| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Avira findet Trojanisches Pferd TR/Kazy.169263.1Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
08.07.2013, 08:47
| #16 |
| /// the machine /// TB-Ausbilder    |  Avira findet Trojanisches Pferd TR/Kazy.169263.1 Ok.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
08.07.2013, 09:21
| #17 |
 | Avira findet Trojanisches Pferd TR/Kazy.169263.1 Ich seh gerade, ich hab
__________________ipconfig/release ipconfig/renew ipconfig/flushdns ohne Freizeichen vor dem / geschrieben. Ich versuchs nach dem ESET Scan gleich nochmal. |
|
08.07.2013, 09:42
| #18 |
| /// the machine /// TB-Ausbilder | Avira findet Trojanisches Pferd TR/Kazy.169263.1 ok
__________________
__________________ |
|
08.07.2013, 14:03
| #19 |
| | Avira findet Trojanisches Pferd TR/Kazy.169263.1 Ok, das hat jetzt lange gedauert. Schon mal jetzt 1000danke für die super schnelle Hilfe! Jetzt versuch ich mich mal nochmal an meiner Internetverbindung... Hier die 3 Logs: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=e3ad81c8889c8849b30e61a7317e0682
# engine=14310
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-07-08 12:59:51
# local_time=2013-07-08 02:59:51 (+0100, W. Europe Daylight Time)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1802 16775165 100 99 22916 143959696 15674 0
# compatibility_mode=5893 16776573 100 94 540866 124918241 0 0
# scanned=268923
# found=0
# cleaned=0
# scan_time=20903
Code:
ATTFilter Results of screen317's Security Check version 0.99.68 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 10 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! Avira Desktop Antivirus out of date! `````````Anti-malware/Other Utilities Check:````````` Secunia PSI (3.0.0.6005) Java 7 Update 21 HP JavaCard for HP ProtectTools Java version out of Date! Adobe Flash Player 11.7.700.224 Mozilla Firefox 15.0 Firefox out of Date! ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Avira Antivir avgnt.exe Avira Antivir avguard.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 0% ````````````````````End of Log`````````````````````` FRST Logfile: FRST Logfile: FRST Logfile: FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 04-07-2013
Ran by Christian (ATTENTION: The logged in user is not administrator) on 08-07-2013 15:14:28
Running from C:\Users\Christian\Downloads
Windows 7 Professional Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Bioscrypt Inc.) C:\Program Files (x86)\Hewlett-Packard\IAM\Bin\AsGHost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(hxxp://shotty.devs-on.net) C:\Program Files\Shotty\Shotty.exe
(Macrovision Corporation) C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe
(Analog Devices, Inc.) C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Canon Electronics Inc.) C:\Program Files (x86)\Canon Electronics\DRC125\TouchDR.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Google Inc.) C:\Users\Christian\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Christian\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Christian\AppData\Local\Google\Chrome\Application\chrome.exe
(Dropbox, Inc.) C:\Users\Christian\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE
(Esker S. A.) C:\Program Files (x86)\Esker\SmarTerm\STOFFICE.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE
(Google Inc.) C:\Users\Christian\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Christian\AppData\Local\Google\Chrome\Application\chrome.exe
(Foxit Corporation) C:\Program Files (x86)\Foxit Software\Foxit Reader\Shell Extensions\FoxitPrevhost.exe
(Microsoft Corporation) C:\Windows\System32\wiawow64.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\POWERPNT.EXE
(Google Inc.) C:\Users\Christian\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [2174760 2010-06-04] (Synaptics Incorporated)
HKLM\...\Run: [CANON DR-C125 SVC] rundll32.exe DRDcSvc.dll,EntryPointUserMessage [x]
HKCU\...\Run: [Google Update] "C:\Users\Christian\AppData\Local\Google\Update\GoogleUpdate.exe" /c [136176 2010-10-19] (Google Inc.)
HKCU\...\Run: [Shotty] C:\Program Files\Shotty\Shotty.exe [724480 2012-02-24] (hxxp://shotty.devs-on.net)
HKCU\...\Run: [ISUSPM] "C:\ProgramData\Macrovision\FLEXnet Connect\6\ISUSPM.exe" -scheduler [222128 2007-03-29] (Macrovision Corporation)
HKCU\...\Run: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [x]
HKCU\...\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [x]
HKCU\...\Policies\system: [disableregistrytools] 0
HKLM-x32\...\Run: [SoundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [1314816 2009-05-18] (Analog Devices, Inc.)
HKLM-x32\...\Run: [AppleSyncNotifier] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe [59240 2011-09-27] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min [348664 2012-08-09] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [DR-C125 CaptureOnTouch] "C:\Program Files (x86)\Canon Electronics\DRC125\TouchDR.exe" LOGON [942080 2011-10-17] (Canon Electronics Inc.)
HKLM-x32\...\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" [152392 2013-05-31] (Apple Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start [2255184 2013-06-28] (LogMeIn Inc.)
AppInit_DLLs: C:\PROGRA~2\HEWLET~1\IAM\Bin\APSHook64.dll C:\PROGRA~2\HEWLET~1\IAM\Bin\APSHook64.dll C:\PROGRA~2\HEWLET~1\IAM\Bin\APSHook64.dll C:\PROGRA~2\HEWLET~1\IAM\Bin\APSHook64.dll C:\PROGRA~2\HEWLET~1\IAM\Bin\APSHook64.dll C:\PROGRA~2\HEWLET~1\IAM\bin\APSHOO~1.DLL [382224 2009-07-28] (Bioscrypt Inc.)
AppInit_DLLs-x32: C:\PROGRA~2\HEWLET~1\IAM\Bin\APSHook.dll [89872 2009-07-28] (Bioscrypt Inc.)
Startup: C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Christian\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
URLSearchHook: (No Name) - {40c3cc16-7269-4b32-9531-17f2950fb06f} - No File
SearchScopes: HKCU - {928BF95A-0095-41F0-9C9C-2E5C7A96A451} URL = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=827316&p={searchTerms}
BHO: Credential Manager for HP ProtectTools - {0EA99306-BC87-4930-9E1D-1D1EA32A7E4E} - C:\Program Files (x86)\Hewlett-Packard\IAM\Bin\ItIEAddIn64.dll (Bioscrypt Inc.)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
BHO-x32: DivX HiQ - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Credential Manager for HP ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files (x86)\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll (Bioscrypt Inc.)
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
Toolbar: HKCU - No Name - {40C3CC16-7269-4B32-9531-17F2950FB06F} - No File
DPF: HKLM-x32 {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} hxxp://download.bitdefender.com/resources/scanner/sources/de/scan8/oscan8.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
ShellExecuteHooks: - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No File [ ]
ShellExecuteHooks-x32: - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No File [ ]
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{29218194-1DAD-4B03-A7BE-82EEA883C6EE}: [NameServer]192.168.1.254
FireFox:
========
FF ProfilePath: C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\hmnn1dq1.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @java.com/DTPlugin,version=10.21.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX OVS Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @Nero.com/KM - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Christian\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Christian\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: DownloadHelper - C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\hmnn1dq1.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video
FF HKLM-x32\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa
FF Extension: DivX HiQ - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa
Chrome:
=======
CHR Extension: (GrepoHandel) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\achfjibbmdooeehfabckogpgonhjgkfa\0.1_0
CHR Extension: (AT_VivienneWestwood) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahhehaklopgggapefjdijagkgbgeapkb\2_0
CHR Extension: (YouTube) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Chrome YouTube Downloader) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbdjiinahkdjdcdlgfimlcolkjpbooja\2.6.15_0
CHR Extension: (grepokultur.user.js) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccfflcjnljpdomobfhknnhepdcjnkhob\1.0_0
CHR Extension: (Google Search) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (DivX HiQ) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae\2.1.0.900_0
CHR Extension: (Grepolis Gtio2.0Tools) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakcdajhnepchhadiplaljlhlpojifng\0.2.4_0
CHR Extension: (GrepoTownList) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\igjmjbchnmllbbcdaiiohbjcdapeback\0.5_0
CHR Extension: (Grepolis Gtio2.0Tools) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\kegbmfaeodbbmpaoglbngmclcjeopoif\0.2.4_0
CHR Extension: (DivX Plus Web Player HTML5 \u003Cvideo\u003E) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.0.900_0
CHR Extension: (Gmail) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
==================== Services (Whitelisted) =================
R2 ac.sharedstore; C:\Program Files\Common Files\ActivIdentity\ac.sharedstore.exe [277032 2009-06-03] (ActivIdentity)
R2 AEADIFilters; C:\Windows\system32\AEADISRV.EXE [111616 2008-07-15] (Andrea Electronics Corporation)
R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe [375760 2012-05-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [86224 2012-05-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [110032 2012-05-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE [465360 2012-05-14] (Avira Operations GmbH & Co. KG)
R2 ASBroker; C:\Program Files (x86)\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll [192784 2009-07-28] (Bioscrypt Inc.)
R2 ASChannel; C:\Program Files (x86)\Hewlett-Packard\IAM\Bin\AsChnl.dll [150288 2009-07-28] (Bioscrypt Inc.)
R2 EskerLicenseControl; C:\Program Files (x86)\Esker\Common\eslcbcst.exe [315479 2008-08-25] (Esker S.A.)
S3 HP ProtectTools Service; C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\PTChangeFilterService.exe [45056 2009-08-07] (Hewlett-Packard Development Company, L.P)
R2 IGDCTRL; C:\Program Files (x86)\FRITZ!DSL\IGDCTRL.EXE [87344 2007-09-04] (AVM Berlin)
R2 lmhosts; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [655944 2012-07-03] (Malwarebytes Corporation)
R2 NlaSvc; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S4 Prosieben; C:\Program Files (x86)\maxdome\DCBin\DCService.exe [77032 2009-05-01] (Entriq, Inc.)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1223704 2013-02-07] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [660504 2013-02-07] (Secunia)
S2 RoxLiveShare9; "C:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe" [x]
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [98848 2012-05-14] (Avira GmbH)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132832 2012-05-14] (Avira GmbH)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [27760 2011-09-16] (Avira GmbH)
R3 HBtnKey; C:\Windows\System32\DRIVERS\cpqbttn.sys [19000 2010-02-25] (Hewlett-Packard Company)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [24904 2012-07-03] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [24904 2012-07-03] (Malwarebytes Corporation)
R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-02-07] (Secunia)
S3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [31744 2009-01-09] (Research in Motion Ltd)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1875624 2008-10-09] ()
S4 sptd; C:\Windows\System32\Drivers\sptd.sys [503352 2010-09-17] (Duplex Secure Ltd.)
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [16152 2013-07-05] ()
S3 TridVid; C:\Windows\System32\DRIVERS\tridvid6010.sys [404352 2010-07-13] (10Moons Technologies Co.,Ltd)
S3 UDXTTM6000; C:\Windows\System32\Drivers\UDXTTM6000.sys [365824 2007-02-28] ()
S3 UDXTTM6000HID; C:\Windows\System32\drivers\UDXTTM6000HID.sys [17920 2007-02-28] (DTV-DVB)
S3 catchme; \??\C:\ComboFix\catchme.sys [x]
U4 eabfiltr;
S3 RimUsb; System32\Drivers\RimUsb_AMD64.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-07-08 15:06 - 2013-07-08 15:06 - 00890988 ____A C:\Users\Christian\Desktop\SecurityCheck.exe
2013-07-08 09:07 - 2013-07-08 09:07 - 02347384 ____A (ESET) C:\Users\Christian\Downloads\esetsmartinstaller_enu.exe
2013-07-05 12:22 - 2013-07-05 12:22 - 00000000 ____D C:\Windows\ERUNT
2013-07-05 12:21 - 2013-07-05 12:21 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\Christian\Desktop\JRT.exe
2013-07-05 12:21 - 2013-07-05 12:21 - 00000000 ____D C:\JRT
2013-07-05 12:06 - 2013-07-05 12:07 - 00022089 ____A C:\AdwCleaner[S2].txt
2013-07-05 11:55 - 2013-07-05 11:55 - 00650027 ____A C:\Users\Christian\Downloads\adwcleaner.exe
2013-07-05 09:15 - 2013-07-05 09:15 - 00022501 ____A C:\ComboFix.txt
2013-07-05 08:38 - 2013-07-05 08:38 - 05085494 ____R (Swearware) C:\Users\Christian\Desktop\ComboFix.exe
2013-07-04 15:00 - 2013-07-04 15:01 - 00025855 ____A C:\Users\Christian\Downloads\Addition.txt
2013-07-04 14:59 - 2013-07-04 14:59 - 00000000 ____D C:\FRST
2013-07-04 14:58 - 2013-07-04 14:58 - 00095774 ____A C:\Users\Christian\Downloads\OTL.Txt
2013-07-04 14:53 - 2013-07-04 14:53 - 01934636 ____A (Farbar) C:\Users\Christian\Downloads\FRST64.exe
2013-07-04 14:33 - 2013-07-04 14:33 - 00602112 ____A (OldTimer Tools) C:\Users\Christian\Downloads\OTL.exe
2013-07-04 14:25 - 2013-07-04 14:25 - 00000594 ____A C:\Users\Christian\Downloads\defogger_disable.log
2013-07-04 14:25 - 2013-07-04 14:25 - 00000020 ____A C:\Users\Christian_2\defogger_reenable
2013-07-04 14:24 - 2013-07-04 14:24 - 00050477 ____A C:\Users\Christian\Downloads\Defogger.exe
2013-07-04 14:22 - 2013-07-04 14:22 - 00793536 ____A C:\Users\Christian\Downloads\ZipOpenerSetup.exe
2013-07-04 12:59 - 2013-07-04 13:11 - 272275248 ____A (Microsoft Corporation) C:\Users\Christian\Downloads\lp-de-de_2ecd8315fcc93731c126cc8de2dc077c3a2f8bd1.exe
2013-07-04 12:59 - 2013-07-04 12:59 - 01055082 ____A (www.froggie.sk) C:\Users\Christian\Downloads\Vistalizator24.exe
2013-07-03 10:03 - 2013-07-03 10:03 - 00000000 ____D C:\Program Files (x86)\Foxit Software
2013-07-03 10:03 - 2013-06-09 21:59 - 00216064 ____A C:\Windows\SysWOW64\gcapi_dll.dll
2013-07-03 10:01 - 2013-07-03 10:01 - 29978944 ____A (Foxit Corporation ) C:\Users\Christian\Downloads\FoxitReader605.0618_enu_Setup (1).exe
2013-07-03 09:58 - 2013-07-03 09:59 - 29978944 ____A (Foxit Corporation ) C:\Users\Christian\Downloads\FoxitReader605.0618_enu_Setup.exe
2013-07-03 08:38 - 2013-07-03 08:38 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-07-02 17:51 - 2013-07-02 17:51 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-02 17:51 - 2013-07-02 17:51 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-07-02 17:51 - 2013-07-02 17:51 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-07-02 17:51 - 2013-07-02 17:51 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-07-02 17:51 - 2013-07-02 17:51 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-07-02 17:51 - 2013-07-02 17:51 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-07-02 17:51 - 2013-07-02 17:51 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-07-02 17:51 - 2013-07-02 17:51 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-07-02 17:51 - 2013-07-02 17:51 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-07-02 17:51 - 2013-07-02 17:51 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-07-02 17:51 - 2013-07-02 17:51 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-07-02 17:51 - 2013-07-02 17:51 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-07-02 17:51 - 2013-07-02 17:51 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-07-02 17:51 - 2013-07-02 17:51 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-07-02 17:51 - 2013-07-02 17:51 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-07-02 17:51 - 2013-07-02 17:51 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-07-02 17:51 - 2013-07-02 17:51 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-07-02 17:51 - 2013-07-02 17:51 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-07-02 17:51 - 2013-07-02 17:51 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-07-02 17:51 - 2013-07-02 17:51 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-02 17:51 - 2013-07-02 17:51 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-07-02 17:51 - 2013-07-02 17:51 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00053760 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-07-02 17:51 - 2013-07-02 17:51 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00039936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-07-02 17:51 - 2013-07-02 17:51 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-07-02 17:51 - 2013-07-02 17:51 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-07-02 17:51 - 2013-07-02 17:51 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-07-02 17:47 - 2013-07-02 17:57 - 00010048 ____A C:\Windows\IE10_main.log
2013-07-02 09:34 - 2013-07-02 16:01 - 00000000 ____D C:\Users\Christian\Desktop\Wiedelympics Gruppen
2013-06-28 08:48 - 2013-06-28 08:48 - 00010301 ____A C:\Users\Christian\Desktop\boden kalkulation.ods
2013-06-20 15:35 - 2013-06-20 15:35 - 00001743 ____A C:\Users\Public\Desktop\iTunes.lnk
2013-06-20 15:34 - 2013-06-20 15:35 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-20 15:34 - 2013-06-20 15:35 - 00000000 ____D C:\Program Files\iTunes
2013-06-20 15:34 - 2013-06-20 15:34 - 00000000 ____D C:\Program Files\iPod
2013-06-19 09:36 - 2013-06-19 09:36 - 13328730 ____A C:\Users\Christian\Downloads\Eispromo2013.zip
2013-06-12 08:49 - 2013-05-13 07:51 - 01464320 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-06-12 08:49 - 2013-05-13 07:51 - 00184320 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-06-12 08:49 - 2013-05-13 07:51 - 00139776 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-06-12 08:49 - 2013-05-13 07:50 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\certenc.dll
2013-06-12 08:49 - 2013-05-13 06:45 - 01160192 ____A (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-06-12 08:49 - 2013-05-13 06:45 - 00140288 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-06-12 08:49 - 2013-05-13 06:45 - 00103936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-06-12 08:49 - 2013-05-13 05:43 - 01192448 ____A (Microsoft Corporation) C:\Windows\System32\certutil.exe
2013-06-12 08:49 - 2013-05-13 05:08 - 00903168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2013-06-12 08:49 - 2013-05-13 05:08 - 00043008 ____A (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2013-06-12 08:49 - 2013-05-10 07:49 - 00030720 ____A (Microsoft Corporation) C:\Windows\System32\cryptdlg.dll
2013-06-12 08:49 - 2013-05-10 05:20 - 00024576 ____A (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2013-06-12 08:49 - 2013-05-08 08:39 - 01910632 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-06-12 08:49 - 2013-04-26 07:51 - 00751104 ____A (Microsoft Corporation) C:\Windows\System32\win32spl.dll
2013-06-12 08:49 - 2013-04-26 06:55 - 00492544 ____A (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-06-12 08:49 - 2013-04-17 09:02 - 01230336 ____A (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2013-06-12 08:49 - 2013-04-17 08:24 - 01424384 ____A (Microsoft Corporation) C:\Windows\System32\WindowsCodecs.dll
2013-06-12 08:48 - 2013-04-26 01:30 - 01505280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2013-06-12 08:48 - 2013-04-01 00:52 - 01887232 ____A (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2013-06-11 21:52 - 2013-07-05 12:00 - 00011834 ____A C:\Users\Christian\Desktop\Kosten _Umbau Arndtstr. 13.xlsx
2013-06-11 18:06 - 2013-06-26 09:35 - 519893268 ____A C:\Windows\MEMORY.DMP
==================== One Month Modified Files and Folders =======
2013-07-08 15:14 - 2010-03-09 15:41 - 00000000 ____D C:\Users\Christian\AppData\Local\LogMeIn Hamachi
2013-07-08 15:07 - 2012-07-18 08:17 - 01886427 ____A C:\Windows\WindowsUpdate.log
2013-07-08 15:06 - 2013-07-08 15:06 - 00890988 ____A C:\Users\Christian\Desktop\SecurityCheck.exe
2013-07-08 14:53 - 2012-04-13 18:40 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-07-08 14:38 - 2013-02-22 16:18 - 00000181 ____A C:\Windows\setscan.ini
2013-07-08 14:37 - 2011-04-15 23:54 - 02171392 __ASH C:\Users\Christian\Desktop\Thumbs.db
2013-07-08 14:23 - 2011-04-27 10:36 - 00001136 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1284297116-794809632-3988175124-1000UA.job
2013-07-08 09:23 - 2011-04-27 10:36 - 00001084 ____A C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1284297116-794809632-3988175124-1000Core.job
2013-07-08 09:10 - 2009-07-14 07:13 - 00730448 ____A C:\Windows\System32\PerfStringBackup.INI
2013-07-08 09:07 - 2013-07-08 09:07 - 02347384 ____A (ESET) C:\Users\Christian\Downloads\esetsmartinstaller_enu.exe
2013-07-08 09:07 - 2011-02-02 10:18 - 00000000 ___RD C:\Users\Christian\Dropbox
2013-07-08 09:07 - 2011-02-02 10:14 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Dropbox
2013-07-08 09:05 - 2009-07-14 06:45 - 00013568 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-07-08 09:05 - 2009-07-14 06:45 - 00013568 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-07-08 09:00 - 2013-05-07 09:40 - 00002383 ____A C:\Users\Christian\Desktop\Google Chrome.lnk
2013-07-08 08:58 - 2013-04-29 12:25 - 00000422 ____A C:\Windows\Tasks\SlimDrivers Startup.job
2013-07-08 08:57 - 2013-02-27 08:01 - 00013022 ____A C:\Windows\setupact.log
2013-07-08 08:57 - 2009-07-14 07:08 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-07-06 16:44 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\System32\NDF
2013-07-05 13:04 - 2012-05-24 08:45 - 00000000 ____D C:\Users\Christian\AppData\Local\Shotty
2013-07-05 12:22 - 2013-07-05 12:22 - 00000000 ____D C:\Windows\ERUNT
2013-07-05 12:21 - 2013-07-05 12:21 - 00545954 ____A (Oleg N. Scherbakov) C:\Users\Christian\Desktop\JRT.exe
2013-07-05 12:21 - 2013-07-05 12:21 - 00000000 ____D C:\JRT
2013-07-05 12:09 - 2013-02-27 08:01 - 00002556 ____A C:\Windows\PFRO.log
2013-07-05 12:07 - 2013-07-05 12:06 - 00022089 ____A C:\AdwCleaner[S2].txt
2013-07-05 12:00 - 2013-06-11 21:52 - 00011834 ____A C:\Users\Christian\Desktop\Kosten _Umbau Arndtstr. 13.xlsx
2013-07-05 11:55 - 2013-07-05 11:55 - 00650027 ____A C:\Users\Christian\Downloads\adwcleaner.exe
2013-07-05 09:15 - 2013-07-05 09:15 - 00022501 ____A C:\ComboFix.txt
2013-07-05 09:15 - 2011-02-11 17:36 - 00000000 ____D C:\Qoobox
2013-07-05 09:07 - 2013-04-29 12:24 - 00016152 ____A C:\Windows\System32\Drivers\SWDUMon.sys
2013-07-05 09:07 - 2009-07-14 04:34 - 00000215 ____A C:\Windows\system.ini
2013-07-05 09:00 - 2011-02-11 17:38 - 00000000 ____D C:\Windows\ERDNT
2013-07-05 08:38 - 2013-07-05 08:38 - 05085494 ____R (Swearware) C:\Users\Christian\Desktop\ComboFix.exe
2013-07-05 08:38 - 2010-06-24 08:19 - 00000000 ____D C:\Windows\pss
2013-07-04 15:01 - 2013-07-04 15:00 - 00025855 ____A C:\Users\Christian\Downloads\Addition.txt
2013-07-04 14:59 - 2013-07-04 14:59 - 00000000 ____D C:\FRST
2013-07-04 14:58 - 2013-07-04 14:58 - 00095774 ____A C:\Users\Christian\Downloads\OTL.Txt
2013-07-04 14:53 - 2013-07-04 14:53 - 01934636 ____A (Farbar) C:\Users\Christian\Downloads\FRST64.exe
2013-07-04 14:33 - 2013-07-04 14:33 - 00602112 ____A (OldTimer Tools) C:\Users\Christian\Downloads\OTL.exe
2013-07-04 14:25 - 2013-07-04 14:25 - 00000594 ____A C:\Users\Christian\Downloads\defogger_disable.log
2013-07-04 14:25 - 2013-07-04 14:25 - 00000020 ____A C:\Users\Christian_2\defogger_reenable
2013-07-04 14:25 - 2012-07-27 11:14 - 00000000 ____D C:\users\Christian_2
2013-07-04 14:24 - 2013-07-04 14:24 - 00050477 ____A C:\Users\Christian\Downloads\Defogger.exe
2013-07-04 14:22 - 2013-07-04 14:22 - 00793536 ____A C:\Users\Christian\Downloads\ZipOpenerSetup.exe
2013-07-04 14:20 - 2009-12-16 23:20 - 00000000 ____D C:\Users\Christian\AppData\Roaming\vlc
2013-07-04 14:20 - 2009-12-08 12:39 - 00080896 __ASH C:\Users\Christian\Thumbs.db
2013-07-04 13:11 - 2013-07-04 12:59 - 272275248 ____A (Microsoft Corporation) C:\Users\Christian\Downloads\lp-de-de_2ecd8315fcc93731c126cc8de2dc077c3a2f8bd1.exe
2013-07-04 12:59 - 2013-07-04 12:59 - 01055082 ____A (www.froggie.sk) C:\Users\Christian\Downloads\Vistalizator24.exe
2013-07-03 16:44 - 2009-11-24 17:06 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Skype
2013-07-03 10:03 - 2013-07-03 10:03 - 00000000 ____D C:\Program Files (x86)\Foxit Software
2013-07-03 10:03 - 2013-05-06 10:31 - 00000000 ____D C:\Users\Christian_2\AppData\Roaming\Foxit Software
2013-07-03 10:01 - 2013-07-03 10:01 - 29978944 ____A (Foxit Corporation ) C:\Users\Christian\Downloads\FoxitReader605.0618_enu_Setup (1).exe
2013-07-03 09:59 - 2013-07-03 09:58 - 29978944 ____A (Foxit Corporation ) C:\Users\Christian\Downloads\FoxitReader605.0618_enu_Setup.exe
2013-07-03 08:38 - 2013-07-03 08:38 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-07-03 08:37 - 2009-11-25 00:36 - 00000000 ____D C:\Windows\Panther
2013-07-03 08:36 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-07-02 17:57 - 2013-07-02 17:47 - 00010048 ____A C:\Windows\IE10_main.log
2013-07-02 17:51 - 2013-07-02 17:51 - 19233792 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 15404544 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 14327808 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 13760512 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 03958784 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 02877440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 02706432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-07-02 17:51 - 2013-07-02 17:51 - 02706432 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-07-02 17:51 - 2013-07-02 17:51 - 02648064 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 02241024 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 02046976 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 01767936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 01509376 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-07-02 17:51 - 2013-07-02 17:51 - 01441280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-07-02 17:51 - 2013-07-02 17:51 - 01400416 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-07-02 17:51 - 2013-07-02 17:51 - 01400416 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dat
2013-07-02 17:51 - 2013-07-02 17:51 - 01365504 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 01141248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 01054720 ____A (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
2013-07-02 17:51 - 2013-07-02 17:51 - 00905728 ____A (Microsoft Corporation) C:\Windows\System32\mshtmlmedia.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00855552 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00762368 ____A (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00719360 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00690688 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00629248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00603136 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00599552 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00526336 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00523264 ____A (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00493056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00452096 ____A (Microsoft Corporation) C:\Windows\System32\dxtmsft.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00441856 ____A (Microsoft Corporation) C:\Windows\System32\html.iec
2013-07-02 17:51 - 2013-07-02 17:51 - 00391168 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00361984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-07-02 17:51 - 2013-07-02 17:51 - 00357888 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00281600 ____A (Microsoft Corporation) C:\Windows\System32\dxtrans.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00270848 ____A (Microsoft Corporation) C:\Windows\System32\iedkcs32.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00247296 ____A (Microsoft Corporation) C:\Windows\System32\webcheck.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00242200 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00235008 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00232960 ____A (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00226816 ____A (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00226304 ____A (Microsoft Corporation) C:\Windows\System32\elshyph.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00216064 ____A (Microsoft Corporation) C:\Windows\System32\msls31.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00204800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00197120 ____A (Microsoft Corporation) C:\Windows\System32\msrating.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00185344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00173568 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-07-02 17:51 - 2013-07-02 17:51 - 00167424 ____A (Microsoft Corporation) C:\Windows\System32\iexpress.exe
2013-07-02 17:51 - 2013-07-02 17:51 - 00163840 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00158720 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00150528 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-07-02 17:51 - 2013-07-02 17:51 - 00149504 ____A (Microsoft Corporation) C:\Windows\System32\occache.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00144896 ____A (Microsoft Corporation) C:\Windows\System32\wextract.exe
2013-07-02 17:51 - 2013-07-02 17:51 - 00138752 ____A (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-07-02 17:51 - 2013-07-02 17:51 - 00137216 ____A (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-07-02 17:51 - 2013-07-02 17:51 - 00136704 ____A (Microsoft Corporation) C:\Windows\System32\iesysprep.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00136192 ____A (Microsoft Corporation) C:\Windows\System32\iepeers.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00135680 ____A (Microsoft Corporation) C:\Windows\System32\IEAdvpack.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00125440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00117248 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00110592 ____A (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00109056 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00102912 ____A (Microsoft Corporation) C:\Windows\System32\inseng.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00097280 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00092160 ____A (Microsoft Corporation) C:\Windows\System32\SetIEInstalledDate.exe
2013-07-02 17:51 - 2013-07-02 17:51 - 00089600 ____A (Microsoft Corporation) C:\Windows\System32\RegisterIEPKEYs.exe
2013-07-02 17:51 - 2013-07-02 17:51 - 00082432 ____A (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00081408 ____A (Microsoft Corporation) C:\Windows\System32\icardie.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00079872 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00077312 ____A (Microsoft Corporation) C:\Windows\System32\tdc.ocx
2013-07-02 17:51 - 2013-07-02 17:51 - 00073728 ____A (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-07-02 17:51 - 2013-07-02 17:51 - 00071680 ____A (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-07-02 17:51 - 2013-07-02 17:51 - 00069120 ____A (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00067072 ____A (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00062976 ____A (Microsoft Corporation) C:\Windows\System32\pngfilt.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00061952 ____A (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-07-02 17:51 - 2013-07-02 17:51 - 00061440 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00057344 ____A (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00053760 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00052224 ____A (Microsoft Corporation) C:\Windows\System32\msfeedsbs.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00051712 ____A (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2013-07-02 17:51 - 2013-07-02 17:51 - 00051200 ____A (Microsoft Corporation) C:\Windows\System32\imgutil.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00048640 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00048640 ____A (Microsoft Corporation) C:\Windows\System32\mshtmler.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00041984 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00039936 ____A (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00039936 ____A (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00038400 ____A (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00033280 ____A (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00027648 ____A (Microsoft Corporation) C:\Windows\System32\licmgr10.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00023040 ____A (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-07-02 17:51 - 2013-07-02 17:51 - 00013824 ____A (Microsoft Corporation) C:\Windows\System32\mshta.exe
2013-07-02 17:51 - 2013-07-02 17:51 - 00012800 ____A (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-07-02 17:51 - 2013-07-02 17:51 - 00012800 ____A (Microsoft Corporation) C:\Windows\System32\msfeedssync.exe
2013-07-02 17:51 - 2013-07-02 17:51 - 00011776 ____A (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-07-02 16:01 - 2013-07-02 09:34 - 00000000 ____D C:\Users\Christian\Desktop\Wiedelympics Gruppen
2013-06-28 08:48 - 2013-06-28 08:48 - 00010301 ____A C:\Users\Christian\Desktop\boden kalkulation.ods
2013-06-27 11:32 - 2011-02-15 10:46 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Foxit Software
2013-06-26 09:35 - 2013-06-11 18:06 - 519893268 ____A C:\Windows\MEMORY.DMP
2013-06-26 09:35 - 2009-12-14 12:16 - 00000000 ____D C:\Windows\Minidump
2013-06-20 15:35 - 2013-06-20 15:35 - 00001743 ____A C:\Users\Public\Desktop\iTunes.lnk
2013-06-20 15:35 - 2013-06-20 15:34 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-06-20 15:35 - 2013-06-20 15:34 - 00000000 ____D C:\Program Files\iTunes
2013-06-20 15:35 - 2011-07-21 14:20 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-06-20 15:34 - 2013-06-20 15:34 - 00000000 ____D C:\Program Files\iPod
2013-06-19 09:36 - 2013-06-19 09:36 - 13328730 ____A C:\Users\Christian\Downloads\Eispromo2013.zip
2013-06-12 18:57 - 2009-11-24 17:05 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-06-12 09:53 - 2012-04-13 18:40 - 00692104 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-06-12 09:53 - 2011-03-17 09:42 - 00071048 ____A (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-06-09 21:59 - 2013-07-03 10:03 - 00216064 ____A C:\Windows\SysWOW64\gcapi_dll.dll
Files to move or delete:
====================
C:\Users\Christian\KTW Fernwartung.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== End Of Log ============================
--- --- --- --- --- --- --- --- --- --- --- --- --- --- --- Mein Internet geht nach wie vor nur mit manueller IP vergabe  Geändert von chris1309 (08.07.2013 um 14:18 Uhr) |
|
08.07.2013, 18:16
| #20 |
| /// the machine /// TB-Ausbilder | Avira findet Trojanisches Pferd TR/Kazy.169263.1 FRST bitte als Admin scannen lassen. Downloade dir bitte  Farbar Service Scanner
Poste bitte den Inhalt hier. Downloade dir bitte Farbar's MiniToolBox auf deinen Desktop und starte das Tool Setze einen Haken bei folgenden Einträgen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
09.07.2013, 07:43
| #21 |
| | Avira findet Trojanisches Pferd TR/Kazy.169263.1 Ok...Nr. 1 Code:
ATTFilter Farbar Service Scanner Version: 08-07-2013
Ran by Christian (ATTENTION: The logged in user is not administrator) on 09-07-2013 at 08:41:25
Running from "C:\Users\Christian\Downloads"
Microsoft Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Dhcp Service is not running. Checking service configuration:
Checking Start type: ATTENTION!=====> Unable to retrieve start type of Dhcp. The value does not exist.
Checking ImagePath: ATTENTION!=====> Unable to retrieve ImagePath of Dhcp. The value does not exist.
The ServiceDll of Dhcp service is OK.
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
Windows Firewall:
=============
Firewall Disabled Policy:
==================
System Restore:
============
SDRSVC Service is not running. Checking service configuration:
The start type of SDRSVC service is OK.
The ImagePath of SDRSVC service is OK.
The ServiceDll of SDRSVC service is OK.
VSS Service is not running. Checking service configuration:
The start type of VSS service is OK.
The ImagePath of VSS service is OK.
System Restore Disabled Policy:
========================
Action Center:
============
Windows Update:
============
Windows Autoupdate Disabled Policy:
============================
Windows Defender:
==============
Other Services:
==============
File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
**** End of log ****
Code:
ATTFilter MiniToolBox by Farbar Version: 16-06-2013
Ran by Christian (ATTENTION: The logged in user is not administrator) on 09-07-2013 at 08:45:31
Running from "C:\Users\Christian\Downloads"
Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
***************************************************************************
========================= Flush DNS: ===================================
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
========================= IE Proxy Settings: ==============================
Proxy is not enabled.
No Proxy Server is set.
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= FF Proxy Settings: ==============================
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
========================= Hosts content: =================================
127.0.0.1 localhost
========================= IP Configuration: ================================
Broadcom NetLink (TM) Gigabit Ethernet = Local Area Connection (Connected)
Hamachi Network Interface = Hamachi (Connected)
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
reset
set global icmpredirects=enabled
add route prefix=0.0.0.0/0 interface="Local Area Connection" nexthop=192.168.1.254 publish=Yes
add route prefix=0.0.0.0/0 interface="Hamachi" nexthop=25.0.0.1 publish=Yes
set interface interface="Hamachi" forwarding=disabled advertise=disabled metric=9000 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled
add address name="Local Area Connection" address=192.168.1.20 mask=255.255.255.0
popd
# End of IPv4 configuration
Windows IP Configuration
Host Name . . . . . . . . . . . . : r187129
Primary Dns Suffix . . . . . . . : olydorf.swh.mhn.de
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : olydorf.swh.mhn.de
fritz.box
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . : fritz.box
Description . . . . . . . . . . . : Broadcom NetLink (TM) Gigabit Ethernet
Physical Address. . . . . . . . . : 00-25-B3-5F-BC-94
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::b150:5bd1:1f12:82fa%10(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.1.20(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.254
DNS Servers . . . . . . . . . . . : 192.168.1.254
NetBIOS over Tcpip. . . . . . . . : Enabled
Ethernet adapter Hamachi:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Hamachi Network Interface
Physical Address. . . . . . . . . : 7A-79-19-A5-9F-CD
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2620:9b::19a5:9fcd(Preferred)
Link-local IPv6 Address . . . . . : fe80::6c32:f06b:d50c:3a50%15(Preferred)
Default Gateway . . . . . . . . . : 2620:9b::1900:1
25.0.0.1
DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
fec0:0:0:ffff::2%1
fec0:0:0:ffff::3%1
NetBIOS over Tcpip. . . . . . . . : Enabled
Tunnel adapter isatap.{3BF4720D-B6C3-4815-8F3C-1067046E25B8}:
Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Tunnel adapter isatap.fritz.box:
Connection-specific DNS Suffix . : fritz.box
Description . . . . . . . . . . . : Microsoft ISATAP Adapter
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::5efe:192.168.1.20%20(Preferred)
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 192.168.1.254
NetBIOS over Tcpip. . . . . . . . : Disabled
Tunnel adapter Teredo Tunneling Pseudo-Interface:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fb:1876:3935:3f57:feeb(Preferred)
Link-local IPv6 Address . . . . . : fe80::1876:3935:3f57:feeb%17(Preferred)
Default Gateway . . . . . . . . . :
NetBIOS over Tcpip. . . . . . . . : Disabled
Server: fritz.box
Address: 192.168.1.254
Name: google.com
Addresses: 2a00:1450:4001:804::1007
173.194.112.136
173.194.112.137
173.194.112.142
173.194.112.128
173.194.112.129
173.194.112.130
173.194.112.131
173.194.112.132
173.194.112.133
173.194.112.134
173.194.112.135
Pinging google.com [173.194.112.136] with 32 bytes of data:
Reply from 173.194.112.136: bytes=32 time=28ms TTL=51
Reply from 173.194.112.136: bytes=32 time=27ms TTL=51
Ping statistics for 173.194.112.136:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 27ms, Maximum = 28ms, Average = 27ms
Server: fritz.box
Address: 192.168.1.254
Name: yahoo.com
Addresses: 206.190.36.45
98.138.253.109
98.139.183.24
Pinging yahoo.com [206.190.36.45] with 32 bytes of data:
Reply from 206.190.36.45: bytes=32 time=186ms TTL=51
Reply from 206.190.36.45: bytes=32 time=185ms TTL=51
Ping statistics for 206.190.36.45:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 185ms, Maximum = 186ms, Average = 185ms
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
10...00 25 b3 5f bc 94 ......Broadcom NetLink (TM) Gigabit Ethernet
15...7a 79 19 a5 9f cd ......Hamachi Network Interface
1...........................Software Loopback Interface 1
21...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
20...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
17...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.1.254 192.168.1.20 276
0.0.0.0 0.0.0.0 25.0.0.1 f 9256
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.1.0 255.255.255.0 On-link 192.168.1.20 276
192.168.1.20 255.255.255.255 On-link 192.168.1.20 276
192.168.1.255 255.255.255.255 On-link 192.168.1.20 276
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.1.20 276
224.0.0.0 240.0.0.0 On-link f 9256
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.1.20 276
255.255.255.255 255.255.255.255 On-link f 9256
===========================================================================
Persistent Routes:
Network Address Netmask Gateway Address Metric
0.0.0.0 0.0.0.0 192.168.1.254 Default
0.0.0.0 0.0.0.0 25.0.0.1 Default
===========================================================================
IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
15 9020 ::/0 2620:9b::1900:1
1 306 ::1/128 On-link
17 58 2001::/32 On-link
17 306 2001:0:5ef5:79fb:1876:3935:3f57:feeb/128
On-link
15 276 2620:9b::/64 On-link
15 276 2620:9b::/96 On-link
15 276 2620:9b::19a5:9fcd/128 On-link
10 276 fe80::/64 On-link
17 306 fe80::/64 On-link
15 276 fe80::/64 On-link
20 281 fe80::5efe:192.168.1.20/128
On-link
17 306 fe80::1876:3935:3f57:feeb/128
On-link
15 276 fe80::6c32:f06b:d50c:3a50/128
On-link
10 276 fe80::b150:5bd1:1f12:82fa/128
On-link
1 306 ff00::/8 On-link
17 306 ff00::/8 On-link
10 276 ff00::/8 On-link
15 276 ff00::/8 On-link
===========================================================================
Persistent Routes:
If Metric Network Destination Gateway
0 4294967295 2620:9b::/96 On-link
0 9000 ::/0 2620:9b::1900:1
===========================================================================
========================= Winsock entries =====================================
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 07 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog9 01 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [261840] (Avira Operations GmbH & Co. KG)
Catalog9 02 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [261840] (Avira Operations GmbH & Co. KG)
Catalog9 03 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [261840] (Avira Operations GmbH & Co. KG)
Catalog9 04 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [261840] (Avira Operations GmbH & Co. KG)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll [261840] (Avira Operations GmbH & Co. KG)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog5 07 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog9 01 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [234960] (Avira Operations GmbH & Co. KG)
x64-Catalog9 02 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [234960] (Avira Operations GmbH & Co. KG)
x64-Catalog9 03 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [234960] (Avira Operations GmbH & Co. KG)
x64-Catalog9 04 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [234960] (Avira Operations GmbH & Co. KG)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 11 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 12 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 13 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 14 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 15 C:\Windows\System32\mswsock.dll [326144] (Microsoft Corporation)
x64-Catalog9 16 C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll [234960] (Avira Operations GmbH & Co. KG)
========================= Event log errors: ===============================
Application errors:
==================
Error: (07/08/2013 03:14:15 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (07/08/2013 03:02:36 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (07/08/2013 09:08:43 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (07/08/2013 09:08:37 AM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (07/06/2013 04:27:22 PM) (Source: Avira Antivirus) (User: NT AUTHORITY)
Description: Das Update von R187129 (127.0.0.1) ist fehlgeschlagen.
Während des Herunterladens ist ein Fehler aufgetreten. .
Es wurden keine neuen Dateien geladen.
System errors:
=============
Error: (07/09/2013 08:31:20 AM) (Source: Service Control Manager) (User: )
Description: The WinHTTP Web Proxy Auto-Discovery Service service depends the following service: Dhcp. This service might not be installed.
Error: (07/09/2013 08:31:15 AM) (Source: Service Control Manager) (User: )
Description: The WinHTTP Web Proxy Auto-Discovery Service service depends the following service: Dhcp. This service might not be installed.
Error: (07/09/2013 08:31:12 AM) (Source: Service Control Manager) (User: )
Description: The WinHTTP Web Proxy Auto-Discovery Service service depends the following service: Dhcp. This service might not be installed.
Error: (07/09/2013 08:30:46 AM) (Source: Service Control Manager) (User: )
Description: The WinHTTP Web Proxy Auto-Discovery Service service depends the following service: Dhcp. This service might not be installed.
Error: (07/09/2013 08:30:41 AM) (Source: Service Control Manager) (User: )
Description: The WinHTTP Web Proxy Auto-Discovery Service service depends the following service: Dhcp. This service might not be installed.
Error: (07/09/2013 08:30:38 AM) (Source: Service Control Manager) (User: )
Description: The WinHTTP Web Proxy Auto-Discovery Service service depends the following service: Dhcp. This service might not be installed.
Error: (07/09/2013 08:30:36 AM) (Source: Service Control Manager) (User: )
Description: The WinHTTP Web Proxy Auto-Discovery Service service depends the following service: Dhcp. This service might not be installed.
Error: (07/09/2013 08:30:34 AM) (Source: Service Control Manager) (User: )
Description: The WinHTTP Web Proxy Auto-Discovery Service service depends the following service: Dhcp. This service might not be installed.
Error: (07/09/2013 08:30:31 AM) (Source: Service Control Manager) (User: )
Description: The WinHTTP Web Proxy Auto-Discovery Service service depends the following service: Dhcp. This service might not be installed.
Error: (07/09/2013 08:25:41 AM) (Source: Service Control Manager) (User: )
Description: The WinHTTP Web Proxy Auto-Discovery Service service depends the following service: Dhcp. This service might not be installed.
Microsoft Office Sessions:
=========================
Error: (07/04/2013 04:08:21 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 4270 seconds with 420 seconds of active time. This session ended with a crash.
Error: (06/13/2013 04:24:26 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 27085 seconds with 2220 seconds of active time. This session ended with a crash.
Error: (05/23/2013 01:02:46 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 14968 seconds with 4380 seconds of active time. This session ended with a crash.
Error: (05/17/2013 10:18:36 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 5 seconds with 0 seconds of active time. This session ended with a crash.
Error: (04/18/2013 11:47:44 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 7552 seconds with 180 seconds of active time. This session ended with a crash.
Error: (04/09/2013 11:17:56 AM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 4615 seconds with 1440 seconds of active time. This session ended with a crash.
Error: (03/26/2013 00:39:21 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 9071 seconds with 2640 seconds of active time. This session ended with a crash.
Error: (03/25/2013 06:52:40 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 6, Application Name: Microsoft Office Outlook, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 34329 seconds with 6780 seconds of active time. This session ended with a crash.
Error: (03/05/2013 07:48:00 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 133 seconds with 0 seconds of active time. This session ended with a crash.
Error: (02/21/2013 07:14:30 PM) (Source: Microsoft Office 12 Sessions)(User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 8 seconds with 0 seconds of active time. This session ended with a crash.
CodeIntegrity Errors:
===================================
Date: 2013-07-09 08:21:46.610
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\vfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-07-09 08:21:46.110
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\vfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-07-08 15:41:30.421
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\vfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-07-08 15:41:29.906
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\vfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-07-08 15:35:11.088
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\vfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-07-08 15:35:10.589
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\vfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-07-08 15:23:07.024
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\vfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-07-08 15:23:06.541
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\vfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-07-08 08:57:02.468
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\vfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-07-08 08:57:01.984
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\drivers\vfilter.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
=========================== Installed Programs ============================
Update for Microsoft Office 2007 (KB2508958)
7-Zip 9.20
ActivClient x64 (Version: 6.2)
Adobe Flash Player 11 ActiveX (Version: 11.7.700.224)
Adobe Flash Player 11 Plugin (Version: 11.7.700.224)
AMD Catalyst Install Manager (Version: 8.0.871.0)
Anti-Twin (Installation 29.04.2013)
Apple Application Support (Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
Audacity 1.2.6
AuthenTec Fingerprint System (Version: 8.0.202.0)
Avira Professional Security (Version: 12.1.9.1580)
AVM FRITZ!Box Dokumentation
AVM FRITZ!Box Druckeranschluss
AVM FRITZ!DSL (Version: 2.04.02)
AVS Cover Editor 2.0.1.3
AVS Disc Creator version 5.0.1
AVS Update Manager 1.0
AVS Video Converter 7
AVS4YOU Software Navigator 1.4
Bike GPS RichTrack Factory
Bonjour (Version: 3.0.0.10)
Broadcom 802.11 Wireless LAN Adapter (Version: )
Brother MFL-Pro Suite MFC-8460N (Version: 1.0.0.0)
Canon driver for DR-C125 (x64) (Version: 1.0.4309)
CaptureOnTouch Evernote Plugin (Version: 1.2.11005)
CaptureOnTouch Google Docs(TM) Plugin (Version: 1.1.4311)
CaptureOnTouch Microsoft SharePoint Plugin (Version: 1.01.40797)
CCleaner (Version: 3.28)
CDBurnerXP (Version: 4.3.8.2631)
CDBurnerXP (Version: 4.4.2.3442)
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
Credential Manager for HP ProtectTools (Version: 4.1.6.1484)
DivX-Setup (Version: 2.3.0.20)
DR-C125 CaptureOnTouch (Version: 2.3.111.1014)
DR-C125 UserManual (Version: 1.04.0000)
Dropbox (Version: 2.0.22)
ElsterFormular (Version: 13.1.0.8394p)
Foxit Reader (Version: 6.0.5.618)
Free Audio CD Burner version 1.5.3.920
Free Audio Dub version 1.7.9.602
Free DVD Video Converter version 1.5.15.908
Free Video to MP3 Converter version 3.2
Free YouTube to MP3 Converter version 3.8
Freez FLV to AVI/MPEG/WMV Converter (Version: 1.6)
Freez FLV to MP3 Converter (Version: 1.5)
Garmin BaseCamp (Version: 4.0.1)
Garmin USB Drivers (Version: 2.3.1.0)
Google Chrome (Version: 27.0.1453.116)
Google Earth (Version: 7.0.3.8542)
Google Update Helper (Version: 1.3.21.145)
HP 3D DriveGuard (Version: 4.0.3.1)
HP ESU for Microsoft Windows 7 (Version: 1.0.3.1)
HP JavaCard for HP ProtectTools (Version: 04.10.10.0003)
HP ProtectTools Security Manager (Version: 04.10.10.0003)
HP Quick Launch Buttons (Version: 6.50.14.1)
HP Webcam (Version: 5.8.39017.0)
Image Resizer Powertoy Clone for Windows (Version: 2.0.0.0)
iTunes (Version: 11.0.4.4)
Java 7 Update 21 (64-bit) (Version: 7.0.210)
Java 7 Update 21 (Version: 7.0.210)
Java Auto Updater (Version: 2.1.9.5)
Kill-ID 1.2.4.0 für Chrome (Version: 1.2.5.0)
KOMPASS Digital Map Südtirol
KONICA MINOLTA magicolor 5430DL
Kyocera Product Library (Version: 2.0.0713)
LogMeIn Hamachi (Version: 2.1.0.374)
Malwarebytes Anti-Malware Version 1.62.0.1300 (Version: 1.62.0.1300)
maxdome Download Manager 4.1.300.78 (Version: 4.1.30078)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft IntelliPoint 8.1 (Version: 8.15.406.0)
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (Version: 14.0.5130.5003)
Microsoft Office Groove MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Live Add-in 1.5 (Version: 2.0.4024.1)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Outlook Connector (Version: 12.0.6423.1000)
Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proof (Italian) 2007 (Version: 12.0.6612.1000)
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Small Business Connectivity Components (Version: 2.0.7024.0)
Microsoft Office Ultimate 2007 (Version: 12.0.6612.1000)
Microsoft Office Word MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Outlook-Sicherung für Persönliche Ordner (Version: 1.10.0.0)
Microsoft Silverlight (Version: 5.1.20125.0)
Microsoft SQL Server 2005
Microsoft SQL Server 2005 Tools Express Edition (Version: 9.4.5000.00)
Microsoft SQL Server Native Client (Version: 9.00.5000.00)
Microsoft SQL Server Setup Support Files (English) (Version: 9.00.5000.00)
Microsoft SQL Server VSS Writer (Version: 9.00.4035.00)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
MobileMe Control Panel (Version: 3.1.8.0)
Mozilla Firefox 22.0 (x86 de) (Version: 22.0)
Mozilla Maintenance Service (Version: 22.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 4.0 SP3 Parser (KB2721691) (Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (Version: 4.30.2100.0)
Nero 12 (Version: 12.0.02000)
Nero Audio Pack 1 (Version: 11.0.11500.110.0)
Nero BackItUp (Version: 12.0.2001)
Nero BackItUp Help (CHM) (Version: 12.0.3000)
Nero Blu-ray Player (Version: 12.0.14300)
Nero Blu-ray Player Help (CHM) (Version: 12.0.4000)
Nero Burning ROM (Version: 12.0.20000)
Nero Burning ROM Help (CHM) (Version: 12.0.3000)
Nero ControlCenter (Version: 11.0.15200)
Nero ControlCenter Help (CHM) (Version: 12.0.5000)
Nero Core Components (Version: 11.0.18100)
Nero Disc Menus Basic (Version: 12.0.11500)
Nero Effects Basic (Version: 12.0.11500)
Nero Express (Version: 12.0.20000)
Nero Express Help (CHM) (Version: 12.0.5000)
Nero Installer (Version: 4.4.9.0)
Nero Kwik Media (Version: 1.18.18500)
Nero Kwik Media (Version: 12.0.01300)
Nero Kwik Media Help (CHM) (Version: 12.0.4000)
Nero Kwik Themes Basic (Version: 12.0.11500)
Nero PiP Effects Basic (Version: 12.0.11500)
Nero Recode (Version: 12.0.24000)
Nero Recode Help (CHM) (Version: 12.0.4000)
Nero RescueAgent (Version: 12.0.9000)
Nero RescueAgent Help (CHM) (Version: 12.0.3000)
Nero SharedVideoCodecs (Version: 1.0.12100.2.0)
Nero Update (Version: 11.0.11800.31.0)
Nero Video (Version: 12.0.3000)
Nero Video Help (CHM) (Version: 12.0.4000)
neroxml (Version: 1.0.0)
NHL06
Office-Bibliothek (Version: 5.01)
PDFCreator (Version: 1.5.0)
PDF-Viewer (Version: 2.5.205.0)
Picasa 3 (Version: 3.9)
Prerequisite installer (Version: 12.0.0002)
QLBCASL (Version: 6.40.17.2)
QuickTime (Version: 7.74.80.86)
Recuva (Version: 1.42)
Remotedesktopverbindung (Version: 5.1.2600.2180)
SCR3xxx Smart Card Reader (Version: 8.35)
Secunia PSI (3.0.0.6005) (Version: 3.0.0.6005)
Security Task Manager 1.8d (Version: 1.8d)
Shotty - Kleines aber eindrucksvolles Screenshot Tool (Version: 2.0.2.216)
Skype™ 6.3 (Version: 6.3.107)
SlimDrivers (Version: 2.2.28413)
SmarTerm (Version: 13.0.0)
SPG-Verein 3.0 (Version: 3.0.4)
Synaptics Pointing Device Driver (Version: 15.0.24.0)
TeamViewer 7 (Version: 7.0.14484)
TweetDeck (Version: 1.5.3)
Ultr@VNC Release 1.0.0 RC 18 - Win32 (Version: 1.0018)
UltraVNC 1.0.9.1 (Version: 1.0.9.1)
Uninstall 1.0.0.1
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817327) 32-Bit Edition
Update für Microsoft Office Excel 2007 Help (KB963678)
Update für Microsoft Office Outlook 2007 Help (KB963677)
Update für Microsoft Office Powerpoint 2007 Help (KB963669)
Update für Microsoft Office Word 2007 Help (KB963665)
VC80CRTRedist - 8.0.50727.4053 (Version: 1.1.0)
VD64Inst (Version: 1.00.0000)
VLC media player 2.0.2 (Version: 2.0.2)
Welcome App (Start-up experience) (Version: 12.0.14000)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (Version: 04/19/2012 2.3.1.0)
Windows Media Center Add-in for Silverlight (Version: 4.7.3.0)
Windows Media Player Firefox Plugin (Version: 1.0.0.8)
WinRAR 4.01 (64-bit) (Version: 4.01.0)
========================= Memory info: ===================================
Percentage of memory in use: 45%
Total physical RAM: 3836.87 MB
Available physical RAM: 2095.1 MB
Total Pagefile: 7671.92 MB
Available Pagefile: 5719.1 MB
Total Virtual: 4095.88 MB
Available Virtual: 3978.62 MB
========================= Partitions: =====================================
1 Drive c: () (Fixed) (Total:232.88 GB) (Free:66.55 GB) NTFS
3 Drive x: () (Network) (Total:463.7 GB) (Free:265.91 GB) NTFS
========================= Users: ========================================
User accounts for \\R187129
Administrator Christian Christian_2
Guest
========================= Minidump Files ==================================
No minidump file found
**** End of log ****
|
|
09.07.2013, 08:21
| #22 |
| /// the machine /// TB-Ausbilder | Avira findet Trojanisches Pferd TR/Kazy.169263.1 http://download.bleepingcomputer.com...ces/7/Dhcp.reg http://download.bleepingcomputer.com...s/7/SDRSVC.reg beides bitte auf dem Desktop speichern und ausführen, erlauben. Danach Reboot und frisches FSS log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
09.07.2013, 08:34
| #23 |
| | Avira findet Trojanisches Pferd TR/Kazy.169263.1 es kommt bei beiden nach dem ausführen diese Info:  |
|
09.07.2013, 08:36
| #24 |
| /// the machine /// TB-Ausbilder | Avira findet Trojanisches Pferd TR/Kazy.169263.1 Rebote in den abgesicherten Modus und versuch es wieder mit Rechtsklick als Admin ausführen.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
09.07.2013, 10:06
| #25 |
| | Avira findet Trojanisches Pferd TR/Kazy.169263.1 Dhcp.reg hat funktioniert. bei SDRSVC.reg kam wieder die selbe Meldung. Hab mich als Administrator angemeldet, da es die fuktion " Als Admin ausführen" nicht gibt. hier trotzdem schon mal ein aktueller FSS Log Code:
ATTFilter Farbar Service Scanner Version: 08-07-2013
Ran by Christian_2 (administrator) on 09-07-2013 at 11:07:29
Running from "C:\Users\Christian\Downloads"
Microsoft Windows 7 Professional Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
Windows Firewall:
=============
Firewall Disabled Policy:
==================
System Restore:
============
System Restore Disabled Policy:
========================
Action Center:
============
Windows Update:
============
Windows Autoupdate Disabled Policy:
============================
Windows Defender:
==============
Other Services:
==============
File Check:
========
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\SDRSVC.dll => MD5 is legit
C:\Windows\System32\vssvc.exe => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll => MD5 is legit
C:\Windows\System32\ipnathlp.dll => MD5 is legit
C:\Windows\System32\iphlpsvc.dll => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
**** End of log ****
|
|
09.07.2013, 10:46
| #26 |
| /// the machine /// TB-Ausbilder | Avira findet Trojanisches Pferd TR/Kazy.169263.1 Sieht besser aus . Gibt es aktuell noch PRobleme mit dem Rechner?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
09.07.2013, 10:53
| #27 |
| | Avira findet Trojanisches Pferd TR/Kazy.169263.1 schaut gut aus! auch die automatische IP zuweisung funktioniert wieder Vielen Dank!!! |
|
09.07.2013, 10:55
| #28 |
| /// the machine /// TB-Ausbilder | Avira findet Trojanisches Pferd TR/Kazy.169263.1 Fertig Die Reihenfolge ist hier entscheidend.
Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
09.07.2013, 11:30
| #29 |
| | Avira findet Trojanisches Pferd TR/Kazy.169263.1 So, hab alles Bereinigt. Ein Frage bleibt noch. Seit der Systemwiederherstellung ist mein Windows komplett in Englisch, obwohl es in der Systemsteuerung Deutsch eingestellt ist. Die installierte Version war allerdings auch eine englische und ich hab mir nachträglich eine Deutsches Language Pack dazu installiert. Weißt du ob ich das irgendwie einfach wieder in deutsch hin bekomme oder muss ich mir das Deutsches Language Pack wieder irgendwo runterladen... |
|
09.07.2013, 11:33
| #30 |
| /// the machine /// TB-Ausbilder | Avira findet Trojanisches Pferd TR/Kazy.169263.1 Language Pack installieren
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Avira findet Trojanisches Pferd TR/Kazy.169263.1 |
| .dll, antivir, appdata, automatische, avg, avira, code, datei, desktop, log, modul, namen, nicht mehr, programm, prozesse, registry, roaming, starten, svchost.exe, system, tr/kazy.169263.1, trojanische pferd, trojanisches pferd, virus, warnung, windows |
Linear-Darstellung
