0xc0041801)

Error: (06/30/2013 04:26:56 PM) (Source: Windows Search Service) (User: )
Description: Der Jet-Eigenschaftenspeicher kann von Windows Search nicht geöffnet werden.


Details:
	0x%08x (0xc0041800 - Die Inhaltsindexdatenbank ist fehlerhaft.  (HRESULT : 0xc0041800))

Error: (06/30/2013 04:26:56 PM) (Source: ESENT) (User: )
Description: Windows (2792) Windows: Fehler -1811 beim Öffnen von Protokolldatei C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS0032D.log.


System errors:
=============
Error: (07/02/2013 00:26:39 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%20

Error: (07/02/2013 08:12:26 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%20

Error: (07/01/2013 08:21:33 PM) (Source: SRTSP) (User: )
Description: Error loading virus definitions.

Error: (07/01/2013 08:59:45 AM) (Source: SRTSP) (User: )
Description: Error loading virus definitions.

Error: (06/30/2013 04:44:27 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%20

Error: (06/30/2013 04:27:02 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (06/30/2013 04:27:02 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem Fehler beendet: %%-1073473535.

Error: (06/30/2013 04:26:35 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%20

Error: (06/30/2013 10:10:41 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%20

Error: (06/29/2013 03:20:38 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053


Microsoft Office Sessions:
=========================
Error: (06/10/2012 08:39:43 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (06/10/2012 08:39:33 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1 seconds with 0 seconds of active time.  This session ended with a crash.

Error: (06/10/2012 08:39:16 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 6 seconds with 0 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2010-01-13 19:51:03.052
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2010-01-13 19:45:06.206
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2010-01-13 19:35:18.959
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2010-01-13 19:29:44.646
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2010-01-13 19:16:42.716
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2010-01-13 18:37:24.840
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2010-01-13 18:12:10.192
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2010-01-13 18:04:52.532
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2010-01-13 17:53:52.820
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2010-01-13 17:43:35.379
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Program Files (x86)\T-Home\Dialerschutz-Software\df64.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 26%
Total physical RAM: 4093.98 MB
Available physical RAM: 3017.94 MB
Total Pagefile: 8186.14 MB
Available Pagefile: 7145.57 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (Packard Bell) (Fixed) (Total:285.99 GB) (Free:203.41 GB) NTFS (Disk=0 Partition=3)

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: AFD7E89D)
Partition 1: (Not Active) - (Size=12 GB) - (Type=27)
Partition 2: (Active) - (Size=102 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=286 GB) - (Type=07 NTFS)

==================== End Of Log ============================
__________________
 

Themen zu search.conduit (Reste) entfernen
4d36e972-e325-11ce-bfc1-08002be10318, 7-zip, autorun, bho, bonjour, browser, entfernen, error, excel, fehler, firefox, flash player, google, helper, home, homepage, iexplore.exe, install.exe, junkware, junkware removal tool, mozilla, object, office 365, packard bell, plug-in, realtek, registry, scan, security, software, svchost.exe, symantec, tunnel, windows


« dwm.exe unter Virenverdacht | Mein Computer verschickt eMails über meinen Account an fremde eMail-Adressen »


Ähnliche Themen: search.conduit (Reste) entfernen


  1. Lab.search.conduit.com entfernen
    Anleitungen, FAQs & Links - 08.05.2014 (2)
  2. conduit search
    Plagegeister aller Art und deren Bekämpfung - 24.04.2014 (7)
  3. Search Conduit Entfernen
    Log-Analyse und Auswertung - 15.04.2014 (16)
  4. Conduit Search
    Log-Analyse und Auswertung - 23.03.2014 (7)
  5. search.conduit.com lässt sich nicht entfernen von chrome
    Plagegeister aller Art und deren Bekämpfung - 29.01.2014 (3)
  6. Search Protect von Conduit - wie restlos entfernen?
    Plagegeister aller Art und deren Bekämpfung - 27.01.2014 (9)
  7. Search protect - conduit
    Plagegeister aller Art und deren Bekämpfung - 27.01.2014 (17)
  8. search.conduit - Werbebanner und Pop-Ups
    Plagegeister aller Art und deren Bekämpfung - 15.01.2014 (7)
  9. search.conduit-Trojaner
    Plagegeister aller Art und deren Bekämpfung - 12.01.2014 (9)
  10. Search Conduit
    Plagegeister aller Art und deren Bekämpfung - 06.01.2014 (5)
  11. Search.conduit.com auf Windows 8
    Plagegeister aller Art und deren Bekämpfung - 05.01.2014 (7)
  12. Search Conduit entfernen
    Plagegeister aller Art und deren Bekämpfung - 31.12.2013 (7)
  13. search protect by conduit
    Plagegeister aller Art und deren Bekämpfung - 19.12.2013 (11)
  14. Search Protect by Conduit (u.a.?)
    Log-Analyse und Auswertung - 10.12.2013 (11)
  15. Conduit Search - ist das ein Trojaner?
    Plagegeister aller Art und deren Bekämpfung - 18.09.2013 (5)
  16. Search conduit aus Firefox entfernen?
    Plagegeister aller Art und deren Bekämpfung - 06.08.2013 (13)
  17. search protect by conduit
    Plagegeister aller Art und deren Bekämpfung - 31.05.2013 (8)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema search.conduit (Reste) entfernen - Hallo, vielen Dank für die schnelle Antwort! Hier die Logs: Adw: Code: Alles auswählen Aufklappen ATTFilter # AdwCleaner v2.303 - Datei am 02/07/2013 um 12:25:11 erstellt # Aktualisiert am 08/06/2013 - search.conduit (Reste) entfernen...
Archiv
Du betrachtest: search.conduit (Reste) entfernen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131