GVU Trojaner auf Laptop

Greasepunk · 05.09.2013, 12:21

Hallo
Habe den GVU Trojaner auf dem Rechner.
Windows Vista
Nichts geht mehr.
Habe den FRST Scanner runtergeladen (hatte ich hier gelesen) und folgendes FRST Logfile

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 19-06-2013 (ATTENTION: FRST version is 78 days old)
Ran by SYSTEM on 05-09-2013 09:34:15
Running from H:\
Windows Vista (TM) Home Premium (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Recovery

The current controlset is ControlSet001
ATTENTION!:=====> FRST is updated to run from normal or Safe mode to produce a full FRST.txt log and Addition.txt log.

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide [1008184 2008-01-19] (Microsoft Corporation)
HKLM\...\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe [34352 2006-11-06] ()
HKLM\...\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL [438272 2006-03-22] (TOSHIBA)
HKLM\...\Run: [RtHDVCpl] RtHDVCpl.exe [x]
HKLM\...\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE [411192 2007-03-29] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe [55416 2006-12-07] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe [509496 2007-04-03] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe [538744 2007-05-22] (TOSHIBA Corporation)
HKLM\...\Run: [NDSTray.exe] NDSTray.exe [x]
HKLM\...\Run: [Desktop SMS] C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe /auto [1507328 2007-06-18] (Interactive Digital Media)
HKLM\...\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup [581632 2007-07-10] (TOSHIBA)
HKLM\...\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [90112 2006-11-10] ()
HKLM\...\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe [204800 2007-07-27] (Synaptics, Inc.)
HKLM\...\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [174872 2007-02-12] (Intel Corporation)
HKLM\...\Run: [Toshiba TEMPO] C:\Program Files\Toshiba TEMPO\Toshiba.Tempo.UI.TrayApplication.exe [103824 2007-10-29] (Toshiba Europe GmbH)
HKLM\...\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume [439568 2010-05-10] (Microsoft Corporation)
HKLM\...\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe /s [958352 2011-08-22] (Samsung)
HKLM\...\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [3507088 2011-08-22] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [BlueStacks Agent] C:\Program Files\BlueStacks\HD-Agent.exe [593784 2012-10-25] (BlueStack Systems, Inc.)
HKLM\...\Run: [Nero MediaHome 4] "C:\Program Files\Nero\Nero MediaHome 4\NeroMediaHome.exe" /AUTORUN [5178664 2012-02-28] (Nero AG)
HKLM\...\Run: [KB8358378] "C:\Users\Sascha\AppData\Local\KB8358378\KB8358378.exe" [60509 2013-09-05] ()
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\Default\...\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [ 2006-11-13] (TOSHIBA)
HKU\Default User\...\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [ 2006-11-13] (TOSHIBA)
HKU\NeroMediaHomeUser.4\...\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [ 2006-11-13] (TOSHIBA)
HKU\Sascha\...\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [ 2006-11-13] (TOSHIBA)
HKU\Sascha\...\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe [ 2008-01-19] (Microsoft Corporation)
HKU\Sascha\...\Run: [Center Agent] C:\Program Files\X-TENSIONS Multimedia\HyperMediaCenter\DTVR\Scheduled.exe [ 2008-01-10] ()
HKU\Sascha\...\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [x]
HKU\Sascha\...\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [ 2011-08-22] ()
HKU\Sascha\...\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background [x]
HKU\Sascha\...\Run: [Messenger (Yahoo!)] "D:\\Messenger\YahooMessenger.exe" -quiet [x]
HKU\Sascha\...\Run: [Nero MediaHome 4] "C:\Program Files\Nero\Nero MediaHome 4\NeroMediaHome.exe" /AUTORUN [ 2012-02-28] (Nero AG)
HKU\Sascha\...\Run: [AmazonMP3DownloaderHelper] C:\Users\Sascha\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [ 2013-05-22] ()
HKU\Sascha\...\Run: [KB8358378] "C:\Users\Sascha\AppData\Local\KB8358378\KB8358378.exe" [x]
Startup: C:\Users\Sascha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()

========================== Services (Whitelisted) =================

S2 BstHdAndroidSvc; C:\Program Files\BlueStacks\HD-Service.exe [393080 2012-10-25] (BlueStack Systems, Inc.)
S2 BstHdLogRotatorSvc; C:\Program Files\BlueStacks\HD-LogRotatorService.exe [384888 2012-10-25] (BlueStack Systems, Inc.)
S3 FirebirdServerMAGIXInstance; C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [1527900 2005-11-17] (MAGIX®)
S2 NeroMediaHomeService.4; C:\Program Files\Nero\Nero MediaHome 4\NMMediaServerService.exe [517416 2012-02-28] (Nero AG)
S2 NIS; C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\20.4.0.40\diMaster.dll [556336 2013-05-30] (Symantec Corporation)
S2 TempoMonitoringService; C:\Program Files\Toshiba TEMPO\TempoSVC.exe [95624 2007-10-29] (Toshiba Europe GmbH)
S2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe [1724192 2013-01-28] (TuneUp Software)
S2 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-08-23] (Ulead Systems, Inc.)

==================== Drivers (Whitelisted) ====================

S3 AF15BDA; C:\Windows\System32\DRIVERS\AF15BDA.sys [327296 2007-12-06] (AfaTech                  )
S1 BHDrvx86; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.1.22\Definitions\BASHDefs\20130715.001\BHDrvx86.sys [1002072 2013-05-31] (Symantec Corporation)
S2 BstHdDrv; C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [63864 2012-10-25] (BlueStack Systems)
S1 ccSet_NIS; C:\Windows\system32\drivers\NIS\1404000.028\ccSetx86.sys [134744 2013-04-16] (Symantec Corporation)
S4 CplIR; C:\Windows\system32\DRIVERS\CplIR.SYS [14848 2007-03-06] (COMPAL ELECTRONIC INC.)
S1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [376920 2013-08-27] (Symantec Corporation)
S3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [108120 2013-08-27] (Symantec Corporation)
S1 IDSVix86; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.1.22\Definitions\IPSDefs\20130904.001\IDSvix86.sys [392792 2013-08-21] (Symantec Corporation)
S0 LPCFilter; C:\Windows\System32\DRIVERS\LPCFilter.sys [19456 2006-07-28] (COMPAL ELECTRONIC INC.)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.1.22\Definitions\VirusDefs\20130904.017\NAVENG.SYS [93272 2013-08-29] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.1.22\Definitions\VirusDefs\20130904.017\NAVEX15.SYS [1612376 2013-08-29] (Symantec Corporation)
S3 SRTSP; C:\Windows\System32\Drivers\NIS\1404000.028\SRTSP.SYS [603224 2013-05-16] (Symantec Corporation)
S1 SRTSPX; C:\Windows\system32\drivers\NIS\1404000.028\SRTSPX.SYS [32344 2013-03-05] (Symantec Corporation)
S0 SymDS; C:\Windows\System32\drivers\NIS\1404000.028\SYMDS.SYS [367704 2013-05-21] (Symantec Corporation)
S0 SymEFA; C:\Windows\System32\drivers\NIS\1404000.028\SYMEFA.SYS [934488 2013-05-23] (Symantec Corporation)
S3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [142496 2013-06-19] (Symantec Corporation)
S1 SymIRON; C:\Windows\system32\drivers\NIS\1404000.028\Ironx86.SYS [175264 2013-03-05] (Symantec Corporation)
S1 SYMTDIv; C:\Windows\System32\Drivers\NIS\1404000.028\SYMTDIV.SYS [352344 2013-04-25] (Symantec Corporation)
S3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys [10088 2012-11-16] (TuneUp Software)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [x]
S3 igfx; system32\DRIVERS\igdkmd32.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 SYMDNS; \SystemRoot\System32\Drivers\NIS\1002000.007\SYMDNS.SYS [x]
S3 SYMFW; \SystemRoot\System32\Drivers\NIS\1007020.00B\SYMFW.SYS [x]
S3 SYMNDISV; \SystemRoot\System32\Drivers\NIS\1007020.00B\SYMNDISV.SYS [x]
S3 SYMREDRV; \SystemRoot\System32\Drivers\NIS\1002000.007\SYMREDRV.SYS [x]
S3 Tosrfcom; No ImagePath
S3 TpChoice; system32\DRIVERS\TpChoice.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-05 07:28 - 2013-09-05 07:28 - 00000000 ____D C:\Users\Sascha\AppData\Local\KB8358378
2013-08-28 10:15 - 2013-08-02 05:09 - 01548288 ____A (Microsoft Corporation) C:\Windows\System32\WMVDECOD.DLL
2013-08-20 19:52 - 2013-08-20 19:52 - 00000000 ____D C:\Users\Sascha\Documents\Amazon MP3
2013-08-20 19:52 - 2013-08-20 19:52 - 00000000 ____D C:\Users\Sascha\AppData\Roaming\Amazon
2013-08-15 12:14 - 2013-08-15 12:18 - 00000000 ____D C:\Windows\System32\MRT
2013-08-15 12:03 - 2013-07-25 03:40 - 12334080 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2013-08-15 12:03 - 2013-07-25 03:32 - 01800704 ____A (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2013-08-15 12:03 - 2013-07-25 03:30 - 09738752 ____A (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2013-08-15 12:03 - 2013-07-25 03:26 - 01129472 ____A (Microsoft Corporation) C:\Windows\System32\wininet.dll
2013-08-15 12:03 - 2013-07-25 03:26 - 01104384 ____A (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2013-08-15 12:03 - 2013-07-25 03:25 - 01427968 ____A (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2013-08-15 12:03 - 2013-07-25 03:24 - 00231936 ____A (Microsoft Corporation) C:\Windows\System32\url.dll
2013-08-15 12:03 - 2013-07-25 03:24 - 00065536 ____A (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2013-08-15 12:03 - 2013-07-25 03:23 - 01796096 ____A (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2013-08-15 12:03 - 2013-07-25 03:23 - 00717824 ____A (Microsoft Corporation) C:\Windows\System32\jscript.dll
2013-08-15 12:03 - 2013-07-25 03:23 - 00607744 ____A (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2013-08-15 12:03 - 2013-07-25 03:23 - 00420864 ____A (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2013-08-15 12:03 - 2013-07-25 03:23 - 00142848 ____A (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2013-08-15 12:03 - 2013-07-25 03:22 - 02382848 ____A (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2013-08-15 12:03 - 2013-07-25 03:22 - 00176640 ____A (Microsoft Corporation) C:\Windows\System32\ieui.dll
2013-08-15 12:03 - 2013-07-25 03:22 - 00073216 ____A (Microsoft Corporation) C:\Windows\System32\mshtmled.dll
2013-08-15 08:13 - 2013-07-17 20:41 - 00002048 ____A (Microsoft Corporation) C:\Windows\System32\tzres.dll
2013-08-15 08:13 - 2013-07-10 10:47 - 00783360 ____A (Microsoft Corporation) C:\Windows\System32\rpcrt4.dll
2013-08-15 08:13 - 2013-07-09 13:10 - 01205168 ____A (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2013-08-15 08:13 - 2013-07-08 05:55 - 03603904 ____A (Microsoft Corporation) C:\Windows\System32\ntkrnlpa.exe
2013-08-15 08:13 - 2013-07-08 05:55 - 03551680 ____A (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2013-08-15 08:13 - 2013-07-05 05:53 - 00905664 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2013-08-15 08:13 - 2013-06-15 14:22 - 00015872 ____A (Microsoft Corporation) C:\Windows\System32\icaapi.dll
2013-08-15 08:13 - 2013-06-15 12:23 - 00024064 ____A (Microsoft Corporation) C:\Windows\System32\Drivers\tssecsrv.sys
2013-08-15 08:12 - 2013-07-08 05:20 - 00172544 ____A (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2013-08-15 08:12 - 2013-07-08 05:16 - 00992768 ____A (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2013-08-15 08:12 - 2013-07-08 05:16 - 00133120 ____A (Microsoft Corporation) C:\Windows\System32\cryptsvc.dll
2013-08-15 08:12 - 2013-07-08 05:16 - 00098304 ____A (Microsoft Corporation) C:\Windows\System32\cryptnet.dll
2013-08-14 14:11 - 2013-08-14 14:11 - 00000964 ____A C:\Users\Public\Desktop\Express Burn.lnk
2013-08-09 09:10 - 2013-08-12 10:57 - 00000000 ____D C:\Users\Sascha\AppData\Roaming\FileZilla

==================== One Month Modified Files and Folders ========

2013-09-05 08:13 - 2012-03-30 06:22 - 00000884 ____A C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-05 07:55 - 2009-07-14 20:21 - 00001098 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-05 07:28 - 2013-09-05 07:28 - 00000000 ____D C:\Users\Sascha\AppData\Local\KB8358378
2013-09-05 06:51 - 2008-04-22 13:20 - 00002605 ____A C:\Users\Sascha\Desktop\Microsoft Word.lnk
2013-09-05 06:37 - 2008-04-16 10:04 - 01768155 ____A C:\Windows\WindowsUpdate.log
2013-09-05 06:32 - 2008-04-17 08:52 - 00000434 ____A C:\Windows\System32\Drivers\etc\hosts.ics
2013-09-05 06:30 - 2009-07-14 20:21 - 00001094 ____A C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-05 06:30 - 2006-11-02 14:01 - 00000006 ___AH C:\Windows\Tasks\SA.DAT
2013-09-05 06:30 - 2006-11-02 13:47 - 00003696 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-05 06:30 - 2006-11-02 13:47 - 00003696 ___AH C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-04 21:47 - 2006-11-02 14:01 - 00032558 ____A C:\Windows\Tasks\SCHEDLGU.TXT
2013-09-04 13:04 - 2009-03-27 21:17 - 00001052 ____A C:\Windows\Tasks\Google Software Updater.job
2013-09-03 23:07 - 2011-01-14 12:18 - 00000000 ____D C:\Users\Sascha\AppData\Local\CrashDumps
2013-09-01 22:35 - 2013-07-06 10:33 - 00000000 ____D C:\Users\Sascha\AppData\Roaming\.minecraft
2013-08-31 13:21 - 2008-04-20 09:10 - 00102400 ____A C:\Users\Sascha\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-08-29 22:21 - 2012-07-07 10:27 - 00000000 ____D C:\Users\Sascha\AppData\Roaming\vlc
2013-08-25 17:56 - 2009-02-14 11:02 - 00000680 ____A C:\Users\Sascha\AppData\Local\d3d9caps.dat
2013-08-20 19:56 - 2006-11-02 11:33 - 01459028 ____A C:\Windows\System32\PerfStringBackup.INI
2013-08-20 19:52 - 2013-08-20 19:52 - 00000000 ____D C:\Users\Sascha\Documents\Amazon MP3
2013-08-20 19:52 - 2013-08-20 19:52 - 00000000 ____D C:\Users\Sascha\AppData\Roaming\Amazon
2013-08-15 17:00 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\rescache
2013-08-15 16:55 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-08-15 16:37 - 2006-11-02 12:18 - 00000000 ____D C:\Windows\System32\de-DE
2013-08-15 12:18 - 2013-08-15 12:14 - 00000000 ____D C:\Windows\System32\MRT
2013-08-15 12:14 - 2006-11-02 11:24 - 75778376 ____A (Microsoft Corporation) C:\Windows\System32\mrt.exe
2013-08-14 14:11 - 2013-08-14 14:11 - 00000964 ____A C:\Users\Public\Desktop\Express Burn.lnk
2013-08-14 14:11 - 2012-06-07 20:31 - 00000000 ____D C:\ProgramData\NCH Software
2013-08-14 14:11 - 2012-06-07 20:30 - 00000000 ____D C:\Users\Sascha\AppData\Roaming\NCH Software
2013-08-14 14:11 - 2012-06-07 20:30 - 00000000 ____D C:\Program Files\NCH Software
2013-08-12 10:57 - 2013-08-09 09:10 - 00000000 ____D C:\Users\Sascha\AppData\Roaming\FileZilla
2013-08-10 16:19 - 2013-06-30 17:45 - 00005460 ____A C:\Windows\setupact.log
2013-08-10 12:43 - 2006-11-02 13:37 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-08-10 09:42 - 2013-02-21 08:46 - 00000000 ____D C:\Users\Sascha\Documents\Intelli-studio
2013-08-10 09:31 - 2013-02-21 08:43 - 00000000 ____D C:\Users\Sascha\AppData\Roaming\Intelli-studio
2013-08-06 19:58 - 2013-05-04 21:03 - 00274824 ____A C:\Windows\PFRO.log

==================== Known DLLs (Whitelisted) ============


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

==================== EXE ASSOCIATION =====================

HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK

==================== Restore Points  =========================

Restore point made on: 2013-08-30 13:33:34
Restore point made on: 2013-09-01 12:36:08

==================== Memory info =========================== 

Percentage of memory in use: 15%
Total physical RAM: 3069.81 MB
Available physical RAM: 2586.93 MB
Total Pagefile: 2807.09 MB
Available Pagefile: 2657.22 MB
Total Virtual: 2047.88 MB
Available Virtual: 1979.14 MB

==================== Drives ================================

Drive c: (Vista) (Fixed) (Total:74.52 GB) (Free:10.83 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:149.05 GB) (Free:29.78 GB) NTFS
Drive e: (Data) (Fixed) (Total:73.06 GB) (Free:50.56 GB) NTFS
Drive g: (WinRE) (Fixed) (Total:1.46 GB) (Free:1.27 GB) NTFS
Drive h: (HITMANPRO) (Removable) (Total:0.11 GB) (Free:0.11 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 149 GB) (Disk ID: 1A48DF06)
Partition 1: (Not Active) - (Size=1 GB) - (Type=27)
Partition 2: (Active) - (Size=75 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=73 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 149 GB) (Disk ID: 5D379805)
Partition 1: (Not Active) - (Size=149 GB) - (Type=OF Extended)

========================================================
Disk: 2 (Size: 124 MB) (Disk ID: 3C683E52)
Partition 1: (Active) - (Size=118 MB) - (Type=0B)


LastRegBack: 2013-09-05 06:38

==================== End Of Log ============================

Hoffe Ihr könnt mir weiterhelfen...

cosinus · 05.09.2013, 12:29

Hallo und

Drücke bitte die

+ R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:

ATTFilter

HKLM\...\Run: [KB8358378] "C:\Users\Sascha\AppData\Local\KB8358378\KB8358378.exe" [60509 2013-09-05] ()
HKU\Sascha\...\Run: [KB8358378] "C:\Users\Sascha\AppData\Local\KB8358378\KB8358378.exe" [x]
C:\Users\Sascha\AppData\Local\KB8358378

Speichere diese bitte als Fixlist.txt auf deinem USB Stick.

Starte deinen Rechner erneut in die Reparaturoptionen
Starte nun die FRST.exe erneut und klicke den Entfernen Button.

Das Tool erstellt eine Fixlog.txt auf deinem USB Stick. Poste den Inhalt bitte hier.

Greasepunk · 05.09.2013, 12:57

Hier:

Code:

ATTFilter

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 19-06-2013
Ran by SYSTEM at 2013-09-05 13:54:24 Run:4
Running from H:\
Boot Mode: Recovery

==============================================

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\KB8358378 => Value deleted successfully.
HKU\Sascha\Software\Microsoft\Windows\CurrentVersion\Run\\KB8358378 => Value deleted successfully.
C:\Users\Sascha\AppData\Local\KB8358378 => Moved successfully.

==== End of Fixlog ====

cosinus · 05.09.2013, 13:17

Startet Windows wieder normal?

Greasepunk · 05.09.2013, 13:26

Ja. Es ist jetzt wieder normal gestartet.

cosinus · 05.09.2013, 14:10

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Greasepunk · 05.09.2013, 19:32

Wie jetzt? Da shatte ich doch schon gemacht...
Windows startet normal.
Muss ich jetzt noch was machen?

cosinus · 06.09.2013, 10:57

Nein so hast du das bestimmt nicht gemacht am Anfang. Bitte lies die Anleitungen richtig

Greasepunk · 06.09.2013, 12:51

OK.

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 06-09-2013
Ran by Sascha (administrator) on LAPTOP on 06-09-2013 13:47:11
Running from C:\Users\Sascha\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MAYLLWH6
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) ===================

(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(Agere Systems) C:\Windows\system32\agrsmsvc.exe
(BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-LogRotatorService.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
(Nero AG) C:\Program Files\Nero\Nero MediaHome 4\NMMediaServerService.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
(Toshiba Europe GmbH) C:\Program Files\Toshiba TEMPO\TempoSVC.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe
(TOSHIBA Corporation) C:\Windows\system32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
(Ulead Systems, Inc.) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
() C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
(Realtek Semiconductor) C:\Windows\RtHDVCpl.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Toshiba Europe GmbH) C:\Program Files\Toshiba TEMPO\Toshiba.Tempo.UI.TrayApplication.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
(BlueStack Systems, Inc.) C:\Program Files\BlueStacks\HD-Agent.exe
(Nero AG) C:\Program Files\Nero\Nero MediaHome 4\NeroMediaHome.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(TOSHIBA) C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
() C:\Program Files\X-TENSIONS Multimedia\HyperMediaCenter\DTVR\Scheduled.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
() C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
() C:\Users\Sascha\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynToshiba.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
(Microsoft Corporation) C:\Program Files\Windows Mail\WinMail.exe
(Yahoo! Inc.) D:\Messenger\YahooMessenger.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\system32\Macromed\Flash\FlashUtil32_11_8_800_94_ActiveX.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-19] (Microsoft Corporation)
HKLM\...\Run: [KeNotify] - C:\Program Files\TOSHIBA\Utilities\KeNotify.exe [34352 2006-11-06] ()
HKLM\...\Run: [SVPWUTIL] - C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe [438272 2006-03-22] (TOSHIBA)
HKLM\...\Run: [RtHDVCpl] - C:\Windows\RtHDVCpl.exe [4702208 2007-09-03] (Realtek Semiconductor)
HKLM\...\Run: [TPwrMain] - C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [411192 2007-03-29] (TOSHIBA Corporation)
HKLM\...\Run: [HSON] - C:\Program Files\TOSHIBA\TBS\HSON.exe [55416 2006-12-07] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] - C:\Program Files\Toshiba\SmoothView\SmoothView.exe [509496 2007-04-03] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] - C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [538744 2007-05-22] (TOSHIBA Corporation)
HKLM\...\Run: [NDSTray.exe] - NDSTray.exe [x]
HKLM\...\Run: [Desktop SMS] - C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe [1507328 2007-06-18] (Interactive Digital Media)
HKLM\...\Run: [topi] - C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe [581632 2007-07-10] (TOSHIBA)
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [90112 2006-11-10] ()
HKLM\...\Run: [SynTPStart] - C:\Program Files\Synaptics\SynTP\SynTPStart.exe [204800 2007-07-27] (Synaptics, Inc.)
HKLM\...\Run: [IAAnotif] - C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [174872 2007-02-12] (Intel Corporation)
HKLM\...\Run: [Toshiba TEMPO] - C:\Program Files\Toshiba TEMPO\Toshiba.Tempo.UI.TrayApplication.exe [103824 2007-10-29] (Toshiba Europe GmbH)
HKLM\...\Run: [Microsoft Default Manager] - C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [439568 2010-05-10] (Microsoft Corporation)
HKLM\...\Run: [KiesHelper] - C:\Program Files\Samsung\Kies\KiesHelper.exe [958352 2011-08-22] (Samsung)
HKLM\...\Run: [KiesTrayAgent] - C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [3507088 2011-08-22] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [BlueStacks Agent] - C:\Program Files\BlueStacks\HD-Agent.exe [593784 2012-10-25] (BlueStack Systems, Inc.)
HKLM\...\Run: [Nero MediaHome 4] - C:\Program Files\Nero\Nero MediaHome 4\NeroMediaHome.exe [5178664 2012-02-28] (Nero AG)
HKLM\...\Run: [SDTray] - C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe [5624784 2013-07-25] (Safer-Networking Ltd.)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKCU\...\Run: [TOSCDSPD] - C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [413696 2006-11-13] (TOSHIBA)
HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [125952 2008-01-19] (Microsoft Corporation)
HKCU\...\Run: [Center Agent] - C:\Program Files\X-TENSIONS Multimedia\HyperMediaCenter\DTVR\Scheduled.exe [1524224 2008-01-10] ()
HKCU\...\Run: [swg] - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2008-08-08] (Google Inc.)
HKCU\...\Run: [KiesPDLR] - C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [20880 2011-08-22] ()
HKCU\...\Run: [msnmsgr] - "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background [x]
HKCU\...\Run: [Messenger (Yahoo!)] - D:\\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)
HKCU\...\Run: [Nero MediaHome 4] - C:\Program Files\Nero\Nero MediaHome 4\NeroMediaHome.exe [5178664 2012-02-28] (Nero AG)
HKCU\...\Run: [AmazonMP3DownloaderHelper] - C:\Users\Sascha\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-22] ()
MountPoints2: {0ba30697-7bf1-11e2-8167-001eec02028b} - H:\iStudio.exe
HKU\Default\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)
HKU\Default\...\Run: [TOSCDSPD] - C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [ 2006-11-13] (TOSHIBA)
HKU\Default User\...\Run: [WindowsWelcomeCenter] - C:\Windows\System32\oobefldr.dll [ 2009-04-11] (Microsoft Corporation)
HKU\Default User\...\Run: [TOSCDSPD] - C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe [ 2006-11-13] (TOSHIBA)
Startup: C:\Users\Sascha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {74DD18FC-EF2E-47C4-836C-B1DFCDE49EB3} URL = hxxp://www.google.de/search?q={searchTerms}&rls=com.microsoft:*:IE-SearchBox&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7;
BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU -Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Sascha\AppData\Roaming\Mozilla\Firefox\Profiles\vdq6ogev.default
FF NewTab: about:blank
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @Google.com/GoogleEarthPlugin - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/JavaPlugin - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll No File
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @pack.google.com/Google Updater;version=14 - C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll (Google)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.5 - D:\Neuer Ordner (2)\VLC\npvlc.dll (VideoLAN)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Users\Sascha\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
FF Extension: No Name - C:\Users\Sascha\AppData\Roaming\Mozilla\Firefox\Profiles\vdq6ogev.default\Extensions\{052a6f74-6bac-43d9-b0aa-de47606421bf}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF HKLM\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.1.22\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.1.22\coFFPlgn\
FF HKLM\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\
FF Extension: Default Manager - C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DMExtension\
FF HKLM\...\Firefox\Extensions: [fmconverter@gmail.com] C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\
FF Extension: Freemake Video Converter Plugin - C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\
FF HKLM\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.1.22\IPSFFPlgn\
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.1.22\IPSFFPlgn\

Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter}
CHR Extension: (Google Drive) - C:\Users\Sascha\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0
CHR Extension: (YouTube) - C:\Users\Sascha\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0
CHR Extension: (Google Search) - C:\Users\Sascha\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0
CHR Extension: (Norton Identity Protection) - C:\Users\Sascha\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2012.5.13.5_0
CHR Extension: (Gmail) - C:\Users\Sascha\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0
CHR HKLM\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - C:\Program Files\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\20.4.0.40\Exts\Chrome.crx

========================== Services (Whitelisted) =================

S2 BstHdAndroidSvc; C:\Program Files\BlueStacks\HD-Service.exe [393080 2012-10-25] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files\BlueStacks\HD-LogRotatorService.exe [384888 2012-10-25] (BlueStack Systems, Inc.)
S3 FirebirdServerMAGIXInstance; C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe [1527900 2005-11-17] (MAGIX®)
R2 NeroMediaHomeService.4; C:\Program Files\Nero\Nero MediaHome 4\NMMediaServerService.exe [517416 2012-02-28] (Nero AG)
R2 NIS; C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\20.4.0.40\diMaster.dll [556336 2013-05-30] (Symantec Corporation)
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [1817560 2013-05-16] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [1033688 2013-05-16] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2013-05-15] (Safer-Networking Ltd.)
R2 TempoMonitoringService; C:\Program Files\Toshiba TEMPO\TempoSVC.exe [95624 2007-10-29] (Toshiba Europe GmbH)
R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe [1724192 2013-01-28] (TuneUp Software)
R2 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-08-23] (Ulead Systems, Inc.)

==================== Drivers (Whitelisted) ====================

S3 AF15BDA; C:\Windows\System32\DRIVERS\AF15BDA.sys [327296 2007-12-06] (AfaTech                  )
R1 BHDrvx86; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.1.22\Definitions\BASHDefs\20130715.001\BHDrvx86.sys [1002072 2013-05-31] (Symantec Corporation)
R2 BstHdDrv; C:\Program Files\BlueStacks\HD-Hypervisor-x86.sys [63864 2012-10-25] (BlueStack Systems)
R1 ccSet_NIS; C:\Windows\system32\drivers\NIS\1404000.028\ccSetx86.sys [134744 2013-04-16] (Symantec Corporation)
R0 CLFS; C:\Windows\System32\CLFS.sys [245736 2009-04-11] (Microsoft Corporation)
S4 CplIR; C:\Windows\system32\DRIVERS\CplIR.SYS [14848 2007-03-06] (COMPAL ELECTRONIC INC.)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [376920 2013-08-27] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [108120 2013-08-27] (Symantec Corporation)
R1 IDSVix86; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.1.22\Definitions\IPSDefs\20130905.001\IDSvix86.sys [392792 2013-08-21] (Symantec Corporation)
R0 LPCFilter; C:\Windows\System32\DRIVERS\LPCFilter.sys [19456 2006-07-28] (COMPAL ELECTRONIC INC.)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.1.22\Definitions\VirusDefs\20130905.018\NAVENG.SYS [93272 2013-08-29] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.1.22\Definitions\VirusDefs\20130905.018\NAVEX15.SYS [1612376 2013-08-29] (Symantec Corporation)
R3 SRTSP; C:\Windows\System32\Drivers\NIS\1404000.028\SRTSP.SYS [603224 2013-05-16] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NIS\1404000.028\SRTSPX.SYS [32344 2013-03-05] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NIS\1404000.028\SYMDS.SYS [367704 2013-05-21] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NIS\1404000.028\SYMEFA.SYS [934488 2013-05-23] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [142496 2013-06-19] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NIS\1404000.028\Ironx86.SYS [175264 2013-03-05] (Symantec Corporation)
R1 SYMTDIv; C:\Windows\System32\Drivers\NIS\1404000.028\SYMTDIV.SYS [352344 2013-04-25] (Symantec Corporation)
R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys [10088 2012-11-16] (TuneUp Software)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [x]
S3 igfx; system32\DRIVERS\igdkmd32.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
S3 SYMDNS; \SystemRoot\System32\Drivers\NIS\1002000.007\SYMDNS.SYS [x]
S3 SYMFW; \SystemRoot\System32\Drivers\NIS\1007020.00B\SYMFW.SYS [x]
S3 SYMNDISV; \SystemRoot\System32\Drivers\NIS\1007020.00B\SYMNDISV.SYS [x]
S3 SYMREDRV; \SystemRoot\System32\Drivers\NIS\1002000.007\SYMREDRV.SYS [x]
S3 Tosrfcom; No ImagePath
S3 TpChoice; system32\DRIVERS\TpChoice.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-09-06 10:22 - 2013-09-06 10:57 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-09-06 10:22 - 2013-09-06 10:22 - 00001963 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2013-09-06 10:22 - 2013-09-06 10:22 - 00000644 _____ C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
2013-09-06 10:22 - 2013-09-06 10:22 - 00000616 _____ C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
2013-09-06 10:22 - 2013-09-06 10:22 - 00000446 _____ C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job
2013-09-06 10:21 - 2013-09-06 10:23 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy 2
2013-09-06 10:21 - 2009-01-25 13:14 - 00015224 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean.exe
2013-09-05 22:39 - 2013-09-05 22:39 - 00000911 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-09-05 22:39 - 2013-09-05 22:39 - 00000000 ____D C:\Users\Sascha\AppData\Roaming\Malwarebytes
2013-09-05 22:39 - 2013-09-05 22:39 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-05 22:39 - 2013-09-05 22:39 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-09-05 22:39 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-08-28 11:15 - 2013-08-02 06:09 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-08-20 20:52 - 2013-08-20 20:52 - 00000000 ____D C:\Users\Sascha\Documents\Amazon MP3
2013-08-20 20:52 - 2013-08-20 20:52 - 00000000 ____D C:\Users\Sascha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
2013-08-20 20:52 - 2013-08-20 20:52 - 00000000 ____D C:\Users\Sascha\AppData\Roaming\Amazon
2013-08-15 13:14 - 2013-08-15 13:18 - 00000000 ____D C:\Windows\system32\MRT
2013-08-15 13:03 - 2013-07-25 04:40 - 12334080 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-15 13:03 - 2013-07-25 04:32 - 01800704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-15 13:03 - 2013-07-25 04:30 - 09738752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-15 13:03 - 2013-07-25 04:26 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-15 13:03 - 2013-07-25 04:26 - 01104384 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-15 13:03 - 2013-07-25 04:25 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-08-15 13:03 - 2013-07-25 04:24 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-08-15 13:03 - 2013-07-25 04:24 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-15 13:03 - 2013-07-25 04:23 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-15 13:03 - 2013-07-25 04:23 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-15 13:03 - 2013-07-25 04:23 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-15 13:03 - 2013-07-25 04:23 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-08-15 13:03 - 2013-07-25 04:23 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-08-15 13:03 - 2013-07-25 04:22 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-15 13:03 - 2013-07-25 04:22 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-15 13:03 - 2013-07-25 04:22 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-08-15 09:13 - 2013-07-17 21:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-15 09:13 - 2013-07-10 11:47 - 00783360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-15 09:13 - 2013-07-09 14:10 - 01205168 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-15 09:13 - 2013-07-08 06:55 - 03603904 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2013-08-15 09:13 - 2013-07-08 06:55 - 03551680 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-15 09:13 - 2013-07-05 06:53 - 00905664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-15 09:13 - 2013-06-15 15:22 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2013-08-15 09:13 - 2013-06-15 13:23 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-15 09:12 - 2013-07-08 06:20 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-15 09:12 - 2013-07-08 06:16 - 00992768 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-15 09:12 - 2013-07-08 06:16 - 00133120 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-15 09:12 - 2013-07-08 06:16 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-14 15:11 - 2013-08-14 15:11 - 00000964 _____ C:\Users\Public\Desktop\Express Burn.lnk
2013-08-14 15:11 - 2013-08-14 15:11 - 00000000 ____D C:\Users\Sascha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NCH Software Produktpalette
2013-08-14 15:11 - 2013-08-14 15:11 - 00000000 ____D C:\Users\Sascha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Audioverwandte Programme
2013-08-09 10:10 - 2013-08-12 11:57 - 00000000 ____D C:\Users\Sascha\AppData\Roaming\FileZilla

==================== One Month Modified Files and Folders =======

2013-09-06 13:35 - 2009-07-14 21:21 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-09-06 13:34 - 2012-03-30 07:22 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-09-06 13:34 - 2008-04-16 11:04 - 01789046 _____ C:\Windows\WindowsUpdate.log
2013-09-06 11:32 - 2006-11-02 14:47 - 00003696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-09-06 11:32 - 2006-11-02 14:47 - 00003696 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-09-06 10:57 - 2013-09-06 10:22 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-09-06 10:23 - 2013-09-06 10:21 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy 2
2013-09-06 10:22 - 2013-09-06 10:22 - 00001963 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2013-09-06 10:22 - 2013-09-06 10:22 - 00000644 _____ C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job
2013-09-06 10:22 - 2013-09-06 10:22 - 00000616 _____ C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job
2013-09-06 10:22 - 2013-09-06 10:22 - 00000446 _____ C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job
2013-09-06 09:00 - 2008-04-22 14:20 - 00002605 _____ C:\Users\Sascha\Desktop\Microsoft Word.lnk
2013-09-06 07:34 - 2008-04-17 09:52 - 00000434 _____ C:\Windows\system32\Drivers\etc\hosts.ics
2013-09-06 07:32 - 2013-05-04 22:03 - 00275220 _____ C:\Windows\PFRO.log
2013-09-06 07:32 - 2009-07-14 21:21 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-09-06 07:32 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-09-06 07:31 - 2006-11-02 13:18 - 00000000 ___RD C:\Windows\Offline Web Pages
2013-09-05 22:58 - 2006-11-02 15:01 - 00032558 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-09-05 22:39 - 2013-09-05 22:39 - 00000911 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-09-05 22:39 - 2013-09-05 22:39 - 00000000 ____D C:\Users\Sascha\AppData\Roaming\Malwarebytes
2013-09-05 22:39 - 2013-09-05 22:39 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-09-05 22:39 - 2013-09-05 22:39 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-09-04 14:04 - 2009-03-27 22:17 - 00001052 _____ C:\Windows\Tasks\Google Software Updater.job
2013-09-04 00:07 - 2011-01-14 13:18 - 00000000 ____D C:\Users\Sascha\AppData\Local\CrashDumps
2013-09-01 23:35 - 2013-07-06 11:33 - 00000000 ____D C:\Users\Sascha\AppData\Roaming\.minecraft
2013-08-31 14:21 - 2008-04-20 10:10 - 00102400 _____ C:\Users\Sascha\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-08-29 23:21 - 2012-07-07 11:27 - 00000000 ____D C:\Users\Sascha\AppData\Roaming\vlc
2013-08-25 18:56 - 2009-02-14 12:02 - 00000680 _____ C:\Users\Sascha\AppData\Local\d3d9caps.dat
2013-08-20 20:56 - 2006-11-02 12:33 - 01459028 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-20 20:52 - 2013-08-20 20:52 - 00000000 ____D C:\Users\Sascha\Documents\Amazon MP3
2013-08-20 20:52 - 2013-08-20 20:52 - 00000000 ____D C:\Users\Sascha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon
2013-08-20 20:52 - 2013-08-20 20:52 - 00000000 ____D C:\Users\Sascha\AppData\Roaming\Amazon
2013-08-15 18:00 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache
2013-08-15 17:55 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-08-15 17:37 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\de-DE
2013-08-15 13:18 - 2013-08-15 13:14 - 00000000 ____D C:\Windows\system32\MRT
2013-08-15 13:14 - 2006-11-02 12:24 - 75778376 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2013-08-14 15:11 - 2013-08-14 15:11 - 00000964 _____ C:\Users\Public\Desktop\Express Burn.lnk
2013-08-14 15:11 - 2013-08-14 15:11 - 00000000 ____D C:\Users\Sascha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NCH Software Produktpalette
2013-08-14 15:11 - 2013-08-14 15:11 - 00000000 ____D C:\Users\Sascha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Audioverwandte Programme
2013-08-14 15:11 - 2012-06-07 21:31 - 00000000 ____D C:\ProgramData\NCH Software
2013-08-14 15:11 - 2012-06-07 21:30 - 00000000 ____D C:\Users\Sascha\AppData\Roaming\NCH Software
2013-08-14 15:11 - 2012-06-07 21:30 - 00000000 ____D C:\Program Files\NCH Software
2013-08-12 11:57 - 2013-08-09 10:10 - 00000000 ____D C:\Users\Sascha\AppData\Roaming\FileZilla
2013-08-10 17:19 - 2013-06-30 18:45 - 00005460 _____ C:\Windows\setupact.log
2013-08-10 13:43 - 2006-11-02 14:37 - 00000000 ___RD C:\Users\Public\Recorded TV
2013-08-10 10:42 - 2013-02-21 09:46 - 00000000 ____D C:\Users\Sascha\Documents\Intelli-studio
2013-08-10 10:31 - 2013-02-21 09:43 - 00000000 ____D C:\Users\Sascha\AppData\Roaming\Intelli-studio

Files to move or delete:
====================
C:\Users\Sascha\AppData\Local\Temp\3dcf2df1-2a83-477c-a7dd-858967792357\CliSecureRT.dll

==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-09-06 07:39

==================== End Of Log ============================

--- --- ---

--- --- ---

und:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 06-09-2013
Ran by Sascha at 2013-09-06 13:48:36
Running from C:\Users\Sascha\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MAYLLWH6
Boot Mode: Normal
==========================================================


==================== Installed Programs =======================

7-Zip 9.20
Adobe Flash Player 11 ActiveX (Version: 11.8.800.94)
Adobe Reader 7.1.0 - Deutsch (Version: 7.1.0)
Adobe Shockwave Player (Version: 11)
Advertising Center (Version: 0.0.0.2)
Amazon MP3-Downloader 1.0.18 (HKCU Version: 1.0.18)
Ashampoo Burning Studio 6 FREE v.6.83 (Version: 6.8.3)
ATI Catalyst Install Manager (Version: 3.0.648.0)
AudibleManager (Version: 4702824.-2.2000580726.2000579740)
AudioCon (Version: 1.0)
AVS DVD Player version 2.4
AVS Update Manager 1.0
AVS Video Converter 8
AVS4YOU Software Navigator 1.4
Bing Rewards Client Installer (Version: 16.0.345.0)
BlueStacks App Player (Version: 0.7.13.899)
Bluetooth Stack for Windows by Toshiba (Version: v5.10.06(T))
Broadcom High Definition Video Decoder 2.6.40.1 (Version: 2.6.40.1)
Catalyst Control Center - Branding (Version: 1.00.0000)
Catalyst Control Center Core Implementation (Version: 2007.1101.2317.39832)
Catalyst Control Center Graphics Full Existing (Version: 2007.1101.2317.39832)
Catalyst Control Center Graphics Full New (Version: 2007.1101.2317.39832)
Catalyst Control Center Graphics Light (Version: 2007.1101.2317.39832)
Catalyst Control Center Graphics Previews Common (Version: 2007.1101.2317.39832)
Catalyst Control Center Graphics Previews Vista (Version: 2007.1101.2317.39832)
Catalyst Control Center Localization Chinese Standard (Version: 2007.1101.2317.39832)
Catalyst Control Center Localization Chinese Traditional (Version: 2007.1101.2317.39832)
Catalyst Control Center Localization Czech (Version: 2007.1101.2317.39832)
Catalyst Control Center Localization Danish (Version: 2007.1101.2317.39832)
Catalyst Control Center Localization Dutch (Version: 2007.1101.2317.39832)
Catalyst Control Center Localization Finnish (Version: 2007.1101.2317.39832)
Catalyst Control Center Localization French (Version: 2007.1101.2317.39832)
Catalyst Control Center Localization German (Version: 2007.1101.2317.39832)
Catalyst Control Center Localization Greek (Version: 2007.1101.2317.39832)
Catalyst Control Center Localization Hungarian (Version: 2007.1101.2317.39832)
Catalyst Control Center Localization Italian (Version: 2007.1101.2317.39832)
Catalyst Control Center Localization Japanese (Version: 2007.1101.2317.39832)
Catalyst Control Center Localization Korean (Version: 2007.1101.2317.39832)
Catalyst Control Center Localization Norwegian (Version: 2007.1101.2317.39832)
Catalyst Control Center Localization Polish (Version: 2007.1101.2317.39832)
Catalyst Control Center Localization Portuguese (Version: 2007.1101.2317.39832)
Catalyst Control Center Localization Russian (Version: 2007.1101.2317.39832)
Catalyst Control Center Localization Spanish (Version: 2007.1101.2317.39832)
Catalyst Control Center Localization Swedish (Version: 2007.1101.2317.39832)
Catalyst Control Center Localization Thai (Version: 2007.1101.2317.39832)
Catalyst Control Center Localization Turkish (Version: 2007.1101.2317.39832)
CCC Help Chinese Standard (Version: 2007.1101.2316.39832)
CCC Help Chinese Traditional (Version: 2007.1101.2316.39832)
CCC Help Czech (Version: 2007.1101.2316.39832)
CCC Help Danish (Version: 2007.1101.2316.39832)
CCC Help Dutch (Version: 2007.1101.2316.39832)
CCC Help English (Version: 2007.1101.2316.39832)
CCC Help Finnish (Version: 2007.1101.2316.39832)
CCC Help French (Version: 2007.1101.2316.39832)
CCC Help German (Version: 2007.1101.2316.39832)
CCC Help Greek (Version: 2007.1101.2316.39832)
CCC Help Hungarian (Version: 2007.1101.2316.39832)
CCC Help Italian (Version: 2007.1101.2316.39832)
CCC Help Japanese (Version: 2007.1101.2316.39832)
CCC Help Korean (Version: 2007.1101.2316.39832)
CCC Help Norwegian (Version: 2007.1101.2316.39832)
CCC Help Polish (Version: 2007.1101.2316.39832)
CCC Help Portuguese (Version: 2007.1101.2316.39832)
CCC Help Russian (Version: 2007.1101.2316.39832)
CCC Help Spanish (Version: 2007.1101.2316.39832)
CCC Help Swedish (Version: 2007.1101.2316.39832)
CCC Help Thai (Version: 2007.1101.2316.39832)
CCC Help Turkish (Version: 2007.1101.2316.39832)
ccc-core-static (Version: 2007.1101.2317.39832)
ccc-utility (Version: 2007.1101.2317.39832)
CD/DVD Drive Acoustic Silencer (Version: 2.00.02)
CDBurnerXP (Version: 4.5.1.3868)
D3DX10 (Version: 15.4.2368.0902)
Desktop SMS (Version: 1.2.0)
DVB-T USB BDA Driver
DVD MovieFactory for TOSHIBA (Version: 5.3)
Emdedded IR Driver (Version: 0.0.0.6C)
Express Burn
Feiyr MusicUploader (Version: 1.0.0.1)
FileZilla Client 3.2.7.1 (Version: 3.2.7.1)
Firebird SQL Server - MAGIX Edition 2.0.0.1 (D) (Version: 2.0.0.1)
Freemake Video Converter Version 4.0.1 (Version: 4.0.1)
Google Earth (Version: 7.1.1.1888)
Google Toolbar for Internet Explorer (Version: 1.0.0)
Google Update Helper (Version: 1.3.21.153)
Google Updater (Version: 2.4.2432.1652)
HyperMediaCenter (Version: 3.0)
Intel Matrix Storage Manager
Java(TM) 6 Update 22 (Version: 6.0.220)
Java(TM) 6 Update 31 (Version: 6.0.310)
Java(TM) 6 Update 5 (Version: 1.6.0.50)
Java(TM) 6 Update 7 (Version: 1.6.0.70)
Java(TM) SE Runtime Environment 6 (Version: 1.6.0.0)
join.me (HKCU Version: 1.9.0.133)
Logitech Unifying-Software 2.00 (Version: 2.00.43)
Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
Microsoft .NET Framework 3.5 Language Pack SP1 - deu (Version: 3.5.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Default Manager (Version: 2.2.114.0)
Microsoft Office 2000 Premium (Version: 9.00.2816)
Microsoft Silverlight (Version: 5.1.20513.0)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft UI Engine (Version: 6.3.2380.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft XML Parser (Version: 8.0.7820.0)
Microsoft XML Parser (Version: 8.20.8730.4)
MSVCRT (Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB941833) (Version: 4.20.9849.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MyFreeCodec
myphotobook 3.1 (Version: 3.1)
NAVIGON Fresh 2.0.2 (Version: 2.0.2)
Nero ControlCenter (Version: 9.0.0.1)
Nero Installer (Version: 4.4.9.0)
Nero MediaHome 4 (Version: 4.5.20.45)
Nero MediaHome 4 Essentials
Nero MediaHome 4 Help (Version: 4.5.5.0)
Nero Online Upgrade (Version: 1.3.0.0)
Norton Internet Security (Version: 20.4.0.40)
Notification Center (Version: 0.7.7.813)
OpenOffice.org 3.3 (Version: 3.3.9567)
PhotoScape
PSD Viewer
Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista (Version: 1.00.0000)
Realtek High Definition Audio Driver (Version: 6.0.1.5477)
SAMSUNG Intelli-studio
Samsung Kies (Version: 2.0.2.11071_128)
SAMSUNG USB Driver for Mobile Phones (Version: 1.4.3.9001)
Segoe UI (Version: 15.4.2271.0615)
Skins (Version: 2007.1101.2317.39832)
Spybot - Search & Destroy (Version: 2.1.21)
Switch Audiodatei-Konverter
Synaptics Pointing Device Driver (Version: 10.0.9.0)
Texas Instruments PCIxx21/x515/xx12 drivers. (Version: 2.00.0001)
TIPCI (Version: 2.00.0001)
TOSHIBA Assist (Version: 2.01.02)
TOSHIBA ConfigFree (Version: 7.00.32)
TOSHIBA Disc Creator (Version: 2.0.0.8)
TOSHIBA DVD PLAYER (Version: 1.10.13)
TOSHIBA Extended Tiles for Windows Mobility Center (Version: 1.01.00)
TOSHIBA Flash Cards Support Utility (Version: 1.48.0.3C)
TOSHIBA Hardware Setup (Version: 1.48.0.11C)
Toshiba Online Product Information (Version: 1.00.0012)
TOSHIBA SD Memory Utilities (Version: 1.8.1.1)
TOSHIBA Software Modem (Version: 2.1.77 (SM2177ALD04))
TOSHIBA Supervisor Password (Version: 1.48.0.8C)
TOSHIBA Supervisorkennwort (Version: 1.48.0.8C)
Toshiba TEMPO (Version: 1.0)
TOSHIBA Value Added Package (Version: 1.0.28)
TuneUp Utilities 2013 (Version: 13.0.3020.2)
TuneUp Utilities Language Pack (de-DE) (Version: 13.0.3020.2)
Update for Microsoft .NET Framework 3.5 SP1 (KB2836940) (Version: 1)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (Version: 1)
Utility Common Driver (Version: 0.0.1.1C)
VLC media player 2.0.5 (Version: 2.0.5)
Windows Live Communications Platform (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3502.0922)
Windows Live Essentials (Version: 15.4.3555.0308)
Windows Live Fotogalerie (Version: 15.4.3502.0922)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (Version: 15.4.3502.0922)
Windows Live Movie Maker (Version: 15.4.3502.0922)
Windows Live Photo Common (Version: 15.4.3502.0922)
Windows Live Photo Gallery (Version: 15.4.3502.0922)
Windows Live PIMT Platform (Version: 15.4.3508.1109)
Windows Live SOXE (Version: 15.4.3502.0922)
Windows Live SOXE Definitions (Version: 15.4.3502.0922)
Windows Live UX Platform (Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109)
Windows Media Encoder 9-Reihe
Windows Media Encoder 9-Reihe (Version: 9.00.3374)
WinX Free MP4 to WMV Converter 4.1.3
Xfire (remove only)
Yahoo! Messenger
 

==================== Restore Points  =========================

30-08-2013 12:33:18 Geplanter Prüfpunkt
01-09-2013 11:35:38 Geplanter Prüfpunkt

==================== Hosts content: ==========================

2006-11-02 12:23 - 2006-09-18 23:41 - 00000761 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1             localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {037E50E6-9916-4CA5-84C9-CD664D58B92C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-07-11] (Adobe Systems Incorporated)
Task: {06DAC6E9-FFD2-4306-AE34-6B5921241AD5} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files\TuneUp Utilities 2013\OneClick.exe [2013-01-28] (TuneUp Software)
Task: {094DCC3C-E88B-4D85-9F90-74C755A8E40E} - System32\Tasks\Google Software Updater => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2011-09-10] (Google)
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {205B211B-A421-4709-AD9B-94BB4E4937C8} - System32\Tasks\Microsoft\Windows\WindowsCalendar\Reminders - Sascha => C:\Program Files\Windows Calendar\wincal.exe [2009-04-11] (Microsoft Corporation)
Task: {268031AE-738C-4C3C-9165-DFE74F3C44F7} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {3382D074-7228-40AD-8C25-C16C6A571AC3} - System32\Tasks\Check for updates (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {38CFA131-9F24-42F0-BE01-256977D89936} - System32\Tasks\Microsoft\Windows\Defrag\ManualDefrag => C:\Windows\system32\defrag.exe [2008-01-19] (Microsoft Corp.)
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-19] (Microsoft Corporation)
Task: {667DF03A-B612-4C5B-86AA-EDB922418E22} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2009-07-14] (Google Inc.)
Task: {6859F8C9-1B16-4191-8D39-A18994BA20A9} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-12] (Microsoft Corporation)
Task: {690A59F1-1B05-41A4-A77D-14E4FA5FC7A9} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\20.4.0.40\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {6EC0D1EE-BBEA-4799-9E4A-CD6AF0258D98} - System32\Tasks\Refresh immunization (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: {6F5E934C-A446-4F84-9D15-C6DB2174633D} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\20.4.0.40\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {7B2E2D6C-A4EA-4511-8667-AC90690699FF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2009-07-14] (Google Inc.)
Task: {7DE74849-0757-4569-8CA3-425B500B72FD} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\20.4.0.40\WSCStub.exe [2013-06-04] (Symantec Corporation)
Task: {9F2323D5-1681-4CDA-94DC-4ADE83670B6A} - System32\Tasks\Microsoft\Windows\Tcpip\WSHReset => C:\Windows\system32\schtasks.exe [2008-01-19] (Microsoft Corporation)
Task: {A61555D3-7840-45C1-A5A9-0D49851DE37A} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\OptinNotification => C:\Windows\System32\wsqmcons.exe [2008-01-19] (Microsoft Corporation)
Task: {A69CEB5F-D7A5-40EF-BD14-0F0584F58B20} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task
Task: {E0930830-22DB-4C35-873D-F8C5285220A2} - System32\Tasks\NCH Software\SwitchReminder => C:\Program Files\NCH Software\Switch\Switch.exe [2012-06-07] (NCH Software)
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-05] ()
Task: {FF3B2C92-25B9-4F14-88A8-565FED60B707} - System32\Tasks\Scan the system (Spybot - Search & Destroy) => C:\Program Files\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Check for updates (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe
Task: C:\Windows\Tasks\Google Software Updater.job => C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Refresh immunization (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDImmunize.exe
Task: C:\Windows\Tasks\Scan the system (Spybot - Search & Destroy).job => C:\Program Files\Spybot - Search & Destroy 2\SDScan.exe

==================== Loaded Modules (whitelisted) =============

2013-06-08 15:51 - 2013-06-04 06:42 - 00579408 ____R (Symantec Corporation) C:\PROGRAM FILES\NORTON INTERNET SECURITY\NORTON INTERNET SECURITY\ENGINE\20.4.0.40\ASOEHOOK.DLL
2009-08-23 19:58 - 2009-08-23 19:58 - 00094208 _____ () D:\FileZilla FTP Client\fzshellext.dll
2013-01-28 15:19 - 2013-01-28 15:19 - 00030496 _____ (TuneUp Software) C:\Program Files\TuneUp Utilities 2013\SDShelEx-win32.dll
2013-06-08 15:51 - 2013-06-04 06:42 - 00176976 ____R (Symantec Corporation) C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\20.4.0.40\NavShExt.dll
2013-06-08 15:51 - 2013-05-21 06:44 - 00705928 ____R (Symantec Corporation) C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\20.4.0.40\ccL120U.dll
2013-06-08 15:51 - 2013-05-21 06:44 - 00089480 ____R (Symantec Corporation) C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\20.4.0.40\ccVrTrst.dll
2013-06-08 15:50 - 2013-05-23 07:25 - 00086408 ____R (Symantec Corporation) C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\20.4.0.40\EFACli.dll
2013-06-08 15:51 - 2013-05-21 06:44 - 00345480 ____R (Symantec Corporation) C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\20.4.0.40\ccSet.dll
2013-06-08 15:51 - 2013-05-30 03:22 - 00320816 ____R (Symantec Corporation) C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\20.4.0.40\diStRptr.dll
2008-01-08 10:35 - 2007-11-02 00:09 - 00159744 _____ () C:\Windows\system32\atitmmxx.dll
2013-06-08 15:51 - 2013-05-21 06:44 - 00157576 ____R (Symantec Corporation) C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\20.4.0.40\ccSvc.dll
2013-06-08 15:51 - 2013-05-21 06:40 - 00410576 ____R (Symantec Corporation) C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\20.4.0.40\srtsp32.dll
2013-06-08 15:51 - 2013-05-21 06:44 - 00159624 ____R (Symantec Corporation) C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\20.4.0.40\ccIPC.dll
2013-06-08 15:51 - 2013-06-04 06:42 - 00548688 ____R (Symantec Corporation) C:\PROGRAM FILES\NORTON INTERNET SECURITY\NORTON INTERNET SECURITY\ENGINE\20.4.0.40\NPCTRAY.DLL
2013-06-08 15:50 - 2013-06-04 06:43 - 00962384 ____R (Symantec Corporation) C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\20.4.0.40\uiMain.dll
2013-06-08 15:50 - 2013-05-28 09:42 - 02430800 ____R (Symantec Corporation) C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\20.4.0.40\SYMHTMDX.DLL
2013-06-08 15:50 - 2013-05-30 04:13 - 01337136 ____R (Symantec Corporation) C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\20.4.0.40\MClnTask.dll
2013-06-08 15:50 - 2013-06-28 07:17 - 01849168 _____ (Symantec Corporation) C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\20.4.0.40\isDataPr.dll
2013-06-08 15:50 - 2013-06-04 06:42 - 00548176 ____R (Symantec Corporation) C:\PROGRAM FILES\NORTON INTERNET SECURITY\NORTON INTERNET SECURITY\ENGINE\20.4.0.40\ASHELPER.DLL
2013-06-08 15:50 - 2013-06-04 06:42 - 00537424 ____R (Symantec Corporation) C:\PROGRAM FILES\NORTON INTERNET SECURITY\NORTON INTERNET SECURITY\ENGINE\20.4.0.40\AVPAPP32.DLL
2013-06-08 15:51 - 2013-05-21 06:44 - 00401288 ____R (Symantec Corporation) C:\PROGRAM FILES\NORTON INTERNET SECURITY\NORTON INTERNET SECURITY\ENGINE\20.4.0.40\CCJOBMGR.DLL
2013-06-08 15:50 - 2013-05-21 00:50 - 00932176 ____R (Symantec Corporation) C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\20.4.0.40\cltPE.dll
2013-06-08 15:51 - 2013-05-21 00:50 - 02651472 ____R (Symantec Corporation) C:\PROGRAM FILES\NORTON INTERNET SECURITY\NORTON INTERNET SECURITY\ENGINE\20.4.0.40\CLTALDIS.DLL
2013-06-08 15:50 - 2013-07-03 23:42 - 00821552 _____ (Symantec Corporation) C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\20.4.0.40\naHelper.dll
2013-06-08 15:51 - 2013-05-24 04:09 - 00502664 ____R (Symantec Corporation) C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\20.4.0.40\AVIfc.dll
2013-06-08 15:51 - 2013-06-04 06:42 - 00528208 ____R (Symantec Corporation) C:\PROGRAM FILES\NORTON INTERNET SECURITY\NORTON INTERNET SECURITY\ENGINE\20.4.0.40\FWSESAL.DLL
2013-06-08 15:50 - 2013-05-21 00:50 - 01035088 ____R (Symantec Corporation) C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\20.4.0.40\cltLMS.dll
2013-06-08 15:50 - 2013-05-31 03:46 - 00999760 ____R (Symantec Corporation) C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\20.4.0.40\coDataPr.dll
2013-06-08 15:51 - 2013-05-31 03:48 - 00551760 ____R (Symantec Corporation) C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\20.4.0.40\coShdObj.dll
2013-06-19 08:03 - 2013-06-10 19:10 - 00629072 ____R (Symantec Corporation) C:\Program Files\Norton Internet Security\Norton Internet Security\MUI\20.4.0.40\07\01\cltRes.loc
2013-06-08 15:50 - 2013-05-31 03:48 - 01397584 ____R (Symantec Corporation) C:\PROGRAM FILES\NORTON INTERNET SECURITY\NORTON INTERNET SECURITY\ENGINE\20.4.0.40\COACTMGR.DLL
2013-06-08 15:51 - 2012-05-30 08:51 - 00699280 ____R () C:\PROGRAM FILES\NORTON INTERNET SECURITY\NORTON INTERNET SECURITY\ENGINE\20.4.0.40\wincfi39.dll
2013-06-08 15:51 - 2013-05-21 06:44 - 00289160 ____R (Symantec Corporation) C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\20.4.0.40\ccGEvt.dll
2013-06-08 15:50 - 2013-06-04 06:42 - 00502608 ____R (Symantec Corporation) C:\PROGRAM FILES\NORTON INTERNET SECURITY\NORTON INTERNET SECURITY\ENGINE\20.4.0.40\NUEX.DLL
2013-06-08 15:51 - 2013-06-04 06:43 - 00243024 ____R (Symantec Corporation) C:\PROGRAM FILES\NORTON INTERNET SECURITY\NORTON INTERNET SECURITY\ENGINE\20.4.0.40\QSPLUGIN.DLL
2013-06-08 15:50 - 2013-05-30 04:13 - 01078576 ____R (Symantec Corporation) C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\20.4.0.40\DataStor.dll
2013-06-08 15:50 - 2013-05-30 04:13 - 00965936 ____R (Symantec Corporation) C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\20.4.0.40\Comm.dll
2013-06-08 15:51 - 2012-05-15 03:27 - 00588216 ____R (Symantec Corporation) C:\PROGRAM FILES\NORTON INTERNET SECURITY\NORTON INTERNET SECURITY\ENGINE\20.4.0.40\SDKCMN.DLL
2013-06-08 15:51 - 2013-06-04 06:43 - 00916304 ____R (Symantec Corporation) C:\PROGRAM FILES\NORTON INTERNET SECURITY\NORTON INTERNET SECURITY\ENGINE\20.4.0.40\UIALERT.DLL
2013-06-08 15:51 - 2013-05-30 04:13 - 00028464 ____R (Symantec Corporation) C:\PROGRAM FILES\NORTON INTERNET SECURITY\NORTON INTERNET SECURITY\ENGINE\20.4.0.40\USERCTXT.DLL
2013-06-08 15:51 - 2013-05-24 04:09 - 00284552 ____R (Symantec Corporation) C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\20.4.0.40\AppMgr32.dll
2013-06-08 15:50 - 2013-06-04 06:42 - 03857232 ____R (Symantec Corporation) C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\20.4.0.40\ncw.dll
2013-07-17 08:09 - 2013-05-31 18:58 - 00290232 _____ (Symantec Corporation) C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.1.22\Definitions\BASHDefs\20130715.001\UMEngx86.dll
2007-03-13 15:32 - 2007-03-13 15:32 - 00024064 _____ (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrReg.dll
2007-03-13 15:32 - 2007-03-13 15:32 - 00028160 _____ (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrFunc.dll
2007-03-13 15:33 - 2007-03-13 15:33 - 00196608 _____ (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TCooling.dll
2007-03-29 11:01 - 2007-03-29 11:01 - 00204800 _____ (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TtosFunc.dll
2007-04-20 17:10 - 2007-04-20 17:10 - 00217088 _____ (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TOddPwr.dll
2007-03-13 15:32 - 2007-03-13 15:32 - 00009216 _____ (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrSrv.dll
2007-03-13 15:33 - 2007-03-13 15:33 - 00196608 _____ (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\T1394Pwr.dll
2007-03-13 16:54 - 2007-03-13 16:54 - 00196608 _____ (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TSDPwr.dll
2013-08-15 17:52 - 2013-08-15 17:52 - 00519168 _____ (TOSHIBA Corporation) C:\Windows\assembly\NativeImages_v2.0.50727_32\TCrdMain\8b2d18070631509015ddc2d2874c7930\TCrdMain.ni.exe
2007-05-31 16:38 - 2007-05-31 16:38 - 00958464 _____ () C:\Program Files\TOSHIBA\FlashCards\de\TCrdMain.resources.dll
2007-01-11 20:24 - 2007-01-11 20:24 - 00118784 _____ (TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.dll
2007-01-11 20:24 - 2007-01-11 20:24 - 00061440 _____ (TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdEvnt.dll
2006-12-13 15:53 - 2006-12-13 15:53 - 00102400 _____ (TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\FnSticky.dll
2006-11-09 18:27 - 2006-11-09 18:27 - 00090112 _____ () C:\Program Files\TOSHIBA\FlashCards\TWarnMsg\TWarnMsg.dll
2006-11-09 17:10 - 2006-11-09 17:10 - 00053248 _____ (TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnEsc.dll
2006-12-14 18:44 - 2006-12-14 18:44 - 00053248 _____ (TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF1.dll
2007-03-13 15:33 - 2007-03-13 15:33 - 00196608 _____ (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TFunc2.DLL
2007-01-05 14:16 - 2007-01-05 14:16 - 00053248 _____ (TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF3.dll
2007-01-05 14:16 - 2007-01-05 14:16 - 00053248 _____ (TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF4.dll
2007-06-26 10:04 - 2007-06-26 10:04 - 00038912 _____ (TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF5.dll
2007-06-26 15:59 - 2007-06-26 15:59 - 00069632 _____ (TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF67.dll
2007-04-26 15:33 - 2007-04-26 15:33 - 00106496 _____ (TOSHIBA Corporation.) C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF8Dll.dll
2006-11-09 17:13 - 2006-11-09 17:13 - 00061440 _____ (TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF9.dll
2006-12-19 14:58 - 2006-12-19 14:58 - 00090112 _____ (TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnSpace.dll
2007-07-12 10:40 - 2006-10-10 11:44 - 00009728 _____ () C:\Program Files\TOSHIBA\TOSHIBA Assist\NotifyX.dll
2006-11-08 19:08 - 2006-11-08 19:08 - 00009216 _____ () C:\Program Files\Toshiba\PCDiag\NotifyPCD.dll
2007-10-15 21:03 - 2007-06-22 14:51 - 00010240 _____ (TOSHIBA) C:\Program Files\Toshiba\ConfigFree\NotifyCFF.dll
2007-03-01 12:28 - 2007-03-01 12:28 - 00010240 _____ (TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\NotifyTZU.dll
2006-10-07 12:57 - 2006-10-07 12:57 - 00053248 _____ () C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll
2007-05-11 12:00 - 2007-05-11 12:00 - 00194680 _____ (TOSHIBA Corp.) C:\Program Files\TOSHIBA\Utilities\NotifyX.dll
2006-12-01 18:55 - 2006-12-01 18:55 - 00009216 _____ () C:\Program Files\Toshiba\TBS\NotifyTBS.dll
2007-10-15 21:03 - 2006-11-14 21:25 - 00040960 _____ (TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFUPNP.dll
2007-10-15 21:03 - 2006-11-14 20:13 - 00061440 _____ (TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFP2API.dll
2007-10-15 21:03 - 2006-11-14 20:41 - 00069632 _____ (TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\OpenProp.dll
2007-10-15 21:03 - 2007-06-19 14:33 - 00086016 _____ (TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\IpAdrSet.dll
2007-10-15 21:03 - 2007-06-19 15:08 - 00266240 _____ (TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\NDSAPI.dll
2007-10-15 21:03 - 2007-03-01 18:29 - 00053248 _____ (TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFWLAPI.dll
2007-10-15 21:03 - 2007-07-17 14:20 - 01884160 _____ (TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\NDSParts.dll
2007-10-15 21:03 - 2007-07-03 18:50 - 00022016 _____ (TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\NDSNLS.dll
2006-11-25 08:33 - 2006-11-25 08:33 - 00167936 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\TosBtAPI.dll
2006-04-19 13:49 - 2006-04-19 13:49 - 00102400 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\TosBdAPI.dll
2007-10-29 16:22 - 2007-10-29 16:22 - 00042368 _____ (Toshiba Europe GmbH) C:\Program Files\Toshiba TEMPO\Toshiba.Tempo.Common.dll
2007-10-29 16:22 - 2007-10-29 16:22 - 05064064 _____ (Toshiba Europe GmbH) C:\Program Files\Toshiba TEMPO\Toshiba.Tempo.UI.Common.dll
2007-10-29 16:23 - 2007-10-29 16:23 - 00046464 _____ (Toshiba Europe GmbH) C:\Program Files\Toshiba TEMPO\de\Toshiba.Tempo.UI.Common.resources.dll
2011-08-22 16:11 - 2011-08-22 16:11 - 00152576 _____ (Windows (R) Codename Longhorn DDK provider) C:\Program Files\Samsung\Kies\External\DeviceModules\UPNPDevice_Kies.dll
2013-08-15 17:51 - 2013-08-15 17:51 - 00621056 _____ (BlueStack Systems, Inc.) C:\Windows\assembly\NativeImages_v2.0.50727_32\HD-Agent\5ffe1b9dfeafa082eb5db8344719c45e\HD-Agent.ni.exe
2013-08-15 17:51 - 2013-08-15 17:51 - 00155136 _____ (CodeTitans) C:\Windows\assembly\NativeImages_v2.0.50727_32\JSON\f3f5f4646f6bf2df15d1acef45985acc\JSON.ni.dll
2012-02-28 17:12 - 2012-02-28 17:12 - 02061608 _____ (Nero AG) C:\Program Files\Nero\Nero MediaHome 4\SMC\NeMetaData.dll
2009-09-21 13:39 - 2009-09-21 13:39 - 05117224 _____ (Nero AG) C:\Program Files\Common Files\Nero\AdvrCntr4\AdvrCntr4.dll
2012-02-28 17:12 - 2012-02-28 17:12 - 00763176 _____ (Nero AG) C:\Program Files\Nero\Nero MediaHome 4\NScCoreComponents\NMCoFoundation.dll
2012-02-28 17:12 - 2012-02-28 17:12 - 04801832 _____ (Nero AG) C:\Program Files\Nero\Nero MediaHome 4\NMMediaServer.dll
2009-09-21 13:40 - 2009-09-21 13:40 - 03061032 _____ (Nero AG) C:\Program Files\Common Files\Nero\AdvrCntr4\NOSProductRegistration.dll
2009-09-21 13:39 - 2009-09-21 13:39 - 01549608 _____ (Nero AG) C:\Program Files\Common Files\Nero\AdvrCntr4\NOSUsageStatistics.dll
2012-02-28 17:12 - 2012-02-28 17:12 - 03241256 _____ (Nero AG) C:\Program Files\Nero\Nero MediaHome 4\NScCoreComponents\NMDataServices.dll
2012-02-28 17:12 - 2012-02-28 17:12 - 00128296 _____ (Nero AG) C:\Program Files\Nero\Nero MediaHome 4\NScDataServicesAddOns\NMiTunesIntegration.dll
2006-11-02 14:35 - 2006-11-02 14:35 - 00116736 _____ (Microsoft Corporation) C:\Windows\eHome\ehProxy.dll
2008-09-20 21:40 - 2003-09-10 04:42 - 00045056 _____ () C:\Program Files\X-TENSIONS Multimedia\HyperMediaCenter\DTVR\kwspnd.dll
2013-06-21 08:41 - 2013-06-21 08:41 - 00115137 _____ () C:\Users\Sascha\AppData\Local\Temp\3dcf2df1-2a83-477c-a7dd-858967792357\CliSecureRT.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00102400 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.2861.40061__90ba9c70f846762e\MOM.Implementation.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00032768 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.2820.26369__90ba9c70f846762e\LOG.Foundation.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00032768 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.2820.26371__90ba9c70f846762e\LOG.Foundation.Private.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00061440 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.2861.40060__90ba9c70f846762e\LOG.Foundation.Implementation.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00016384 _____ (Advanced Micro Devices Inc.) C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.2820.26375__90ba9c70f846762e\MOM.Foundation.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00020480 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.2820.26376__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00045056 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.2861.39794__90ba9c70f846762e\AEM.Server.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00024576 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.2820.26370__90ba9c70f846762e\NEWAEM.Foundation.dll
2007-10-15 20:52 - 2007-07-27 08:38 - 00163840 _____ (Synaptics, Inc.) C:\Windows\system32\SynCOM.dll
2007-10-15 20:52 - 2007-07-27 08:46 - 00147456 _____ (Synaptics, Inc.) C:\Windows\system32\SynTPAPI.dll
2011-01-17 17:19 - 2012-03-05 15:05 - 01740800 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\URE\bin\sal3.dll
2010-11-19 19:46 - 2012-03-05 15:05 - 00086016 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\URE\bin\uwinapi.dll
2010-12-13 17:23 - 2012-03-05 15:05 - 00379904 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\sofficeapp.dll
2011-01-17 17:19 - 2012-03-05 15:04 - 01033728 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\comphelp4MSC.dll
2010-11-19 19:45 - 2012-03-05 15:05 - 00432128 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\URE\bin\cppuhelper3MSC.dll
2010-11-19 19:45 - 2012-03-05 15:05 - 00013312 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\URE\bin\salhelper3MSC.dll
2010-11-19 19:45 - 2012-03-05 15:05 - 00142848 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\URE\bin\cppu3.dll
2010-11-19 19:46 - 2012-03-05 15:05 - 00597504 _____ (STLport Consulting, Inc.) C:\Program Files\OpenOffice.org 3\URE\bin\stlport_vc7145.dll
2010-11-19 19:46 - 2012-03-05 15:05 - 00358912 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\ucbhelper4MSC.dll
2010-11-19 19:46 - 2012-03-05 15:05 - 00094208 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\vos3MSC.dll
2011-01-17 17:19 - 2012-03-05 15:05 - 00135680 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\deploymentmiscmi.dll
2011-01-17 17:19 - 2012-03-05 15:05 - 00832000 _____ (Oracle) C:\Program Files\OpenOffice.org 3\program\libdb47.dll
2011-01-17 17:19 - 2012-03-05 15:05 - 00529408 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\tlmi.dll
2011-01-17 17:19 - 2012-03-05 15:04 - 00700928 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\basegfxmi.dll
2010-11-19 19:45 - 2012-03-05 15:05 - 00026112 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\i18nisolang1MSC.dll
2011-01-17 17:19 - 2012-03-05 15:05 - 00958464 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\utlmi.dll
2010-11-19 19:46 - 2012-03-05 15:05 - 00531456 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\xcrmi.dll
2011-01-17 17:19 - 2012-03-05 15:05 - 03234816 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\sfxmi.dll
2010-12-13 17:22 - 2012-03-05 15:05 - 00869888 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\fwemi.dll
2010-12-13 17:22 - 2012-03-05 15:05 - 00311296 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\fwimi.dll
2010-12-13 17:23 - 2012-03-05 15:05 - 02863616 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\svtmi.dll
2011-01-17 17:19 - 2012-03-05 15:05 - 02186752 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\tkmi.dll
2011-01-17 17:19 - 2012-03-05 15:05 - 03266560 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\vclmi.dll
2010-11-19 19:46 - 2012-03-05 15:05 - 00256000 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\sotmi.dll
2010-11-19 19:45 - 2012-03-05 15:05 - 00029184 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\i18npapermi.dll
2010-11-19 19:45 - 2012-03-05 15:05 - 00066560 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\i18nutilMSC.dll
2010-11-19 19:45 - 2012-03-05 15:05 - 00951296 _____ (IBM Corporation and others) C:\Program Files\OpenOffice.org 3\program\icuuc40.dll
2010-11-19 19:45 - 2012-03-05 15:05 - 13914112 _____ (IBM Corporation and others) C:\Program Files\OpenOffice.org 3\program\icudt40.dll
2011-01-17 17:19 - 2012-03-05 15:05 - 00777216 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\svlmi.dll
2010-11-19 19:45 - 2012-03-05 15:05 - 00092160 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\URE\bin\jvmfwk3.dll
2011-01-17 17:19 - 2012-03-05 15:05 - 00985088 _____ () C:\Program Files\OpenOffice.org 3\program\libxml2.dll
2011-01-17 17:19 - 2012-03-05 15:05 - 01577984 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\sbmi.dll
2010-11-19 13:42 - 2010-11-19 13:42 - 00083456 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\saxmi.dll
2010-11-19 19:45 - 2012-03-05 15:05 - 00051712 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\URE\bin\msci_uno.dll
2010-11-19 19:45 - 2012-03-05 15:05 - 00452608 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\URE\bin\bootstrap.uno.dll
2010-11-19 19:45 - 2012-03-05 15:05 - 00092672 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\URE\bin\reg3.dll
2010-11-19 19:46 - 2012-03-05 15:05 - 00053248 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\URE\bin\store3.dll
2010-11-19 19:45 - 2012-03-05 15:04 - 00396800 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\configmgr.uno.dll
2010-12-13 17:22 - 2012-03-05 15:05 - 00024064 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\localebe1.uno.dll
2010-11-19 19:46 - 2012-03-05 15:05 - 00092672 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\URE\bin\stocservices.uno.dll
2010-11-19 19:46 - 2012-03-05 15:05 - 00212992 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\ucb1.dll
2010-12-13 17:22 - 2012-03-05 15:05 - 01649152 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\fwkmi.dll
2011-01-17 17:19 - 2012-03-05 15:05 - 00257024 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\ucpfile1.dll
2011-01-17 17:19 - 2012-03-05 15:05 - 01317376 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\i18npool.uno.dll
2010-11-19 19:45 - 2012-03-05 15:05 - 01071616 _____ (IBM Corporation and others) C:\Program Files\OpenOffice.org 3\program\icuin40.dll
2010-12-13 17:22 - 2012-03-05 15:05 - 00083968 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\oooimprovementmi.dll
2010-12-13 17:22 - 2012-03-05 15:05 - 00287232 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\oleautobridge.uno.dll
2010-11-19 19:45 - 2012-03-05 15:05 - 00148480 _____ (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\emsermi.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00032768 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.2861.40061__90ba9c70f846762e\CCC.Implementation.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00053248 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.2820.26370__90ba9c70f846762e\CLI.Foundation.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00028672 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.2820.26409__90ba9c70f846762e\CLI.Foundation.XManifest.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00073728 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.2861.39795__90ba9c70f846762e\CLI.Component.Runtime.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00040960 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.2820.26374__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00040960 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.2820.26371__90ba9c70f846762e\CLI.Foundation.Private.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00016384 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.2820.26374__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00032768 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00006656 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.2861.39795__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00024576 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\AEM.Foundation\2.0.2820.26370__90ba9c70f846762e\AEM.Foundation.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00016384 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.2820.26376__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00016384 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.2820.26372__90ba9c70f846762e\AEM.Server.Shared.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00040960 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.2861.40086__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00016384 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.2820.26386__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00020480 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.2820.26371__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00045056 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00016384 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00016384 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.2820.26382__90ba9c70f846762e\DEM.Graphics.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00011776 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Runtime\2.0.2861.40095__90ba9c70f846762e\CLI.Caste.HydraVision.Runtime.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00008704 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Shared\2.0.2861.40094__90ba9c70f846762e\CLI.Caste.HydraVision.Shared.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00020480 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.2820.26371__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00057344 _____ (Advanced Mirco Devices, Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.2820.26372__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00245760 _____ (Advanced Mirco Devices, Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.2861.39803__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00024576 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00020480 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.2820.26382__90ba9c70f846762e\DEM.OS.I0602.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00016384 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.2820.26381__90ba9c70f846762e\DEM.OS.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00016384 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.2820.26385__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00065536 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.2861.39795__90ba9c70f846762e\ATIDEMOS.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00020480 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.2861.39824__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00020480 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.2820.26383__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00065536 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.2861.40004__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00020480 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.2820.26388__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00040960 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.2820.26387__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00024576 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.2820.26377__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00036864 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.2861.39955__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00016384 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00032768 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.2820.26375__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00077824 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.2861.40038__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00065536 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.2820.26388__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00040960 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.2861.39878__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00028672 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.2820.26383__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00036864 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.2861.39977__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00024576 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.2820.26386__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00040960 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.2861.39962__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00053248 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.2820.26385__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00032768 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.2861.39996__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00028672 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.2820.26382__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00057344 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.2861.39955__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00040960 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.2820.26385__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00061440 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.2861.40011__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00053248 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.2820.26387__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00065536 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.2861.39963__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00045056 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.2820.26385__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00040960 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.2861.40069__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00024576 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.2820.26395__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00053248 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.2861.39793__90ba9c70f846762e\APM.Server.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00020480 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.2820.26375__90ba9c70f846762e\APM.Foundation.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00458752 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.2861.40053__90ba9c70f846762e\CLI.Component.Systemtray.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00040960 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.2820.26374__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00016384 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Private\2.0.2820.26371__90ba9c70f846762e\LOCALIZATION.Foundation.Private.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00011264 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\GAC_MSIL\LOCALIZATION.Foundation.Implementation\2.0.2861.40096__90ba9c70f846762e\LOCALIZATION.Foundation.Implementation.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00471040 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.2861.39832__90ba9c70f846762e\CLI.Component.Wizard.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00020480 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.2820.26371__90ba9c70f846762e\CLI.Component.Client.Shared.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00020480 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.2820.26375__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00024576 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.2820.26394__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll
2007-11-05 16:23 - 2007-11-05 16:23 - 00016384 ____R () C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00040960 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.2861.39837__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00016384 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.2820.26383__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00005120 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray.resources\2.0.2861.40053_de_90ba9c70f846762e\CLI.Component.Systemtray.resources.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00483328 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.2861.40070__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00090112 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.2861.40018__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 01675264 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.2861.39845__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00196608 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.2861.39858__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00040960 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.2820.26396__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00006656 _____ ( ) C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00401408 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.2861.40030__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00307200 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.2861.39878__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00364544 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Wizard\2.0.2861.40046__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Wizard.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 01507328 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.2861.39811__90ba9c70f846762e\CLI.Component.Dashboard.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00020480 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.2820.26374__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00020480 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.2820.26376__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00007680 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Caste.HydraVision.Dashboard\2.0.2861.40094__90ba9c70f846762e\CLI.Caste.HydraVision.Dashboard.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00106496 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Grid.HydraVision.Dashboard\2.0.2861.40095__90ba9c70f846762e\CLI.Aspect.Grid.HydraVision.Dashboard.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00073728 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.2861.39817__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00016384 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.2820.26382__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00135168 _____ (Advanced Mirco Devices, Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.2861.40076__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00212992 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.2861.39865__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00434176 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.2861.39825__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00118784 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.2861.39977__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00479232 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.2861.39956__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00401408 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.2861.39997__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00901120 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Dashboard\2.0.2861.40040__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Dashboard.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00331776 _____ (Advanced Micro Devices, Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.2861.39949__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00352256 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.2861.40012__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00589824 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.2861.39872__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00794624 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.2861.39963__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
2008-04-16 11:07 - 2008-04-16 11:07 - 00139264 _____ (ATI Technologies Inc.) C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.2861.40069__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.dll
2013-06-08 15:50 - 2013-06-04 06:42 - 00548176 ____R (Symantec Corporation) C:\Program Files\Norton Internet Security\Norton Internet Security\Engine\20.4.0.40\asHelper.dll
2012-09-12 18:08 - 2012-05-25 04:25 - 00253952 _____ (Yahoo! Inc.) D:\Messenger\YImage.dll
2012-09-12 18:08 - 2012-05-25 04:25 - 00047616 _____ (Yahoo! Inc.) D:\Messenger\ylog.dll
2012-09-12 18:08 - 2012-05-25 04:25 - 01069056 _____ (Yahoo! Inc.) D:\Messenger\YCPFoundation.dll
2012-09-12 18:08 - 2012-05-25 04:25 - 00184320 _____ (Yahoo! Inc.) D:\Messenger\nspr4.dll
2012-09-12 18:08 - 2012-05-25 04:25 - 00921600 _____ () D:\Messenger\yui.dll
2012-09-12 18:08 - 2012-05-25 04:25 - 01515520 _____ (Yahoo! Inc.) D:\Messenger\YMSGLite.dll
2012-09-12 18:08 - 2012-05-25 04:25 - 00303104 _____ (Yahoo! Inc.) D:\Messenger\YHTTP.dll
2012-09-12 18:08 - 2012-05-25 04:25 - 00200704 _____ (Yahoo! Inc.) D:\Messenger\RGX.dll
2012-09-12 18:08 - 2012-05-25 04:25 - 00761856 _____ (Yahoo! Inc.) D:\Messenger\YCPSSL.dll
2012-09-12 18:08 - 2012-05-25 04:25 - 00200704 _____ (Yahoo! Inc.) D:\Messenger\YAlertCenterM.DLL
2012-09-12 18:08 - 2012-05-25 04:25 - 00184320 _____ (Yahoo! Inc.) D:\Messenger\ymdm_audio.dll
2012-09-12 18:08 - 2012-05-25 04:25 - 01994752 _____ (Yahoo! Inc.) D:\Messenger\rmc_audio.dll
2012-09-12 18:08 - 2012-05-25 04:25 - 00090112 _____ (Yahoo! Inc.) D:\Messenger\ymdm_video.dll
2012-09-12 18:08 - 2012-05-25 04:25 - 02248704 _____ (Yahoo! Inc.) D:\Messenger\core_video.dll
2012-09-12 18:08 - 2012-05-25 04:25 - 00078336 _____ () D:\Messenger\pcre.dll
2012-09-12 18:08 - 2012-05-25 04:25 - 00143360 _____ (Yahoo! Inc.) D:\Messenger\ConnectionWizard.dll
2012-09-12 18:08 - 2012-05-25 04:33 - 01458176 _____ (Yahoo! Inc.) D:\Messenger\resources\de-DE\res_msgr.dll
2013-07-11 14:09 - 2013-07-11 14:09 - 16230792 ____R (Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\Flash32_11_8_800_94.ocx
2012-09-12 18:08 - 2012-05-25 04:25 - 00196608 _____ (Yahoo! Inc.) D:\Messenger\ft60.dll
2012-09-12 18:08 - 2012-05-25 04:25 - 00475136 _____ (Yahoo! Inc.) D:\Messenger\YPluginRegistry.dll
2012-09-12 18:08 - 2012-05-25 04:25 - 00033280 _____ (Yahoo! Inc.) D:\Messenger\YML.dll
2012-09-12 18:08 - 2012-05-25 04:25 - 00019968 _____ (Yahoo! Inc.) D:\Messenger\YIniDom.dll
2012-09-12 18:08 - 2012-05-25 04:25 - 00069632 _____ (Yahoo! Inc.) D:\Messenger\ypagerps.dll
2012-09-12 18:08 - 2012-05-25 04:25 - 03903488 _____ (Yahoo! Inc.) D:\Messenger\ymsdk.dll
2013-09-06 10:21 - 2012-08-23 10:45 - 02169224 _____ (Embarcadero Technologies, Inc.) C:\Program Files\Spybot - Search & Destroy 2\rtl150.bpl
2013-09-06 10:21 - 2013-05-16 10:55 - 00113496 _____ () C:\Program Files\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2013-09-06 10:21 - 2012-08-23 10:45 - 02477736 _____ (Embarcadero Technologies, Inc.) C:\Program Files\Spybot - Search & Destroy 2\vcl150.bpl
2013-09-06 10:21 - 2013-05-16 10:55 - 03643800 _____ (Project JEDI) C:\Program Files\Spybot - Search & Destroy 2\Jcl150.bpl
2013-09-06 10:21 - 2013-05-16 10:55 - 00416600 _____ () C:\Program Files\Spybot - Search & Destroy 2\DEC150.bpl
2012-03-04 18:22 - 2012-03-04 18:22 - 00042272 _____ (Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jp2ssv.dll
2011-04-28 15:53 - 2011-03-03 17:40 - 00542720 _____ (Microsoft Corporation) C:\Windows\AppPatch\AcLayers.DLL
2004-12-14 04:44 - 2004-12-14 04:44 - 00019968 _____ () C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\Spelling.DEU
2005-09-23 23:09 - 2005-09-23 23:09 - 00544768 _____ () C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\PPKLite.DEU
2004-12-14 04:40 - 2004-12-14 04:40 - 00049152 _____ () C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\Accessibility.DEU
2005-09-23 23:06 - 2005-09-23 23:06 - 00438272 _____ () C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\AcroForm.DEU
2006-01-13 10:08 - 2006-01-13 10:08 - 00684032 _____ () C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\Annots.DEU
2005-09-23 23:08 - 2005-09-23 23:08 - 00126976 _____ () C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\Checkers.DEU
2005-09-23 23:07 - 2005-09-23 23:07 - 00135168 _____ () C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\DigSig.DEU
2004-12-14 04:42 - 2004-12-14 04:42 - 00299008 _____ () C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\eBook.DEU
2008-04-23 03:20 - 2008-04-23 03:20 - 00086016 _____ () C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\EScript.DEU
2005-09-23 23:08 - 2005-09-23 23:08 - 00005632 _____ () C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\EWH32.DEU
2004-12-14 03:28 - 2004-12-14 03:28 - 00010240 _____ () C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\HLS.DEU
2004-12-14 04:43 - 2004-12-14 04:43 - 00045056 _____ () C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\MakeAccessible.DEU
2004-12-14 04:43 - 2004-12-14 04:43 - 00122880 _____ () C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\Multimedia.DEU
2004-12-14 03:29 - 2004-12-14 03:29 - 00007680 _____ () C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\PDDom.DEU
2004-12-14 04:44 - 2004-12-14 04:44 - 00544768 _____ () C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\PictureTasks.DEU
2004-12-14 03:29 - 2004-12-14 03:29 - 00007168 _____ () C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\reflow.DEU
2004-12-14 04:44 - 2004-12-14 04:44 - 00017408 _____ () C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\SaveAsRTF.DEU
2004-12-14 04:44 - 2004-12-14 04:44 - 00024064 _____ () C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\Search.DEU
2004-12-14 03:29 - 2004-12-14 03:29 - 00008704 _____ () C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\Search5.DEU
2004-12-14 04:44 - 2004-12-14 04:44 - 00015360 _____ () C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\SendMail.DEU
2004-12-14 04:44 - 2004-12-14 04:44 - 00065536 _____ () C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\Soap.DEU
2004-12-14 04:45 - 2004-12-14 04:45 - 00026624 _____ () C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\Updater.DEU
2005-09-23 23:09 - 2005-09-23 23:09 - 00032768 _____ () C:\Program Files\Adobe\Acrobat 7.0\Reader\plug_ins\weblink.DEU
2013-07-11 14:09 - 2013-07-11 14:09 - 00479112 _____ (Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashUtil32_11_8_800_94_ActiveX.dll

==================== Alternate Data Streams (whitelisted) ==========


==================== Faulty Device Manager Devices =============

Name: Microsoft-ISATAP-Adapter #2
Description: Microsoft-ISATAP-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: =========================

Application errors:
==================
Error: (09/06/2013 08:37:38 AM) (Source: Windows Search Service) (User: )
Description: Eintrag <C:\USERS\SASCHA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\MACROMEDIA.COM\SUPPORT\FLASHPLAYER\SYS\#CASINO.SKILLONNET.COM\SETTINGS.SOL> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (09/06/2013 08:37:38 AM) (Source: Windows Search Service) (User: )
Description: Eintrag <C:\USERS\SASCHA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\MACROMEDIA.COM\SUPPORT\FLASHPLAYER\SYS\#CASINO.SKILLONNET.COM\SETTINGS.SOL> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (09/06/2013 07:32:39 AM) (Source: BstHdAndroidSvc) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (09/05/2013 02:22:00 PM) (Source: BstHdAndroidSvc) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (09/05/2013 07:51:13 AM) (Source: Windows Search Service) (User: )
Description: Eintrag <C:\USERS\SASCHA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\MACROMEDIA.COM\SUPPORT\FLASHPLAYER\SYS\#WWW.CAMSPION.COM\SETTINGS.SOL> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (09/05/2013 07:51:13 AM) (Source: Windows Search Service) (User: )
Description: Eintrag <C:\USERS\SASCHA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\MACROMEDIA.COM\SUPPORT\FLASHPLAYER\SYS\#WWW.CAMSPION.COM\SETTINGS.SOL> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (09/05/2013 07:30:51 AM) (Source: BstHdAndroidSvc) (User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (09/04/2013 05:31:58 PM) (Source: Application Hang) (User: )
Description: Programm iexplore.exe, Version 9.0.8112.16502 arbeitet nicht mehr mit Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem zu suchen.
Prozess-ID: 2054
Anfangszeit: 01cea983736a3981
Zeitpunkt der Beendigung: 39

Error: (09/04/2013 01:53:12 PM) (Source: Windows Search Service) (User: )
Description: Eintrag <C:\USERS\SASCHA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\MACROMEDIA.COM\SUPPORT\FLASHPLAYER\SYS\#WWW.DER-STUNDENPLAN.DE\SETTINGS.SOL> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)

Error: (09/04/2013 01:53:12 PM) (Source: Windows Search Service) (User: )
Description: Eintrag <C:\USERS\SASCHA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\MACROMEDIA.COM\SUPPORT\FLASHPLAYER\SYS\#WWW.DER-STUNDENPLAN.DE\SETTINGS.SOL> in der Hash-Zuordnung kann nicht aktualisiert werden.

Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)


System errors:
=============
Error: (09/06/2013 07:33:44 AM) (Source: Service Control Manager) (User: )
Description: BlueStacks Android Service%%1064

Error: (09/06/2013 07:33:44 AM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (09/05/2013 10:58:26 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (09/05/2013 02:23:04 PM) (Source: Service Control Manager) (User: )
Description: BlueStacks Android Service%%1064

Error: (09/05/2013 02:23:04 PM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (09/05/2013 02:21:39 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 05.09.2013 um 09:23:12 unerwartet heruntergefahren.

Error: (09/05/2013 07:31:54 AM) (Source: Service Control Manager) (User: )
Description: BlueStacks Android Service%%1064

Error: (09/05/2013 07:31:54 AM) (Source: Service Control Manager) (User: )
Description: Parallel port driver%%1058

Error: (09/04/2013 10:46:28 PM) (Source: DCOM) (User: )
Description: {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E}

Error: (09/04/2013 10:29:10 AM) (Source: Service Control Manager) (User: )
Description: BlueStacks Android Service%%1064


Microsoft Office Sessions:
=========================
Error: (09/06/2013 08:37:38 AM) (Source: Windows Search Service)(User: )
Description: Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)
C:\USERS\SASCHA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\MACROMEDIA.COM\SUPPORT\FLASHPLAYER\SYS\#CASINO.SKILLONNET.COM\SETTINGS.SOL

Error: (09/06/2013 08:37:38 AM) (Source: Windows Search Service)(User: )
Description: Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)
C:\USERS\SASCHA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\MACROMEDIA.COM\SUPPORT\FLASHPLAYER\SYS\#CASINO.SKILLONNET.COM\SETTINGS.SOL

Error: (09/06/2013 07:32:39 AM) (Source: BstHdAndroidSvc)(User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (09/05/2013 02:22:00 PM) (Source: BstHdAndroidSvc)(User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (09/05/2013 07:51:13 AM) (Source: Windows Search Service)(User: )
Description: Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)
C:\USERS\SASCHA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\MACROMEDIA.COM\SUPPORT\FLASHPLAYER\SYS\#WWW.CAMSPION.COM\SETTINGS.SOL

Error: (09/05/2013 07:51:13 AM) (Source: Windows Search Service)(User: )
Description: Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)
C:\USERS\SASCHA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\MACROMEDIA.COM\SUPPORT\FLASHPLAYER\SYS\#WWW.CAMSPION.COM\SETTINGS.SOL

Error: (09/05/2013 07:30:51 AM) (Source: BstHdAndroidSvc)(User: )
Description: Der Dienst kann nicht gestartet werden. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   bei BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (09/04/2013 05:31:58 PM) (Source: Application Hang)(User: )
Description: iexplore.exe9.0.8112.16502205401cea983736a398139

Error: (09/04/2013 01:53:12 PM) (Source: Windows Search Service)(User: )
Description: Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)
C:\USERS\SASCHA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\MACROMEDIA.COM\SUPPORT\FLASHPLAYER\SYS\#WWW.DER-STUNDENPLAN.DE\SETTINGS.SOL

Error: (09/04/2013 01:53:12 PM) (Source: Windows Search Service)(User: )
Description: Kontext:  Anwendung, SystemIndex Katalog


Details:
	Ein an das System angeschlossenes Gerät funktioniert nicht.   (0x8007001f)
C:\USERS\SASCHA\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\MACROMEDIA.COM\SUPPORT\FLASHPLAYER\SYS\#WWW.DER-STUNDENPLAN.DE\SETTINGS.SOL


CodeIntegrity Errors:
===================================
  Date: 2013-09-06 13:47:49.821
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-09-06 13:47:49.541
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-09-06 13:47:49.248
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-09-06 13:47:48.948
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-09-06 13:47:40.259
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.1.22\Definitions\BASHDefs\20130715.001\BHDrvx86.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-09-06 13:47:39.967
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.1.22\Definitions\BASHDefs\20130715.001\BHDrvx86.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-09-06 13:47:39.563
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.1.22\Definitions\BASHDefs\20130715.001\BHDrvx86.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-09-06 13:47:39.231
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.1.22\Definitions\BASHDefs\20130715.001\BHDrvx86.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-09-05 22:52:36.246
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2013-09-05 22:52:35.975
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\SYMEVENT.SYS" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info =========================== 

Percentage of memory in use: 68%
Total physical RAM: 3069.69 MB
Available physical RAM: 968.53 MB
Total Pagefile: 6338.41 MB
Available Pagefile: 3115.26 MB
Total Virtual: 2047.88 MB
Available Virtual: 1886.67 MB

==================== Drives ================================

Drive c: (Vista) (Fixed) (Total:74.52 GB) (Free:11.13 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:149.05 GB) (Free:29.47 GB) NTFS
Drive f: (Data) (Fixed) (Total:73.06 GB) (Free:50.53 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 149 GB) (Disk ID: 1A48DF06)
Partition 1: (Not Active) - (Size=1 GB) - (Type=27)
Partition 2: (Active) - (Size=75 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=73 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 149 GB) (Disk ID: 5D379805)
Partition 1: (Not Active) - (Size=149 GB) - (Type=OF Extended)

==================== End Of Log ============================

cosinus · 06.09.2013, 12:57

Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte

Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

Starte bitte die mbar.exe.
Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
Klicke auf den CleanUp Button und erlaube den Neustart.
Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
Nach dem Neustart starte die mbar.exe erneut.
Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Greasepunk · 06.09.2013, 14:15

Der Scanner zeigt an No Malware found.
Ich hatte aber auch gestern Spybot noch laufen lassen.

cosinus · 06.09.2013, 14:27

Adware/Junkware/Toolbars entfernen

1. Schritt: adwCleaner

Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
Drücke eine beliebige Taste, um das Tool zu starten.
Je nach System kann der Scan eine Weile dauern.
Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

3. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

05.09.2013, 13:17	#4
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	GVU Trojaner auf Laptop Startet Windows wieder normal? __________________ Logfiles bitte immer in CODE-Tags posten

06.09.2013, 10:57	#8
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	GVU Trojaner auf Laptop Nein so hast du das bestimmt nicht gemacht am Anfang. Bitte lies die Anleitungen richtig __________________ Logfiles bitte immer in CODE-Tags posten

GVU Trojaner auf Laptop

Plagegeister aller Art und deren Bekämpfung: GVU Trojaner auf Laptop